[Lynis v1.3.8] The Unix/Linux Hardening tool

Lynis is a security tool to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks, looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the end of the scan it will provide the warnings and suggestions to help you improving the security defense of your systems.

Some of the (future) features and usage options:
  • System and security audit checks
  • File Integrity Assessment
  • System and file forensics
  • Usage of templates/baselines (reporting and monitoring)
  • Extended debugging features

This tool is tested or confirmed to work with:
AIX, Linux, FreeBSD, OpenBSD, Mac OS X, Solaris


  • New parameter –view-categories to display available test categories
  • Added /etc/hosts check (duplicates) [NAME-4402]
  • Added /etc/hosts check (hostname) [NAME-4404]
  • Added /etc/hosts check (localhost mapping) [NAME-4406]
  • Portmaster test for possible port upgrades [PKGS-7378]
  • Check for SPARC improve boot loader (SILO) [BOOT-5142]
  • NFS client access test [STRG-1930]
  • Check system uptime [BOOT-5202]
  • YUM repolist check [PKGS-7383]
  • Contributors file added
  • Improved locate database check and reporting [FILE-6410]
  • Improved PAE/No eXecute test for Linux kernel [KRNL-5677]
  • Disabled NIS domain name from test [NAME-4028]
  • Extended NIS domain test to check BSD sysctl value [NAME-4306]
  • Extended PAM tools check with PAM paths [AUTH-9262]
  • Adjusted Apache check to avoid skipping it [HTTP-6622]
  • Extended USB state testing [STRG-1840]
  • Extended Firewire state testing [STRG-1846]
  • Extended core dump test [KRNL-5820]
  • Added /lib/i386-linux-gnu/security to PAM directories
  • Added /usr/X11R6/bin directory to binary paths
  • Improved readability of screen output
  • Improved logging for several tests
  • Improved Debian version detection
  • Added warning to BIND test [NAME-4206]
  • Extended binaries with showmount and yum
  • Updated man page

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s