Lynis 1.2.4

- NTP daemon process test [TIME-3108]
- NTP association ID's check from peer list [TIME-3112]
- NTP time source candidates test [TIME-3128]
- NTP falseticker check [TIME-3132]
- NTP protocol version check [TIME-3136]
- Stratum 16 ntp peers check [TIME-3116]
- Unreliable ntp peers check [TIME-3120]
- Preferred NTP time source test [TIME-3124]
- auditd presence check [ACCT-9628]
- auditd rules check [ACCT-9630]
- auditd configuration file check [ACCT-9632]
- auditd log file location check [ACCT-9634]
- cupsd status check [PRNT-2304]
- cupsd configuration file check [PRNT-2306]
- cupsd address configuration test [PRNT-2308]
- pam.conf configuration check [AUTH-9264]
- pam.d configuration file scan [AUTH-9266]
- PAM modules check [AUTH-9268]
- rpcinfo query [STRG-1902]
- NFS version number check [STRG-1904]
- NFS protocol and port number check [STRG-1906]
- NFS status check [STRG-1920]
- NFS exports check [STRG-1926]
- NFS empty /etc/exports [STRG-1928]
- SSH PermitRootLogin option check [SSH-7412]
- at.allow and at.deny check [SCHD-7720]
- File integrity tool check [FINT-4350]
- nginx process check [HTTP-6702]
- nginx log file test [HTTP-6720]
- ClamAV clamscan presence test [MALW-3282]
- ClamAV daemon check [MALW-3284]
- ClamAV freshclam check [MALW-3286]
- Check for presence malware scanner [MALW-3292]
- clamscan, ntpq binary check
- NTP daemon role and profile option
- Parameter --tests-category, to scan one or more categories
- Category added (Storage: NFS)
- Added hardening points to tests
- Display hardening index to report

- Extended logrotate test [LOGG-2148]
- Added check for inetd.conf before performing test [INSE-8016]
- Added /var/spool/crontabs to search path [TIME-3104]
- Added log line to sysstat test [ACCT-9626]
- Improved screen output on Solaris
- Checking for both rdate and ntpdate in cron files [TIME-3104]
- Changed yum-security package check [PKGS-7386]
- Change output if dig isn't available [NETW-2705]
- Added IPv6 support and output adjustment [NETW-2704]
- Cosmetic change for host based firewall check [FIRE-4590]
- Corrected output in log file [PKGS-7388]
- Corrected passwd options for Red Hat [AUTH-9282]
- Changed text if everything is ok (no warnings)
- Log improvements

About Lynis Enterprise

We help companies with auditing and hardening their Unix, Linux and macOS systems.

Our software solution performs in-depth security audits and provides guidance. This way you are quickly underway in getting your systems safe and secure.

With focus on automation, boring hardening documents and benchmarks are no longer needed.