Formerly known as rkhunter, Lynis is one of the most popular security auditing tools for Linux. Although favoured by sysadmins, it’s a must-have tool if you’re running a server or allow remote access through SSH while its ease of use and simplicity of operation can also help home users.
Lynis will study the config files of the installed applications, report user accounts without passwords, check firewall rules, identify expired SSL certificates and much more. In all, the tool will run hundreds of tests on the host machine, but it doesn’t require any extra software. Rather than automatically addressing problems, it generates a report listing all the identified issues and provides tips on how to harden the system more effectively.
You can grab the latest version of Lynis with git clone github. com/CISOfy/lynis, which will fetch the latest version into the lynis directory. The tool doesn’t require any installation, so you can begin using it by switching into the lynis directory and running the ./lynis audit system command.
When running the scan, Lynis will output the result of every performed test to the screen, but you must interpret the result yourself and take appropriate actions.