One of the tools that is available as opensource is Lynis, provided by a company called CISOFY. Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.
The installation of Lynis is extremely easy, the code is available on github and can be retrieved with a git clone command as shown below:
[root@testbox09 tmp]# [root@testbox09 tmp]# git clone https://github.com/CISOfy/lynis Initialized empty Git repository in /tmp/lynis/.git/ remote: Counting objects: 7092, done. remote: Compressing objects: 100% (125/125), done. remote: Total 7092 (delta 75), reused 0 (delta 0), pack-reused 6967 Receiving objects: 100% (7092/7092), 3.26 MiB | 1.99 MiB/s, done. Resolving deltas: 100% (5159/5159), done. [root@testbox09 tmp]# [root@testbox09 tmp]#
As soon as you have the Lynis code on your Oracle Linux instance it can be used.
To start the standard Lynis auditing run you can run the below command in the location you have downloaded the Lynis code from Github:
./lynis audit system -Q
This will result in an onscreen result however, the result is also stored in /var/log where the following files will be stored:
- Test and debug information stored in /var/log/lynis.log
- Report data stored in/var/log/lynis-report.dat
Below is an example of a Lynis run:
If you need a fast additional check to security auditing, Lynis, next to some other available tools, is a great starting point to see what best fits your need.