Just checked out lynis from rootkit.nl. Lynis is:
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd).
Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOX (Sarbanes-Oxley) compliance audits.
It’s pretty cool, actually. I wont include all of the scanning output here, but I will show the results of a scan from a (somewhat) default CentOS 5 install. Take a look if all of this magic security stuff interests you.
================================================================================
-[ Lynis 1.2.6 Results ]-
Tests performed: 134
Warnings:
----------------------------
- [20:46:34] Warning: No password set on GRUB bootloader [test:BOOT-5121] [impact:M]
- [20:46:50] Warning: Couldn't find 2 responsive nameservers [test:NETW-2705] [impact:L]
- [20:46:55] Warning: No MySQL root password set [test:DBS-1816] [impact:H]
- [20:46:55] Warning: PHP option expose_php is possibly turned on, which can reveal useful information for attackers. [test:PHP-2372] [impact:M]
- [20:47:00] Warning: No running NTP daemon or available client found [test:TIME-3104] [impact:M]
Suggestions:
----------------------------
- [20:46:34] Suggestion: Run grub-md5-crypt and create a hashed password. After that, add a line below the line saying timeout=
- [20:46:49] Suggestion: Install package 'yum-utils' for better consistency checking of the package database [test:PKGS-7384]
- [20:46:50] Suggestion: Check your resolv.conf file and connectivity to your nameservers [test:NETW-2705]
- [20:46:55] Suggestion: Use mysqladmin to set a MySQL root password (mysqladmin -u root -p password MYPASSWORD) [test:DBS-1816]
- [20:46:55] Suggestion: Change the expose_php line to: expose_php = Off [test:PHP-2372]
- [20:46:55] Suggestion: Change the enable_dl line to: enable_dl = Off, to disable downloads via PHP [test:PHP-2374]
- [20:46:55] Suggestion: Change the allow_url_fopen line to: allow_url_fopen = no, to disable downloads via PHP [test:PHP-2376]
- [20:46:57] Suggestion: Enable logging to an external logging host for archiving purposes and additional protection [test:LOGG-2154]
- [20:47:00] Suggestion: Check if any NTP daemon is running or a NTP client gets executed daily, to prevent big time differences and avoid problems with services like kerberos, authentication or logging differences. [test:TIME-3104]
- [20:47:02] Suggestion: Confirm that freshclam is properly configured and keeps updating the ClamAV database [test:MALW-3286]
- [20:47:02] Suggestion: Harden the system by installing one or malware scanners to perform periodic file system scans [test:HRDN-7230]
================================================================================
Files:
- Test and debug information : /var/log/lynis.log
- Report data : /var/log/lynis-report.dat
================================================================================
Hardening index : [49] [######### ]
================================================================================
Lynis 1.2.6
Copyright 2007-2009 - Michael Boelen, http://www.rootkit.nl/
================================================================================
More From derek
- My new storage dilemma, resolved.
- End of Lulz (maybe?)
- Fixing “Camera Failed” on Samsung S Fascinate with custom firmware.
derek Recommends
- Free Backlinks…..Get Backlinks Every Day! (Chad Nicely)
- backlink (Chad Nicely)
