With this message I want to ask the security people in here for input about a tool written by me, called Lynis. In particular I'm interested in adding additional Ubuntu support and have people suggest things they like to see within the project.

About the project:
Name: Lynis
License: GPLv3
Website: http://www.rootkit.nl/projects/lynis.html

The program has been developed to get quickly an overview of the security options present (or not!) on a server and create an audit report. An more extensive overview of the options can be found at the URL above.

Since this is a discussion list, I'm interested to hear from (diehard) Ubuntu users which things they usually install/integrate on their Ubuntu workstations/servers to harden it (such as firewalling, PAM modules, anti-scanning/probing tools etc). With the input I hope to add additional tests and keep improving the tool, making life easier for all of us.

So if you have ideas, enlighten me and others,

Michael

With this message I want to ask the security people in here for input about a tool written by me, called Lynis. In particular I'm interested in adding additional Ubuntu support and have people suggest things they like to see within the project.

About the project:
Name: Lynis
License: GPLv3
Website: http://www.rootkit.nl/projects/lynis.html

The program has been developed to get quickly an overview of the security options present (or not!) on a server and create an audit report. An more extensive overview of the options can be found at the URL above.

Since this is a discussion list, I'm interested to hear from (diehard) Ubuntu users which things they usually install/integrate on their Ubuntu workstations/servers to harden it (such as firewalling, PAM modules, anti-scanning/probing tools etc). With the input I hope to add additional tests and keep improving the tool, making life easier for all of us.

So if you have ideas, enlighten me and others,

Michael

Disappointed that you didn't get any feedback on this project. That said, people are possibly wary of describing their security systems off-list. If you'd like to discuss this drop me an email and we could chat offlist.

As for lynis itself - I use it, and I like the idea, but the reason I found this thread is because I have a problem with it. I can't make the "test_skip_always" functionality work - do you have any examples I can use to ensure I'm entering the tests to skip correctly?