Extended documentation and added --pentest parameter

This commit is contained in:
mboelen 2014-09-09 14:59:49 +02:00
parent dd2ea3efaf
commit 395a2e5b22
3 changed files with 10 additions and 8 deletions

View File

@ -5,7 +5,7 @@
================================================================================ ================================================================================
Author: Michael Boelen (michael@rootkit.nl) Author: Michael Boelen (michael.boelen@cisofy.com)
Description: Security and system auditing tool Description: Security and system auditing tool
Web site: http://cisofy.com Web site: http://cisofy.com
Support policy: See section 'Support' Support policy: See section 'Support'
@ -23,7 +23,7 @@
or or
# ./lynis # ./lynis
Make sure you have root privileges. Root privileges are preferred for full audit.

8
README
View File

@ -5,7 +5,7 @@
================================================================================ ================================================================================
Author: Michael Boelen (michael@rootkit.nl) Author: Michael Boelen (michael.boelen@cisofy.com)
Description: Security and system auditing tool Description: Security and system auditing tool
Web site: http://cisofy.com/lynis/ Web site: http://cisofy.com/lynis/
http://www.rootkit.nl/projects/lynis.html http://www.rootkit.nl/projects/lynis.html
@ -48,8 +48,8 @@
- Language: Shell script - Language: Shell script
- Author: Michael Boelen - Author: Michael Boelen
- Web site: http://cisofy.com - Web site: http://cisofy.com
- Required permissions: root or equivalent - Required permissions: root preferred for full audit
- Other requirements: write access to /var/log and /tmp - Other requirements: write access to /tmp
@ -88,7 +88,7 @@
[+] Development [+] Development and Bugs
------------------------------- -------------------------------
If you have input to improve Lynis, let us know via the contact page. If you have input to improve Lynis, let us know via the contact page.

6
lynis
View File

@ -286,8 +286,9 @@
echo " #########################################################" echo " #########################################################"
echo "${NORMAL}" echo "${NORMAL}"
echo " ${WHITE}NOTES:${NORMAL}" echo " ${WHITE}NOTES:${NORMAL}"
echo " * Some tests will require root permissions" echo " ${PURPLE}*${NORMAL} Some tests will require root permissions and might fail silently"
echo " * Logging is disabled (no log and no report)" echo " ${PURPLE}*${NORMAL} This mode is not preferred for pentests, not auditing"
echo " ${PURPLE}*${NORMAL} Logging might be limited"
echo "" echo ""
echo " Press [ENTER] to continue or [CTRL] + C to break" echo " Press [ENTER] to continue or [CTRL] + C to break"
echo "" echo ""
@ -367,6 +368,7 @@
echo " --auditor \"<name>\" : Auditor name" echo " --auditor \"<name>\" : Auditor name"
echo " --check-all (-c) : Check system" echo " --check-all (-c) : Check system"
echo " --no-log : Don't create a log file" echo " --no-log : Don't create a log file"
echo " --pentest : Non-privileged scan (useful for pentest)"
echo " --profile <profile> : Scan the system with the given profile file" echo " --profile <profile> : Scan the system with the given profile file"
echo " --quick (-Q) : Quick mode, don't wait for user input" echo " --quick (-Q) : Quick mode, don't wait for user input"
echo " --tests \"<tests>\" : Run only tests defined by <tests>" echo " --tests \"<tests>\" : Run only tests defined by <tests>"