2014-08-26 17:33:55 +02:00
|
|
|
|
|
|
|
================================================================================
|
|
|
|
|
|
|
|
Lynis - Frequently Asked Questions
|
|
|
|
|
|
|
|
================================================================================
|
|
|
|
|
2014-09-08 15:25:13 +02:00
|
|
|
Author: Michael Boelen (michael.boelen@cisofy.com)
|
2014-08-26 17:33:55 +02:00
|
|
|
Description: Security and system auditing tool
|
2015-07-22 16:27:39 +02:00
|
|
|
Web site: https://cisofy.com/lynis/
|
|
|
|
GitHub: https://github.com/CISOfy/lynis
|
|
|
|
Support address: lynis-dev@cisofy.com
|
2014-12-03 23:18:39 +01:00
|
|
|
Development: May 2007 - Now
|
2015-07-22 16:27:39 +02:00
|
|
|
Support: See README file and https://cisofy.com/support/
|
2014-08-26 17:33:55 +02:00
|
|
|
Documentation: See web site, README, FAQ and CHANGELOG file
|
|
|
|
|
|
|
|
================================================================================
|
|
|
|
|
|
|
|
[+] General
|
|
|
|
-------------------------------
|
|
|
|
|
|
|
|
Q: I don't understand the program (output), what to do?
|
2015-07-22 16:27:39 +02:00
|
|
|
A: Keep reading this FAQ. Also useful are the README file and the log file
|
|
|
|
(default: /var/log/lynis.log). Or check out the documentation on the
|
|
|
|
website: https://cisofy.com/support/
|
2014-08-26 17:33:55 +02:00
|
|
|
|
|
|
|
Q: I can't find any configuration file for Lynis, where is it?
|
|
|
|
A: There isn't one (currently), since all options are available as command
|
|
|
|
parameters. Specific options to control the audit/security scan can be set
|
|
|
|
or adjusted by changing the 'profile' file you are using (don't use
|
|
|
|
default.prf for your own custom options, but make a copy of it).
|
|
|
|
|
|
|
|
Q: Why is there no port/package for my operating system?
|
|
|
|
A: Because there is no maintainer for it yet. If you have the time to keep
|
2015-07-22 16:27:39 +02:00
|
|
|
the port/package current for your preferred operating system, let us know.
|
2014-08-26 17:33:55 +02:00
|
|
|
|
|
|
|
Q: What to do with the report files?
|
2015-07-22 16:27:39 +02:00
|
|
|
A: The output could be used for monitoring (baseline checks). For users of the
|
2014-08-26 17:33:55 +02:00
|
|
|
Lynis Enterprise Suite, they will be used to upload data.
|
|
|
|
|
|
|
|
|
|
|
|
|
2014-09-08 15:25:13 +02:00
|
|
|
[+] Bugs or issues
|
|
|
|
-------------------------------
|
|
|
|
Q: Where can I report an issue or bug?
|
2015-07-22 16:27:39 +02:00
|
|
|
A: GitHub, or use the developer e-mail address lynis-dev@cisofy.com
|
2014-09-08 15:25:13 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
2014-08-26 17:33:55 +02:00
|
|
|
[+] Usage problems
|
|
|
|
-------------------------------
|
|
|
|
Q: Lynis hangs while testing the group files (grpck)
|
|
|
|
A: Run the grpck command manually. It will most likely need user input, to
|
|
|
|
repair incorrect groups.
|
|
|
|
|
|
|
|
Q: Lynis doesn't display all messages on a white background
|
|
|
|
A: White text is used for general (and important) messages. Most terminals
|
|
|
|
have a dark background, so it gives extra attention to the message. However
|
|
|
|
if you have a white background (for example Mac OS X), you can run Lynis
|
|
|
|
with --no-colors to strip colors or --reverse-colors to reverse the color
|
2015-09-07 17:35:07 +02:00
|
|
|
scheme. Another option is to change your terminal colors within Mac OS.
|
2014-08-26 17:33:55 +02:00
|
|
|
|
|
|
|
Q: Some tests take very long to finish, what to do?
|
|
|
|
A: Use a second console (or connection) and check the output of ps/lsof etc,
|
|
|
|
to see the status of the active subroutine. If a specific test hangs for a
|
|
|
|
very long time, try to kill that specific process (ie grpck) and see if
|
|
|
|
Lynis continues. Afterwards, run the command manually to see the cause.
|
|
|
|
Check the log file for additional information, when possible.
|
|
|
|
|
|
|
|
Q: When running Lynis, it shows me the usage help even while using correct
|
|
|
|
parameters, why?
|
|
|
|
A: This can happen with alternative shells. Try using a different shell to
|
|
|
|
invoke Lynis (example: bash lynis -c).
|
|
|
|
|
|
|
|
Q: One or more tests are giving incorrect output. How to solve that?
|
2015-07-22 16:27:39 +02:00
|
|
|
A: Check the log file. If that also has incorrect data, let us know via GitHub
|
|
|
|
or the developer e-mail address.
|
2014-08-26 17:33:55 +02:00
|
|
|
|
|
|
|
Q: The program takes long to complete and also uses too much resources. Can it
|
|
|
|
be tuned?
|
2015-07-22 16:27:39 +02:00
|
|
|
A: The time it takes to complete depends on the amount of tests to run.
|
2014-08-26 17:33:55 +02:00
|
|
|
However the resources it take can be slighty lowered by increasing the
|
|
|
|
pause_between_tests profile option. Keep in mind this increases the total
|
|
|
|
length of the scan to complete.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[+] Network related issues
|
|
|
|
-------------------------------
|
|
|
|
|
|
|
|
Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,
|
|
|
|
how can I hide this warning?
|
|
|
|
A: Whitelist the interface in the profile file (if_promisc).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
================================================================================
|
2015-12-21 21:17:15 +01:00
|
|
|
Lynis - Copyright 2007-2016, Michael Boelen, CISOfy - https://cisofy.com
|