Lynis Unix Local Auditing utility updated to 1.1.6

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

New:

  • New test: Check writable startup scripts [BOOT-5184]
  • New test: Syslog-NG consistency check [LOGG-2134]
  • New test: Check yum-utils package and scanning package database [PKGS-7384]
  • New test: Test for empty ruleset when iptables is loaded [FIRE-4512]
  • New test: Check for expired SSL certificates [CRYP-7902]
  • New test: Check for LDAP authentication support [AUTH-9238]
  • New test: Read available crontab/cron files [SCHD-7704]
  • New test: Query Solaris running zones [VIRT-1902]
  • New test: Check availability sudoers file for future tests [AUTH-9250]
  • New test: Query all home directories from passwd file [HOME-9302]
  • Syslog-NG support added (binary and version check)
  • Added new sections: Scheduling, Time and Synchronization, Virtualization

Changes:

  • Extended several tests with suggestions and warnings
  • Extended GRUB test with GRUB2 check [BOOT-5121]
  • Extended iptables firewall test [FIRE-4511]
  • Fixed incorrect variable at Linux kernel config display [KRNL-5728]
  • Fixed display for file system test [FILE-6023]
  • Reassigned some ID’s to match others in category
  • Improvement of several logging sections and profile options
  • Assigned ID to Ubuntu security update check
  • Assigned ID to pwck test for Solaris [AUTH-9230]
  • Assigned ID to FreeBSD unused distfiles check [PKGS-7348]
  • Assigned ID to RPM package query test [PKGS-7308]
  • Assigned ID to /tmp sticky bit test [FILE-6362]
  • Assigned ID to old temporary files check [FILE-6354]
  • Assigned ID to passwd ID 0 test [AUTH-9204]
  • Assigned ID to FreeBSD swap partitions [FILE-6332]
  • Assigned ID to FreeBSD swap mount options [FILE-6336]
  • Assigned ID to nameserver tests [NETW-2704 and NETW-2705]
  • Assigned ID to pf consistency check [FIRE-4520]
  • Assigned ID to Postfix configuration check [MAIL-8816]
  • Assigned ID to Postfix banner check [MAIL-8818]
  • Assigned ID to FreeBSD promiscuous port test [NETW-3014]
  • Assigned ID to file permissions check [FILE-7524]