Labels

Lynis On Backtrack 5

Lynis On Backtrack 5

Lynis on Backtrack 5
Introduction
 
  • Lynis is a system security and auditing tool .
  • Lynis is developed by the  Michael Boelen .
  • It checks the system and software configuration and logs all the found  information  
    into a log  file  for  debugging  purposes.
  • It scans the system and available software, to detect security issues.
  • It will also scan for general system information, installed packages and  configuration mistakes.
This tool is for :- 
  1. Security specialists,
  2. Penetration testers,
  3. System auditors,
  4. System or network managers. 
Supported Distributions 
 
  • Debian
  • CentOS
  • Gentoo
  • Fedora Core 4 and higher
  • FreeBSD
  • Arch Linux 
  • Knoppix
  • OpenSuSE
  • Mandriva 2007
  • OpenBSD 4.x
  • OpenSolaris
  • Mac OS X 
  • PcBSD
  • Ubuntu
  • PCLinuxOS
  • Red Hat, RHEL 5.x
  • Slackware 12.1
  • Solaris 10
How to install Lynis in Backtrack 5 
 
  • To install Lynis in Backtrack 5 use apt-get install command .
  • Command : apt-get install lynis
  • See below image for more details -
Open Lynis 
 
  • To open linux , Goto System > Linux auditing tool 
  • See the below image for more details -
lynis auditing tool
 
Example : With Lynis , I am going to Audit Backtrack 5 
Lynis : OS Detection 
 
  • It open with a small banner as shown in the below image .
  • It automaticaly start a system auditing . You just need to press the enter Key .
  • To stop the process press [Ctrl]+c .
  • See the below image for more details - 
lynis on backtrack 5


 
System tools auditing 

Boot and services
  • In this below image , it check the boot loaders.
  • It checks the presence of boot loaders as follow - 
  1. GRUB2
  2. LILO
  3. YABOOT
  • In which GRUB2 Boot Loader is present in backtrack.
boot and services


KERNEL
  • Checks for the kernel .
  • See the below image for more details - 
kernel auditing


Memory and processes auditing 


User, Groups and Authentication Auditing



Shells  and File System Auditing 
 
 
Network Auditing 



Software : email and messaging and firewall auditing 



Auditing : Web Server, SSH Support and SNMP Support




Auditing : LDAP Services and PHP 


Auditing : Storage 

Auditing : Name Services




Auditing : Ports and packages
 
 
Auditing : Squid Support , Logging and files 

Insecure Services


Scheduled Tasks , Accounting , Time ans Synchronization 



Cryptography, Virtualization , Security frameworks


Auding : File Intrigrity and malware scanners

Auditing : Kernel Hardening 


Lynis Report 

  • You can find Lynis log file :   /var/log/lynis.log
  • To view lynis.log file , use cat command .
  • Command : cat lynis.log
  • See the below image for more details -
Lynis log file
 
 
Lynis Report file 
 
  • You can find lynis report file in /var/log/lynis-report.dat 
  • See the below image for more details - 
 
Lynis report
Lynis Report on backtrack 5
  • This is the best Linux Auditing Program .
  • Lynis gives a depth amount of information and suggestion about your Linux , which help you to improve the security of your Linux . 
  • This is  best for Penetration Tester, Security Specialist, System Auditors, system or network managers.
 
THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSE ONLY /- 
Labels:

Comments

Post a Comment

Popular Posts