Lynis - Hardening and auditing for Linux, Mac and Unix - NLUUG May 2014

•

May. 16, 2014

• •

NLUUG - Spring 2014 1
Lynis
Security Auditing and Hardening for Linux, Mac & Unix systems
Michael Boelen
Twitter @mboelen
...

2
Passion
http://en.wikipedia.org/wiki/File:Passiflora_Edulis_Open_Fruit2.jpg
What's yours?

3
whoami
Michael Boelen
◼ Open Source developer
◼ Author of Rootkit Hunter & Lynis
◼ Passion for auditing

Next SlideShares

Upcoming SlideShare

Linux Security Scanning with Lynis

Linux Security Scanning with Lynis

Loading in …3

×

Lynis - Hardening and auditing for Linux, Mac and Unix - NLUUG May 2014

May. 16, 2014

• •

Download to read offline

Software Technology

Presentation about Lynis, a tool to audit and harden Linux, Mac and Unix systems. In this presentation we compare a few methods to secure your systems. We take a look at Lynis and how it can provide a solution to a common problem of lacking compliance and security controls.

Providing companies a software solution to audit their systems (Linux, macOS, UNIX)

Presentation about Lynis, a tool to audit and harden Linux, Mac and Unix systems. In this presentation we compare a few methods to secure your systems. We take a look at Lynis and how it can provide a solution to a common problem of lacking compliance and security controls.

Software Technology

More Related Content

Hamlet's BlackBerry: A Practical Philosophy for Building a Good Life in the Digital Age William Powers

In the Plex: How Google Thinks, Works, and Shapes Our Lives Steven Levy

An Army of Davids: How Markets and Technology Empower Ordinary People to Beat Big Media, Big Government, and Other Goliaths Glenn Reynolds

World Wide Mind: The Coming Integration of Humanity, Machines, and the Internet Michael Chorost

Tubes: A Journey to the Center of the Internet Andrew Blum

Emergence: The Connected Lives of Ants, Brains, Cities, and Software Steven Johnson

The Impulse Economy: Understanding Mobile Shoppers and What Makes Them Buy Gary Schwartz

Blog Schmog: The Truth About What Blogs Can (and Can't) Do for Your Business Robert W. Bly

The End of Business As Usual: Rewire the Way You Work to Succeed in the Consumer Revolution Brian Solis

Socialnomics: How Social Media Transforms the Way We Live and Do Business Erik Qualman

The Nature of the Future: Dispatches from the Socialstructed World Marina Gorbis

Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live Jeff Jarvis

Talking Back to Facebook: The Common Sense Guide to Raising Kids in the Digital Age James P. Steyer

The Thank You Economy Gary Vaynerchuk

Autonomy: The Quest to Build the Driverless Car—And How It Will Reshape Our World Lawrence D. Burns

No Filter: The Inside Story of Instagram Sarah Frier

Spooked: The Trump Dossier, Black Cube, and the Rise of Private Spies Barry Meier

Second Nature: Scenes from a World Remade Nathaniel Rich

An Ugly Truth: Inside Facebook’s Battle for Domination Sheera Frenkel

A Brief History of Motion: From the Wheel, to the Car, to What Comes Next Tom Standage

Liftoff: Elon Musk and the Desperate Early Days That Launched SpaceX Eric Berger

The Science of Time Travel: The Secrets Behind Time Machines, Time Loops, Alternate Realities, and More! Elizabeth Howell

If Then: How the Simulmatics Corporation Invented the Future Jill Lepore

The Wires of War: Technology and the Global Struggle for Power Jacob Helberg

System Error: Where Big Tech Went Wrong and How We Can Reboot Rob Reich

The Quiet Zone: Unraveling the Mystery of a Town Suspended in Silence Stephen Kurczy

The Players Ball: A Genius, a Con Man, and the Secret History of the Internet's Rise David Kushner

Bitcoin Billionaires: A True Story of Genius, Betrayal, and Redemption Ben Mezrich

A World Without Work: Technology, Automation, and How We Should Respond Daniel Susskind

Blockchain: The Next Everything Stephen P. Williams

Uncanny Valley: A Memoir Anna Wiener

Lean Out: The Truth About Women, Power, and the Workplace Marissa Orr

Lynis - Hardening and auditing for Linux, Mac and Unix - NLUUG May 2014

1. NLUUG - Spring 2014 1 Lynis Security Auditing and Hardening for Linux, Mac & Unix systems Michael Boelen Twitter @mboelen Google+ +MichaelBoelen Web http://cisofy.com
2. 2 Passion http://en.wikipedia.org/wiki/File:Passiflora_Edulis_Open_Fruit2.jpg What's yours?
3. 3 whoami Michael Boelen ◼ Open Source developer ◼ Author of Rootkit Hunter & Lynis ◼ Passion for auditing
4. 4 The Problem Auditing and Hardening.. ◼ A lot of work! ◼ Not that interesting, right? ◼ And.. prone to errors
5. 5 Solutions Options ◼ Guides ◼ SCAP ◼ Tools
6. 6 Benchmarks / Guides Pros ◼ Free to use ◼ Extensive information Cons ◼ Time intensive ◼ Usually no tooling ◼ Limited distributions ◼ Delayed releases
7. 7 SCAP Pros ◼ Free to use ◼ Focused on automation Cons ◼ Limited distributions ◼ Easy of use ◼ Lacking documentation or already outdated
8. 8 Lynis
9. 9 Lynis Benefits ● Easy to implement ● Quick results ● Focus on automation ● In-depth auditing
10. 10 Lynis 2007 ◼ Quality of existing tools ◼ Efficiency of work
11. 11 Lynis+ 2014 ◼ New website ◼ Documentation refresh ◼ Lynis controls online ◼ Enterprise support ◼ Plugins
12. 12 Demo
13. 13 Lynis++ DoneDone ● Website ● Documentation ● Lynis controls online ● Enterprise support ● Plugins NewNew ● In-depth reports ● Hardening automation ● Intrusion detection ● Performance tuning ● Compliance checking ● (Forensics) ● (Malware)
14. 14 Questions? There is more..
15. 15 Demo 2
16. 16 Thank You ● Try Lynis ● Share open source Twitter @mboelen Google+ +MichaelBoelen Web http://cisofy.com
17. 17