Knowledgebase

  1. Portal Home
  2. Knowledgebase
  3. Operating Systems
  4. CentOS
  5. How to Install and Use Lynis on CentOS

  Categories

23
Accounts
 16
App Platform
 8
Backups
 7
Billing
 4
Connectivity Troubleshooting
 148
Data Management
 1
Ddos
 197
Development
 13
DNS
 41
Game Servers
 5
Hosting Packages
 97
Infrastructure
 6
IPv6
 48
Kubernetes
 11
Load Balancers
 34
Machine Learning
 10
MongoDB
 1
Monitoring
 21
MySQL
 14
Networking
 1039
Operating Systems
 21
PostgreSQL
 1
Private Internet Guardian (VPN)
 1
Products
 7
Redis
 100
Reference Guides
 4
Resellers
 6
Reserved IPs
 86
Server
 322
Server Apps
 7
Site Management Tools
 1
SnapShooter
 16
Snapshots
 3
Spaces
 4
SSH Troubleshooting
 5
SSL
 2
Streaming and Broadcasting
 23
Support Plans FAQ
 2
Teams
 6
Third-Party Applications
 5
Volumes
 1
VPC
 2
Windows Security

  Categories

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket

How to Install and Use Lynis on CentOS Print

  • 0

Lynis is an open source security auditing tool which is widely used on various Unix-like operating systems. With Lynis, system administrators and security professionals can perform in-depth system-wide security scans in a matter of minutes.

In this article, I will explain how to install and use Lynis on a CentOS 7 server.

Prerequisites

  • A CentOS 7 x64 server instance.
  • A sudo user.

Step 1: Update the system

Log in from an SSH terminal as a sudo user, and then update the system as follows:

sudo yum install epel-release -y
sudo yum update -y
sudo shutdown -r now

After the system reboot, log in back as the same sudo user.

Step 2: Install Lynis and Lynis plugins (community)

2.1 Install Lynis

On CentOS 7, you can easily install Lynis using the EPEL YUM repo which has been installed earlier:

sudo yum install lynis -y

2.2 Install Lynis plugins (community)

If you want to enhance Lynis' functionality, you can install Lynis plugins (community) which can only be obtained from subscription:

  1. On the official Lynis plugins download page, click the Download button.
  2. On the next page, input your email address and then click the Subscribe button.
  3. You will receive an email message in your email inbox, click the link within to confirm your subscription.
  4. You will receive another email message which includes the download URL of Lynis plugins, say it is http://sable.madmimi.com/c/6938?id=44150.2674.1.a12c46882ca668ab69e63acbe670c747.

Now, download and unzip the plugins archive as follows:

cd
wget http://sable.madmimi.com/c/6938?id=44150.2674.1.a12c46882ca668ab69e63acbe670c747 -O  lynis-community-plugins.tar.gz
sudo tar -zxvf lynis-community-plugins.tar.gz --strip-components=1 -C /usr/share/lynis/plugins

Setup proper permissions:

sudo chown root:root /usr/share/lynis/plugins/plugin_*
sudo chmod 600 /usr/share/lynis/plugins/plugin_*

Finally, check the Lynis profile file to make sure that newly-added plugins (which are pam and systemd in our case) are enabled:

sudo grep plugin= /etc/lynis/default.prf

The output should include plugin=pam and plugin-systemd:

plugin=compliance
plugin=configuration
plugin=control-panels
plugin=crypto
plugin=dns
plugin=docker
plugin=file-integrity
plugin=file-systems
plugin=firewalls
plugin=forensics
plugin=intrusion-detection
plugin=intrusion-prevention
plugin=kernel
plugin=malware
plugin=memory
plugin=nginx
plugin=pam
plugin=processes
plugin=security-modules
plugin=software
plugin=system-integrity
plugin=systemd
plugin=users

Step 3: Use Lynis

Simply running Lynis without any parameter will display the Lynis parameters:

sudo lynis

If you want to perform a full security scan, use the following command:

sudo lynis audit system

All scan results will be stored in the Lynis log file /var/log/lynis.log.

After the full security scan, you can sort out all Warning messages from the Lynis log file using the below grep command:

sudo grep Warning /var/log/lynis.log

Similarly, you can display all Suggestion messages using another grep command:

sudo grep Suggestion /var/log/lynis.log

That's it. If you want to learn more details about Lynis, please visit Lynis official website.

Lynis is an open source security auditing tool which is widely used on various Unix-like operating systems. With Lynis, system administrators and security professionals can perform in-depth system-wide security scans in a matter of minutes. In this article, I will explain how to install and use Lynis on a CentOS 7 server. Prerequisites A CentOS 7 x64 server instance. A sudo user. Step 1: Update the system Log in from an SSH terminal as a sudo user, and then update the system as follows: sudo yum install epel-release -y sudo yum update -y sudo shutdown -r now After the system reboot, log in back as the same sudo user. Step 2: Install Lynis and Lynis plugins (community) 2.1 Install Lynis On CentOS 7, you can easily install Lynis using the EPEL YUM repo which has been installed earlier: sudo yum install lynis -y 2.2 Install Lynis plugins (community) If you want to enhance Lynis' functionality, you can install Lynis plugins (community) which can only be obtained from subscription: On the official Lynis plugins download page, click the Download button. On the next page, input your email address and then click the Subscribe button. You will receive an email message in your email inbox, click the link within to confirm your subscription. You will receive another email message which includes the download URL of Lynis plugins, say it is http://sable.madmimi.com/c/6938?id=44150.2674.1.a12c46882ca668ab69e63acbe670c747. Now, download and unzip the plugins archive as follows: cd wget http://sable.madmimi.com/c/6938?id=44150.2674.1.a12c46882ca668ab69e63acbe670c747 -O lynis-community-plugins.tar.gz sudo tar -zxvf lynis-community-plugins.tar.gz --strip-components=1 -C /usr/share/lynis/plugins Setup proper permissions: sudo chown root:root /usr/share/lynis/plugins/plugin_* sudo chmod 600 /usr/share/lynis/plugins/plugin_* Finally, check the Lynis profile file to make sure that newly-added plugins (which are pam and systemd in our case) are enabled: sudo grep plugin= /etc/lynis/default.prf The output should include plugin=pam and plugin-systemd: plugin=compliance plugin=configuration plugin=control-panels plugin=crypto plugin=dns plugin=docker plugin=file-integrity plugin=file-systems plugin=firewalls plugin=forensics plugin=intrusion-detection plugin=intrusion-prevention plugin=kernel plugin=malware plugin=memory plugin=nginx plugin=pam plugin=processes plugin=security-modules plugin=software plugin=system-integrity plugin=systemd plugin=users Step 3: Use Lynis Simply running Lynis without any parameter will display the Lynis parameters: sudo lynis If you want to perform a full security scan, use the following command: sudo lynis audit system All scan results will be stored in the Lynis log file /var/log/lynis.log. After the full security scan, you can sort out all Warning messages from the Lynis log file using the below grep command: sudo grep Warning /var/log/lynis.log Similarly, you can display all Suggestion messages using another grep command: sudo grep Suggestion /var/log/lynis.log That's it. If you want to learn more details about Lynis, please visit Lynis official website.
Was this answer helpful?

Related Articles

Install and Configure Redis on CentOS 8   Introduction Redis is an open-source in-memory data structure store. You can use it as a... Install MongoDB on CentOS .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... Install MongoDB on CentOS .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... How to Set Up SSH Keys on Ubuntu 20.04 .Markdown_markdown___3RCz pre.prefixed code ol { list-style: none; margin: 0;... Install Apache Maven on Ubuntu 18.04 .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;...
Back

Powered by WHMCompleteSolution

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket