Monday 27 February 2017

Lynis An Open Source Security Auditing Tool For LINUX and UNIX-based Systems

Lynis An Open Source Security Auditing Tool For LINUX and UNIX-based Systems

Lynis is an open source security auditing tool. 

Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.

It even runs on systems like the Raspberry Pi, or QNAP storage devices.

Installation optional

Lynis is light-weight and easy to use. Installation is optional: just copy it to a system, and use "./lynis audit system" to start the security scan. It is written in shell script and released as open source software (GPL). Software packages are available from our software repository.

Lynis Screenshot

How it works

Lynis performs hundreds of individual tests. Each help to determine the security state of the system. This is what happens during a scan with Lynis:


  • Determine operating system
  • Search for available tools and utilities
  • Check for Lynis update
  • Run tests from enabled plugins
  • Run security tests per category
  • Report status of security scan

Besides the data displayed on screen, all technical details about the scan are stored in a log file. Any findings (warnings, suggestions, data collection) are stored in a report file.

Supported operating systems

Lynis runs on almost all UNIX-based systems and versions, including:

  • AIX
  • FreeBSD
  • HP-UX
  • Linux
  • macOS
  • NetBSD
  • OpenBSD
  • Solaris
  • and others

In-depth security scans

By performing opportunistic scanning, the tool can run with almost no dependencies. The more it finds, the deeper the audit will be. In other words, Lynis will always perform scans that are customized to your system. No audit will be the same.

Use cases

Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include:

  • Security auditing
  • Compliance testing (e.g. PCI, HIPAA, SOx)
  • Vulnerability detection and scanning
  • System hardening

Download Lynis


Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer