检测工具lynis

wget https://gitee.com/zzhlinux911218/software/raw/master/linux-inspect2.sh;bash linux-inspect2.sh
检测系统安全中，请等待检测结果……

扫描结果 /var/log/lynis-log
结果详情 /var/log/lynis.log

 执行命令：./lynis audit system -Q

 

#!bin/bash

yum -y install wget unzip 
wget https://gitee.com/zzhlinux911218/software/raw/master/lynis-master.zip
unzip lynis-master.zip  > /dev/null
mv lynis-master  /etc/lynis
cd /etc/lynis
echo -e "\033[33m 检测系统安全中，请等待检测结果……\033[0m"
./lynis audit system |sed '1,/Results/d'  > /var/log/lynis-log

curl qq.com &> /dev/null
if [ $? != 0 ];then
  echo -e "\033[31m 本机curl不通外网站点，请联系机房处理！！\033[0m"
fi

ping -c3 8.8.4.4 &> /dev/null
if [ $? != 0 ];then
  echo -e "\033[31m 本机DNS不通，请联系机房处理！！\033[0m"
fi

AWS=`cat /var/log/lynis-log | grep  Warnings | wc -l`
if [ $AWS != 0 ];then
    echo ""
    echo -e "\033[31m 本机系统漏洞数量如下：\033[0m"
    cat /var/log/lynis-log | grep  Warnings
   
   AWWS=`cat /var/log/lynis-log  | grep Found | awk   '{print $NF}'  | awk -F"["  '{print $2}'  | awk -F"]"  '{print $1}'`
   for i in "$AWWS"
   do
     cd /etc/lynis
     echo ""
     echo -e "\033[33m 警告解决方案如下……\033[0m"
     ./lynis show details  "$i"
   done
    
   echo ""
   echo "扫描结果 /var/log/lynis-log"
   echo "结果详情 /var/log/lynis.log"
else
   echo -e "\033[33m 本机系统检测完毕，安全！\033[0m"
   
fi

 ln -s /etc/lynis/lynis /usr/bin/lynis

 

 使用 lynis 进行主机扫描很简单，只需要带上参数 audit system 即可

lynis audit system

 

转载于:https://www.cnblogs.com/linuxws/p/10529956.html