lynis/FAQ

99 lines
4.2 KiB
Plaintext
Raw Normal View History

2014-08-26 17:33:55 +02:00
================================================================================
Lynis - Frequently Asked Questions
================================================================================
2014-09-08 15:25:13 +02:00
Author: Michael Boelen (michael.boelen@cisofy.com)
2014-08-26 17:33:55 +02:00
Description: Security and system auditing tool
2015-07-22 16:27:39 +02:00
Web site: https://cisofy.com/lynis/
GitHub: https://github.com/CISOfy/lynis
Support address: lynis-dev@cisofy.com
2014-12-03 23:18:39 +01:00
Development: May 2007 - Now
2015-07-22 16:27:39 +02:00
Support: See README file and https://cisofy.com/support/
2014-08-26 17:33:55 +02:00
Documentation: See web site, README, FAQ and CHANGELOG file
================================================================================
[+] General
-------------------------------
Q: I don't understand the program (output), what to do?
2015-07-22 16:27:39 +02:00
A: Keep reading this FAQ. Also useful are the README file and the log file
(default: /var/log/lynis.log). Or check out the documentation on the
website: https://cisofy.com/support/
2014-08-26 17:33:55 +02:00
Q: I can't find any configuration file for Lynis, where is it?
A: There isn't one (currently), since all options are available as command
parameters. Specific options to control the audit/security scan can be set
or adjusted by changing the 'profile' file you are using (don't use
default.prf for your own custom options, but make a copy of it).
Q: Why is there no port/package for my operating system?
A: Because there is no maintainer for it yet. If you have the time to keep
2015-07-22 16:27:39 +02:00
the port/package current for your preferred operating system, let us know.
2014-08-26 17:33:55 +02:00
Q: What to do with the report files?
2015-07-22 16:27:39 +02:00
A: The output could be used for monitoring (baseline checks). For users of the
2014-08-26 17:33:55 +02:00
Lynis Enterprise Suite, they will be used to upload data.
2014-09-08 15:25:13 +02:00
[+] Bugs or issues
-------------------------------
Q: Where can I report an issue or bug?
2015-07-22 16:27:39 +02:00
A: GitHub, or use the developer e-mail address lynis-dev@cisofy.com
2014-09-08 15:25:13 +02:00
2014-08-26 17:33:55 +02:00
[+] Usage problems
-------------------------------
Q: Lynis hangs while testing the group files (grpck)
A: Run the grpck command manually. It will most likely need user input, to
repair incorrect groups.
Q: Lynis doesn't display all messages on a white background
A: White text is used for general (and important) messages. Most terminals
have a dark background, so it gives extra attention to the message. However
if you have a white background (for example Mac OS X), you can run Lynis
with --no-colors to strip colors or --reverse-colors to reverse the color
2015-09-07 17:35:07 +02:00
scheme. Another option is to change your terminal colors within Mac OS.
2014-08-26 17:33:55 +02:00
Q: Some tests take very long to finish, what to do?
A: Use a second console (or connection) and check the output of ps/lsof etc,
to see the status of the active subroutine. If a specific test hangs for a
very long time, try to kill that specific process (ie grpck) and see if
Lynis continues. Afterwards, run the command manually to see the cause.
Check the log file for additional information, when possible.
Q: When running Lynis, it shows me the usage help even while using correct
parameters, why?
A: This can happen with alternative shells. Try using a different shell to
invoke Lynis (example: bash lynis -c).
Q: One or more tests are giving incorrect output. How to solve that?
2015-07-22 16:27:39 +02:00
A: Check the log file. If that also has incorrect data, let us know via GitHub
or the developer e-mail address.
2014-08-26 17:33:55 +02:00
Q: The program takes long to complete and also uses too much resources. Can it
be tuned?
2015-07-22 16:27:39 +02:00
A: The time it takes to complete depends on the amount of tests to run.
2014-08-26 17:33:55 +02:00
However the resources it take can be slighty lowered by increasing the
pause_between_tests profile option. Keep in mind this increases the total
length of the scan to complete.
[+] Network related issues
-------------------------------
Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,
how can I hide this warning?
A: Whitelist the interface in the profile file (if_promisc).
================================================================================
Lynis - Copyright 2007-2016, Michael Boelen, CISOfy - https://cisofy.com