Lynis 1.2.0 in the wild

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

New:

  • New test: Passwordless Solaris accounts test [AUTH-9254]
  • New test: AFICK file integrity [FINT-4310]
  • New test: AIDE file integrity [FINT-4314]
  • New test: Osiris file integrity [FINT-4318]
  • New test: Samhain file integrity [FINT-4322]
  • New test: Tripwire file integrity [FINT-4326]
  • New tests: NIS and NIS+ authentication test [AUTH-9240/42]
  • Initial support added for AFICK, AIDE, Osiris, Samhain, Tripwire

Changes:

  • Changed text of grsecurity test [RBAC-6272]
  • Optimized FreeBSD boot services test [BOOT-5165]
  • Optimized UID 0 test [AUTH-9204]
  • Extended login shells test [AUTH-9218]
  • PID file message extended and small output improvement
  • A log entry will be written when PID files are removed
  • Added operating system name to log file when a test is skipped
  • Added file available check when using —view-manpage
  • Most program variables are initialized now for future additions

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Comments

Related Articles

Configurations checks
Local auditing
Lynis
Vulnerability Scanner