Lynis: Software na duba tsaro akan Linux, macOS da UNIX

Linux Post Install

13 minti

Lynis: Software na duba tsaro akan Linux, macOS da UNIX

Lynis: Software na duba tsaro akan Linux, macOS da UNIX

A cikin sakon da ya gabata nan da nan, mun rufe koyawa kan cikakkun bayanai na fasaha, shigarwa da amfani da umarnin dubawa, wanda aka fi sani da Tsarin Audit Linux (Tsarin Audit Linux). Wanda kuma kamar yadda sunansa ke nunawa. bayar da a CAPP mai bin tsarin dubawa, wanda ke iya dogara da tattara bayanai game da duk wani abin da ya shafi tsaro (ko a'a) akan tsarin aiki na Linux.

Don haka, mun ga cewa ya dace kuma ya dace a magance irin wannan software a yau, mafi cika, ci gaba da aiki, mai suna. "Lynis". wanda kuma a software duba tsaro, kyauta, budewa da kyauta, kuma suna hidima iri ɗaya da ƙari, kamar yadda za mu gani a ƙasa.

Tsarin Binciken Linux: Duk Game da Dokar Auditd

Tsarin Binciken Linux: Duk Game da Dokar Auditd

Amma, kafin fara wannan matsayi mai ban sha'awa game da software duba tsaro "Lynis", muna ba da shawarar da bayanan da suka gabata, don karantawa:

Tsarin Binciken Linux: Duk Game da Dokar Auditd
Labari mai dangantaka:
Tsarin Binciken Linux: Duk Game da Dokar Auditd

Lynis: Kayan aikin Binciken Tsaro Na atomatik

Lynis: Kayan aikin Binciken Tsaro Na atomatik

Menene Lynis?

Bisa ga gidan yanar gizon ta na hukuma, masu haɓaka ta sun bayyana wannan software a taƙaice, kamar haka:

"Lynis kayan aikin tsaro ne da aka gwada yaƙi don tsarin da ke gudana Linux, macOS, ko tsarin aiki na tushen Unix. Yana yin cikakken bincike game da lafiyar tsarin ku don tallafawa taurin tsarin da gwajin yarda. Aikin buɗaɗɗen software software ne mai lasisi a ƙarƙashin GPL kuma yana samuwa tun 2007." Lynis: Audit, taurin tsarin, gwajin yarda

Wanda ya bayyana manufarsa da aikinsa a sarari. Duk da haka, a cikin nasa sashin hukuma akan GitHub, ƙara da shi, kamar haka:

“Babban manufar Lynis ita ce gwada kariyar tsaro da bayar da shawarwari don kara karfafa tsarin. Don yin wannan, yana neman bayanan tsarin gabaɗaya, fakitin software masu rauni, da matsalolin daidaitawa. Abin da ya sa ya dace, don haka masu kula da tsarin da masu binciken IT na iya tantance kariyar tsaro na tsarin su da kayan aikin kungiya.

Bugu da ƙari kuma, yana da mahimmanci don haskakawa Lynis, cewa godiya ga mai girma cfarkon kayan aikin da aka haɗa, kayan aiki ne da aka fi so ga mutane da yawa masu gwada alkalami (Masu gwada shigar da tsarin) da sauran kwararrun Tsaron Bayanai a duk duniya.

Ta yaya ake shigar da amfani da shi akan Linux?

Ta yaya ake shigar da amfani da shi akan Linux?

Shigar da shi daga GitHub da gudanar da shi akan Linux yana da sauƙi da sauri. Don yin wannan, kawai kuna buƙatar aiwatar da matakai 2 masu zuwa:

git clone https://github.com/CISOfy/lynis
cd lynis && ./lynis audit system

Sannan, duk lokacin da ake buƙatar aiwatar da shi, kawai layin umarni na ƙarshe. Koyaya, ana iya amfani da bambance-bambancen oda mai zuwa idan ya cancanta:

cd lynis && ./lynis audit system --quick

cd lynis && ./lynis audit system --wait

Don ƙarin bayyana kisa ko a hankali kisa tare da sa hannun mai amfani wanda ya aiwatar da shi.

Wane bayani yake bayarwa?

Da zarar an aiwatar da shi, yana ba da bayanai kan abubuwan fasaha masu zuwa:

A farkon

  • Ƙimar farawa na kayan aikin Lynis, tsarin aiki da aka yi amfani da shi, kayan aiki da plugins da aka shigar ko a'a, da saitunan taya da ayyukan da aka gano a kai.

Lynis - Bayanin Boot - Hoton hoto 1

Lynis - Bayanin Boot - Hoton hoto 2

Lynis - Bayanin Boot - Hoton hoto 3

Lynis - Bayanin Boot - Hoton hoto 4

Lynis - Bayanin Boot - Hoton hoto 5

  • Kernel, ƙwaƙwalwar ajiya da tsarin OS.

Screenshot 6

  • Masu amfani da ƙungiyoyi, da kuma tabbatar da OS.

Screenshot 7

  • Tsarin Shell da Fayil na OS.

Screenshot 8

  • bayanan duba akan: USB da na'urorin ajiya da ke cikin OS.

Screenshot 9

  • NFS, DNS, Tashoshi da Fakitin OS.

Screenshot 10

  • Haɗin hanyar sadarwa, Firintoci da Spools, da software na Imel da Saƙo.

Screenshot 11

  • Firewalls da Web Servers da aka shigar a cikin OS.

Screenshot 12

Screenshot 13

  • An saita sabis ɗin SSH a cikin OS.

Screenshot 14

  • Taimakon SNMP, bayanan bayanai, sabis na LDAP da tsarin PHP da aka saita a cikin OS.

Screenshot 15

  • Tallafin Squid, Shiga da fayilolin sa, Sabis marasa tsaro da Banners da hanyoyin ganowa waɗanda aka saita a cikin OS.

Screenshot 16

Screenshot 17

  • Ayyukan da aka tsara, Lissafi, Lokaci da aiki tare.

Screenshot 18

  • Rubutun Rubutun Rubuce-Rubuce, Ƙwarewa, Tsarin kwantena, Tsarin Tsaro, da software masu alaƙa da amincin fayil da kayan aikin tsarin.

Screenshot 19

Screenshot 20

  • Nau'in software na Malware, Izinin Fayil, kundayen adireshi na gida, Tauraruwar Kernel da Tauraruwar Gabaɗaya, da Gwajin Al'ada.

Screenshot 21

Screenshot 22

Screenshot 22

Screenshot 23

A karshen

Lokacin Lynis ƙare, yana taƙaita sakamakon da aka samu, zuwa:

  • Gargadi da shawarwari (matsalolin gaggawa da shawarwari masu mahimmanci)

Lynis: Hoton hoto 24

Lynis: Hoton hoto 25

Lynis: Hoton hoto 26

Lynis: Hoton hoto 27

Lynis: Hoton hoto 28

Note: Don ganin daga baya, gargaɗin da shawarwari za mu iya aiwatar da umarni masu zuwa

sudo grep Warning /var/log/lynis.log
sudo grep Suggestion /var/log/lynis.log
  • Cikakkun bayanai na binciken tsaro

Lynis: Hoton hoto 29

Lynis: Hoton hoto 30

A wannan lokaci, za mu iya kadan da kadan Bincika fayilolin tare da tantancewar da aka samar, a cikin hanyar da aka nuna, kamar yadda aka nuna a cikin hoton da ke sama, don fara magance kowace matsala, an gano rashi da lahani.

Fayiloli (fayilolin da aka ƙirƙira):

- Gwaji da cire bayanai: /home/myuser/lynis.log
– Rahoton bayanai: /home/myusername/lynis-report.dat

Kuma a ƙarshe, Lynis yana ba da damar samun ƙarin bayani game da kowace shawara da aka samar, ta amfani da umarnin nuna bayanai biye da lamba TEST_ID, kamar yadda aka nuna a ƙasa:

lynis show details KRNL-5830
lynis show details FILE-7524

Koyi game da Lynis

Kuma zuwa Karin bayani game da Lynis akwai hanyoyin haɗin yanar gizo masu zuwa:

Zagaye: Banner post 2021

Tsaya

A taƙaice, muna fatan wannan littafin da ya shafi kyauta, buɗewa da kyauta, software na duba tsaro akan Linux, macOS da Unix da ake kira "Lynis", ba da izini da yawa, iko duba (bincika da kimanta) Kwamfuta daban-daban da tsarin aiki na uwar garke cikin sauƙi. Don haka, saboda haka, za su iya ƙarfafa su (taurare) ta fuskar software, ta hanyar ganowa da gyara kowane bangare ko tsari, gazawa, rashin isa ko babu. Ta wannan hanyar, don samun damar ragewa da kuma guje wa yuwuwar gazawa ko kai hari ta hanyar raunin da ba a sani ba.

A ƙarshe, kar ku manta da bayar da gudummawar ra'ayoyin ku kan batun yau, ta hanyar sharhi. Kuma idan kuna son wannan post, kar a daina raba shi ga wasu. Hakanan, ku tuna ziyarci shafinmu na gida en «DesdeLinux» don bincika ƙarin labarai, kuma ku shiga tashar mu ta hukuma Telegram na DesdeLinux, Yamma rukuni don ƙarin bayani kan batun yau.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.