Комментарии:
I just heard about this tool on the enterprise linux security podcast, and man this looks like a awesome tool I wish I knew about earlier.
I'll be running it on my servers as a way of double checking my work, you can never be too sure.
well this just brought up a million questions, hope you have the million videos to answer these questions, some I'm sure I can find like how to enable secure boot, but all those [unsafe] in Systemd may be a little more difficult to solve, maybe not and tons of other things , well I guess I found something to both learn and keep me busy.
I got a 64 on Ubuntu 21.10, we'll see if I can raise that
Ok well I don't need to worry about secure boot, and maybe this isn't as hard or as bad as I thought. I would think 64 is a low score, but what do I know, lol
Score 82 on Fedora
ОтветитьWould be great if there was a dektop version as many recommendations for server would not apply to normal desktop users.
Ответитьis there any automated script that will.... just do what lyns is showing to do? ;)
ОтветитьLynis tech tips?
ОтветитьWhat about locking down SSH in Proxmox? I've been reading that it's not recommended because it performs several functions through SSH, like backups for example. What is your recommendation? Thanks
ОтветитьOS: Debian 10 Buster
Lynis security scan details:
Hardening index : 61 [############ ]
Tests performed : 248
Plugins enabled : 1
Components:
- Firewall [V]
- Malware scanner [V]
Lynis Modules:
- Compliance Status [?]
- Security Audit [V]
- Vulnerability Scan [V]
My hardening index is already growing just watching this.
ОтветитьI thought Linux was safe by default? Now I need the same kind of tool that I need on Windows? Seriously?
Ответить"Linis" in the Philippine language called Tagalog, means "clean" :)
ОтветитьHello Jay,
Can you make a video on Amavis ?
I hope it would be really helpful.
Hi jay how did you get a domain name for your linode server ??
ОтветитьMuch better than just getting CVS numbers from nmap .
I increased my home server’s rating 10 points in 15 minutes . More hardening will take some research and time.
I don’t know how much of a real difference it makes but every little bit helps .
Thank you for this video. I am trying it now.
ОтветитьI ran it on my AlmaLinux (Electric Cheetah) and got a score of 67 pretty impressive consider I have not done much to secure it. This server is really only a test server to check out new apps like this i do have a malware scanner running its the one you did a video on a while back. I have been using and or playing with Linux since 2007 but never went to deeply into really learning it like I should for work. Most of my distros have been Red-hat based linux.
ОтветитьWhat is the difference of Lynis to tiger?
ОтветитьSuper introduction! Have you tried it on a TrueNAS Scale host? If not, would you care to in the future? I'm unfortunately not knowledgeable to be sure if I tried myself.
ОтветитьAny partir reason why you use sudo su instead of sudo -i?
ОтветитьOn open SUSE Leap 15.3 hardening index 94, but after a fresh install, it is 69.
ОтветитьGreat tool I will definitely try it later. But, I think what is missing here is the other half of the equation, now that I've identified the issues what tools do I use to resolved them.
I don' think installing manually all the suggestion would be fine. Therefore, what tool can we use to complement Lynis?.
Thanks in advance.
👍👍👍👍👍THANK You Jay!!!
Great tool. Will get it on my Linux "Desktop". Should be a great place to start hardening my systems.
Might hv 1 or 2 lab servers to harden, they are seldom power-up.
Glad tt I hv subscribed to your channel.
Once again, thank you.
Thanks Jay... I got a 64 on my Ubuntu server and 62 on my EndeavourOS desktop,,, :)
LLAP
Ha ha, my debian sid machine gets 90 updates a week, it's impossible to keep it up to date. (It's our experimental, on-prem minecraft-only server, so no big deal.)
ОтветитьLynis Tech Tips
Ответить64 on debian
ОтветитьI ran it a few weeks ago on my Arch install and got a 65 score.
ОтветитьThanks for sharing, 62 on Manjaro PC
ОтветитьI have the most secure server, it's 100% offline :)
ОтветитьAnother tool I wasn't familiar with. Security isn't my job, but it's always been an interest for me, but with limited time to learn much. I can see I'll be spending my holidays learning about what I need to do to lock down my boxes. :)
Ответить66 on my CentOS web server. Nice suggestion!
ОтветитьUseful video. I scored 65 on an Ubuntu 21.10 Desktop. What amazed me is, that more than half the systemd services are considered: unsafe. And the lynis.service is considered very unsafe with a 9.6 out of 10 score in systemd-analyze security. The best systemd services are medium safe with a score of 6.x.
ОтветитьThanks for the video! Keep up the great work!
Ответить66 on an Arch desktop. Love the tool. Thanks, Jay
Ответитьnice. thanks
Ответить