lynis - hardening and auditing for linux, mac and unix - nluug may 2014
DESCRIPTION
Presentation about Lynis, a tool to audit and harden Linux, Mac and Unix systems. In this presentation we compare a few methods to secure your systems. We take a look at Lynis and how it can provide a solution to a common problem of lacking compliance and security controls.TRANSCRIPT
NLUUG - Spring 2014 1
Lynis
Security Auditing and Hardening for Linux, Mac & Unix systems
Michael Boelen
Twitter @mboelenGoogle+ +MichaelBoelenWeb http://cisofy.com
2
Passion
http://en.wikipedia.org/wiki/File:Passiflora_Edulis_Open_Fruit2.jpg
What's yours?
3
whoami
Michael Boelen
◼ Open Source developer◼ Author of Rootkit Hunter & Lynis◼ Passion for auditing
4
The Problem
Auditing and Hardening..
◼ A lot of work!◼ Not that interesting, right?◼ And.. prone to errors
5
Solutions
Options
◼ Guides◼ SCAP◼ Tools
6
Benchmarks / Guides
Pros
◼ Free to use◼ Extensive information
Cons
◼ Time intensive◼ Usually no tooling◼ Limited distributions◼ Delayed releases
7
SCAP
Pros
◼ Free to use◼ Focused on automation
Cons
◼ Limited distributions◼ Easy of use◼ Lacking documentation or
already outdated
8
Lynis
9
Lynis
Benefits
● Easy to implement● Quick results● Focus on automation● In-depth auditing
10
Lynis
2007
◼ Quality of existing tools◼ Efficiency of work
11
Lynis+
2014
◼ New website◼ Documentation refresh◼ Lynis controls online◼ Enterprise support◼ Plugins
12
Demo
13
Lynis++
DoneDone
● Website● Documentation● Lynis controls online● Enterprise support● Plugins
NewNew● In-depth reports● Hardening automation● Intrusion detection● Performance tuning● Compliance checking● (Forensics)● (Malware)
14
Questions?
There is more..
15
Demo 2
16
Thank You
● Try Lynis● Share open source
Twitter @mboelenGoogle+ +MichaelBoelenWeb http://cisofy.com
17