Ready to Start Your Career?
January 1, 2016
Linux - Unix Security Auditing Tools
January 1, 2016
**LUNAR**Lockdown UNix Auditing and Reporting Introduction This scripts generates a scored audit report of a Unix host's security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in the code documentation. Why a shell script? I wanted a tool that was able to run on locked down systems where other tools may not be available. I also wanted a tool that ran on all versions of UNIX. Having said that there are some differences between sh and bash, so I've used functions only from sh. There is no warranty implied or given with this script. My recommendation is to use this script in audit mode only, and address each warning individually via policy, documentation and configuration management. It can also can perform a lockdown. Unlike some other scripts I have added capability to backout changes. Files are backed up using cpio to a directory based on the date. Although it can perform a lockdown, as previously stated, I'd recommend you address the warnings via policy, documentation and configuration management. This is how I use the tool. The AWS Services audit only supports reporting, it does not provide lockdown capability. Supported Operating Systems The following Operating Systems are supported: Linux RHEL 5,6,7 Centos 5,6,7 Scientific Linux SLES 10,11,12 Debian Ubuntu Amazon Linux Solaris (6,7,8,9,10 and 11) Mac OS X FreeBSD (needs more testing) AIX (needs more testing) ESXi (initial support - some tests) Windows support would require the installation of additional software, so I haven't looked into it. Having said that, Windows support may come in the future via bash. Download: https://github.com/lateralblast/lunar **Lynis**Open source auditing Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners. It is also the client in our Lynis Enterprise offering. Supported operating systems Lynis runs on almost all UNIX-based systems and versions, including: AIX FreeBSD HP-UX Linux macOS NetBSD OpenBSD Solaris and others Download: https://cisofy.com/download/lynis/ Another tool: **Nix-Auditor**https://github.com/XalfiE/Nix-Auditor CIS Audit made easier (RHEL, CentOS) Usage: Make it executable Execute it. Enjoy!!