Findings like warnings and suggestions are stored in a separate report file (lynis-report.dat). Perform execution of your custom tests (optional)īesides the report and information displayed on screen, all technical details about the scan are stored in a log file (lynis.log).Search for available software components.Perform basic checks, such as file ownership. This is what happens during a typical scan with Lynis: A good example is collecting any discovered certificates, so that they can be scanned later as well. It then performs additional auditing steps based on that. Then when it performs the specific Apache tests, it may also discover a SSL/TLS configuration. No audit will be the same!Įxample: When Lynis detects that you are running Apache, it will perform an initial round of Apache related tests. In other words: Lynis will always perform scans that are tailored to your system. Also, the more components it discovers, the more extensive the audit will be. The benefit is that no installation of other tools is needed, so you can keep your systems clean.īy using this scanning method, the tool can run with almost no dependencies. This means it will only use and test the components that it can find, such as the available system tools and its libraries. Lynis scanning is modular and opportunistic.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |