Lynis is an auditing-tool for Unix specialists. It scans the system as well as installed software and detects vulnerabilities. Additionally, the scan system provides general information and may point to possible configuration errors.
To start Lynis, change to the Console, change the directory to /var/ipfire/lynis and execute the following command:
Used without parameters Lynis displays you a list of valid parameters.
With the option audit system Lynis will start a complete scan:
./lynis audit system
Not every alarm of Lynis is extremely critical and needs immediate action; it may also shows notes and hints, which you may use to increase the system security.
Likewise, it is possible to customize :
* the list and the behavior of the tests carried out
* the display language of the results status
by copying the file /var/ipfire/lynis/default.prf to custom.prf then modifying the content of this new file.
Find more information here