
================================================================================

  Lynis - Frequently Asked Questions

================================================================================

  Author:                   Michael Boelen (michael@rootkit.nl)
  Description:              Security and system auditing tool
  Website:                  http://www.rootkit.nl/projects/lynis.html
  Development start:        May 2007
  Support policy:           See section 'Support' (README file)
  Documentation:            See web site, README, FAQ and CHANGELOG file

================================================================================

[+] General
-------------------------------

  Q: I don't understand the program (output), what to do?
  A: Keep reading this FAQ, then continue with reading the README file, followed
     by the log file (default: /var/log/lynis.log). After those sources, there
     is still the internet left.

  Q: I can't find any configuration file for Lynis, where is it?
  A: There isn't one (currently), since all options are available as command
     parameters. Specific options to control the audit/security scan can be set
     or adjusted by changing the 'profile' file you are using (don't use
     default.prf for your own custom options, but make a copy of it).
  
  Q: Why is there no port/package for my operating system?
  A: Because there is no maintainer for it yet. If you have the time to keep
     the port/package current for your preferred operating system, fill in the
     contact form to notify and confirm no one else is working on it.

  Q: What to do with the report files?
  A: Currently the files don't contain much information yet. The output won't
     change much, so you could use them for monitoring for example. 
     

  
[+] Usage problems
-------------------------------
  Q: Lynis hangs while testing the group files (grpck)
  A: Run the grpck command manually. It will most likely need user input, to
     repair incorrect groups.
     
  Q: Lynis doesn't display all messages on a white background
  A: White text is used for general (and important) messages. Most terminals
     have a dark background, so it gives extra attention to the message. However
     if you have a white background (for example Mac OS X), you can run Lynis
     with --no-colors to strip colors or --reverse-colors to reverse the color
     scheme. Another option is to change your terminal colors within Mac OS. 
  
  Q: Some tests take very long to finish, what to do?
  A: Use a second console (or connection) and check the output of ps, to see
     the status of the active subroutine. If a specific test hangs for a very
     long time, try to kill that specific process (ie grpck) and see if Lynis
     continues. Afterwards, run the command manually to see the cause. Check
     the log file for additional information, when possible.



[+] Network related issues
-------------------------------

  Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,
     how can I hide this warning?
  A: Whitelist the interface in the profile file (if_promisc).


================================================================================
 Lynis - Copyright 2007-2008, Michael Boelen - The Netherlands
 http://www.rootkit.nl
