I wanted a tool to quickly show me some of the basic things I needed to work on to harden the security on the various servers I am running. A sort of security checklist. The first tool I have been trying out is the community version of Lynis, and I have enjoyed it so far. With a “Hardeining index” from 1-100, it gives me a great indicator of how I am progressing.
Once installed ( and they have detailed install instructions for many systems ) it is as easy as a single command to get you started:
lynis audit system
you will get a giant ( not too giant ) list of the status of your system and actionable items.
For my scan I fixed a few things moving from 66 to 72 in my first hardening session.