An Sakin Lynis 2.5.5 - Tsaro na Tsaro da Kayan Aiki don Tsarin Linux

Lynis buɗaɗɗen tushe ne kuma kayan aikin dubawa mai ƙarfi don tsarin aiki kamar Unix/Linux. Yana bincika tsarin don bayanan tsaro, bayanan tsarin gabaɗaya, shigarwa kuma akwai bayanan software, kurakuran daidaitawa, batutuwan tsaro, asusun mai amfani ba tare da kalmar sirri ba, izinin fayil ɗin kuskure, duba bangon wuta, da sauransu.

Lynis yana ɗaya daga cikin amintattun kayan aikin tantancewa ta atomatik don sarrafa facin software, bincikar malware, da gano lahani a cikin tsarin tushen Unix/Linux. Wannan kayan aikin yana da amfani ga masu dubawa, cibiyar sadarwa da masu gudanar da tsarin, ƙwararrun tsaro, da masu gwajin shiga.

Tun da Lynis yana da sassauƙa, ana amfani dashi don dalilai daban-daban waɗanda suka haɗa da:

  • Binciken tsaro
  • Gwajin bin ka'ida
  • Gwajin shigar ciki
  • Gano rashin lahani
  • Tsarin tsarin

An fito da sabon babban nau'in Lynis 3.0.4, bayan watanni na haɓakawa, wanda ya zo tare da wasu sabbin abubuwa da gwaje-gwaje, da ƙananan haɓakawa da yawa. Ina ƙarfafa duk masu amfani da Linux don gwadawa da haɓaka zuwa wannan sabon sigar Lynis.

A cikin wannan labarin, za mu nuna muku yadda ake shigar da Lynis 3.0.4 (Linux Auditing Tool) a cikin tsarin Linux ta amfani da fayilolin tarball na tushen.

Da fatan za a karanta kuma :

  • Shigar da Tsaro na ConfigServer & Firewall (CSF)
  • Shigar Linux Rkhunter (Rootkit Hunter)
  • Shigar Linux Malware Detect (LMD)

Shigar da Lynis a cikin Linux

Shigar da Lynis ta hanyar mai sarrafa fakitin tsarin shine ɗayan mafi sauƙi hanyoyin don farawa da Lynis. Don shigar da Lynis akan rarraba ku, bi umarnin da ke ƙasa.

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C80E383C3DE9F082E01391A0366C67DE91CA5D5F
$ sudo apt install apt-transport-https
$ echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list
$ apt update
$ apt install lynis
$ lynis show version

# yum update ca-certificates curl nss openssl
# cat >/etc/yum.repos.d/cisofy-lynis.repo <<EOL
[lynis]
name=CISOfy Software - Lynis package
baseurl=https://packages.cisofy.com/community/lynis/rpm/
enabled=1
gpgkey=https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
gpgcheck=1
priority=2
EOL

# yum makecache fast
# yum install lynis

$ sudo rpm --import https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
$ sudo zypper addrepo --gpgcheck --name "CISOfy Lynis repository" --priority 1 --refresh --type rpm-md https://packages.cisofy.com/community/lynis/rpm/ lynis
$ sudo zypper repos
$ sudo zypper refresh
$ sudo zypper install lynis

Shigar da Lynis Amfani da Source

Idan ba ka so ka shigar da Lynis, za ka iya zazzage fayil ɗin tushen kuma gudanar da shi kai tsaye daga kowane shugabanci. Don haka, yana da kyau a ƙirƙiri kundin adireshi na al'ada don Lynis ƙarƙashin /usr/local/lynis.

# mkdir /usr/local/lynis

Zazzage ingantaccen sigar tushen fayilolin Lynis daga amintaccen gidan yanar gizon ta amfani da umarnin kwal kamar yadda aka nuna a ƙasa.

# cd /usr/local/lynis
# wget https://downloads.cisofy.com/lynis/lynis-3.0.4.tar.gz

Cire kayan kwalta

# tar -xvf lynis-3.0.4.tar.gz

Gudu da Amfani da Kayan Aikin Lynis

Dole ne ku zama tushen mai amfani don gudanar da Lynis saboda yana ƙirƙira kuma yana rubuta fitarwa zuwa fayil ɗin /var/log/lynis.log. Don gudanar da Lynis aiwatar da umarni mai zuwa.

# cd lynis
# ./lynis

Ta hanyar gudanar da ./lynis ba tare da wani zaɓi ba, zai samar muku da cikakken jerin sigogin da ake da su kuma ya koma cikin hanzarin harsashi. Duba hoton da ke ƙasa.

Don fara aikin Lynis, dole ne ku ayyana ma'anar tsarin dubawa don fara duba tsarin Linux ɗinku gaba ɗaya. Yi amfani da umarni mai zuwa don fara dubawa tare da sigogi kamar yadda aka nuna a ƙasa.

# ./lynis audit system
Or
# lynis audit system

Da zarar ka aiwatar da umarnin da ke sama zai fara duba tsarin naka kuma ya tambaye ka ka danna [Enter] don ci gaba, ko [CTRL]+C don tsayawa) duk wani tsari da ya bincika kuma ya kammala. Duba hoton da aka makala a ƙasa.

Ƙirƙirar Lynis Cronjobs

Idan kuna son ƙirƙirar rahoton binciken tsarin ku na yau da kullun, to kuna buƙatar saita aikin cron don shi. Gudun umarni mai zuwa a harsashi.

# crontab -e

Ƙara aikin cron mai zuwa tare da zaɓi --cronjob duk haruffa na musamman za a yi watsi da su daga fitarwa kuma sikanin zai gudana gaba ɗaya ta atomatik.

30	22	*	*	*	root    /path/to/lynis -c -Q --auditor "automated" --cronjob

Misalin aikin cron na sama zai gudana kowace rana a 10:30 na yamma dare kuma yana ƙirƙirar rahoton yau da kullun a ƙarƙashin fayil ɗin /var/log/lynis.log.

Sakamakon Binciken Lynis

Yayin dubawa za ku ga abin da aka fitar a matsayin [OK] ko [WARNING]. Inda [Ok] yayi la'akari da sakamako mai kyau kuma [WARNING] mara kyau. Amma ba yana nufin cewa an daidaita sakamakon [Ok] daidai ba kuma [WARNING] ba dole ba ne ya zama mara kyau. Ya kamata ku ɗauki matakan gyara don gyara waɗannan matsalolin bayan karanta rajistan ayyukan a /var/log/lynis.log.

A mafi yawan lokuta, sikanin yana ba da shawarwari don gyara matsaloli a ƙarshen binciken. Duba hoton da aka makala wanda ke ba da jerin shawarwari don gyara matsaloli.

Ana sabunta Lynis

Idan kuna son sabuntawa ko haɓaka sigar lynis na yanzu, kawai ku buga wannan umarni mai zuwa zai zazzage kuma shigar da sabuwar sigar lynis.

# ./lynis update info         
Or
# lynis update info

Dubi abin da aka makala na umarnin da ke sama a cikin adadi. Ya ce sigarmu ta Lynis ta zamani ce.

Lynis Parameters

Wasu sigogin Lynis don bayanin ku.

  • Tsarin tantancewa - Yi binciken tsarin.
  • nuna umarni - Nuna umarnin Lynis da ke akwai.
  • nuna taimako - Samar da allon taimako.
  • nuna bayanan martaba - Nuna bayanan bayanan da aka gano.
  • show settings - Lissafta duk saituna masu aiki daga bayanan martaba.
  • sigar nuni - Nuna sigar Lynis na yanzu.
  • --cronjob : Yana gudanar da Lynis azaman guntun aiki (ya haɗa da -c -Q).
  • --help or -h : Yana nuna ingantattun sigogi.
  • --mai sauri ko -Q : Kar a jira shigarwar mai amfani, sai akan kurakurai.
  • --version or -V : Yana Nuna sigar Lynis.

Shi ke nan, muna fatan wannan labarin zai taimaka sosai don gano matsalolin tsaro a cikin tafiyar da tsarin Linux. Don ƙarin bayani ziyarci shafin Lynis na hukuma a https://cisofy.com/download/lynis/.