This wiki is a community-maintained resource about everything there is to know about IPFire.
Lynis is an auditing-tool for Unix specialists. It scans the system as well as installed software and detects vulnerabilities. Additionally, the scan system provides general information and may point to possible configuration errors.
To start Lynis, change to the Console, change the directory to /var/ipfire/lynis and execute the following command:
Used without parameters Lynis displays you a list of valid parameters.
With the option-c Lynis will start a complete scan.
Not every alarm of Lynis is extremely critical and needs immedediate action; it may also shows notes and hints, which you may use to increase the system security.
Find more information here