BANN-7122 - Banner in /etc/motd

(Banner)

This information is provided as part of the Lynis community project. It is related to Lynis control BANN-7122 and should be considered as-is and without guarantees. Any advice and commands should be tested before implementing them in production environments.

Description

Authorized and unauthorized users should know that the system is monitored and deter unauthorized users from attempting to log in.

How to solve

Define a banner text to inform both authorized and unauthorized users about the machine and service they are about to access. The purpose is to share your policy before an access attempt is being made. Users should know that there privacy might be invaded, due to monitoring of the system and its resources, to protect the integrity of the system. Also unauthorized users should be deterred from trying to access it in the first place. Do not reveal sensitive information, like the specific goal of the machine, or what can be found on it. Consult with your legal department, to determine appropriate text.

Need more details?

Consider an upgrade to Lynis Enterprise to receive more guidance. The Enterprise version helps to you with daily health checks of your environment, learn in-depth system hardening, and resources to protect your systems better.

See demo

About

Lynis is a technical security auditing tool for Unix flavors like Linux, macOS, AIX, Solaris, and *BSD. It is open source software and free to use. Typical usage include system hardening, compliance testing, and vulnerability scanning. The project has an active community, including development via GitHub.

Lynis Enterprise

Do you need to collect data from multiple systems or compliance reporting? Lynis Enterprise uses Lynis to collect the data and make your work easier.

Benefits: automate security audits, detailed reporting, compliance testing.

  • Centralized management
  • Improvement plan with priorities
  • Reporting
  • Dashboards
  • Predefined policies
  • Integration (API)
  • Improvement snippets for tools like Ansible, Chef, Cfengine, Puppet, and SaltStack
Take the Tour