How VPS - How to use/setup VPS
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
How VPS - How to use/setup VPS
No Result
View All Result
Home Operating System Debian

Install Lynis on Debian 8

How VPS by How VPS
November 1, 2019
in Debian
0
0
SHARES
19
VIEWS
Share on FacebookShare on Twitter

Contents

  1. Introduction
  2. Installation
  3. Configuration
  4. Interpreting and hardening your system
  5. Making Lynis run on a regular basis
  6. Conclusion
  7. Want to contribute?


Introduction

Lynis is a free, open-source system auditing tool that is used by many system administrators to verify the integrity and harden their systems. It can be operated as a standalone binary or it can be installed to perform checks at periodic intervals. In this article, you’ll learn how to install and use the software as well as learn to read and identify the logs that Lynis outputs.

If you would like to perform the installation on CentOS 7, please see this article.

Installation

Note: Please make sure you are logged in as the root user.

Installation of Lynis is fairly simple. To begin, let’s bring our system up to date.

apt-get update
apt-get upgrade

When prompted, enter ‘y‘. This can take anywhere between a couple of seconds to half an hour, depending on the number of packages that need to be updated and the system’s available resources.

Lynis is open source software. As such, the software’s presence is on GitHub. To download a repository, we need to clone it with the git utility, which we can install with the following command:

apt-get install git

Just as before, accept the installation prompt with ‘y‘. We also need to install certain DNS tools so that Lynis can audit our network:

apt-get install dnsutils

Now that we have the prerequisites installed, we can clone the repository:

cd ~
git clone https://github.com/CISOfy/lynis

Give it a few moments, then once it is complete, continue by entering the directory:

cd ~/lynis

We’ll do a preliminary audit to ensure it is working properly on your system:

./lynis audit system

This will perform a quick system check for any security issues that may be present on your system as well as list some recommendations. Lynis is working properly if it finishes with a result similar to the following:

Install Lynis on Debian 8

Configuration

Configuring Lynis is more difficult, however. You will need to tailor it according to your system, based on the services you are running as well as the network configuration you employed on your instance. In this article, we’ll cover commonly used network configurations as well as web servers and general system security.

Let’s start by copying the default Lynis configuration file and making our changes to it:

cp default.prf custom.prf

Then, using your preferred text editor, open custom.prf:

nano custom.prf

Scroll to the section where the plugins are listed. We’ll remove the services that do not pertain to us, to speed up testing:

Install Lynis on Debian 8

If you are not using the Nginx webserver, remove “plugin=nginx“. Chances are, your system isn’t running bind9 or dnsmasq, so you can remove them as well. If you are running them, do not remove the plugin from the audit and continue checking each item until you have removed any unnecessary checks. Once you’re done, save and exit with CTRL + X and then Y to save.

Now, let’s re-run Lynis to see the issues we need to correct in our system with the following:

./lynis --profile custom.prf

Allow a minute or two, and when it finishes, it should appear as it had in step one, but with the unnecessary scans removed.

Interpreting and hardening your system

Let’s have a look at the suggestions that Lynis provides on our base Vultr Debian 8 system:

Install Lynis on Debian 8

As you can tell, Lynis has found some potential issues present on our instance. Some nodes mention that we’ve left packet forwarding on for both IPv4 and IPv6 stacks — if you plan on using Docker or a similar container technology on a Vultr system, do not change these. If you have no need for them, you can change them temporarily on your system with the following:

sysctl -w <kernel_node>

Do this before entering your values into /etc/sysctl.conf to make sure your system functions properly with the changes. If something malfunctions, you can restart to remove such temporary changes.

In the screenshot, you’ll notice that there are other issues as well, but they are out of the scope for this article, so we’ll skip them.

Note: Make sure to do your due diligence to prevent any issues with your system.

Now, scroll down to the suggestions section, and you’ll find a good deal of configuration changes that can be made. For example, Lynis suggests changes for the permission mask of certain files. In our instance, we find a hardening suggestion:

Default umask in /etc/init.d/rc could be stricter like 027 [AUTH-9328]

Such a change can easily be accomplished by using a text editor, opening /etc/init.d/rc and finding the line umask and changing its value to 027. This value would limit newly created files to full permissions by its owner, read permissions by the group and no access for all other users except system/root.

Making Lynis run on a regular basis

This is relatively easy to do and can be accomplished by first installing crontab, and then adding a job for Lynis:

apt-get install crontab

Then, execute crontab -e, and input the following:

MAILTO="[email protected]"
0 0 * * * cd /root/lynis && ./lynis --profile custom.prf --cronjob

Save it, then exit. This will run a Lynis audit every day at midnight on your instance and send you an email with the results.

Conclusion

In this article, we covered the basics of Lynis configuration and how you can make use of it for system auditing as well as regular checks on your system.

Want to contribute?

You could earn up to $300 by adding new articles

Submit your article
Suggest an update
Request an article
How VPS

How VPS

Related Posts

Debian

How to Install WonderCMS on Debian 9

November 1, 2019
Debian

Using MySQL Views on Debian 7

November 1, 2019
Debian

How to Install and Configure TaskBoard on Debian 9

November 1, 2019
Next Post

How to Install InvoicePlane on Debian 9

How to Install Vanilla Forum on Debian 9

Install FreeRADIUS on Debian 7

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 121 Followers
  • 87.2k Followers

Recommended

Setup IPTables Firewall on CentOS 6

3 years ago

15 Useful ‘Sockstat Command Examples’ to Find Open Ports in FreeBSD

4 years ago

HTMLDoc: PDF From HTML Markup (UNIX FreeBSD)

4 years ago

Install Piwik on Ubuntu 14.04

3 years ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

Topics

Apache Web Server Bluehost Review 2019 Bluehost Review 2020 Bluehost Review 2021 Centmin Mod CentminMod centos install htop fsck htop install HTTP DoS attack Install Snort on an Ubuntu install Zabbix on CentOS install Zabbix on CentOS 7 Linux Commands linux guide linux install htop linux vps setup guide MariaDB MariaDB Error Mysql mysqld error optimize MariaDB optimize Mysql snort Ubuntu
No Result
View All Result

Highlights

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Webmin Reviews

Virtualmin Reviews

CentOS Web Panel Reviews

Ajenti Reviews

ISPConfig Reviews

Trending

Failed to download metadata for repo 'appstream' on Centos 8
CentOS

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

by How VPS
February 25, 2022
0

I tried to update some extensions by use yum on centOs which I specified in Dockerfile. After...

How to Fix MySQL Error "Plugin 'InnoDB' registration as a STORAGE ENGINE failed"?

How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”?

November 17, 2020
How to optimize Mysql or MariaDB

How to optimize Mysql or MariaDB

November 3, 2020
Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

February 17, 2020
Webmin Reviews

Webmin Reviews

February 17, 2020
How VPS – How to use/setup VPS

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8 February 25, 2022
  • How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”? November 17, 2020
  • How to optimize Mysql or MariaDB November 3, 2020

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

[mc4wp_form]

© 2018 JNews - City News Magazine WordPress theme. All rights belong to their respective owners.
JNews is a top selling 2018 WordPress News, Blog, Newspaper & Magazine Theme.

No Result
View All Result
  • Home

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.