Kokuthunyelwe okwandulela lokhu, sihlanganise okokufundisa ngemininingwane yobuchwepheshe, ukufakwa kanye nokusetshenziswa kwe umyalo wokuhlola, eyaziwa kangcono ngokuthi I-Linux Audit Framework (i-Linux Audit Framework). Yikuphi, futhi njengoba igama layo libonisa, inikeza a Uhlelo lokuhlola oluthobela i-CAPP, ekwazi ukuqoqa ngokuthembekile ulwazi mayelana nanoma yimuphi umcimbi ohlobene nokuvikeleka (noma cha) ohlelweni lokusebenza lwe-Linux.
Ngenxa yalesi sizathu, sibonile ukuthi kufanelekile futhi kufanelekile ukubhekana nesofthiwe efanayo namuhla, ephelele kakhulu, ethuthukisiwe futhi esebenzayo, ebizwa ngokuthi. "Lynis". okuyinto futhi a isofthiwe yokuhlola ukuphepha, imahhala, ivulekile futhi imahhala, futhi ikhonza okufanayo nangaphezulu, njengoba sizobona ngezansi.
Kodwa, ngaphambi kokuqala lokhu okuthunyelwe okuthakazelisayo mayelana isofthiwe yokuhlola ukuphepha "Lynis", sincoma i okuthunyelwe kwangaphambilini okuhlobene, ukuze kufundwe kamuva:
I-Lynis: Ithuluzi Lokuhlola Ukuvikeleka Okuzenzakalelayo
Uyini uLynis?
Ngokusho kwewebhusayithi yayo esemthethweni, abathuthukisi bayo bachaza kafushane isoftware, ngale ndlela elandelayo:
“I-Lynis iyithuluzi lokuphepha elivivinywe empini lezinhlelo ezisebenzisa i-Linux, i-macOS, noma izinhlelo zokusebenza ezise-Unix. Yenza ukuhlaziya okuphelele kwempilo yamasistimu akho ukusekela ukuqina kwesistimu nokuhlola ukuthobela imithetho. Iphrojekthi iyisofthiwe yomthombo ovulekile enelayisensi ngaphansi kwe-GPL futhi ibilokhu itholakala kusukela ngo-2007." I-Lynis: Ukucwaningwa kwamabhuku, ukuqina kwesistimu, ukuhlolwa kokuhambisana
Okwenza inhloso nokusebenza kwayo kucace kakhulu. Nokho, empilweni yakhe isigaba esisemthethweni ku-GitHub, engeza kukho, okulandelayo:
“Inhloso enkulu kaLynis ukuhlola izivikelo zezokuphepha nokunikeza iziphakamiso zokuqhubeka nokuqinisa uhlelo. Ukuze wenze lokhu, ibheka ulwazi lwesistimu olujwayelekile, amaphakheji e-software asengozini, kanye nezinkinga ezingaba khona zokumisa. Yini eyenza kube kufanelekile, ukuze abaphathi bezinhlelo kanye nabacwaningi mabhuku be-IT bangahlola ukuvikela ukuvikela kwezinhlelo zabo kanye nempahla yenhlangano.
Ngaphezu kwalokho, kubalulekile ukugqamisa Lynis, ukuthi ngiyabonga c wakho omkhuluukuqala kwamathuluzi afakiwe, iyithuluzi elikhethwa abaningi abahloli bepeni (Izihloli Zokungena Kwesistimu) kanye nabanye ochwepheshe Bezokuphepha Kolwazi emhlabeni jikelele.
Ifakwa futhi isetshenziswe kanjani ku-Linux?
Ukuyifaka kusuka ku-GitHub nokuyisebenzisa ku-Linux kulula ngempela futhi kuyashesha. Ukuze wenze lokhu, udinga kuphela ukwenza lezi zinyathelo ezi-2 ezilandelayo:
git clone https://github.com/CISOfy/lynis
cd lynis && ./lynis audit system
Bese-ke, isikhathi ngasinye lapho idinga ukwenziwa, umugqa womyalo wokugcina. Kodwa-ke, ukuhlukahluka kwe-oda elilandelayo kungasetshenziswa uma kunesidingo:
cd lynis && ./lynis audit system --quick
cd lynis && ./lynis audit system --wait
Ngokwenza okucace kakhudlwana noma ukwenziwa okunensayo ngokungenela komsebenzisi okusebenzisayo.
Inikeza luphi ulwazi?
Uma isikhishiwe, inikeza ulwazi kulawa maphuzu obuchwepheshe alandelayo:
Ekuqaleni
- Amanani okuqalisa wethuluzi le-Lynis, isistimu yokusebenza esetshenzisiwe, amathuluzi nama-plugin afakiwe noma cha, kanye nokucushwa kwe-boot nezinsizakalo ezitholwe kuyo.
- I-Kernel, inkumbulo kanye nezinqubo ze-OS.
- Abasebenzisi namaqembu, kanye nokuqinisekiswa kwe-OS.
- I-Shell kanye ne-File Systems ye-OS.
- imininingwane yocwaningo ku: I-USB nemishini yokugcina ekhona ku-OS.
- I-NFS, DNS, Ports and Packages of the OS.
- Uxhumano Lwenethiwekhi, Amaphrinta nama-Spools, kanye nesofthiwe ye-imeyili ne-Messaging ifakiwe.
- Ama-firewall namaseva ewebhu afakwe ku-OS.
- Isevisi ye-SSH elungiselelwe ku-OS.
- Ukusekelwa kwe-SNMP, imininingwane egciniwe, isevisi ye-LDAP kanye nohlelo lwe-PHP olulungiselelwe ku-OS.
- Ukusekelwa kwe-squid, Ukugawulwa Kwemithi kanye namafayela ayo, Amasevisi angavikelekile nezibhengezo kanye nezindlela zokuhlonza ezilungiselelwe ku-OS.
- Imisebenzi ehleliwe, i-Accounting, Isikhathi nokuvumelanisa.
- I-Cryptography, i-Virtualization, izinhlelo ze-Container, i-Security Frameworks, nesofthiwe ehlobene nobuqotho befayela namathuluzi esistimu
- Isofthiwe yohlobo lohlelo olungayilungele ikhompuyutha, Izimvume Zefayela, Iziqondiso Zasekhaya, Ukuqina Kwe-Kernel Nokuqina Okujwayelekile, Nokuhlola Ngokwezifiso.
Ekupheleni
Nini Lynis iyaphela, ifingqa imiphumela etholiwe, ihlukaniswe:
- Izexwayiso neziphakamiso (izinkinga eziphuthumayo neziphakamiso ezibalulekile)
Note: Ukuze ubone kamuva, izixwayiso neziphakamiso singenza imiyalo elandelayo
sudo grep Warning /var/log/lynis.log
sudo grep Suggestion /var/log/lynis.log
- Imininingwane yokuskena kwezokuvikela
Kuleli qophelo, sizokwazi kancane kancane Buyekeza amafayela ngocwaningo olukhiqiziwe, endleleni ekhonjisiwe, njengoba kukhonjisiwe esithombeni esingaphambili esingenhla, ukuqala ukuxazulula inkinga ngayinye, kutholwe ukuntula nokuba sengozini.
Amafayela (amafayela anocwaningo olukhiqiziwe):
- Ulwazi lokuhlola nokususa iphutha : /home/myuser/lynis.log
- Bika idatha : /home/myusername/lynis-report.dat
Futhi ekugcineni, u-Lynis unikeza ithuba lokuthola ulwazi olwengeziwe mayelana nesiphakamiso ngasinye esikhiqizwayo, usebenzisa umyalo khombisa imininingwane kulandelwa inombolo TEST_ID, njengoba kukhonjisiwe ngezansi:
lynis show details KRNL-5830
lynis show details FILE-7524
Futhi ku Funda kabanzi ngombungazi, u Lynis izixhumanisi ezilandelayo ziyatholakala:
Isifingqo
Kafushane, sithemba ukuthi lokhu kushicilelwa kuhlobene nokumahhala, okuvulekile nokumahhala, isofthiwe yokuhlola ukuphepha ku-Linux, macOS kanye ne-Unix kubizwa "Lynis", vumela abaningi, amandla cwaninga (hlola futhi uhlole) amakhompuyutha abo kanye nezinhlelo zokusebenza zeseva kalula. Ukuze, ngenxa yalokho, bakwazi ukuziqinisa (ziqinise) ngokwemibandela yesofthiwe, ngokuthola futhi balungise noma isiphi isici noma ukumisa, okushodayo, okunganele noma okungekho. Ngaleyo ndlela, ukukwazi ukunciphisa nokugwema ukwehluleka okungenzeka noma ukuhlaselwa ngobungozi obungaziwa.
Okokugcina, ungakhohlwa ukunikeza umbono wakho ngesihloko sanamuhla, ngokuphawula. Futhi uma ukuthandile lokhu okuthunyelwe, ungayeki ukuwabelana nabanye. Futhi, khumbula vakashela ikhasi lethu lasekhaya en «DesdeLinux» ukuhlola izindaba eziningi, futhi ujoyine isiteshi sethu esisemthethweni se I-Telegram ye DesdeLinux, ENtshonalanga iqembu ukuze uthole ulwazi olwengeziwe ngesihloko sanamuhla.