README
1
2================================================================================
3
4 Lynis - README
5
6================================================================================
7
8 Author: 2007-2013, Michael Boelen
9 2013-2016, CISOfy
10 Description: Security and system auditing tool
11 Web site: https://cisofy.com/lynis/
12 Development: May 2007 - Now
13 Support policy: See section 'Support'
14 Documentation: See web site, README, FAQ and CHANGELOG file
15
16================================================================================
17
18
19 *** NOTE ***
20
21 The website contains the latest documentation
22
23 See https://cisofy.com/documentation/lynis/
24
25
26
27[+] Introduction
28-------------------------------
29
30 Lynis is an auditing tool which tests and gathers (security) information from
31 Unix based systems. The audience for this tool are security and system
32 auditors, network specialists and system maintainers.
33
34 Some of the (future) features and usage options:
35 - System and security audit checks
36 - Compliance testing
37 - File integrity monitoring
38 - System and file forensics
39 - Usage of templates/baselines (reporting and monitoring)
40 - Extended debugging features
41
42 Everyone is free to use Lynis under the conditions of the GPL v3 license (see
43 LICENSE file).
44
45 ========================
46 Quick facts
47 ========================
48 - Name: Lynis
49 - Type: audit, security, hardening, forensics tool
50 - License: GPL v3
51 - Language: Shell script
52 - Author: Michael Boelen, CISOfy
53 - Web site: https://cisofy.com
54 - Required permissions: root preferred, not needed
55 - Other requirements: write access to /tmp
56
57
58
59[+] Installation
60-------------------------------
61
62 Lynis doesn't have to be installed, so it can be used directly from a
63 (removable) disk. If you want the program to be installed, use one of the
64 following methods:
65
66 - Create a custom directory (ie. /usr/local/lynis) and unpack the tarball
67 (tar xfvz lynis-version.tar.gz) into this directory.
68 - Create a RPM package by using the lynis.spec file (see web site)
69 run 'rpmbuild -ta lynis-version.tar.gz' (= build RPM package)
70 run 'rpm -ivh <filename>' (= install RPM package)
71
72 See online documentation for detailed instructions.
73
74
75
76[+] Supported systems
77-------------------------------
78
79 Since the complexity of auditing different systems and platforms, Lynis is
80 developed on BSD and Linux.
81
82 This tool is tested or confirmed to work with at least:
83 AIX, Linux, FreeBSD, OpenBSD, macOS, Solaris. See the website for the full
84 list of tested operating systems.
85
86
87
88[+] Usage
89-------------------------------
90
91 See online documentation for more information about using Lynis.
92
93
94
95[+] Development and Bugs
96-------------------------------
97
98 Found an issue, or do you have a great idea? Let us know:
99
100 * GitHub - https://github.com/CISOfy/lynis
101 * E-mail - lynis-dev@cisofy.com
102
103 Contributions are appreciated and can be done via GitHub. See CONTRIBUTING.md
104 for more information about how to submit them.
105
106
107[+] Support
108-------------------------------
109
110 Lynis is tested on most common operating systems. The documentation (README,
111 FAQ) and the debugging information (/var/log/lynis.log), should cover most
112 questions and problems. Bugs can be reported via GitHub, or sending an e-mail
113 to the lynis-dev address above.
114
115 Commercial features and support is available via CISOfy. This includes support
116 for compliance testing, a web-based interface, reporting, and more.
117
118 For more information see https://cisofy.com/lynis-enterprise/ or use the
119 contact details at https://cisofy.com/contact/
120
121
122
123[+] Upgrade to Lynis Enterprise
124-------------------------------
125
126 Individuals and companies which use this software for more than 10 systems, should
127 think about the value of this tool in their job. To support ongoing development on
128 this tool we have a commercial version available. Lynis Enterprise Suite uses
129 Lynis to audit systems, but also provides malware scanning, intrusion detection
130 and has additional guidance. For all features, please see our website:
131 https://cisofy.com/lynis-enterprise/
132
133
134
135[+] Thanks
136-------------------------------
137
138 Thanks to the community for using and supporting open source software.
139 Many comments, bugs/patches and questions are the key to success and ongoing
140 motivation in developing tools like this.
141
142
143
144================================================================================
145 Lynis - Copyright 2007-2016, Michael Boelen and CISOfy - https://cisofy.com
146