Bii o ṣe le Ṣatunwo Aabo ti Eto Linux Lilo Ọpa Lynis
Lynis jẹ orisun ṣiṣi ati irinṣẹ ṣiṣatunwo ti o lagbara pupọ fun awọn ẹrọ ṣiṣe bii Unix/Linux. O ṣe awari eto fun alaye aabo, alaye eto gbogbogbo, ti a fi sori ẹrọ ati alaye sọfitiwia ti o wa, awọn aṣiṣe iṣeto, awọn ọrọ aabo, awọn iroyin olumulo laisi ọrọ igbaniwọle kan, awọn igbanilaaye faili ti ko tọ, iṣayẹwo ogiriina, ati bẹbẹ lọ.
Lynis jẹ ọkan ninu awọn irinṣẹ iṣatunṣe adaṣe adaṣe ti a gbẹkẹle julọ fun iṣakoso alemo sọfitiwia, ọlọjẹ malware, ati wiwa iṣegiri ni awọn eto ipilẹ Unix/Linux. Ọpa yii wulo fun awọn aṣayẹwo, nẹtiwọọki ati awọn alakoso eto, awọn amoye aabo, ati awọn oluyẹwo ilaluja.
Niwọn bi Lynis ṣe rọ, o ti lo fun ọpọlọpọ awọn idi oriṣiriṣi ti o ni:
- Iṣatunwo aabo
- Idanwo ibamu
- Idanwo ilaluja Iwari wiwa Ailera
- Eto lile
Ẹya tuntun pataki ti Lynis 3.0.4 ti tu silẹ, lẹhin awọn oṣu ti idagbasoke, eyiti o wa pẹlu diẹ ninu awọn ẹya ati awọn idanwo tuntun, ati ọpọlọpọ awọn ilọsiwaju kekere. Mo gba gbogbo awọn olumulo Lainos niyanju lati ṣe idanwo ati igbesoke si ẹya tuntun ti Lynis yii.
Ninu nkan yii, a yoo fi ọ han bi o ṣe le fi sori ẹrọ Lynis 3.0.4 (Ọpa Auditing Linux) ninu awọn eto Linux nipa lilo awọn faili tarball orisun.
Jọwọ Ka Tun:
- Fi Aabo ConfigServer & Firewall (CSF) sii
- Fi Linux Rkhunter sii (Rootkit Hunter)
- Fi Iwari Malware Linux (LMD) sii
Fifi sori ẹrọ ti Lynis ni Lainos
Fifi Lynis sori ẹrọ nipasẹ oluṣakoso package eto jẹ ọkan ninu awọn ọna ti o rọrun julọ lati bẹrẹ pẹlu Lynis. Lati fi sori ẹrọ Lynis lori pinpin rẹ, tẹle awọn itọnisọna ni isalẹ.
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C80E383C3DE9F082E01391A0366C67DE91CA5D5F $ sudo apt install apt-transport-https $ echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list $ apt update $ apt install lynis $ lynis show version
# yum update ca-certificates curl nss openssl # cat >/etc/yum.repos.d/cisofy-lynis.repo <<EOL [lynis] name=CISOfy Software - Lynis package baseurl=https://packages.cisofy.com/community/lynis/rpm/ enabled=1 gpgkey=https://packages.cisofy.com/keys/cisofy-software-rpms-public.key gpgcheck=1 priority=2 EOL # yum makecache fast # yum install lynis
$ sudo rpm --import https://packages.cisofy.com/keys/cisofy-software-rpms-public.key $ sudo zypper addrepo --gpgcheck --name "CISOfy Lynis repository" --priority 1 --refresh --type rpm-md https://packages.cisofy.com/community/lynis/rpm/ lynis $ sudo zypper repos $ sudo zypper refresh $ sudo zypper install lynis
Fifi sori ẹrọ ti Lynis Lilo Orisun
Ti o ko ba fẹ fi sori ẹrọ Lynis, o le ṣe igbasilẹ faili orisun ati ṣiṣe ni taara lati eyikeyi itọsọna. Nitorinaa, o jẹ imọran ti o dara lati ṣẹda itọsọna aṣa fun Lynis labẹ /usr/local/lynis
.
# mkdir /usr/local/lynis
Ṣe igbasilẹ ẹya iduroṣinṣin ti awọn faili orisun Lynis lati oju opo wẹẹbu ti o gbẹkẹle nipa lilo aṣẹ oda bi a ṣe han ni isalẹ.
# cd /usr/local/lynis # wget https://downloads.cisofy.com/lynis/lynis-3.0.4.tar.gz
Bọ bọọlu afẹsẹgba naa kuro
# tar -xvf lynis-3.0.4.tar.gz
Ṣiṣe ati Lilo Awọn ipilẹ Lynis
O gbọdọ jẹ olumulo gbongbo lati ṣiṣẹ Lynis nitori pe o ṣẹda ati kikọ iwejade si /var/log/lynis.log
faili. Lati ṣiṣe Lynis ṣiṣẹ pipaṣẹ atẹle.
# cd lynis # ./lynis
Nipa ṣiṣe ./lynis
laisi eyikeyi aṣayan, yoo pese fun ọ ni atokọ pipe ti awọn ipele ti o wa ati pada si ikarahun ikarahun. Wo nọmba rẹ ni isalẹ.
Lati bẹrẹ ilana Lynis, o gbọdọ ṣalaye a eto iṣatunwo
paramita lati bẹrẹ ṣayẹwo gbogbo eto Linux rẹ. Lo aṣẹ atẹle lati bẹrẹ ọlọjẹ pẹlu awọn ipilẹ bi a ṣe han ni isalẹ.
# ./lynis audit system Or # lynis audit system
Ni ẹẹkan, o ṣiṣẹ aṣẹ ti o wa loke yoo bẹrẹ si ṣayẹwo eto rẹ ki o beere lọwọ rẹ lati tẹ [Tẹ] lati tẹsiwaju, tabi [CTRL] + C lati da) gbogbo ilana ti o ṣe awari ati pari. Wo sikirinifoto ti o so ni isalẹ.
Ṣiṣẹda Lynis Cronjobs
Ti o ba fẹ lati ṣẹda iroyin ọlọjẹ ojoojumọ ti eto rẹ, lẹhinna o nilo lati ṣeto iṣẹ cron kan fun rẹ. Ṣiṣe aṣẹ wọnyi ni ikarahun naa.
# crontab -e
Ṣafikun iṣẹ cron atẹle pẹlu aṣayan --cronjob
gbogbo awọn ohun kikọ pataki yoo jẹ aifọwọyi lati iṣẹjade ati ọlọjẹ naa yoo ṣiṣẹ adaṣe patapata.
30 22 * * * root /path/to/lynis -c -Q --auditor "automated" --cronjob
Iṣẹ cron ti o wa loke yoo ṣiṣẹ lojoojumọ ni 10: 30 pm ni alẹ ati ṣẹda iroyin ojoojumọ labẹ faili /var/log/lynis.log
.
Awọn abajade Ṣiṣayẹwo Lynis
Lakoko ti o ṣe ọlọjẹ iwọ yoo wo iṣẹjade bi [O DARA] tabi [IKILỌ]. Nibiti [O DARA] ṣe akiyesi abajade to dara ati [IKILỌ] bi buburu. Ṣugbọn ko tumọ si pe abajade [O DARA] ti tunto ni deede ati [IKILỌ] ko ni lati buru. O yẹ ki o ṣe awọn igbesẹ atunse lati ṣatunṣe awọn ọran wọnyẹn lẹhin kika awọn àkọọlẹ ni /var/log/lynis.log
.
Ni ọpọlọpọ awọn ọran, ọlọjẹ n pese awọn didaba lati ṣatunṣe awọn iṣoro ni opin ọlọjẹ naa. Wo nọmba ti a so ti o pese atokọ awọn didaba lati ṣatunṣe awọn iṣoro.
Nmu Lynis ṣiṣẹ
Ti o ba fẹ ṣe imudojuiwọn tabi igbesoke ti ẹya lynis lọwọlọwọ, tẹ iru aṣẹ wọnyi ni yoo gba lati ayelujara ati fi sori ẹrọ ẹya tuntun ti lynis.
# ./lynis update info Or # lynis update info
Wo iṣẹjade ti a so ti aṣẹ loke ni eeya. O sọ pe ẹya Lynis wa jẹ Ọjọ-si-ọjọ.
Awọn ipele Lynis
Diẹ ninu awọn ipilẹ Lynis fun itọkasi rẹ.
- eto iṣatunwo - Ṣe iṣatunwo eto kan.
- fihan awọn aṣẹ - Ṣafihan awọn aṣẹ Lynis to wa.
- fihan iranlọwọ - Pese iboju iranlọwọ kan.
- fihan awọn profaili - Han awọn profaili ti a ṣe awari.
- fihan awọn eto - Ṣe atokọ gbogbo awọn eto ti nṣiṣe lọwọ lati awọn profaili.
- ẹya ifihan - Han ẹya Lynis lọwọlọwọ.
-
--cronjob
: Nṣiṣẹ Lynis bi cronjob (pẹlu -c -Q). -
--help tabi -h
: Ṣe afihan awọn iṣiro to wulo. -
--quick or -Q
: Maṣe duro de ifitonileti olumulo, ayafi lori awọn aṣiṣe. -
- iyipada tabi -V
: Awọn ẹya Lynis fihan.
Iyẹn ni, a nireti pe nkan yii yoo jẹ iranlọwọ pupọ lati ṣawari awọn ọrọ aabo ni ṣiṣe awọn eto Linux. Fun alaye diẹ sii ṣabẹwo si oju-iwe Lynis osise ni https://cisofy.com/download/lynis/.