lynis/FAQ

103 lines
4.4 KiB
Plaintext
Raw Normal View History

2014-08-26 17:33:55 +02:00
================================================================================
Lynis - Frequently Asked Questions
================================================================================
2016-07-27 12:24:25 +02:00
Author: 2007-2013, Michael Boelen (michael.boelen@cisofy.com)
2013-now, CISOfy development team
2014-08-26 17:33:55 +02:00
Description: Security and system auditing tool
2015-07-22 16:27:39 +02:00
Web site: https://cisofy.com/lynis/
GitHub: https://github.com/CISOfy/lynis
Support address: lynis-dev@cisofy.com
2014-12-03 23:18:39 +01:00
Development: May 2007 - Now
2015-07-22 16:27:39 +02:00
Support: See README file and https://cisofy.com/support/
2014-08-26 17:33:55 +02:00
Documentation: See web site, README, FAQ and CHANGELOG file
================================================================================
[+] General
-------------------------------
Q: I don't understand the program (output), what to do?
2015-07-22 16:27:39 +02:00
A: Keep reading this FAQ. Also useful are the README file and the log file
(default: /var/log/lynis.log). Or check out the documentation on the
website: https://cisofy.com/support/
2014-08-26 17:33:55 +02:00
Q: I can't find any configuration file for Lynis, where is it?
2021-07-22 11:21:41 +02:00
A: Lynis uses profiles. A profile is similar to a configuration file and
determines how a security scan should be performed. Profiles are usually
stored in /etc/lynis or can be found using 'lynis show profiles'.
2016-07-27 12:24:25 +02:00
Q: My version is outdated, what can I do to upgrade?
Check out the upgrade guide: https://cisofy.com/documentation/lynis/upgrading/
2014-08-26 17:33:55 +02:00
Q: Why is there no port/package for my operating system?
A: Because there is no maintainer for it yet. If you have the time to keep
2015-07-22 16:27:39 +02:00
the port/package current for your preferred operating system, let us know.
2014-08-26 17:33:55 +02:00
Q: What to do with the report files?
2015-07-22 16:27:39 +02:00
A: The output could be used for monitoring (baseline checks). For users of the
2014-08-26 17:33:55 +02:00
Lynis Enterprise Suite, they will be used to upload data.
2014-09-08 15:25:13 +02:00
[+] Bugs or issues
-------------------------------
Q: Where can I report an issue or bug?
2015-07-22 16:27:39 +02:00
A: GitHub, or use the developer e-mail address lynis-dev@cisofy.com
2014-09-08 15:25:13 +02:00
2014-08-26 17:33:55 +02:00
[+] Usage problems
-------------------------------
Q: Lynis hangs while testing the group files (grpck)
A: Run the grpck command manually. It will most likely need user input, to
repair incorrect groups.
Q: Lynis doesn't display all messages on a white background
A: White text is used for general (and important) messages. Most terminals
have a dark background, so it gives extra attention to the message. However
if you have a white background (for example Mac OS X), you can run Lynis
with --no-colors to strip colors or --reverse-colors to reverse the color
2015-09-07 17:35:07 +02:00
scheme. Another option is to change your terminal colors within Mac OS.
2014-08-26 17:33:55 +02:00
Q: Some tests take very long to finish, what to do?
A: Use a second console (or connection) and check the output of ps/lsof etc,
to see the status of the active subroutine. If a specific test hangs for a
very long time, try to kill that specific process (ie grpck) and see if
Lynis continues. Afterwards, run the command manually to see the cause.
2016-07-27 12:24:25 +02:00
Check the log file for additional information. Usually the last few lines
will indicate what test is stuck.
2014-08-26 17:33:55 +02:00
Q: When running Lynis, it shows me the usage help even while using correct
parameters, why?
A: This can happen with alternative shells. Try using a different shell to
2021-07-22 11:21:41 +02:00
invoke Lynis (example: bash lynis audit system).
2014-08-26 17:33:55 +02:00
Q: One or more tests are giving incorrect output. How to solve that?
2015-07-22 16:27:39 +02:00
A: Check the log file. If that also has incorrect data, let us know via GitHub
2021-07-22 11:21:41 +02:00
or use the developer e-mail address.
2014-08-26 17:33:55 +02:00
Q: The program takes long to complete and also uses too much resources. Can it
be tuned?
2015-07-22 16:27:39 +02:00
A: The time it takes to complete depends on the amount of tests to run.
2018-04-23 10:54:44 +02:00
However the resources it take can be slightly lowered by increasing the
2014-08-26 17:33:55 +02:00
pause_between_tests profile option. Keep in mind this increases the total
length of the scan to complete.
[+] Network related issues
-------------------------------
Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,
how can I hide this warning?
A: Whitelist the interface in the profile file (if_promisc).
================================================================================
2021-01-07 15:22:19 +01:00
Lynis - Copyright 2007-2021, Michael Boelen, CISOfy - https://cisofy.com