Changelog lynis v2.4.0:
New:
+ New group “system integrity” added
+ Support for clamconf utility
+ Chinese translation (language=cn)
+ New command “upload-only” to upload just the data instead of a full audit
+ Enhanced support for macOS, including HostID2 generation for macOS
+ Support for CoreOS
+ Detection for pkg binary (FreeBSD)
+ New command: lynis show hostids (show host ID)
+ New command: lynis show environment (hardware, VM, or container type)
+ New command: lynis show os (show operating system details)
Changes:
+ Several new sysctl values have been added to the default profile
+ Existing tests have been enhanced to support macOS
Tests:
+ AUTH-9234 – Support for macOS user gathering
+ BOOT-5139 – Support for machine roles in LILO test
+ BOOT-5202 – Improve uptime detection for macOS and others
+ FIRE-4518 – Improve pf detection and mark as root-only test
+ FIRE-4530 – Don’t show error on screen for missing IPFW sysctl key
+ FIRE-4534 – Check Little Snitch on macOS
+ INSE-8050 – Test for insecure services on macOS
+ MACF-6208 – Allow non-privileged execution and filter permission issues
+ MALW-3280 – Detection for Avast and Bitdefender daemon on macOS
+ NETW-3004 – Support for macOS
+ PKGS-7381 – Improve test for pkg audit on FreeBSD
+ TIME-3104 – Chrony support extended
Plugins (community and commercial):
+ PLGN-1430 – Gather installed software packages for macOS
+ PLGN-4602 – Support for Clam definition check on macOS
lynis v2.4.0
lynis v2.3.3
lynis v2.2.1
lynis v2.2.0
lynis-v-2-1-8
Lynis is a security auditing for Unix derivatives like Linux, BSD, and Solaris. It performs an in-depth security scan on the system to detect software and security issues. Besides information related to security, it will also scan for general system information, vulnerable software packages, and possible configuration issues.
We believe software should be simple, updated on a regular basis and open. You should be able to trust, understand, and even alter the software. Many agree with us, as the software is being used by thousands every day to protect their systems.
Main goals:
+ Security auditing (automated)
+ Compliance testing (e.g. PCI-DSS, HIPAA)
+ Vulnerability testing
The software aims to also assist with:
+ Configuration management
+ Software patch management
+ System hardening
+ Penetration testing
+ Malware scanning
+ Intrusion detection
Installation:
git clone https://github.com/CISOfy/lynis cd lynis ./lynis audit system ----------------------------------------- update cd <your lynis folder> git pull origin master
Or
Download : 2.4.0.zip | 2.4.0.tar.gz
Our post Before | Source: https://cisofy.com/lynis/