蟒蛇 |通過 Lynis 報告系統利潤和合規性

| | | | | | | | | | | |

由於 Lynis 很靈活,它可用於多種不同的目的。 Lynis 的典型用例包括:

  • 安全審計
  • 合規性測試(例如 PCI、HIPAA、SOx)
  • 滲透測試
  • 漏洞檢測
  • 系統加固

系統保護 —它可以保護您的系統免受潛在威脅和漏洞的影響。 Lynis 可用於生成有關係統上各種威脅和漏洞的詳細報告。然後,用戶或系統管理員可以採取必要的措施來保護系統。

Lynis 報告難以閱讀,並且通常包含大量信息。因此,我們使用 Bash 和 Python 腳本來解析報告,從報告中提取相關信息,例如警告、建議,並將它們作為報告保存到 Excel 文件中。

Lynis 的先決條件—

    您必須運行基於 Linux/Unix 的操作系統,例如 Ubuntu、Mac Os 或任何其他 Linux 發行版。

  • 通過克隆在您的系統上安裝 Lynis github 存儲庫: https://github.com/CISOfy/lynis
  • 使用 安裝 pandas 庫命令 sudo pip3 install pandas
  • 在系統上安裝 Lynis 後,導航到 Lynis 目錄,您將在其中找到一組文件以及名為 Lynis 的可執行文件。
  • 使用 bash 腳本(代碼如下)提取相關信息,例如 lynis 報告中給出的警告和建議。創建一個名為 run.sh 的文件並將 bash 代碼複製、粘貼到該文件中並鍵入:sudo ./run.sh 以運行 bash 腳本。
  • 運行Python腳本(代碼如下)對提取的數據進行清理和解析,並將相關信息輸出為Excel文件。

以下是 Bash 和 Python 腳本 —

Script Bash:


#! /bin/bash


#腳本清理/解析報告文件和
# 提取相關細節並運行
# Python 腳本在服務器上顯示細節。

echo "running ......"

echo ""

sudo / lynis 審計系統 --quick


# 執行警告。 sudo ./warnings.sh

echo "生成警告"

echo ""

echo "警告是:"

echo ""


sudo cat / var / log / lynis-report 。數據 | grep 警告 | sed -e "s / warning [] = // g"

sudo cat /var/log/ lynis-report 。數據 | grep 警告 | sed -e "s / warning [] = // g" | cat > warnings.txt


echo ""

echo "警告生成"

echo "輸出文件:warnings.txt"


sudo chmod 755 warnings .txt


# 執行建議。 sudo ./suggestions.sh

echo "生成建議"

echo ""

echo "建議是:"

echo ""


sudo cat / var / log / lynis-report 。數據 | grep 建議 | sed -e "s/suggestions [] = // g"


sudo cat / var /log/lynis-report 。數據 | grep 建議 | sed -e "s/suggestions [] = // g" | cat >建議.txt


echo ""

echo "建議生成"

echo "輸出文件:suggestions.txt"


sudo chmod 755 條建議 .txt



# 執行包。 sudo ./packages.sh

echo "Generating packages"

echo ""

echo "包是:"

echo ""


sudo cat / var / log / lynis-report 。數據 | grep installed_package | sed -e "s / installed_package [] = // g"

sudo cat /var/log/ lynis-report 。數據 | grep installed_package | sed -e "s / installed_package [] = // g" | cat > packages.txt


echo ""

echo "包生成"

sudo chmod 755 packages.txt



# 執行shell。 sudo ./shells.sh

echo "生成可用的 shell"

echo ""

echo "shells 是:"

echo ""


sudo cat / var / log /lynis-report .數據 | grep available_shell | sed -e "s / available_shell [] = // g"

sudo cat /var/log/ lynis-report 。數據 | grep available_shell | sed -e "s / available_shell [] = // g" | cat > shells.txt


echo ""

echo "shells generated"


echo "輸出文件:shells .txt "

sudo chmod 755 shells.txt

Python 腳本:


<表格邊框= " 0 "cellpadding =" 0 "cellspacing =" 0 ">

# 導入庫

import pandas as pd

from pandas import ExcelWriter

import os


# 獲取數據的函數。

def get_data():


警告 = 打開代碼> ( ’warnings.txt’ , ’r’ )

建議 = 打開 ( ’suggestions.txt’ , ’r’ )

= 打開 ( ’packages.txt’ , ’ r’ )

shells = 打開 ( ’shells.txt’ , ’r’ )


warn_data = warnings.readlines()

sugg_data = Suggestions.readlines()

pack_dat a = packages.read ( )

shell_data = shells.readlines()


return warn_data, sugg_data, pack_data, shell_data



def clean_data ():


警告、sugg、pack、shell = get_data ()


warn_clean = []

for line in 警告:

warn_clean.append (line.split ( ’|’ ) )


for i in range ( len (warn_clean)):

warn_clean [i] = warn_clean [i] [: 2 ]

# print (warn_clean [i])


sugg_clean = []

for line in sugg :

sugg_clean.append (line.split ( ’|’ ))


for i in range ( len (sugg_clean)):

sugg_clean [i] = sugg_clean [i] [: 2 ]

# print (sugg_clean [i])

pack_clean = []

pack = pack.split( ’|’ )

pack_clean = pack

del pack_clean [ 0 ]

shell_clean = []

for i in range ( len code> (shell)):

shell_clean.append (shell [i] .rstrip ( ’’ ))

# print (shell_clean [i])



return warn_clean, sugg_clean, pack_clean, shell_clean

def convert_to_excel ():


警告、建議、包、shell = clean_data()


try :

os.mkdir ( ’outputs’ )

except (例外):

pass

os.chdir ( ’輸出’ )


warn_packages = []

警告_te xt = []

for i in 範圍 ( len (警告)):

warn_packages.append (warnings [i] [ 0 ])


for i in range ( len (警告)):

warn_text.append (warnings [i] [ 1 ])

print (warn_packages, warn_text)


警告 = pd.DataFrame()


警告 [ ’Packages’ ] = warn_packages

警告 [ ’warnings’ ] = warn_text


# warn.to_excel (& # 39; warnings.xlsx & # 39 ;, index = False)


writer = ExcelWriter ( ’warnings.xlsx’ )


warn.to_excel (writer, ’report1’ , index = False )


工作簿 = writer.book

工作表 = 作家。工作表 [ ’report1’ ]

#發票信息列

worksheet.set_column ( ’A: A’ , 15 )

# 狀態列

worksheet.set_column ( ’B: B’ , 45 )

# 郵政編碼

# worksheet.set_column (& #39; F: F & #39 ;, 10)


writer.save()


sugg_packages = []

<代碼類= "plain"> sugg_text = []

for i in range ( len (建議)):

sugg_packages.append (建議 [i] [ 0 ])


for i in range ( len (建議)):

sugg_text.append (suggestions [i] [ 1 ])


# print (sugg_packages, sugg_te xt)


暗示性 = pd.DataFrame ()

sugg [ ’包’ ] = sugg_packages

[ ’suggestions’ ] = sugg_text


writer1 = ExcelWriter ( ’suggestions.xlsx’ )


sugg.to_excel (writer1, ’report2’ , index = False )


工作簿 = writer1.book

工作表 = writer1.sheets [ ’report2’ ]


#發票信息欄

worksheet.set_column ( ’A: A’ , 25 )

#狀態列

worksheet.set_column ( ’B: B’ , 120 )

# 郵政編碼

# worksheet.set_column (& # 39; F: F & # 39 ;, 10)

writer1.save ()


pack_data = pd.DataFrame()

pack_data [ ’Packages’ ] =

writer1 = ExcelWriter ( ’ packages.xlsx’ )


pack_data.to_excel (writer1, ’report3’ <代碼類 ="plain ">, 索引 = False )

工作簿 = writer1.book

工作表 = writer1 .sheets [ ’report2’ ]

#發票信息欄

worksheet.set_column ( ’A: A’ , 25 )

# 狀態欄

worksheet.set_column ( ’B: B’ , 120 )

# 郵編代碼>

# worksheet.set_column (& # 39; F: F &# 39 ;, 10)

writer1.save()