The security of a Server is one of the biggest concerns these days. Lynis will help you keep your server clean and secure. Lynis is an open source security tool for auditing hardening Linux based systems. It is a shell script that performs numerous tests and collects information about the Linux system. After the scanning is finished and all test are completed Lynis will suggest you how to increase the security of your serer.
In this blog post we will show you how to install Lynis on a CentOS 7 Virtual Server.
Login to your CentOS 7 server as user root and make sure that your system is up to date
yum -y update
Change your current working directory
cd /opt/
Download the latest stable release of Lynis to your server
wget https://cisofy.com/files/lynis-2.2.0.tar.gz
and unpack the downloaded tar package
tar xvf lynis-2.2.0.tar.gz
This will create a new ‘lynis’ directory under ‘/opt’. Go to that directory by entering:
cd lynis/
and then execute the following command
./lynis
If you run Lynis without any option specified like shown above, you will get a list of all Lynis parameters available.
If you want to scan your entire server you need to use the ‘-check-all’ option
./lynis --check-all
The scanning process usually take up a few minutes, depending on your server performance and the data stored on the server.
Once the scanning is completed, a report is created in the ‘/var/log’ directory. You can open the file and check if any warnings and suggestions are reported by Lynis
less /var/log/lynis.log
If you want to update Lynis to the latest version execute the following command
./lynis --check-update
You can run Lynis as a cronjob too. If you want to have a daily scan of your CentOS 7 server, you can easily create a cron job. Open the cronjob editor
crontab -e
and add the following cronjob
00 00 * * * root /opt/lynis --checkall --quick --auditor "automated" --cronjob
This cronjob will run Lynis and perform a full scan of your server everyday at midnight.
With this you’ll greatly improve the security of your virtual server and you’ll have a lot more information that you can use for further improvement.
PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.