I-Lynis: Isoftware yokuhlola ukuphepha ku-Linux, macOS kanye ne-UNIX

Linux Post Install

Imizuzu ye-13

I-Lynis: Isoftware yokuhlola ukuphepha ku-Linux, macOS kanye ne-UNIX

I-Lynis: Isoftware yokuhlola ukuphepha ku-Linux, macOS kanye ne-UNIX

Kokuthunyelwe okwandulela lokhu, sihlanganise okokufundisa ngemininingwane yobuchwepheshe, ukufakwa kanye nokusetshenziswa kwe umyalo wokuhlola, eyaziwa kangcono ngokuthi I-Linux Audit Framework (i-Linux Audit Framework). Yikuphi, futhi njengoba igama layo libonisa, inikeza a Uhlelo lokuhlola oluthobela i-CAPP, ekwazi ukuqoqa ngokuthembekile ulwazi mayelana nanoma yimuphi umcimbi ohlobene nokuvikeleka (noma cha) ohlelweni lokusebenza lwe-Linux.

Ngenxa yalesi sizathu, sibonile ukuthi kufanelekile futhi kufanelekile ukubhekana nesofthiwe efanayo namuhla, ephelele kakhulu, ethuthukisiwe futhi esebenzayo, ebizwa ngokuthi. "Lynis". okuyinto futhi a isofthiwe yokuhlola ukuphepha, imahhala, ivulekile futhi imahhala, futhi ikhonza okufanayo nangaphezulu, njengoba sizobona ngezansi.

I-Linux Audit Framework: Konke Mayelana ne-Auditd Command

I-Linux Audit Framework: Konke Mayelana ne-Auditd Command

Kodwa, ngaphambi kokuqala lokhu okuthunyelwe okuthakazelisayo mayelana isofthiwe yokuhlola ukuphepha "Lynis", sincoma i okuthunyelwe kwangaphambilini okuhlobene, ukuze kufundwe kamuva:

I-Linux Audit Framework: Konke Mayelana ne-Auditd Command
I-athikili ehlobene:
I-Linux Audit Framework: Konke Mayelana ne-Auditd Command

I-Lynis: Ithuluzi Lokuhlola Ukuvikeleka Okuzenzakalelayo

I-Lynis: Ithuluzi Lokuhlola Ukuvikeleka Okuzenzakalelayo

Uyini uLynis?

Ngokusho kwewebhusayithi yayo esemthethweni, abathuthukisi bayo bachaza kafushane isoftware, ngale ndlela elandelayo:

“I-Lynis iyithuluzi lokuphepha elivivinywe empini lezinhlelo ezisebenzisa i-Linux, i-macOS, noma izinhlelo zokusebenza ezise-Unix. Yenza ukuhlaziya okuphelele kwempilo yamasistimu akho ukusekela ukuqina kwesistimu nokuhlola ukuthobela imithetho. Iphrojekthi iyisofthiwe yomthombo ovulekile enelayisensi ngaphansi kwe-GPL futhi ibilokhu itholakala kusukela ngo-2007." I-Lynis: Ukucwaningwa kwamabhuku, ukuqina kwesistimu, ukuhlolwa kokuhambisana

Okwenza inhloso nokusebenza kwayo kucace kakhulu. Nokho, empilweni yakhe isigaba esisemthethweni ku-GitHub, engeza kukho, okulandelayo:

“Inhloso enkulu kaLynis ukuhlola izivikelo zezokuphepha nokunikeza iziphakamiso zokuqhubeka nokuqinisa uhlelo. Ukuze wenze lokhu, ibheka ulwazi lwesistimu olujwayelekile, amaphakheji e-software asengozini, kanye nezinkinga ezingaba khona zokumisa. Yini eyenza kube kufanelekile, ukuze abaphathi bezinhlelo kanye nabacwaningi mabhuku be-IT bangahlola ukuvikela ukuvikela kwezinhlelo zabo kanye nempahla yenhlangano.

Ngaphezu kwalokho, kubalulekile ukugqamisa Lynis, ukuthi ngiyabonga c wakho omkhuluukuqala kwamathuluzi afakiwe, iyithuluzi elikhethwa abaningi abahloli bepeni (Izihloli Zokungena Kwesistimu) kanye nabanye ochwepheshe Bezokuphepha Kolwazi emhlabeni jikelele.

Ifakwa futhi isetshenziswe kanjani ku-Linux?

Ifakwa futhi isetshenziswe kanjani ku-Linux?

Ukuyifaka kusuka ku-GitHub nokuyisebenzisa ku-Linux kulula ngempela futhi kuyashesha. Ukuze wenze lokhu, udinga kuphela ukwenza lezi zinyathelo ezi-2 ezilandelayo:

git clone https://github.com/CISOfy/lynis
cd lynis && ./lynis audit system

Bese-ke, isikhathi ngasinye lapho idinga ukwenziwa, umugqa womyalo wokugcina. Kodwa-ke, ukuhlukahluka kwe-oda elilandelayo kungasetshenziswa uma kunesidingo:

cd lynis && ./lynis audit system --quick

cd lynis && ./lynis audit system --wait

Ngokwenza okucace kakhudlwana noma ukwenziwa okunensayo ngokungenela komsebenzisi okusebenzisayo.

Inikeza luphi ulwazi?

Uma isikhishiwe, inikeza ulwazi kulawa maphuzu obuchwepheshe alandelayo:

Ekuqaleni

  • Amanani okuqalisa wethuluzi le-Lynis, isistimu yokusebenza esetshenzisiwe, amathuluzi nama-plugin afakiwe noma cha, kanye nokucushwa kwe-boot nezinsizakalo ezitholwe kuyo.

I-Lynis - Ulwazi Lwebhuthi - Isithombe-skrini 1

I-Lynis - Ulwazi Lwebhuthi - Isithombe-skrini 2

I-Lynis - Ulwazi Lwebhuthi - Isithombe-skrini 3

I-Lynis - Ulwazi Lwebhuthi - Isithombe-skrini 4

I-Lynis - Ulwazi Lwebhuthi - Isithombe-skrini 5

  • I-Kernel, inkumbulo kanye nezinqubo ze-OS.

Isithombe-skrini 6

  • Abasebenzisi namaqembu, kanye nokuqinisekiswa kwe-OS.

Isithombe-skrini 7

  • I-Shell kanye ne-File Systems ye-OS.

Isithombe-skrini 8

  • imininingwane yocwaningo ku: I-USB nemishini yokugcina ekhona ku-OS.

Isithombe-skrini 9

  • I-NFS, DNS, Ports and Packages of the OS.

Isithombe-skrini 10

  • Uxhumano Lwenethiwekhi, Amaphrinta nama-Spools, kanye nesofthiwe ye-imeyili ne-Messaging ifakiwe.

Isithombe-skrini 11

  • Ama-firewall namaseva ewebhu afakwe ku-OS.

Isithombe-skrini 12

Isithombe-skrini 13

  • Isevisi ye-SSH elungiselelwe ku-OS.

Isithombe-skrini 14

  • Ukusekelwa kwe-SNMP, imininingwane egciniwe, isevisi ye-LDAP kanye nohlelo lwe-PHP olulungiselelwe ku-OS.

Isithombe-skrini 15

  • Ukusekelwa kwe-squid, Ukugawulwa Kwemithi kanye namafayela ayo, Amasevisi angavikelekile nezibhengezo kanye nezindlela zokuhlonza ezilungiselelwe ku-OS.

Isithombe-skrini 16

Isithombe-skrini 17

  • Imisebenzi ehleliwe, i-Accounting, Isikhathi nokuvumelanisa.

Isithombe-skrini 18

  • I-Cryptography, i-Virtualization, izinhlelo ze-Container, i-Security Frameworks, nesofthiwe ehlobene nobuqotho befayela namathuluzi esistimu

Isithombe-skrini 19

Isithombe-skrini 20

  • Isofthiwe yohlobo lohlelo olungayilungele ikhompuyutha, Izimvume Zefayela, Iziqondiso Zasekhaya, Ukuqina Kwe-Kernel Nokuqina Okujwayelekile, Nokuhlola Ngokwezifiso.

Isithombe-skrini 21

Isithombe-skrini 22

Isithombe-skrini 22

Isithombe-skrini 23

Ekupheleni

Nini Lynis iyaphela, ifingqa imiphumela etholiwe, ihlukaniswe:

  • Izexwayiso neziphakamiso (izinkinga eziphuthumayo neziphakamiso ezibalulekile)

U-Lynis: Isithombe-skrini 24

U-Lynis: Isithombe-skrini 25

U-Lynis: Isithombe-skrini 26

U-Lynis: Isithombe-skrini 27

U-Lynis: Isithombe-skrini 28

Note: Ukuze ubone kamuva, izixwayiso neziphakamiso singenza imiyalo elandelayo

sudo grep Warning /var/log/lynis.log
sudo grep Suggestion /var/log/lynis.log
  • Imininingwane yokuskena kwezokuvikela

U-Lynis: Isithombe-skrini 29

U-Lynis: Isithombe-skrini 30

Kuleli qophelo, sizokwazi kancane kancane Buyekeza amafayela ngocwaningo olukhiqiziwe, endleleni ekhonjisiwe, njengoba kukhonjisiwe esithombeni esingaphambili esingenhla, ukuqala ukuxazulula inkinga ngayinye, kutholwe ukuntula nokuba sengozini.

Amafayela (amafayela anocwaningo olukhiqiziwe):

- Ulwazi lokuhlola nokususa iphutha : /home/myuser/lynis.log
- Bika idatha : /home/myusername/lynis-report.dat

Futhi ekugcineni, u-Lynis unikeza ithuba lokuthola ulwazi olwengeziwe mayelana nesiphakamiso ngasinye esikhiqizwayo, usebenzisa umyalo khombisa imininingwane kulandelwa inombolo TEST_ID, njengoba kukhonjisiwe ngezansi:

lynis show details KRNL-5830
lynis show details FILE-7524

Funda kabanzi mayelana no Lynis

Futhi ku Funda kabanzi ngombungazi, u Lynis izixhumanisi ezilandelayo ziyatholakala:

Umjikelezo: Okuthunyelwe kwesibhengezo sango-2021

Isifingqo

Kafushane, sithemba ukuthi lokhu kushicilelwa kuhlobene nokumahhala, okuvulekile nokumahhala, isofthiwe yokuhlola ukuphepha ku-Linux, macOS kanye ne-Unix kubizwa "Lynis", vumela abaningi, amandla cwaninga (hlola futhi uhlole) amakhompuyutha abo kanye nezinhlelo zokusebenza zeseva kalula. Ukuze, ngenxa yalokho, bakwazi ukuziqinisa (ziqinise) ngokwemibandela yesofthiwe, ngokuthola futhi balungise noma isiphi isici noma ukumisa, okushodayo, okunganele noma okungekho. Ngaleyo ndlela, ukukwazi ukunciphisa nokugwema ukwehluleka okungenzeka noma ukuhlaselwa ngobungozi obungaziwa.

Okokugcina, ungakhohlwa ukunikeza umbono wakho ngesihloko sanamuhla, ngokuphawula. Futhi uma ukuthandile lokhu okuthunyelwe, ungayeki ukuwabelana nabanye. Futhi, khumbula vakashela ikhasi lethu lasekhaya en «DesdeLinux» ukuhlola izindaba eziningi, futhi ujoyine isiteshi sethu esisemthethweni se I-Telegram ye DesdeLinux, ENtshonalanga iqembu ukuze uthole ulwazi olwengeziwe ngesihloko sanamuhla.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.