Lynis - Robust security audit tool, but is it for Linux home users?
Quoting: Lynis - Robust security audit tool, but is it for Linux home users? —
I didn't spend a lot of time testing Lynis. However, from what I've been able to glean in my half-hour stint, it's a good tool. It did its work as advertised, no surprises or snags. The output is readable, and categorized in a logical manner. You get suggestions and explanations for what you can do next. All that said, you do need to understand the results before you can do anything with them. But if you do, then you can considerably harden your system. Lynis will not "prevent" infections per se, and it won't really detect any, just observe the anomalies that could indicate potential problems - the easy GUI YES/NO conundrum - but if you apply its findings, you can make sure there's much less risk of something like that happening in the future.
This brings me to the Linux home user. Like the rest of the bunch, Lynis is not designed for the Linux distro at home. Nothing prevents you from using it, of course, but in most cases, the usage will be an overkill, for various reasons. Some of the results won't be applicable, and you will need to invest time and knowledge to get everything right. On its own, that's not a bad investment, but it cannot give easy, instant answers, and it will probably elevate your sense of security paranoia in the short term. All in all, this is an excellent tool, but mostly aimed for businesses running public-facing services. And we all know the Internet needs some solid hardening in this regard. Take care.