Lynis v2.5.2 Released

Lynis v2.5.2 Released

Lynis is a security auditing for UNIX derivatives like Linux, Mac OS X, BSD, and Solaris. It performs an in-depth security scan on the system itself, with the goal to detect issues and provide tips for further system hardening. It will also scan for general system information, vulnerable software packages, and possible configuration issues. Lynis is commonly used by people in the “blue team” to assess the security defenses of their systems.

The main goals are:

  • Automated security auditing
  • Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
  • Vulnerability detection

The software (also) assists with:

  • Configuration management
  • Software patch management
  • System hardening
  • Penetration testing
  • Intrusion detection


Typical users of the software:

  • System administrators
  • Auditors
  • Security officers
  • Security professionals


Changelog 2.5.2 (2017-07-10)

  • Support for PHP on CloudLinux
  • Check for presence of locale binary
  • Suhosin detection improvements
  • Generic code improvements
  • Changed ‘lynis audit system remote’ routine
  • Support for macOS High Sierra
  • French translation updated

Lynis Enterprise:

  • Allow ‘tags’ and ‘system-customer-name’ to be specified via Lynis client


  • CONT-8102 – Check for dockerd instead of docker -d
  • FIRE-4594 – Check for presence Advanced Policy Firewall (APF)
  • PKGS-2379 – New test for PHP suhosin extension status
  • PKGS-7370 – Only use debsums on Debian
  • KRNL-6000 – Added kernel.dmesg_restrict testing

Full Changelog: here

[button size=large style=round color=red align=none url=]Download Lynis v2.5.2[/button]

Thanks to our friendĀ Michael Boelen, for sharing this tool with us.

MaxiSoler @maxisoler