Introduction to Lynis
What is Lynis?
Lynis is an open source security tool. It helps with auditing systems running such as Linux, macOS, BSD, and other Unix variants. Lynis provides guidance for system hardening, detects vulnerabilities such as configuration issues, and can be used for security compliance testing.
Lynis was created in 2007 by Michael Boelen, a Dutch security professional interested in Linux and Unix security. Lynis was his second open source project and can be seen as a spiritual follow-up his work on Rootkit Hunter (rkhunter). Rootkit Hunter had the primary focus of detecting malicious components on the system. Lynis was meant as a more generic tool to evaluate the security of a system and reporting about it.
Development in the early days was primarily done by Michael himself. Contributions were typically provided via email and after review merged into the code. Releases were made available on the rootkit.nl domain, which was also home for the rkhunter project.
In 2013, development was switched to CISOfy. The company was founded by Michael, with him moving to full-time development. It ensured more regular updates and a commercial offering named Lynis Enterprise. This solution would use the standalone Lynis tool in its core, while also providing a web interface with extras like reporting, dashboards, hardening guidance, and more extensive compliance checks.
As part of enhancing the project development, late 2013 and early 2014 were used to restructure the code and optimizing it further. The project found its way on GitHub in 2014, where people see development and contribute. Version 1.6.1 was the first release to become available via both the website and GitHub.
In 2018, the project on GitHub counted more than 100 public contributors, besides countless contributions via other channels. In the same year, the milestone of 5000 stars was reached.
Among the typical user, there is the system administrator, IT auditor, pentester, and security professional. Each of them uses Lynis in their own way, from daily health checks to compliance testing.