Guest User

Untitled

a guest
Jan 25th, 2018
4,231
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.83 KB | None | 0 0
  1. [root@localhost lynis]# ./lynis audit system --quick
  2. locale: Cannot set LC_CTYPE to default locale: No such file or directory
  3. locale: Cannot set LC_ALL to default locale: No such file or directory
  4.  
  5. [ Lynis 2.6.0 ]
  6.  
  7. ################################################################################
  8. Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
  9. welcome to redistribute it under the terms of the GNU General Public License.
  10. See the LICENSE file for details about using this software.
  11.  
  12. 2007-2018, CISOfy - https://cisofy.com/lynis/
  13. Enterprise support available (compliance, plugins, interface and tools)
  14. ################################################################################
  15.  
  16.  
  17. [+] Initializing program
  18. ------------------------------------
  19. - Detecting OS... [ DONE ]
  20. - Checking profiles... [ DONE ]
  21.  
  22. ---------------------------------------------------
  23. Program version: 2.6.0
  24. Operating system: Linux
  25. Operating system name: CentOS
  26. Operating system version: CentOS Linux release 7.4.1708 (Core)
  27. Kernel version: 3.10.0
  28. Hardware platform: x86_64
  29. Hostname: localhost
  30. ---------------------------------------------------
  31. Profiles: /home/nobackup/lynis/default.prf
  32. Log file: /var/log/lynis.log
  33. Report file: /var/log/lynis-report.dat
  34. Report version: 1.0
  35. Plugin directory: ./plugins
  36. ---------------------------------------------------
  37. Auditor: [Not Specified]
  38. Language: en
  39. Test category: all
  40. Test group: all
  41. ---------------------------------------------------
  42. - Program update status... [ SKIPPED ]
  43.  
  44. [+] System Tools
  45. ------------------------------------
  46. - Scanning available tools...
  47. - Checking system binaries...
  48.  
  49. [+] Plugins (phase 1)
  50. ------------------------------------
  51. Note: plugins have more extensive tests and may take several minutes to complete
  52.  
  53. - Plugins enabled [ NONE ]
  54.  
  55. [+] Boot and services
  56. ------------------------------------
  57. - Service Manager [ systemd ]
  58. - Checking UEFI boot [ DISABLED ]
  59. - Checking presence GRUB2 [ FOUND ]
  60. - Checking for password protection [ OK ]
  61. - Check running services (systemctl) [ DONE ]
  62. Result: found 16 running services
  63. - Check enabled services at boot (systemctl) [ DONE ]
  64. Result: found 22 enabled services
  65. - Check startup files (permissions) [ OK ]
  66.  
  67. [+] Kernel
  68. ------------------------------------
  69. - Checking default runlevel [ runlevel 3 ]
  70. - Checking CPU support (NX/PAE)
  71. CPU support: PAE and/or NoeXecute supported [ FOUND ]
  72. - Checking kernel version and release [ DONE ]
  73. - Checking kernel type [ DONE ]
  74. - Checking loaded kernel modules [ DONE ]
  75. Found 72 active modules
  76. - Checking Linux kernel configuration file [ FOUND ]
  77. - Checking default I/O kernel scheduler [ FOUND ]
  78. - Checking core dumps configuration [ DISABLED ]
  79. - Checking setuid core dumps configuration [ DEFAULT ]
  80. - Check if reboot is needed [ NO ]
  81.  
  82. [+] Memory and Processes
  83. ------------------------------------
  84. - Checking /proc/meminfo [ FOUND ]
  85. - Searching for dead/zombie processes [ OK ]
  86. - Searching for IO waiting processes [ OK ]
  87.  
  88. [+] Users, Groups and Authentication
  89. ------------------------------------
  90. - Administrator accounts [ OK ]
  91. - Unique UIDs [ OK ]
  92. - Consistency of group files (grpck) [ OK ]
  93. - Unique group IDs [ OK ]
  94. - Unique group names [ OK ]
  95. - Password file consistency [ OK ]
  96. - Query system users (non daemons) [ DONE ]
  97. - NIS+ authentication support [ NOT ENABLED ]
  98. - NIS authentication support [ NOT ENABLED ]
  99. - sudoers file [ FOUND ]
  100. - Check sudoers file permissions [ OK ]
  101. - PAM password strength tools [ OK ]
  102. - PAM configuration file (pam.conf) [ NOT FOUND ]
  103. - PAM configuration files (pam.d) [ FOUND ]
  104. - PAM modules [ FOUND ]
  105. - Checking user password aging (minimum) [ DISABLED ]
  106. - User password aging (maximum) [ DISABLED ]
  107. - Checking expired passwords [ OK ]
  108. - Checking Linux single user mode authentication [ OK ]
  109. - Determining default umask
  110. - umask (/etc/profile and /etc/profile.d) [ SUGGESTION ]
  111. - umask (/etc/login.defs) [ OK ]
  112. - umask (/etc/init.d/functions) [ SUGGESTION ]
  113. - LDAP authentication support [ NOT ENABLED ]
  114. - Logging failed login attempts [ DISABLED ]
  115.  
  116. [+] Shells
  117. ------------------------------------
  118. - Checking shells from /etc/shells
  119. Result: found 6 shells (valid shells: 6).
  120. - Session timeout settings/tools [ NONE ]
  121. - Checking default umask values
  122. - Checking default umask in /etc/bashrc [ WEAK ]
  123. - Checking default umask in /etc/csh.cshrc [ WEAK ]
  124. - Checking default umask in /etc/profile [ WEAK ]
  125.  
  126. [+] File systems
  127. ------------------------------------
  128. - Checking mount points
  129. - Checking /home mount point [ SUGGESTION ]
  130. - Checking /tmp mount point [ SUGGESTION ]
  131. - Checking /var mount point [ SUGGESTION ]
  132. - Checking LVM volume groups [ FOUND ]
  133. - Checking LVM volumes [ FOUND ]
  134. - Query swap partitions (fstab) [ OK ]
  135. - Testing swap partitions [ OK ]
  136. - Testing /proc mount (hidepid) [ SUGGESTION ]
  137. - Checking for old files in /tmp [ OK ]
  138. - Checking /tmp sticky bit [ OK ]
  139. - ACL support root file system [ ENABLED ]
  140. - Mount options of / [ OK ]
  141. - Mount options of /boot [ NON DEFAULT ]
  142. - Checking Locate database [ NOT FOUND ]
  143. - Disable kernel support of some filesystems
  144. - Discovered kernel modules: cramfs squashfs udf
  145.  
  146. [+] Storage
  147. ------------------------------------
  148. - Checking usb-storage driver (modprobe config) [ NOT DISABLED ]
  149. - Checking USB devices authorization [ ENABLED ]
  150. - Checking firewire ohci driver (modprobe config) [ NOT DISABLED ]
  151.  
  152. [+] NFS
  153. ------------------------------------
  154. - Check running NFS daemon [ NOT FOUND ]
  155.  
  156. [+] Name services
  157. ------------------------------------
  158. - Searching DNS domain name [ FOUND ]
  159. Domain name: localdomain
  160. - Checking /etc/hosts
  161. - Checking /etc/hosts (duplicates) [ OK ]
  162. - Checking /etc/hosts (hostname) [ OK ]
  163. - Checking /etc/hosts (localhost) [ SUGGESTION ]
  164. - Checking /etc/hosts (localhost to IP) [ OK ]
  165.  
  166. [+] Ports and packages
  167. ------------------------------------
  168. - Searching package managers
  169. - Searching RPM package manager [ FOUND ]
  170. - Querying RPM package manager
  171. - YUM package management consistency [ OK ]
  172. - yum-utils package not installed [ SUGGESTION ]
  173. Failed to set locale, defaulting to C
  174. - Checking missing security packages [ OK ]
  175. - Checking GPG checks (yum.conf) [ OK ]
  176. - Checking package audit tool [ INSTALLED ]
  177. Found: yum-security
  178.  
  179. [+] Networking
  180. ------------------------------------
  181. - Checking IPv6 configuration [ ENABLED ]
  182. Configuration method [ AUTO ]
  183. IPv6 only [ NO ]
  184. - Checking configured nameservers
  185. - Testing nameservers
  186. Nameserver: 192.168.100.1 [ SKIPPED ]
  187. Nameserver: fe80::1%enp0s3 [ SKIPPED ]
  188. - Minimal of 2 responsive nameservers [ SKIPPED ]
  189. - Checking default gateway [ DONE ]
  190. - Getting listening ports (TCP/UDP) [ DONE ]
  191. * Found 9 ports
  192. - Checking promiscuous interfaces [ OK ]
  193. - Checking waiting connections [ OK ]
  194. - Checking status DHCP client [ RUNNING ]
  195. - Checking for ARP monitoring software [ NOT FOUND ]
  196.  
  197. [+] Printers and Spools
  198. ------------------------------------
  199. - Checking cups daemon [ NOT FOUND ]
  200. - Checking lp daemon [ NOT RUNNING ]
  201.  
  202. [+] Software: e-mail and messaging
  203. ------------------------------------
  204. - Postfix status [ RUNNING ]
  205. - Postfix configuration [ FOUND ]
  206. - Postfix banner [ WARNING ]
  207.  
  208. [+] Software: firewalls
  209. ------------------------------------
  210. - Checking iptables kernel module [ FOUND ]
  211. - Checking iptables policies of chains [ FOUND ]
  212. - Checking chain INPUT (table: nfilter, policy ACCEPT) [ ACCEPT ]
  213. - Checking for empty ruleset [ OK ]
  214. - Checking for unused rules [ FOUND ]
  215. - Checking host based firewall [ ACTIVE ]
  216.  
  217. [+] Software: webserver
  218. ------------------------------------
  219. - Checking Apache [ NOT FOUND ]
  220. - Checking nginx [ NOT FOUND ]
  221.  
  222. [+] SSH Support
  223. ------------------------------------
  224. - Checking running SSH daemon [ FOUND ]
  225. - Searching SSH configuration [ FOUND ]
  226. - SSH option: AllowTcpForwarding [ SUGGESTION ]
  227. - SSH option: ClientAliveCountMax [ SUGGESTION ]
  228. - SSH option: ClientAliveInterval [ OK ]
  229. - SSH option: Compression [ SUGGESTION ]
  230. - SSH option: FingerprintHash [ OK ]
  231. - SSH option: GatewayPorts [ OK ]
  232. - SSH option: IgnoreRhosts [ OK ]
  233. - SSH option: LoginGraceTime [ OK ]
  234. - SSH option: LogLevel [ SUGGESTION ]
  235. - SSH option: MaxAuthTries [ SUGGESTION ]
  236. - SSH option: MaxSessions [ SUGGESTION ]
  237. - SSH option: PermitRootLogin [ SUGGESTION ]
  238. - SSH option: PermitUserEnvironment [ OK ]
  239. - SSH option: PermitTunnel [ OK ]
  240. - SSH option: Port [ SUGGESTION ]
  241. - SSH option: PrintLastLog [ OK ]
  242. - SSH option: Protocol [ NOT FOUND ]
  243. - SSH option: StrictModes [ OK ]
  244. - SSH option: TCPKeepAlive [ SUGGESTION ]
  245. - SSH option: UseDNS [ SUGGESTION ]
  246. - SSH option: VerifyReverseMapping [ NOT FOUND ]
  247. - SSH option: X11Forwarding [ SUGGESTION ]
  248. - SSH option: AllowAgentForwarding [ SUGGESTION ]
  249. - SSH option: AllowUsers [ NOT FOUND ]
  250. - SSH option: AllowGroups [ NOT FOUND ]
  251.  
  252. [+] SNMP Support
  253. ------------------------------------
  254. - Checking running SNMP daemon [ NOT FOUND ]
  255.  
  256. [+] Databases
  257. ------------------------------------
  258. No database engines found
  259.  
  260. [+] LDAP Services
  261. ------------------------------------
  262. - Checking OpenLDAP instance [ NOT FOUND ]
  263.  
  264. [+] PHP
  265. ------------------------------------
  266. - Checking PHP [ NOT FOUND ]
  267.  
  268. [+] Squid Support
  269. ------------------------------------
  270. - Checking running Squid daemon [ NOT FOUND ]
  271.  
  272. [+] Logging and files
  273. ------------------------------------
  274. - Checking for a running log daemon [ OK ]
  275. - Checking Syslog-NG status [ NOT FOUND ]
  276. - Checking systemd journal status [ FOUND ]
  277. - Checking Metalog status [ NOT FOUND ]
  278. - Checking RSyslog status [ FOUND ]
  279. - Checking RFC 3195 daemon status [ NOT FOUND ]
  280. - Checking minilogd instances [ NOT FOUND ]
  281. - Checking logrotate presence [ OK ]
  282. - Checking log directories (static list) [ DONE ]
  283. - Checking open log files [ SKIPPED ]
  284.  
  285. [+] Insecure services
  286. ------------------------------------
  287. - Checking inetd status [ NOT ACTIVE ]
  288.  
  289. [+] Banners and identification
  290. ------------------------------------
  291. - /etc/issue [ FOUND ]
  292. - /etc/issue contents [ WEAK ]
  293. - /etc/issue.net [ FOUND ]
  294. - /etc/issue.net contents [ WEAK ]
  295.  
  296. [+] Scheduled tasks
  297. ------------------------------------
  298. - Checking crontab/cronjob [ DONE ]
  299.  
  300. [+] Accounting
  301. ------------------------------------
  302. - Checking accounting information [ NOT FOUND ]
  303. - Checking sysstat accounting data [ NOT FOUND ]
  304. - Checking auditd [ ENABLED ]
  305. - Checking audit rules [ SUGGESTION ]
  306. - Checking audit configuration file [ OK ]
  307. - Checking auditd log file [ FOUND ]
  308.  
  309. [+] Time and Synchronization
  310. ------------------------------------
  311. - NTP daemon found: chronyd [ FOUND ]
  312. - Checking for a running NTP daemon or client [ OK ]
  313.  
  314. [+] Cryptography
  315. ------------------------------------
  316. - Checking for expired SSL certificates [0/4] [ NONE ]
  317.  
  318. [+] Virtualization
  319. ------------------------------------
  320.  
  321. [+] Containers
  322. ------------------------------------
  323.  
  324. [+] Security frameworks
  325. ------------------------------------
  326. - Checking presence AppArmor [ NOT FOUND ]
  327. - Checking presence SELinux [ FOUND ]
  328. - Checking SELinux status [ ENABLED ]
  329. - Checking current mode and config file [ OK ]
  330. Current SELinux mode: enforcing
  331. - Checking presence grsecurity [ NOT FOUND ]
  332. - Checking for implemented MAC framework [ OK ]
  333.  
  334. [+] Software: file integrity
  335. ------------------------------------
  336. - Checking file integrity tools
  337. - Checking presence integrity tool [ NOT FOUND ]
  338.  
  339. [+] Software: System tooling
  340. ------------------------------------
  341. - Checking automation tooling
  342. - Automation tooling [ NOT FOUND ]
  343. - Checking for IDS/IPS tooling [ NONE ]
  344.  
  345. [+] Software: Malware
  346. ------------------------------------
  347.  
  348. [+] File Permissions
  349. ------------------------------------
  350. - Starting file permissions check
  351.  
  352. [+] Home directories
  353. ------------------------------------
  354. - Checking shell history files [ OK ]
  355.  
  356. [+] Kernel Hardening
  357. ------------------------------------
  358. - Comparing sysctl key pairs with scan profile
  359. - fs.protected_hardlinks (exp: 1) [ OK ]
  360. - fs.protected_symlinks (exp: 1) [ OK ]
  361. - fs.suid_dumpable (exp: 0) [ OK ]
  362. - kernel.core_uses_pid (exp: 1) [ OK ]
  363. - kernel.ctrl-alt-del (exp: 0) [ OK ]
  364. - kernel.dmesg_restrict (exp: 1) [ DIFFERENT ]
  365. - kernel.kptr_restrict (exp: 2) [ DIFFERENT ]
  366. - kernel.randomize_va_space (exp: 2) [ OK ]
  367. - kernel.sysrq (exp: 0) [ DIFFERENT ]
  368. - net.ipv4.conf.all.accept_redirects (exp: 0) [ DIFFERENT ]
  369. - net.ipv4.conf.all.accept_source_route (exp: 0) [ OK ]
  370. - net.ipv4.conf.all.bootp_relay (exp: 0) [ OK ]
  371. - net.ipv4.conf.all.forwarding (exp: 0) [ OK ]
  372. - net.ipv4.conf.all.log_martians (exp: 1) [ DIFFERENT ]
  373. - net.ipv4.conf.all.mc_forwarding (exp: 0) [ OK ]
  374. - net.ipv4.conf.all.proxy_arp (exp: 0) [ OK ]
  375. - net.ipv4.conf.all.rp_filter (exp: 1) [ OK ]
  376. - net.ipv4.conf.all.send_redirects (exp: 0) [ DIFFERENT ]
  377. - net.ipv4.conf.default.accept_redirects (exp: 0) [ DIFFERENT ]
  378. - net.ipv4.conf.default.accept_source_route (exp: 0) [ OK ]
  379. - net.ipv4.conf.default.log_martians (exp: 1) [ DIFFERENT ]
  380. - net.ipv4.icmp_echo_ignore_broadcasts (exp: 1) [ OK ]
  381. - net.ipv4.icmp_ignore_bogus_error_responses (exp: 1) [ OK ]
  382. - net.ipv4.tcp_syncookies (exp: 1) [ OK ]
  383. - net.ipv4.tcp_timestamps (exp: 0 1) [ OK ]
  384. - net.ipv6.conf.all.accept_redirects (exp: 0) [ DIFFERENT ]
  385. - net.ipv6.conf.all.accept_source_route (exp: 0) [ OK ]
  386. - net.ipv6.conf.default.accept_redirects (exp: 0) [ DIFFERENT ]
  387. - net.ipv6.conf.default.accept_source_route (exp: 0) [ OK ]
  388.  
  389. [+] Hardening
  390. ------------------------------------
  391. - Installed compiler(s) [ FOUND ]
  392. - Installed malware scanner [ NOT FOUND ]
  393.  
  394. [+] Custom Tests
  395. ------------------------------------
  396. - Running custom tests... [ NONE ]
  397.  
  398. [+] Plugins (phase 2)
  399. ------------------------------------
  400.  
  401. ================================================================================
  402.  
  403. -[ Lynis 2.6.0 Results ]-
  404.  
  405. Warnings (1):
  406. ----------------------------
  407. ! Found some information disclosure in SMTP banner (OS or software name) [MAIL-8818]
  408. https://cisofy.com/controls/MAIL-8818/
  409.  
  410. Suggestions (36):
  411. ----------------------------
  412. * Configure minimum password age in /etc/login.defs [AUTH-9286]
  413. https://cisofy.com/controls/AUTH-9286/
  414.  
  415. * Configure maximum password age in /etc/login.defs [AUTH-9286]
  416. https://cisofy.com/controls/AUTH-9286/
  417.  
  418. * Default umask in /etc/profile or /etc/profile.d/custom.sh could be more strict (e.g. 027) [AUTH-9328]
  419. https://cisofy.com/controls/AUTH-9328/
  420.  
  421. * To decrease the impact of a full /home file system, place /home on a separated partition [FILE-6310]
  422. https://cisofy.com/controls/FILE-6310/
  423.  
  424. * To decrease the impact of a full /tmp file system, place /tmp on a separated partition [FILE-6310]
  425. https://cisofy.com/controls/FILE-6310/
  426.  
  427. * To decrease the impact of a full /var file system, place /var on a separated partition [FILE-6310]
  428. https://cisofy.com/controls/FILE-6310/
  429.  
  430. * The database required for 'locate' could not be found. Run 'updatedb' or 'locate.updatedb' to create this file. [FILE-6410]
  431. https://cisofy.com/controls/FILE-6410/
  432.  
  433. * Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [STRG-1840]
  434. https://cisofy.com/controls/STRG-1840/
  435.  
  436. * Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft [STRG-1846]
  437. https://cisofy.com/controls/STRG-1846/
  438.  
  439. * Split resolving between localhost and the hostname of the system [NAME-4406]
  440. https://cisofy.com/controls/NAME-4406/
  441.  
  442. * Install package 'yum-utils' for better consistency checking of the package database [PKGS-7384]
  443. https://cisofy.com/controls/PKGS-7384/
  444.  
  445. * Consider running ARP monitoring software (arpwatch,arpon) [NETW-3032]
  446. https://cisofy.com/controls/NETW-3032/
  447.  
  448. * You are advised to hide the mail_name (option: smtpd_banner) from your postfix configuration. Use postconf -e or change your main.cf file (/etc/postfix/main.cf) [MAIL-8818]
  449. https://cisofy.com/controls/MAIL-8818/
  450.  
  451. * Check iptables rules to see which rules are currently not used [FIRE-4513]
  452. https://cisofy.com/controls/FIRE-4513/
  453.  
  454. * Consider hardening SSH configuration [SSH-7408]
  455. - Details : AllowTcpForwarding (YES --> NO)
  456. https://cisofy.com/controls/SSH-7408/
  457.  
  458. * Consider hardening SSH configuration [SSH-7408]
  459. - Details : ClientAliveCountMax (3 --> 2)
  460. https://cisofy.com/controls/SSH-7408/
  461.  
  462. * Consider hardening SSH configuration [SSH-7408]
  463. - Details : Compression (YES --> (DELAYED|NO))
  464. https://cisofy.com/controls/SSH-7408/
  465.  
  466. * Consider hardening SSH configuration [SSH-7408]
  467. - Details : LogLevel (INFO --> VERBOSE)
  468. https://cisofy.com/controls/SSH-7408/
  469.  
  470. * Consider hardening SSH configuration [SSH-7408]
  471. - Details : MaxAuthTries (6 --> 2)
  472. https://cisofy.com/controls/SSH-7408/
  473.  
  474. * Consider hardening SSH configuration [SSH-7408]
  475. - Details : MaxSessions (10 --> 2)
  476. https://cisofy.com/controls/SSH-7408/
  477.  
  478. * Consider hardening SSH configuration [SSH-7408]
  479. - Details : PermitRootLogin (YES --> NO)
  480. https://cisofy.com/controls/SSH-7408/
  481.  
  482. * Consider hardening SSH configuration [SSH-7408]
  483. - Details : Port (22 --> )
  484. https://cisofy.com/controls/SSH-7408/
  485.  
  486. * Consider hardening SSH configuration [SSH-7408]
  487. - Details : TCPKeepAlive (YES --> NO)
  488. https://cisofy.com/controls/SSH-7408/
  489.  
  490. * Consider hardening SSH configuration [SSH-7408]
  491. - Details : UseDNS (YES --> NO)
  492. https://cisofy.com/controls/SSH-7408/
  493.  
  494. * Consider hardening SSH configuration [SSH-7408]
  495. - Details : X11Forwarding (YES --> NO)
  496. https://cisofy.com/controls/SSH-7408/
  497.  
  498. * Consider hardening SSH configuration [SSH-7408]
  499. - Details : AllowAgentForwarding (YES --> NO)
  500. https://cisofy.com/controls/SSH-7408/
  501.  
  502. * Add a legal banner to /etc/issue, to warn unauthorized users [BANN-7126]
  503. https://cisofy.com/controls/BANN-7126/
  504.  
  505. * Add legal banner to /etc/issue.net, to warn unauthorized users [BANN-7130]
  506. https://cisofy.com/controls/BANN-7130/
  507.  
  508. * Enable process accounting [ACCT-9622]
  509. https://cisofy.com/controls/ACCT-9622/
  510.  
  511. * Enable sysstat to collect accounting (no results) [ACCT-9626]
  512. https://cisofy.com/controls/ACCT-9626/
  513.  
  514. * Audit daemon is enabled with an empty ruleset. Disable the daemon or define rules [ACCT-9630]
  515. https://cisofy.com/controls/ACCT-9630/
  516.  
  517. * Install a file integrity tool to monitor changes to critical and sensitive files [FINT-4350]
  518. https://cisofy.com/controls/FINT-4350/
  519.  
  520. * Determine if automation tools are present for system management [TOOL-5002]
  521. https://cisofy.com/controls/TOOL-5002/
  522.  
  523. * One or more sysctl values differ from the scan profile and could be tweaked [KRNL-6000]
  524. - Solution : Change sysctl value or disable test (skip-test=KRNL-6000:<sysctl-key>)
  525. https://cisofy.com/controls/KRNL-6000/
  526.  
  527. * Harden compilers like restricting access to root user only [HRDN-7222]
  528. https://cisofy.com/controls/HRDN-7222/
  529.  
  530. * Harden the system by installing at least one malware scanner, to perform periodic file system scans [HRDN-7230]
  531. - Solution : Install a tool like rkhunter, chkrootkit, OSSEC
  532. https://cisofy.com/controls/HRDN-7230/
  533.  
  534. Follow-up:
  535. ----------------------------
  536. - Show details of a test (lynis show details TEST-ID)
  537. - Check the logfile for all details (less /var/log/lynis.log)
  538. - Read security controls texts (https://cisofy.com)
  539. - Use --upload to upload data to central system (Lynis Enterprise users)
  540.  
  541. ================================================================================
  542.  
  543. Lynis security scan details:
  544.  
  545. Hardening index : 67 [############# ]
  546. Tests performed : 205
  547. Plugins enabled : 0
  548.  
  549. Components:
  550. - Firewall [V]
  551. - Malware scanner [X]
  552.  
  553. Lynis Modules:
  554. - Compliance Status [?]
  555. - Security Audit [V]
  556. - Vulnerability Scan [V]
  557.  
  558. Files:
  559. - Test and debug information : /var/log/lynis.log
  560. - Report data : /var/log/lynis-report.dat
  561.  
  562. ================================================================================
  563.  
  564. Lynis 2.6.0
  565.  
  566. Auditing, system hardening, and compliance for UNIX-based systems
  567. (Linux, macOS, BSD, and others)
  568.  
  569. 2007-2018, CISOfy - https://cisofy.com/lynis/
  570. Enterprise support available (compliance, plugins, interface and tools)
  571.  
  572. ================================================================================
  573.  
  574. [TIP]: Enhance Lynis audits by adding your settings to custom.prf (see /home/nobackup/lynis/default.prf for all settings)
Advertisement
Add Comment
Please, Sign In to add comment