📜  Python|使用 Lynis 的系统强化和合规性报告

📅  最后修改于: 2022-05-13 01:55:11.936000             🧑  作者: Mango

Python|使用 Lynis 的系统强化和合规性报告

Lynis 是一款久经考验的安全工具,适用于运行 Linux、macOS 或基于 Unix 的操作系统的系统。它对您的系统执行广泛的健康扫描,以支持系统强化和合规性测试。该项目是具有 GPL 许可证的开源软件,自 2007 年起可用。

由于 Lynis 很灵活,因此可以用于多种不同的目的。 Lynis 的典型用例包括:

  • 安全审计
  • 合规性测试(例如 PCI、HIPAA、SOx)
  • 渗透测试
  • 漏洞检测
  • 系统强化

系统强化是指保护您的系统免受潜在威胁和漏洞的影响。 Lynis 可用于生成有关系统中各种威胁和漏洞的详细报告。然后,用户或系统管理员可以采取必要的措施来保护系统。
Lynis 报告难以阅读,通常包含大量信息。因此,我们使用 Bash 和Python脚本来解析报告,从报告中提取相关信息,例如警告、建议,并将它们作为报告存储在 excel 文件中。

Lynis 的先决条件 –

  • 通过克隆 github 存储库在您的系统上安装 Lynis:https://github.com/CISOfy/lynis
  • 使用命令 sudo pip3 install pandas 安装 pandas 库。
  • 在系统上安装 Lynis 后,导航到 Lynis 目录,您将在其中找到一堆文件以及一个名为 Lynis 的可执行文件。
  • 使用 bash 脚本(代码如下)提取 lynis 报告中给出的警告和建议等相关信息。创建一个名为 run.sh 的文件并将 bash 代码复制粘贴到该文件中,然后键入:sudo ./run.sh 以运行 bash 脚本。
  • 运行Python脚本(代码如下)对提取的数据进行清理和解析,并将相关信息输出为 excel 文件。

下面是 Bash 和Python脚本——

重击脚本:

BASH
#!/bin/bash
 
# script to scrape/parse the report file and
# extract the relevant details and run the
# python script to display the details in a server.
 
echo "running......"
echo ""
 
sudo ./lynis audit system --quick
 
# execute warnings. sudo ./warnings.sh
echo "Generating warnings"
echo ""
echo "warnings are: "
echo ""
 
sudo cat /var/log/lynis-report.dat | grep warning | sed -e "s/warning\[\]\=//g"
sudo cat /var/log/lynis-report.dat | grep warning | sed -e "s/warning\[\]\=//g" | cat > warnings.txt
 
echo ""
echo "warnings generated"
echo "output file: warnings.txt"
 
sudo chmod 755 warnings.txt
 
#execute suggestions.  sudo ./suggestions.sh
echo "Generating suggestions"
echo ""
echo "suggestions are: "
echo ""
 
sudo cat /var/log/lynis-report.dat | grep suggestion | sed -e "s/suggestion\[\]\=//g"
 
sudo cat /var/log/lynis-report.dat | grep suggestion | sed -e "s/suggestion\[\]\=//g" | cat > suggestions.txt
 
echo ""
echo "suggestions generated"
echo "output file: suggestions.txt"
 
sudo chmod 755 suggestions.txt
 
 
# execute packages. sudo ./packages.sh
echo "Generating packages"
echo ""
echo "packages are: "
echo ""
 
sudo cat /var/log/lynis-report.dat | grep installed_package | sed -e "s/installed_package\[\]\=//g"
sudo cat /var/log/lynis-report.dat | grep installed_package | sed -e "s/installed_package\[\]\=//g" | cat > packages.txt
 
echo ""
echo "packages generated"
sudo chmod 755 packages.txt
 
 
# execute shells.  sudo ./shells.sh
echo "Generating available shells"
echo ""
echo "shells are: "
echo ""
 
sudo cat /var/log/lynis-report.dat | grep available_shell | sed -e "s/available_shell\[\]\=//g"
sudo cat /var/log/lynis-report.dat | grep available_shell | sed -e "s/available_shell\[\]\=//g" | cat > shells.txt
 
echo ""
echo "shells generated"
 
echo "output file: shells.txt"
 
sudo chmod 755 shells.txt


Python3
# importing libraries
import pandas as pd
from pandas import ExcelWriter
import os
 
# function to get the data.
def get_data():
     
    warnings = open('warnings.txt', 'r')
    suggestions = open('suggestions.txt', 'r')
    packages = open('packages.txt', 'r')
    shells = open('shells.txt', 'r')
 
    warn_data = warnings.readlines()
    sugg_data = suggestions.readlines()
    pack_data = packages.read()
    shell_data = shells.readlines()
 
    return warn_data, sugg_data, pack_data, shell_data
 
 
def clean_data():
 
    warn, sugg, pack, shell = get_data()
 
    warn_clean = []
    for line in warn:
        warn_clean.append(line.split('|'))
 
    for i in range(len(warn_clean)):
        warn_clean[i] = warn_clean[i][:2]
        # print(warn_clean[i])
 
    sugg_clean = []   
    for line in sugg:
        sugg_clean.append(line.split('|'))
 
    for i in range(len(sugg_clean)):
        sugg_clean[i] = sugg_clean[i][:2]
        # print(sugg_clean[i])
 
    pack_clean = []
    pack = pack.split('|')
    pack_clean = pack
    del pack_clean[0]
 
    shell_clean = []
 
    for i in range(len(shell)):
        shell_clean.append(shell[i].rstrip('\n'))
        # print(shell_clean[i])
 
 
    return warn_clean, sugg_clean, pack_clean, shell_clean
 
 
def convert_to_excel():
 
    warnings, suggestions, packages, shells = clean_data()
 
    try:
        os.mkdir('outputs')
    except(Exception):
        pass
 
    os.chdir('outputs')
 
    warn_packages = []
    warn_text = []
    for i in range(len(warnings)):
        warn_packages.append(warnings[i][0])
 
    for i in range(len(warnings)):
        warn_text.append(warnings[i][1])
     
    print(warn_packages, warn_text)
 
    warn = pd.DataFrame()
     
    warn['Packages'] = warn_packages
    warn['warnings'] = warn_text
 
    # warn.to_excel('warnings.xlsx', index = False)
 
    writer = ExcelWriter('warnings.xlsx')
     
    warn.to_excel(writer, 'report1', index = False)
     
    workbook = writer.book
    worksheet = writer.sheets['report1']
 
    # Account info columns
    worksheet.set_column('A:A', 15)
    # State column
    worksheet.set_column('B:B', 45)
    # Post code
    # worksheet.set_column('F:F', 10)
 
    writer.save()
 
    sugg_packages = []
    sugg_text = []
    for i in range(len(suggestions)):
        sugg_packages.append(suggestions[i][0])
 
    for i in range(len(suggestions)):
        sugg_text.append(suggestions[i][1])
     
    # print(sugg_packages, sugg_text)
 
    sugg = pd.DataFrame()
     
    sugg['Packages'] = sugg_packages
    sugg['suggestions'] = sugg_text
 
    writer1 = ExcelWriter('suggestions.xlsx')
     
    sugg.to_excel(writer1, 'report2', index = False)
     
    workbook = writer1.book
    worksheet = writer1.sheets['report2']
 
    # Account info columns
    worksheet.set_column('A:A', 25)
    # State column
    worksheet.set_column('B:B', 120)
    # Post code
    # worksheet.set_column('F:F', 10)
    writer1.save()
 
    pack_data = pd.DataFrame()
    pack_data['Packages'] = packages
    writer1 = ExcelWriter('packages.xlsx')
     
    pack_data.to_excel(writer1, 'report3', index = False)
     
    workbook = writer1.book
    worksheet = writer1.sheets['report3']
 
    # Account info columns
    worksheet.set_column('A:A', 75)
    # State column
    # Post code
    # worksheet.set_column('F:F', 10)
    writer1.save()
 
    os.chdir('..')
 
 
if __name__ == '__main__':
 
    warnings, suggestions, packages, shells = clean_data()
 
    convert_to_excel()


Python脚本:

Python3

# importing libraries
import pandas as pd
from pandas import ExcelWriter
import os
 
# function to get the data.
def get_data():
     
    warnings = open('warnings.txt', 'r')
    suggestions = open('suggestions.txt', 'r')
    packages = open('packages.txt', 'r')
    shells = open('shells.txt', 'r')
 
    warn_data = warnings.readlines()
    sugg_data = suggestions.readlines()
    pack_data = packages.read()
    shell_data = shells.readlines()
 
    return warn_data, sugg_data, pack_data, shell_data
 
 
def clean_data():
 
    warn, sugg, pack, shell = get_data()
 
    warn_clean = []
    for line in warn:
        warn_clean.append(line.split('|'))
 
    for i in range(len(warn_clean)):
        warn_clean[i] = warn_clean[i][:2]
        # print(warn_clean[i])
 
    sugg_clean = []   
    for line in sugg:
        sugg_clean.append(line.split('|'))
 
    for i in range(len(sugg_clean)):
        sugg_clean[i] = sugg_clean[i][:2]
        # print(sugg_clean[i])
 
    pack_clean = []
    pack = pack.split('|')
    pack_clean = pack
    del pack_clean[0]
 
    shell_clean = []
 
    for i in range(len(shell)):
        shell_clean.append(shell[i].rstrip('\n'))
        # print(shell_clean[i])
 
 
    return warn_clean, sugg_clean, pack_clean, shell_clean
 
 
def convert_to_excel():
 
    warnings, suggestions, packages, shells = clean_data()
 
    try:
        os.mkdir('outputs')
    except(Exception):
        pass
 
    os.chdir('outputs')
 
    warn_packages = []
    warn_text = []
    for i in range(len(warnings)):
        warn_packages.append(warnings[i][0])
 
    for i in range(len(warnings)):
        warn_text.append(warnings[i][1])
     
    print(warn_packages, warn_text)
 
    warn = pd.DataFrame()
     
    warn['Packages'] = warn_packages
    warn['warnings'] = warn_text
 
    # warn.to_excel('warnings.xlsx', index = False)
 
    writer = ExcelWriter('warnings.xlsx')
     
    warn.to_excel(writer, 'report1', index = False)
     
    workbook = writer.book
    worksheet = writer.sheets['report1']
 
    # Account info columns
    worksheet.set_column('A:A', 15)
    # State column
    worksheet.set_column('B:B', 45)
    # Post code
    # worksheet.set_column('F:F', 10)
 
    writer.save()
 
    sugg_packages = []
    sugg_text = []
    for i in range(len(suggestions)):
        sugg_packages.append(suggestions[i][0])
 
    for i in range(len(suggestions)):
        sugg_text.append(suggestions[i][1])
     
    # print(sugg_packages, sugg_text)
 
    sugg = pd.DataFrame()
     
    sugg['Packages'] = sugg_packages
    sugg['suggestions'] = sugg_text
 
    writer1 = ExcelWriter('suggestions.xlsx')
     
    sugg.to_excel(writer1, 'report2', index = False)
     
    workbook = writer1.book
    worksheet = writer1.sheets['report2']
 
    # Account info columns
    worksheet.set_column('A:A', 25)
    # State column
    worksheet.set_column('B:B', 120)
    # Post code
    # worksheet.set_column('F:F', 10)
    writer1.save()
 
    pack_data = pd.DataFrame()
    pack_data['Packages'] = packages
    writer1 = ExcelWriter('packages.xlsx')
     
    pack_data.to_excel(writer1, 'report3', index = False)
     
    workbook = writer1.book
    worksheet = writer1.sheets['report3']
 
    # Account info columns
    worksheet.set_column('A:A', 75)
    # State column
    # Post code
    # worksheet.set_column('F:F', 10)
    writer1.save()
 
    os.chdir('..')
 
 
if __name__ == '__main__':
 
    warnings, suggestions, packages, shells = clean_data()
 
    convert_to_excel()

运行上述脚本后,您将在当前目录中找到一个名为 outputs 的文件夹。导航到输出文件夹,您将在其中找到包含警告、建议和已安装包的 Excel 工作表。