tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
lynis/FAQ

103 lines
4.4 KiB
Plaintext
Raw Blame History

================================================================================
Lynis - Frequently Asked Questions
================================================================================
Author: 2007-2013, Michael Boelen (michael.boelen@cisofy.com)
2013-now, CISOfy development team
Description: Security and system auditing tool
Web site: https://cisofy.com/lynis/
GitHub: https://github.com/CISOfy/lynis
Support address: lynis-dev@cisofy.com
Development: May 2007 - Now
Support: See README file and https://cisofy.com/support/
Documentation: See web site, README, FAQ and CHANGELOG file
================================================================================
[+] General
-------------------------------
Q: I don't understand the program (output), what to do?
A: Keep reading this FAQ. Also useful are the README file and the log file
(default: /var/log/lynis.log). Or check out the documentation on the
website: https://cisofy.com/support/
Q: I can't find any configuration file for Lynis, where is it?
A: Lynis uses profiles. A profile is similar to a configuration file and
determines how a security scan should be performed. Profiles are usually
stored in /etc/lynis or can be found using 'lynis show profiles'.
Q: My version is outdated, what can I do to upgrade?
Check out the upgrade guide: https://cisofy.com/documentation/lynis/upgrading/
Q: Why is there no port/package for my operating system?
A: Because there is no maintainer for it yet. If you have the time to keep
the port/package current for your preferred operating system, let us know.
Q: What to do with the report files?
A: The output could be used for monitoring (baseline checks). For users of the
Lynis Enterprise Suite, they will be used to upload data.
[+] Bugs or issues
-------------------------------
Q: Where can I report an issue or bug?
A: GitHub, or use the developer e-mail address lynis-dev@cisofy.com
[+] Usage problems
-------------------------------
Q: Lynis hangs while testing the group files (grpck)
A: Run the grpck command manually. It will most likely need user input, to
repair incorrect groups.
Q: Lynis doesn't display all messages on a white background
A: White text is used for general (and important) messages. Most terminals
have a dark background, so it gives extra attention to the message. However
if you have a white background (for example Mac OS X), you can run Lynis
with --no-colors to strip colors or --reverse-colors to reverse the color
scheme. Another option is to change your terminal colors within Mac OS.
Q: Some tests take very long to finish, what to do?
A: Use a second console (or connection) and check the output of ps/lsof etc,
to see the status of the active subroutine. If a specific test hangs for a
very long time, try to kill that specific process (ie grpck) and see if
Lynis continues. Afterwards, run the command manually to see the cause.
Check the log file for additional information. Usually the last few lines
will indicate what test is stuck.
Q: When running Lynis, it shows me the usage help even while using correct
parameters, why?
A: This can happen with alternative shells. Try using a different shell to
invoke Lynis (example: bash lynis audit system).
Q: One or more tests are giving incorrect output. How to solve that?
A: Check the log file. If that also has incorrect data, let us know via GitHub
or use the developer e-mail address.
Q: The program takes long to complete and also uses too much resources. Can it
be tuned?
A: The time it takes to complete depends on the amount of tests to run.
However the resources it take can be slightly lowered by increasing the
pause_between_tests profile option. Keep in mind this increases the total
length of the scan to complete.
[+] Network related issues
-------------------------------
Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,
how can I hide this warning?
A: Whitelist the interface in the profile file (if_promisc).
================================================================================
Lynis - Copyright 2007-2021, Michael Boelen, CISOfy - https://cisofy.com
Reference in New Issue View Git Blame Copy Permalink