Therefore it can perform a deeper analysis compared with network-based scans. Optionally, they will log in to a system and gather data. They do this via the network by searching for discoverable services. These products focus primarily on vulnerability scanning. After all, not all systems have to be like Fort Knox, unless you want it to be. You are the one to decide what level of security is appropriate for your environment. Instead of just turning on some settings, Lynis perform an in-depth security scan. Differences with BastilleĪutomated hardening tools are helpful, but at the same time might give a false sense of security. It focuses mainly on automatically hardening the system. Bastille Linuxīastille was for a long time the best known utility for hardening Linux systems. Here are some comparisons with some other well-known tools. After all, you should be the one deciding what security controls make sense for your environment. Lynis has a different way of doing things, so you gain more flexibility. Findings like warnings and suggestions are stored in a separate report file (lynis-report.dat).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |