Awesome Linux Tools: Lynis from CISOfy

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
as a linux administrator it's our job to secure our servers as best we can sure there's no such thing as 100 security but what we need to do is everything in our power to keep our server safe now obviously the first thing we should do is lock down open ssh because that's a common entryway into servers but after we do that what do we actually focus our attention on to what's the next step well today what i'm going to do is talk to you guys about a really cool tool that i found recently called linus not linus as in the creator of linux but l-y-n-i-s linus is a security scanning tool that you can use to scan your server for vulnerabilities and have a better understanding of what the overall security health of the server happens to be you could use it to get all kinds of information about your server and its weak areas which in my opinion makes it an indispensable tool and i'm going to be showing you guys all about it in today's video now linus is also a really awesome utility to run on your lenode server lenode was gracious enough to sponsor today's video and i really appreciate it using their platform you can set up your very own cloud linux server in no time at all but once you do set up a cloud server it's open to the public internet any port that's open on that server is exposed and linus can help you understand exactly what to do on your lenode servers so i feel like today's sponsorship is a one-to-one match definitely check out lenode because they have all kinds of really cool features like a kubernetes engine they have block storage object storage dns and all kinds of other things they even have a long list of linux distributions that you can choose for your server and get this you can even set up an arch linux server of all things yes arch linux on a server they actually offer that definitely check out lenode using the url that you see on the screen right now and you'll get a hundred dollars in free credit towards your new account with all that out of the way let's go ahead and check out linus so here on my laptop what i'm going to do is connect to my lenode instance to show you guys how linus works but you don't have to be running on leno to use linus linus doesn't care if you are running on lenode a virtual machine in your virtualization stack your desktop your laptop a physical server if it's running linux you can run linus so i'll get connected to my instance via ssh and the fully qualified domain name that i gave it is acme.learnlinux.cloud so i'll press enter and i'm in so the first thing we'll need to do is install linus i mean we can't use it if it's not installed right so first of all i'll just update my package repository index with sudo aft update and this should happen pretty quickly and that's done now notice here that it's telling me that i have 60 packages that can be upgraded i'm always telling you guys to make sure that you always install all of the patches it's very important but no i'm not a hypocrite i decided not to install the updates on the server because i wanted to make sure that linus had some things to find and there's no better way to have more vulnerabilities than to just ignore the updates hopefully on your end you don't let your server get to the point where you have 60 packages waiting to be upgraded but anyway i think this is going to be a good example now that we've updated our repository index we can install linus and that's actually very easy to do we simply run sudo apt install and then linus i'll press enter enter again and now that's done linus is a very small utility which is really cool considering how powerful it is it's installed in no time at all now linus needs to be run as root or a user with sudo access because it needs to access your entire server after all if it's not able to access everything then it's not going to give you a very good report so i'll run sudo linus and then dash dash version and that'll tell us which version of linus we currently have installed in my case installing the apt package in ubuntu gave me version 2.6.2 now one thing to keep in mind if you are not using a rolling distribution and you probably have an older version of linus and the version that i've installed is not the latest now what i'm going to do is leave a link in the description down below where you guys can go to get some instructions on how to add the community repository and that'll make sure that you get the latest version of linus which isn't a bad idea and that'll also help you guys if you don't have the package available on your distribution because then you'll be able to add that repository and still get access to linus alright so let's go ahead and run linus and see some of the things that it can do for us so first of all to make it easier i'll just switch to root since it needs root anyway and now i'm logged in as root and we can run the linus show command and what that does is that gives us a list of options check these out there are several things that we can do here i'll leave it up to you to explore some of these but i'm going to show you how to audit your system right now and that's going to give you a good idea of how secure or insecure your server happens to be and for that i'm going to run linus audit system i want to audit the entire system so i'll press enter and now the audit is complete and there's going to be a ton of information in this report it's actually quite extensive so if i scroll up you can see at least some of the information here that it found and it keeps going on and on and on and on so there's going to be quite a few things here that you should pay attention to so here we have some warnings it's recommending that we have two responsive name servers that's just a good idea and if we scroll all the way down actually i saw the word weak here so if you don't have the proper contents in etsy issue.net they're going to consider that weak you should have some kind of banner to let people know that they're connecting to an unauthorized system and that they should disconnect i mean obviously they may not listen but at least you did warn them that's a legal issue so you definitely want to make sure that you have that so here we see the current version of 2.6.2 which matches right here is telling me that the latest version is 306. so we would actually get some benefit by installing the version from the community repositories but anyway we see a red x here it means that it found some sort of problem or something that it considers a problem so it's telling me that i should have some sort of malware scanner and it's giving us a hardening index of 52 which i guess isn't bad considering that i've done absolutely nothing i repeat nothing to secure this server it's just a demo server on for the purposes of recording this footage but it's giving me a score as telling me that it performed 218 tests again that's my hardening index and it's going to give me a ton of information in this section right here which might be a little hard to read because of how i have the font set up in my terminal but it's giving me 48 suggestions on how i can improve the security of my server so it's telling me for example to install lib pam hyphen temp dur to set the temp intent directory for pam sessions even gives us an identifier right here that we can use to refer to this information and it also gives us a url so that way we could find out more information about this particular suggestion it's telling us to install apt list bugs and that way we get a list of critical bugs prior to each app installation that's probably a very good idea and the suggestions just keep going on from there so what you could do is just read about each of these individual suggestions and get more information about them so we can actually search for this item right here or which is probably easier is we could just copy this url we can open up a browser we'll just go ahead and paste this in right here and then we get some information straight from the creators of linus itself sisify is the creator of the linus tool and here they have some information so if you're curious on how you can achieve a metric that shows up in the report you could simply copy the url go to your browser paste it in and you can read about it you get all the information right here as far as what this pertains to so we get a description we get a section that tells us how to solve this and we have all kinds of urls right here that we can use to get more information about each of the suggestions now back on the browser you'll notice that it has pricing listed right here yes linus is a free tool you can install it on all of your servers and use it without ever opening up your pocketbook they do have an enterprise solution that i recommend you check out that is a paid solution that'll give you a dashboard where you can get all of the results from your servers in one place which is just cool there's other features as well sisify is not a sponsor of this channel they did not sponsor this video but who knows they could become a sponsor later but either way i recommend that you download the free tool and run an audit on your system especially because these types of tools often cost a lot of money and considering we can get linus for free that is just awesome now there's actually another way that we can run linus and this doesn't even require a package at all but it does require git so what i'm going to do is make sure that git is installed and let's see it is actually installed if it's not you could just run sudo apt install and then git and i guess in my case i don't need to use sudo because i'm logged in as root but you get the idea but i already have git installed on my system so what i'm going to do is show you how to pull down the git repository for linus and that way you can write it on whatever distro you want even if it's not normally supported so let's go ahead and clone it and there we go it's literally that simple so we'll go into the directory for the repository that we just pulled down and as you can see we have a bunch of files here but the one that we want to pay special attention to is this one right here it's an executable file is called linus so we can actually run linus without installing it which is pretty cool but i've installed the apt package for linus and if i try to run the local copy it's going to get a bit confused because it's going to find the other installation so what i'm going to need to do is remove the linus app package before i could run the github version and to do that i'm going to run after remove and then linus let's get that removed it looks like we have a dependency there so let's remove that one with auto remove and that'll clean everything up so now what i can do is run the local version of linus here in this directory and since i'm inside the directory i'm going to run dot slash linus just like this and then i'll use dash dash version and this time i'm actually using version 3.0.7 which is a lot higher than the one that i've installed from the repositories so this might be a good way to go if you want to run the latest version so let's go ahead and run an audit and this is the same command as before but i'm running the local copy here in this directory rather than the package that i have installed at the beginning and we'll let this run and i'm just pressing enter through the results here it's quite a bit of information so i'm going through this really quickly i know but it's going through its audit so we want to make sure that it finishes and i press enter a few too many times here but as you can see we get all the results here we have our hardening index there's a different number of tests being performed so we're going to find some of the same problems here but probably some new problems in addition since this is a newer version and it's going to be checking for more things so as you can see it gives you a comprehensive list of results for your server and you also have various test ids like i've mentioned earlier here's a test id and here's the url to that test id so that way you could go through the results on your system and then find out what the weak areas of your server happens to be so there you go as you can see linus is a very awesome tool that's available for free and you could use it to find out what the overall security health of your servers happens to be so go ahead and install it on all of your servers run some audits and you'll find out exactly what you should pay attention to in order to increase the overall strength of your server security and i really like the hardening index as well having a score that represents your overall security of your server that's pretty cool and by the way let me know in the comments down below what your hardening index is i'm curious to find out who among my audience has the most secure server anyway definitely check out linus it's really cool i highly recommend it and i'll see you in the next video thanks for watching [Music] so [Music]
Info
Channel: LearnLinuxTV
Views: 8,460
Rating: undefined out of 5
Keywords: Linux, Tutorial, Review, Howto, Guide, Distribution, Distro, Learn Linux, gnu/linux, LearnLinuxTV, lynis, linux tools, awesome linux tools, security, audit, it security, linux security, hardening, linux server, server hardening, server security, infrastructure, server scan, server audit, threats, malware, malware scan, security tools, linux commands, github, cisofy, cyber security, penetration testing, kali linux, linux tutorial, lynis ubuntu, gnu/linux (operating system)
Id: FYnrfkkVKD8
Channel Id: undefined
Length: 14min 51sec (891 seconds)
Published: Mon Nov 29 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.