Lynis v1.2.8 released

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

JPEG - 37.9 kb

Version 1.2.8 (2009-12-08)

New:

  • Squid support added
  • Squid daemon detection [SQD-3602]
  • Squid configuration file search [SQD-3604]
  • Squid version detection [SQD-3606]
  • Check /etc/motd banner [BANN-7122]
  • Check /etc/issue.net file [BANN-7128]
  • Check contents in /etc/issue.net [BANN-7130]
  • Solaris single user mode login check (/etc/default/sulogin) [AUTH-9304]
  • HP-UX boot authentication check [AUTH-9306]
  • Linux single user mode authentication check [AUTH-9308]
  • Solaris account locking policy check [AUTH-9340]

Changes:

  • Added prerequisite to SSH test, so the test is skipped properly [SSH-7440]
  • Check for /etc/issue symlink [BANN-7124]
  • Added file check for possible harmful shells found [AUTH-9218]
  • Add user home directories to report [HOME-9302]
  • Extended Linux run level test with support for Debian/Ubuntu [KRNL-5622]
  • Added /lib64/security to PAM test [AUTH-9262]
  • Extended security repository check [PKGS-7388]
  • Iptables check should not check for a module in a Linux config [FIRE-4511]
  • Ignore APC ups daemon when scanning for CUPS [PRNT-2304]
  • Improved kernel logger daemon check [LOGG-2138]
  • Added auditctl to binary check [ACCT-9630]
  • Log used auditd ruleset [ACCT-9630]
  • Corrected logging of Solaris c2audit module [ACCT-9656]
  • Fixed warning function for Solaris passwordless accounts [AUTH-9254]
  • Commented kern.randompid in default profile
  • For sysctl the parameter -n will be used on Linux systems
  • Changed syslog daemon detection and state
  • Extended report file

More information: here