October 6, 2014
I found a small program called Lynis, which does a system check of your Linux and Unix System. From the homepage:
Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system (including Mac). Even the installation of the software itself is optional!
To test a system is really easy, just download the tar.gz from here and extract the tar as root (otherwise it will complain) and change into its directory and call
for the interactive mode (waits after each section) or
for the quick mode which only logs the results to the log file. In both cases the log is written to
For the following screenshots a I did setup a test system with some changes to show you some errors and warnings :-):
and at the end you get a summary with entries like this:
And you’ll get also a “Hardening index” which allows you to compare various systems against each other.
I you want to check multiple systems it it also possible to create an rpm file with the
lynis.spec file from the Lynis homepage. You should run this software every time you setup a new system to make sure that you didn’t leave the big whole open.