Tools compared: Linux auditing tools

Finding the right tool can be difficult. This sheet compares LUNAR, Lynis, OpenSCAP, Tiger and YASAT.

LUNARLynisOpenSCAPTigerYASAT
Description

LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.

Security auditing tool for systems running Linux, mac OS, or Unix, to perform an in-depth health check.

Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines

Tiger a security audit and intrusion detection tool for flavors of Unix

YASAT describes itself as another simple stupid audit tool to test Linux systems. It has many tests for checking the security configuration of the system.

Tool details

LUNAR is short for Lockdown UNix Auditing and Reporting and runs on the system itself.

Thumbnail

Lynis is an open source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.

The OpenSCAP project provides a wide variety of hardening guides, configuration baselines, and tools to test for vulnerabilities and configuration issues. It uses SCAP as the protocol to store the underlying data.

The YASAT tool performs a system scan to detect configuration issues and possible improvements for hardening the system.

Dependencies
StrenghtsThe source code of this software is availableCommercial support available, More than 50 contributors, More than 3000 GitHub stars, Used language is shell script, Very low number of dependencies, Project is mature (5+ years), The source code of this software is availableMore than 25 contributors, The source code of this software is available, Supported by a large companyUsed language is shell script, The source code of this software is availableUsed language is shell script
WeaknessesNo updates for a whileNo updates for a while
Programming language(s)shell scriptshell scriptCshell scriptshell script
Last releaseUnknown

2.5.7 (2017-10-29)

1.2.15 (2017-08-25)

3.2.3 (2010-03-03)

848 (2016-08-30)

Tool page (last updated)

2017-09-17

2017-09-17

2017-09-17

2017-09-17

2017-09-18

Tool score
64
100
89
59
74
DownloadDownloadDownloadDownloadDownloadDownload
More informationLUNAR reviewLynis reviewOpenSCAP reviewTiger reviewYASAT review