Bii o ṣe le Ṣatunwo Aabo ti Eto Linux Lilo Ọpa Lynis

Lynis jẹ orisun ṣiṣi ati irinṣẹ ṣiṣatunwo ti o lagbara pupọ fun awọn ẹrọ ṣiṣe bii Unix/Linux. O ṣe awari eto fun alaye aabo, alaye eto gbogbogbo, ti a fi sori ẹrọ ati alaye sọfitiwia ti o wa, awọn aṣiṣe iṣeto, awọn ọrọ aabo, awọn iroyin olumulo laisi ọrọ igbaniwọle kan, awọn igbanilaaye faili ti ko tọ, iṣayẹwo ogiriina, ati bẹbẹ lọ.

Lynis jẹ ọkan ninu awọn irinṣẹ iṣatunṣe adaṣe adaṣe ti a gbẹkẹle julọ fun iṣakoso alemo sọfitiwia, ọlọjẹ malware, ati wiwa iṣegiri ni awọn eto ipilẹ Unix/Linux. Ọpa yii wulo fun awọn aṣayẹwo, nẹtiwọọki ati awọn alakoso eto, awọn amoye aabo, ati awọn oluyẹwo ilaluja.

Niwọn bi Lynis ṣe rọ, o ti lo fun ọpọlọpọ awọn idi oriṣiriṣi ti o ni:

• Iṣatunwo aabo
• Idanwo ibamu
• Idanwo ilaluja
Iwari wiwa Ailera
• Eto lile

Ẹya tuntun pataki ti Lynis 3.0.4 ti tu silẹ, lẹhin awọn oṣu ti idagbasoke, eyiti o wa pẹlu diẹ ninu awọn ẹya ati awọn idanwo tuntun, ati ọpọlọpọ awọn ilọsiwaju kekere. Mo gba gbogbo awọn olumulo Lainos niyanju lati ṣe idanwo ati igbesoke si ẹya tuntun ti Lynis yii.

Ninu nkan yii, a yoo fi ọ han bi o ṣe le fi sori ẹrọ Lynis 3.0.4 (Ọpa Auditing Linux) ninu awọn eto Linux nipa lilo awọn faili tarball orisun.

Jọwọ Ka Tun:

• Fi Aabo ConfigServer & Firewall (CSF)
sii
• Fi Linux Rkhunter sii (Rootkit Hunter)
• Fi Iwari Malware Linux (LMD)
sii

Fifi sori ẹrọ ti Lynis ni Lainos

Fifi Lynis sori ẹrọ nipasẹ oluṣakoso package eto jẹ ọkan ninu awọn ọna ti o rọrun julọ lati bẹrẹ pẹlu Lynis. Lati fi sori ẹrọ Lynis lori pinpin rẹ, tẹle awọn itọnisọna ni isalẹ.

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C80E383C3DE9F082E01391A0366C67DE91CA5D5F
$ sudo apt install apt-transport-https
$ echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list
$ apt update
$ apt install lynis
$ lynis show version

# yum update ca-certificates curl nss openssl
# cat >/etc/yum.repos.d/cisofy-lynis.repo <<EOL
[lynis]
name=CISOfy Software - Lynis package
baseurl=https://packages.cisofy.com/community/lynis/rpm/
enabled=1
gpgkey=https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
gpgcheck=1
priority=2
EOL

# yum makecache fast
# yum install lynis

$ sudo rpm --import https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
$ sudo zypper addrepo --gpgcheck --name "CISOfy Lynis repository" --priority 1 --refresh --type rpm-md https://packages.cisofy.com/community/lynis/rpm/ lynis
$ sudo zypper repos
$ sudo zypper refresh
$ sudo zypper install lynis

Fifi sori ẹrọ ti Lynis Lilo Orisun

Ti o ko ba fẹ fi sori ẹrọ Lynis, o le ṣe igbasilẹ faili orisun ati ṣiṣe ni taara lati eyikeyi itọsọna. Nitorinaa, o jẹ imọran ti o dara lati ṣẹda itọsọna aṣa fun Lynis labẹ /usr/local/lynis .

# mkdir /usr/local/lynis

Ṣe igbasilẹ ẹya iduroṣinṣin ti awọn faili orisun Lynis lati oju opo wẹẹbu ti o gbẹkẹle nipa lilo aṣẹ oda bi a ṣe han ni isalẹ.

# cd /usr/local/lynis
# wget https://downloads.cisofy.com/lynis/lynis-3.0.4.tar.gz

Bọ bọọlu afẹsẹgba naa kuro

# tar -xvf lynis-3.0.4.tar.gz

Ṣiṣe ati Lilo Awọn ipilẹ Lynis

O gbọdọ jẹ olumulo gbongbo lati ṣiṣẹ Lynis nitori pe o ṣẹda ati kikọ iwejade si /var/log/lynis.log faili. Lati ṣiṣe Lynis ṣiṣẹ pipaṣẹ atẹle.

# cd lynis
# ./lynis

Nipa ṣiṣe ./lynis laisi eyikeyi aṣayan, yoo pese fun ọ ni atokọ pipe ti awọn ipele ti o wa ati pada si ikarahun ikarahun. Wo nọmba rẹ ni isalẹ.

Lati bẹrẹ ilana Lynis, o gbọdọ ṣalaye a eto iṣatunwo paramita lati bẹrẹ ṣayẹwo gbogbo eto Linux rẹ. Lo aṣẹ atẹle lati bẹrẹ ọlọjẹ pẹlu awọn ipilẹ bi a ṣe han ni isalẹ.

# ./lynis audit system
Or
# lynis audit system

Ni ẹẹkan, o ṣiṣẹ aṣẹ ti o wa loke yoo bẹrẹ si ṣayẹwo eto rẹ ki o beere lọwọ rẹ lati tẹ [Tẹ] lati tẹsiwaju, tabi [CTRL] + C lati da) gbogbo ilana ti o ṣe awari ati pari. Wo sikirinifoto ti o so ni isalẹ.

Ṣiṣẹda Lynis Cronjobs

Ti o ba fẹ lati ṣẹda iroyin ọlọjẹ ojoojumọ ti eto rẹ, lẹhinna o nilo lati ṣeto iṣẹ cron kan fun rẹ. Ṣiṣe aṣẹ wọnyi ni ikarahun naa.

# crontab -e

Ṣafikun iṣẹ cron atẹle pẹlu aṣayan --cronjob gbogbo awọn ohun kikọ pataki yoo jẹ aifọwọyi lati iṣẹjade ati ọlọjẹ naa yoo ṣiṣẹ adaṣe patapata.

30	22	*	*	*	root    /path/to/lynis -c -Q --auditor "automated" --cronjob

Iṣẹ cron ti o wa loke yoo ṣiṣẹ lojoojumọ ni 10: 30 pm ni alẹ ati ṣẹda iroyin ojoojumọ labẹ faili /var/log/lynis.log .

Awọn abajade Ṣiṣayẹwo Lynis

Lakoko ti o ṣe ọlọjẹ iwọ yoo wo iṣẹjade bi [O DARA] tabi [IKILỌ]. Nibiti [O DARA] ṣe akiyesi abajade to dara ati [IKILỌ] bi buburu. Ṣugbọn ko tumọ si pe abajade [O DARA] ti tunto ni deede ati [IKILỌ] ko ni lati buru. O yẹ ki o ṣe awọn igbesẹ atunse lati ṣatunṣe awọn ọran wọnyẹn lẹhin kika awọn àkọọlẹ ni /var/log/lynis.log .

Ni ọpọlọpọ awọn ọran, ọlọjẹ n pese awọn didaba lati ṣatunṣe awọn iṣoro ni opin ọlọjẹ naa. Wo nọmba ti a so ti o pese atokọ awọn didaba lati ṣatunṣe awọn iṣoro.

Nmu Lynis ṣiṣẹ

Ti o ba fẹ ṣe imudojuiwọn tabi igbesoke ti ẹya lynis lọwọlọwọ, tẹ iru aṣẹ wọnyi ni yoo gba lati ayelujara ati fi sori ẹrọ ẹya tuntun ti lynis.

# ./lynis update info         
Or
# lynis update info  

Wo iṣẹjade ti a so ti aṣẹ loke ni eeya. O sọ pe ẹya Lynis wa jẹ Ọjọ-si-ọjọ.

Awọn ipele Lynis

Diẹ ninu awọn ipilẹ Lynis fun itọkasi rẹ.

• eto iṣatunwo - Ṣe iṣatunwo eto kan.
• fihan awọn aṣẹ - Ṣafihan awọn aṣẹ Lynis to wa.
• fihan iranlọwọ - Pese iboju iranlọwọ kan.
• fihan awọn profaili - Han awọn profaili ti a ṣe awari.
• fihan awọn eto - Ṣe atokọ gbogbo awọn eto ti nṣiṣe lọwọ lati awọn profaili.
• ẹya ifihan - Han ẹya Lynis lọwọlọwọ.
• --cronjob : Nṣiṣẹ Lynis bi cronjob (pẹlu -c -Q).
• --help tabi -h : Ṣe afihan awọn iṣiro to wulo.
• --quick or -Q : Maṣe duro de ifitonileti olumulo, ayafi lori awọn aṣiṣe.
• - iyipada tabi -V : Awọn ẹya Lynis fihan.

Iyẹn ni, a nireti pe nkan yii yoo jẹ iranlọwọ pupọ lati ṣawari awọn ọrọ aabo ni ṣiṣe awọn eto Linux. Fun alaye diẹ sii ṣabẹwo si oju-iwe Lynis osise ni https://cisofy.com/download/lynis/.