Tools compared: Linux auditing tools
Finding the right tool can be difficult. This sheet compares LUNAR, Lynis, OpenSCAP, Tiger and YASAT.
LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.
Security auditing tool for systems running Linux, mac OS, or Unix, to perform an in-depth health check.
Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines
Tiger a security audit and intrusion detection tool for flavors of Unix
YASAT describes itself as another simple stupid audit tool to test Linux systems. It has many tests for checking the security configuration of the system.
LUNAR is short for Lockdown UNix Auditing and Reporting and runs on the system itself.
Lynis is an open source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.
The OpenSCAP project provides a wide variety of hardening guides, configuration baselines, and tools to test for vulnerabilities and configuration issues. It uses SCAP as the protocol to store the underlying data.
The YASAT tool performs a system scan to detect configuration issues and possible improvements for hardening the system.
|Strenghts||The source code of this software is available||Commercial support available, More than 50 contributors, More than 3000 GitHub stars, Used language is shell script, Very low number of dependencies, Project is mature (5+ years), The source code of this software is available||More than 25 contributors, The source code of this software is available, Supported by a large company||Used language is shell script, The source code of this software is available||Used language is shell script|
|Weaknesses||No updates for a while||No updates for a while|
|Programming language(s)||shell script||shell script||C||shell script||shell script|
|Tool page (last updated)|
|More information||LUNAR review||Lynis review||OpenSCAP review||Tiger review||YASAT review|