================================================================================

 

  -[ Lynis 1.2.9 Results ]-

 

  Tests performed: 136
  Warnings:
  ----------------------------
   - [00:25:16] Warning: Found one or more zombie processes (38686) [test:PROC-3612] [impact:L]
   - [00:25:16] Warning: Multiple users with UID 0 found in passwd file [test:AUTH-9204] [impact:H]
   - [00:25:16] Warning: Multiple accounts found with same UID [test:AUTH-9208] [impact:H]
   - [00:25:16] Warning: Possible harmful shell found (for passwordless account!) [test:AUTH-9218] [impact:H]
   - [00:25:16] Warning: Found unprotected console in /etc/ttys [test:SHLL-6202] [impact:M]
   - [00:25:33] Warning: PHP option expose_php is possibly turned on, which can reveal useful information for attackers. [test:PHP-2372] [impact:M]
   - [00:25:34] Warning: Found one or more stratum 16 peers [test:TIME-3116] [impact:L]

 

  Suggestions:
  ----------------------------
   - [00:25:14] Suggestion: update to the latest stable release.
   - [00:25:16] Suggestion: Check the output of ps for dead or zombie processes [test:PROC-3612]
   - [00:25:16] Suggestion: Use vipw to delete the 'toor' user if not used. [test:AUTH-9204]
   - [00:25:16] Suggestion: Default umask in /etc/profile could be more strict like 027 [test:AUTH-9328]
   - [00:25:16] Suggestion: Change the console line from 'secure' to 'insecure'. [test:SHLL-6202]
   - [00:25:16] Suggestion: To decrease the impact of a full /tmp file system, place /tmp on a separated partition [test:FILE-6310]
   - [00:25:32] Suggestion: Unused distfiles found. Use portsclean to delete these files. For example: portsclean -DD. [test:PKGS-7348]
   - [00:25:32] Suggestion:  [test:Install portaudit from the ports collection to query outdated (vulnerable) packages.]
   - [00:25:32] Suggestion: Configure a firewall/packet filter to filter incoming and outgoing traffic [test:FIRE-4590]
   - [00:25:33] Suggestion: Change the expose_php line to: expose_php = Off [test:PHP-2372]
   - [00:25:33] Suggestion: Change the enable_dl line to: enable_dl = Off, to disable downloads via PHP [test:PHP-2374]
   - [00:25:33] Suggestion: Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP [test:PHP-2376]
   - [00:25:33] Suggestion: Enable logging to an external logging host for archiving purposes and additional protection [test:LOGG-2154]
   - [00:25:33] Suggestion: Add legal banner to /etc/motd, to warn unauthorized users [test:BANN-7122]
   - [00:25:34] Suggestion: Check ntpq peers output [test:TIME-3116]
   - [00:25:34] Suggestion: Check ntpq peers output for time source candidates [test:TIME-3128]
   - [00:25:34] Suggestion: Harden the system by removing unneeded compilers. This can decrease the chance of customized trojans, backdoors and rootkits to be compiled and installed [test:HRDN-7220]
================================================================================
  Files:
  - Test and debug information      : /var/log/lynis.log
  - Report data                     : /var/log/lynis-report.dat
================================================================================
  Notice: Lynis update available
  Current version : 129    Latest version : 130
================================================================================
  Hardening index : [54]     [##########          ]
================================================================================