1
Nginx1
SSH3
Software3
Web4
IDS6
Security8
Database10
Automation10
Malware10
Monitoring10
Proxy10
Programming10
Shells10
Stability
Note: This report type is under development and for show case purposes only. - « Back to demo page
Operating System
| Hostname | database1 |
| Operating System | Linux |
| Linux version | Red Hat Enterprise Linux 6 |
| Risk rating | Low / Medium / High |
Scan details: This system has been analyzed at 9 November with Lynis version 1.6.4.
Main priorities
Hardening
Score: 430 / 555
Intrusion detection
✘ No intrusion detection software detected.
Linux Audit
OK
✓ Audit daemon is active
✓ 16 rules loaded
✓ Critical files are properly monitored
File permissions
OK
✓ All files have an owner and group
✓ No world writable files found
✓ SetUID files are all on whitelist
Malware detection
OK
Malicious software is a serious threat to the availability and integrity of data. Prevention and detection measures for this threat are therefore strongly advised.
✓ This system is running ClamAV to detect malware.
✓ Virus definitions: OK (not older than 2 days)
Network Basics
Discovered IP address: 192.168.1.35
✓ This system has no IP aliases configured
✓ DNS is properly configured
DNS
✓ Two name servers are configured
✓ DNS caching is properly configured
✓ System makes use of locally installed BIND instance
BIND
OK
BIND daemon is running
Version 9.9.1
✓ Files and permissions are OK
✓ Zones are protected with DNSSEC
Database
OK
Database software MySQL has been discovered
Database software PostgreSQL has been discovered
OK
✓ Postfix has been found to handle outgoing e-mail
✓ Files and permissions are OK
Monitoring
OK
✓ Zabbix agent has been found to monitor the system
✓ Files and permissions are OK
MySQL
OK
✓ MySQL daemon is running
✓ Files and permissions are OK
Nginx
NOK
Detected Nginx version: nginx/1.1.19
✓ IPv6 support
Finding: a security update is available for this software package
Performance
OK
✓ Kernel is tuned
✓ No IO wait
PostgreSQL
✗ PostgreSQL daemon is NOT running
✓ Files and permissions are OK
This package might be unused on this particular system.
Proxy service
OK
Some systems allow proxying of data for other systems. One common solution is to act as a gateway for internet browsing for normal and functional user accounts.
✓ No proxy daemon detected on this system
Programming
OK
✓ Perl is installed
✓ Python is installed
✓ Ruby is installed
Shells
OK
✓ All shells are whitelisted and properly installed
✓ Files and permissions are OK
Software
NOK
Finding: Software audit discovered 3 vulnerable packages.
Packages
Packages
- nginx
- openssl
- openssh-server
Finding: One or more packages on this system contain vulnerabilities.
This issue is considered to be a serious risk if the machine is accessible via the network and contains network related services.
SSH
NOK
SSH a secure protocol for remote system administration. As it is a common gateway to the system, its configuration should be properly be protected against several threats. Commom threats include name guessing and brute-force password cracking.
Finding: a security update is available for this software package
OpenSSH version 5.9p1 has been discovered on this system
✓ SSH daemon is running
Stability
OK
✓ System is running for 49 days
✓ No application crashes detected
Web server
NOK
The Nginx daemon was discovered on this host.
Finding: the current version of Nginx contains a vulnerability and should be updated.