tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-11-04 05:05:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
lynis/FAQ

98 lines
4.1 KiB
Plaintext
Raw Blame History

================================================================================
Lynis - Frequently Asked Questions
================================================================================
Author: Michael Boelen (michael.boelen@cisofy.com)
Description: Security and system auditing tool
Website: https://cisofy.com/lynis/
Development: May 2007 - Now
Suppor: See README file and https://cisofy.com/support/
Documentation: See web site, README, FAQ and CHANGELOG file
================================================================================
[+] General
-------------------------------
Q: I don't understand the program (output), what to do?
A: Keep reading this FAQ, then continue with reading the README file, followed
by the log file (default: /var/log/lynis.log). After those sources, check
the documentation on the website.
Q: I can't find any configuration file for Lynis, where is it?
A: There isn't one (currently), since all options are available as command
parameters. Specific options to control the audit/security scan can be set
or adjusted by changing the 'profile' file you are using (don't use
default.prf for your own custom options, but make a copy of it).
Q: Why is there no port/package for my operating system?
A: Because there is no maintainer for it yet. If you have the time to keep
the port/package current for your preferred operating system, fill in the
contact form to notify me and confirm no one else is working on it.
Q: What to do with the report files?
A: The output could be used for monitoring (baseline checks). For user of the
Lynis Enterprise Suite, they will be used to upload data.
[+] Bugs or issues
-------------------------------
Q: Where can I report an issue or bug?
A: Use the developer e-mail address lynis-dev@cisofy.com
[+] Usage problems
-------------------------------
Q: Lynis hangs while testing the group files (grpck)
A: Run the grpck command manually. It will most likely need user input, to
repair incorrect groups.
Q: Lynis doesn't display all messages on a white background
A: White text is used for general (and important) messages. Most terminals
have a dark background, so it gives extra attention to the message. However
if you have a white background (for example Mac OS X), you can run Lynis
with --no-colors to strip colors or --reverse-colors to reverse the color
scheme. Another option is to change your terminal colors within Mac OS.
Q: Some tests take very long to finish, what to do?
A: Use a second console (or connection) and check the output of ps/lsof etc,
to see the status of the active subroutine. If a specific test hangs for a
very long time, try to kill that specific process (ie grpck) and see if
Lynis continues. Afterwards, run the command manually to see the cause.
Check the log file for additional information, when possible.
Q: When running Lynis, it shows me the usage help even while using correct
parameters, why?
A: This can happen with alternative shells. Try using a different shell to
invoke Lynis (example: bash lynis -c).
Q: One or more tests are giving incorrect output. How to solve that?
A: Check the log file. If that also has incorrect data, fill in the contact
form and describe the issue.
Q: The program takes long to complete and also uses too much resources. Can it
be tuned?
A: The time it takes to complete is depends on the amount of tests to run.
However the resources it take can be slighty lowered by increasing the
pause_between_tests profile option. Keep in mind this increases the total
length of the scan to complete.
[+] Network related issues
-------------------------------
Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,
how can I hide this warning?
A: Whitelist the interface in the profile file (if_promisc).
================================================================================
Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
Reference in New Issue View Git Blame Copy Permalink