1、下载安装
打开/etc/yum.repos.d/cisofy-lynis.repo 文件,增加以下内容。
[lynis]
name=CISOfy Software - Lynis package
baseurl=https://packages.cisofy.com/community/lynis/rpm/
enabled=1
gpgkey=https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
gpgcheck=1
priority=2运行安装命令
[root@localhost yum.repos.d]# yum install lynis
已加载插件:fastestmirror
base | 3.6 kB 00:00:00
docker-ce-stable | 3.5 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
lynis | 2.5 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/8): docker-ce-stable/x86_64/primary_db | 52 kB 00:00:00
(2/8): epel/x86_64/group_gz | 95 kB 00:00:00
(3/8): lynis/primary_db | 9.0 kB 00:00:01
(4/8): epel/x86_64/updateinfo | 1.0 MB 00:00:05
(5/8): base/7/x86_64/primary_db | 6.1 MB 00:00:23
(6/8): epel/x86_64/primary_db | 6.9 MB 00:00:24
extras/7/x86_64/primary_db FAILED
http://mirrors.aliyuncs.com/centos/7/extras/x86_64/repodata/6de1755ab3e4e9bd0ee8ff31b6c979fe8a2e132b66629bf4b659b0a7878fe70f-primary.sqlite.bz2: [Errno 12] Timeout on http://mirrors.aliyuncs.com/centos/7/extras/x86_64/repodata/6de1755ab3e4e9bd0ee8ff31b6c979fe8a2e132b66629bf4b659b0a7878fe70f-primary.sqlite.bz2: (28, 'Connection timed out after 30000 milliseconds')
正在尝试其它镜像。
extras/7/x86_64/primary_db FAILED
http://mirrors.cloud.aliyuncs.com/centos/7/extras/x86_64/repodata/6de1755ab3e4e9bd0ee8ff31b6c979fe8a2e132b66629bf4b659b0a7878fe70f-primary.sqlite.bz2: [Errno 14] curl#6 - "Could not resolve host: mirrors.cloud.aliyuncs.com; Name or service not known"
正在尝试其它镜像。
(7/8): extras/7/x86_64/primary_db | 222 kB 00:00:00
updates/7/x86_64/primary_db FAILED
http://mirrors.aliyuncs.com/centos/7/updates/x86_64/repodata/54834ed57c7c2b0259f68aa900001055256475f9349907045268aacc586f0875-primary.sqlite.bz2: [Errno 12] Timeout on http://mirrors.aliyuncs.com/centos/7/updates/x86_64/repodata/54834ed57c7c2b0259f68aa900001055256475f9349907045268aacc586f0875-primary.sqlite.bz2: (28, 'Connection timed out after 30001 milliseconds')
正在尝试其它镜像。
(8/8): updates/7/x86_64/primary_db | 4.7 MB 00:00:08
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
正在解决依赖关系
--> 正在检查事务
---> 软件包 lynis.noarch.0.3.0.2-100 将被 安装
--> 解决依赖关系完成
依赖关系解决
=================================================================================================================================================================================================================================================
Package 架构 版本 源 大小
=================================================================================================================================================================================================================================================
正在安装:
lynis noarch 3.0.2-100 lynis 322 k
事务概要
=================================================================================================================================================================================================================================================
安装 1 软件包
总下载量:322 k
安装大小:1.6 M
Is this ok [y/d/N]: y
Downloading packages:
警告:/var/cache/yum/x86_64/7/lynis/packages/lynis-3.0.2-100.noarch.rpm: 头V3 RSA/SHA1 Signature, 密钥 ID 0acf951b: NOKEY================================================================== ] 215 kB/s | 256 kB 00:00:00 ETA
lynis-3.0.2-100.noarch.rpm 的公钥尚未安装
lynis-3.0.2-100.noarch.rpm | 322 kB 00:00:02
从 https://packages.cisofy.com/keys/cisofy-software-rpms-public.key 检索密钥
导入 GPG key 0x0ACF951B:
用户ID : "CISOfy Software RPMs (signed software packages) <software-rpms@cisofy.com>"
指纹 : 9146 ce61 dd17 4fb3 02c9 90a9 8246 12e2 0acf 951b
来自 : https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
是否继续?[y/N]:y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : lynis-3.0.2-100.noarch 1/1
验证中 : lynis-3.0.2-100.noarch 1/1
已安装:
lynis.noarch 0:3.0.2-100
完毕!2、扫描
查看帮助
[root@localhost yum.repos.d]# lynis -h
[ Lynis 3.0.2 ]
################################################################################
Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
welcome to redistribute it under the terms of the GNU General Public License.
See the LICENSE file for details about using this software.
2007-2020, CISOfy - https://cisofy.com/lynis/
Enterprise support available (compliance, plugins, interface and tools)
################################################################################
[+] Initializing program
------------------------------------
Usage: lynis command [options]
Command:
audit
audit system : Perform local security scan
audit system remote <host> : Remote security scan
audit dockerfile <file> : Analyze Dockerfile
show
show : Show all commands
show version : Show Lynis version
show help : Show help
update
update info : Show update details
Options:
Alternative system audit modes
--forensics : Perform forensics on a running or mounted system
--pentest : Non-privileged, show points of interest for pentesting
Layout options
--no-colors : Don't use colors in output
--quiet (-q) : No output
--reverse-colors : Optimize color display for light backgrounds
--reverse-colours : Optimize colour display for light backgrounds
Misc options
--debug : Debug logging to screen
--no-log : Don't create a log file
--profile <profile> : Scan the system with the given profile file
--view-manpage (--man) : View man page
--verbose : Show more details on screen
--version (-V) : Display version number and quit
--wait : Wait between a set of tests
--slow-warning <seconds> : Threshold for slow test warning in seconds (default 10)
Enterprise options
--plugindir <path> : Define path of available plugins
--upload : Upload data to central node
More options available. Run '/usr/bin/lynis show options', or use the man page.执行扫描
[root@localhost /]# lynis audit system
[ Lynis 3.0.2 ]
################################################################################
Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
welcome to redistribute it under the terms of the GNU General Public License.
See the LICENSE file for details about using this software.
2007-2020, CISOfy - https://cisofy.com/lynis/
Enterprise support available (compliance, plugins, interface and tools)
################################################################################
[+] Initializing program
------------------------------------
- Detecting OS... [ DONE ]
- Checking profiles... [ DONE ]
- Detecting language and localization [ zh ]
Notice: no language file found for 'zh' (tried: /usr/share/lynis/db/languages/zh)
......
扫一扫
780
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
