Lynis is an auditing tool for Unix. It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

Installing and running it is a breeze. Below is the procedure to install and run lynis.

cd /usr/local/src/

wget http://www.rootkit.nl/files/lynis-1.2.6.tar.gz

tar -zxf lynis-1.2.6.tar.gz

cd lynis-1.2.6

./lynis -c

At the end, it will display a list of warnings and suggestions to harden the server. Server administrator just have to look into each suggestions/warnings to get their server hardened. Checkout the screenshot to see a sample result.

Screenshot of lynis output

Screenshot of lynis output

References

Lynis, an introduction – Auditing, system hardening, compliance testing