Lynis compare & share

No responce? Bump.

>>58266787
Ubuntu dev machine - 68.
It bitches about me using 127.0.1.1 as my DNS, when it's what Ubuntu uses as a wrapper to other DNS services... meh.

>>58267342
>No responce? Bump
It's new year's morning... dipshit...

>>58266787
Running Lynis on a personal computer is fucking stupid. Here are some of its "suggestions":

  - Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc [AUTH-9262]
  - The database required for 'locate' could not be found. Run 'updatedb' or 'locate.updatedb' to create this file. [FILE-6410]
  - Check if any syslog daemon is running and correctly configured. [LOGG-2130]
  - Check why klogd is not running [LOGG-2138]
  - Add a legal banner to /etc/issue, to warn unauthorized users [BANN-7126]
  - Install a file integrity tool [FINT-4350]
  - Determine if automation tools are present for system management [TOOL-5002]
  - Harden the system by removing unneeded compilers. This might decrease the chance of customized trojans, backdoors and rootkits to be compiled and installed [HRDN-7220]
  - Harden compilers like restricting access to root user only [HRDN-7222]

Use pam_cracklib doesn't do shit. Having a locate database doesn't do shit. Restricting compilers to root users is fucking stupid.

I got a 65 but it didn't even detect grsecurity or notice mandatory access control.

  Lynis security scan details:

  Hardening index : 71 [##############      ]
  Tests performed : 206
  Plugins enabled : 2

  Components:
  - Firewall               [V]
  - Malware scanner        [V]

  Lynis Modules:
  - Compliance Status      [?]
  - Security Audit         [V]
  - Vulnerability Scan     [V]

================================================================================

  Exceptions found
  Some exceptional events or information was found!

Should I be worried about those Exceptions?

Well, I know what my new years day is going to be spent doing