Skip to content

Releases: CISOfy/lynis

Lynis 2.4.7

22 Mar 10:54
@mboelen mboelen
2.4.7
2b14437
Compare
Choose a tag to compare
Lynis 2.4.7

Lynis 2.4.7 (2017-03-22)

Changes:

  • Minor code cleanups

Tests:

  • BANN-7126 - Added more words to test for
  • CUPS-2308 - Improve logging for CUPS configuration test, removed exception handler
  • HTTP-6641 - Support detection for Apache module mod_reqtimeout
  • PKGS-7388 - Minor change to detect security repositories
Assets 2
Loading

Lynis 2.4.6

15 Mar 09:36
@mboelen mboelen
2.4.6
5693a6c
Compare
Choose a tag to compare
Lynis 2.4.6

Lynis 2.4.6 (2017-03-15)

Changes:

  • Added FileInstalledByPackage function (dpkg and rpm supported)
  • Mark Arch Linux version as rolling release (instead of unknown)
  • Support for Manjaro Linux
  • Escape files when testing if they are readable
  • Code cleanups

Tests:

  • CRYP-7902 - Test more certificates names, but only if they are not part of a package
  • FILE-7524 - Reduce standard screen output for file permissions check
  • MALW-3280 - Added Avira detection as a malware scanner
  • NAME-4018 - Only perform name services test when resolv.conf file exists
  • PKGS-7387 - Check all repositories if they use GPG signing
  • SCHD-7704 - Permission checks
  • TIME-3104 - Check permissions before open files
Assets 2
Loading

Lynis 2.4.5

09 Mar 12:08
@mboelen mboelen
2.4.5
a70cfd0
Compare
Choose a tag to compare
Lynis 2.4.5

Lynis 2.4.5 (2017-03-09)

Changes:

  • Allow host alias to be specified in profile
  • Code readability enhancements
  • Solaris support has been improved

Tests:

  • AUTH-9328 - Add missing 0027 and 0077 umasks
  • BOOT-5104 - Add initsplash and minor code enhancements
  • DBS-1882 - Include Redis configuration file
  • FIRE-4502 - Improved detection for iptables modules when using OpenVZ
  • PKGS-7381 - Enhanced package audit for FreeBSD
Assets 2
Loading

Lynis 2.4.4

01 Mar 15:42
@mboelen mboelen
2.4.4
1c5f568
Compare
Choose a tag to compare
Lynis 2.4.4

Lynis 2.4.4 (2017-03-01)

Changes:

  • Fix for upload function to be used from profile
  • Reduce screen output for mail section, unless --verbose is used
  • Code cleanups and removed 'update release' command

Tests:

  • AUTH-9308 - Improved test for sulogin string (Debian systems)
  • FILE-6372 - Properly deal with comment on lines in /etc/fstab
  • MAIL-8817 - New test to check Postfix configuration for errors
  • SSH-7408 - Corrected SSH check
Assets 2
Loading

Lynis 2.4.3

22 Feb 14:52
@mboelen mboelen
2.4.3
3a7d9a4
Compare
Choose a tag to compare
Lynis 2.4.3

Lynis 2.4.3 (2017-02-22)

Changes:

  • Colored output can now be tuned with profile (colors=yes/no)
  • Allow data upload to be set as a profile option

Tests:

  • AUTH-9308 - Improved test for sulogin string
  • MAIL-8818 - Test if Linux version is known before comparing in Postfix banner
  • TIME-3116 - Skip stratum 16 items for time pools
  • TIME-3148 - New test to detect TZ variable
Assets 2
Loading

Lynis 2.4.2

15 Feb 13:15
@mboelen mboelen
2.4.2
97d018f
Compare
Choose a tag to compare
Lynis 2.4.2

Lynis 2.4.2 (2017-02-15)

Changes:

  • Properly detect SSH daemon version

Tests:

  • AUTH-9208 - Removed double logging
  • AUTH-9222 - Improve logging for double groups
  • AUTH-9226 - Improve logging for double groups
  • BOOT-5177 - Sort systemctl unit files to make them unique
  • DBS-1818 - New test to detect MongoDB
  • DBS-1820 - New test for MongoDB authentication
  • FIRE-4512 - Lowered minimum number of iptables firewall rules
  • FIRE-4586 - Fix applied when searching for "-j LOG"
  • HRDN-7222 - Changed reporting key of world executable compilers
  • SSH-7408 - Added filtering for PermitRootLogin (prohibit-password, OpenSSH 7.0)
Assets 2
Loading

Lynis 2.4.1

09 Feb 12:38
@mboelen mboelen
2.4.1
34ba1ba
Compare
Choose a tag to compare
Lynis 2.4.1

Lynis 2.4.1 (2017-02-09)

Changes:

  • Generic code improvements
  • Improved the update check and display
  • Finish, Portuguese, and Turkish translation
  • Extended support and tests for DragonFlyBSD
  • Option to configure hostid and hostid2 in profile
  • Support for Trend Micro and Cylance (macOS)
  • Remove comments at end of nginx configuration
  • Used machine ID to create host ID when no SSH keys are available
  • Added detection of iptables-save to binaries

Tests:

  • FIRE-4586 - Check logging for firewall components
  • KRNL-5788 - Remove exception and style improvements
  • KRNL-5830 - Improved logging
Assets 2
Loading

Lynis 2.4.0

27 Oct 10:51
@mboelen mboelen
2.4.0
7155afa
Compare
Choose a tag to compare
Lynis 2.4.0

Lynis 2.4.0 (2016-10-27)

Exactly one month after previous release, the Lynis project is proud to announce
a new release. This release had the specific focus to improve support for macOS
users. Thanks to testers and contributors to make this possible.

New:

  • New group "system integrity" added
  • Support for clamconf utility
  • Chinese translation (language=cn)
  • New command "upload-only" to upload just the data instead of a full audit
  • Enhanced support for macOS, including HostID2 generation for macOS
  • Support for CoreOS
  • Detection for pkg binary (FreeBSD)
  • New command: lynis show hostids (show host ID)
  • New command: lynis show environment (hardware, VM, or container type)
  • New command: lynis show os (show operating system details)

Changes:

  • Several new sysctl values have been added to the default profile
  • Existing tests have been enhanced to support macOS

Tests:

  • AUTH-9234 - Support for macOS user gathering
  • BOOT-5139 - Support for machine roles in LILO test
  • BOOT-5202 - Improve uptime detection for macOS and others
  • FIRE-4518 - Improve pf detection and mark as root-only test
  • FIRE-4530 - Don't show error on screen for missing IPFW sysctl key
  • FIRE-4534 - Check Little Snitch on macOS
  • INSE-8050 - Test for insecure services on macOS
  • MACF-6208 - Allow non-privileged execution and filter permission issues
  • MALW-3280 - Detection for Avast and Bitdefender daemon on macOS
  • NETW-3004 - Support for macOS
  • PKGS-7381 - Improve test for pkg audit on FreeBSD
  • TIME-3104 - Chrony support extended

Plugins (community and commercial):

  • PLGN-1430 - Gather installed software packages for macOS
  • PLGN-4602 - Support for Clam definition check on macOS
Assets 2
Loading

Lynis 2.3.4

27 Sep 11:14
@mboelen mboelen
2.3.4
f8288bf
Compare
Choose a tag to compare
Lynis 2.3.4
  • Lynis 2.3.4 (2016-09-27) *

Changes:

  • Skip update message when using the 'show' helper
  • Instead of opening the log file, you can now use 'lynis show details' followed
    by the test ID. It will show the relevant section.
  • Several tests have extended log details
  • Many style improvements as part of ongoing refactoring of the code
  • Detection of nftables improved
  • Replaced cut, sed, tr and others commands with binary variable (for forensics
    and future intrusion checking capabilities)
  • Swedish translation provided by Peter Carlsson
  • Support for arch-audit to scan for presence of vulnerable packages on Arch Linux
  • OS detection improved

Tests:

  • CONT-8107 - New test checking number of Docker containers
  • CRYP-7902 - Gather more details regarding certificates
  • DBS-1816 - Define skip reason
  • FILE-6344 - Adjusted /proc test for hidepid option
  • FILE-6362 - Removed warning and add skip reason
  • FIRE-4520 - Change test to use detected binary
  • FIRE-4520 - New test to check for empty nftables ruleset
  • KRNL-5820 - Corrected function and style improvements
  • LOGG-2146 - Textual change
  • NAME-4408 - Check localhost to IP mapping
  • PKGS-7320 - Test for arch-audit tool
  • PKGS-7322 - Check vulnerable packages on Arch Linux
  • PKGS-7381 - Extended vulnerable package detection for FreeBSD
  • TIME-3104 - timedatectl test now detects NTP synchronization properly
Assets 2
Loading

Lynis 2.3.3

23 Aug 08:53
@mboelen mboelen
2.3.3
f27418b
Compare
Choose a tag to compare
Lynis 2.3.3

Lynis 2.3.3 (2016-08-23)

Upgrade note

Customized profiles that included sysctl settings need to be altered. See
default.prf for the correct format of the lines.

Additions

  • OpenStack detection
  • Option to disable automatic refresh of software repository

Languages

  • Japanese translation added, contributed by Yukio Takahara

Fixes

  • Some tests did not show a warning text
  • Typo in man page for tests-from-group

Parameters

  • New --bin-dirs to define binary directories to scan
  • New option --root-dir to specify a different file system to scan

Nginx

  • Rewrite of configuration parsing

PHP

  • Support for PHP 5.6

Redis

  • Redis test to detect configuration files
  • Test Redis configuration for several best practices
  • Perform permission check on Redis configuration files

Experimental features (in development)

  • --bin-dirs - set what directories should be scanned for binaries
  • --root-dir - define the root of the file system, to allow forensics

Settings

  • Many settings have a new alias (with dashes instead underscores)
  • New setting 'show-report-solution' to show solution in report

Functions

  • ExitFatal can now exit program with optional text
  • IsNotebook can detect if system is a notebook (or not)
  • ShowSymlinkPath and FileIsReadable test for at least one argument
  • StoreNginxSettings will save parsed nginx configuration

Tests

  • BOOT-5108 - Support for Syslinux bootloader
  • DBS-1882 - Redis configuration detection
  • DBS-1884 - Redis 'requirepass' check
  • DBS-1886 - Redis 'rename-command CONFIG' check
  • DBS-1888 - Redis 'bind localhost' check
  • FILE-6374 - Improved logging
  • KRNL-5830 - Improved logging for detected Linux kernels
  • KRNL-6000 - Support for multiple profiles and new format style
  • LOGG-2190 - Ignore MySQL files in /tmp from early MySQL 5.x releases
  • LOGG-2192 - New test to check opened log files that are empty

Lynis Enterprise integration

  • Tag 'redis-server' is added for systems running Redis
Assets 2
Loading