Find us on social media

Client area
VulnerabilitiesLynisNmap5 min read

Scan your server for vulnerabilities

Lynis audit, Nmap port scanning, ClamAV antivirus and rkhunter rootkit detection.

Audit with Lynis

Lynis is a security auditing tool for Linux systems:

bash
sudo apt install -y lynis
sudo lynis audit system

The report shows:

  • Hardening score (0-100)
  • Warnings (critical issues)
  • Suggestions (recommended improvements)

Review the full report:

bash
sudo cat /var/log/lynis-report.dat

Run Lynis monthly and aim for a score above 80.

Port scanning with Nmap

Nmap identifies open ports and exposed services:

bash
sudo apt install -y nmap

# Basic port scan
nmap -sV your-server-ip

# Full scan (all ports)
nmap -sV -p- your-server-ip

# Vulnerability scan
nmap --script vuln your-server-ip

Close any port you don't need open.

Antivirus with ClamAV

bash
sudo apt install -y clamav clamav-daemon
sudo systemctl stop clamav-freshclam
sudo freshclam
sudo systemctl start clamav-freshclam

Scan directories:

bash
# Scan home directory
sudo clamscan -r /home --infected --log=/var/log/clamav-scan.log

# Full system scan
sudo clamscan -r / --exclude-dir=/sys --exclude-dir=/proc --infected

Rootkit detection with rkhunter

bash
sudo apt install -y rkhunter
sudo rkhunter --update
sudo rkhunter --check --skip-keypress

Review the log:

bash
sudo cat /var/log/rkhunter.log | grep Warning

Automated scanning

Create a weekly scan script:

bash
#!/bin/bash
# /usr/local/bin/security-scan.sh
echo "=== Security Scan $(date) ==="
lynis audit system --quick 2>/dev/null | tail -5
freshclam --quiet
clamscan -r /home --infected --quiet
rkhunter --check --skip-keypress --quiet
echo "=== Scan complete ==="
bash
chmod +x /usr/local/bin/security-scan.sh

Add to cron (Sundays at 3 AM):

bash
0 3 * * 0 /usr/local/bin/security-scan.sh | mail -s "Security Scan Report" your-email@example.com

Recommendations

  • Run Lynis after every major configuration change
  • Scan ports from outside the server to see what an attacker sees
  • Keep ClamAV databases updated
  • Investigate every rkhunter warning (may be false positives)
  • Automate scans and review reports weekly
Was this guide helpful?
← Back to Security