Lynis is an auditing-tool for Unix specialists. It scans the system as well as installed software and detects vulnerabilities. Additionally, the scan system provides general information and may point to possible configuration errors.
To start Lynis, change to the Console, change the directory to /var/ipfire/lynis and execute the following command:
Used without parameters Lynis displays you a list of valid parameters.
With the option audit system Lynis will start a complete scan:
./lynis audit system
Not every alarm of Lynis is extremely critical and needs immediate action; it may also shows notes and hints, which you may use to increase the system security.
Likewise, Lynis is highly customizable, including:
* The list and level of details of the tests carried out
* The language in which the results are displayed (section titles, status)
...by copying the file /var/ipfire/lynis/default.prf to custom.prf then modifying the content of this new file.
Find more information here