Initial import

1 files changed, 92 insertions, 0 deletions

diff --git a/FAQ b/FAQ
new file mode 100644
index 00000000..e8dcb244
--- /dev/null
+++ b/FAQ
@@ -0,0 +1,92 @@
+
+================================================================================
+
+  Lynis - Frequently Asked Questions
+
+================================================================================
+
+  Author:                   Michael Boelen (michael@rootkit.nl)
+  Description:              Security and system auditing tool
+  Website:                  http://cisofy.com/lynis/
+                            http://www.rootkit.nl/projects/lynis.html
+  Development start:        May 2007
+  Support policy:           See section 'Support' (README file)
+  Documentation:            See web site, README, FAQ and CHANGELOG file
+
+================================================================================
+
+[+] General
+-------------------------------
+
+  Q: I don't understand the program (output), what to do?
+  A: Keep reading this FAQ, then continue with reading the README file, followed
+     by the log file (default: /var/log/lynis.log). After those sources, check
+     the documentation on the website.
+
+  Q: I can't find any configuration file for Lynis, where is it?
+  A: There isn't one (currently), since all options are available as command
+     parameters. Specific options to control the audit/security scan can be set
+     or adjusted by changing the 'profile' file you are using (don't use
+     default.prf for your own custom options, but make a copy of it).
+
+  Q: Why is there no port/package for my operating system?
+  A: Because there is no maintainer for it yet. If you have the time to keep
+     the port/package current for your preferred operating system, fill in the
+     contact form to notify me and confirm no one else is working on it.
+
+  Q: What to do with the report files?
+  A: The output could be used for monitoring (baseline checks). For user of the
+     Lynis Enterprise Suite, they will be used to upload data.
+
+
+
+[+] Usage problems
+-------------------------------
+  Q: Lynis hangs while testing the group files (grpck)
+  A: Run the grpck command manually. It will most likely need user input, to
+     repair incorrect groups.
+
+  Q: Lynis doesn't display all messages on a white background
+  A: White text is used for general (and important) messages. Most terminals
+     have a dark background, so it gives extra attention to the message. However
+     if you have a white background (for example Mac OS X), you can run Lynis
+     with --no-colors to strip colors or --reverse-colors to reverse the color
+     scheme. Another option is to change your terminal colors within Mac OS. 
+
+  Q: Some tests take very long to finish, what to do?
+  A: Use a second console (or connection) and check the output of ps/lsof etc,
+     to see the status of the active subroutine. If a specific test hangs for a
+     very long time, try to kill that specific process (ie grpck) and see if
+     Lynis continues. Afterwards, run the command manually to see the cause.
+     Check the log file for additional information, when possible.
+
+  Q: When running Lynis, it shows me the usage help even while using correct
+     parameters, why?
+  A: This can happen with alternative shells. Try using a different shell to
+     invoke Lynis (example: bash lynis -c).
+
+  Q: One or more tests are giving incorrect output. How to solve that?
+  A: Check the log file. If that also has incorrect data, fill in the contact
+     form and describe the issue.
+
+  Q: The program takes long to complete and also uses too much resources. Can it
+     be tuned?
+  A: The time it takes to complete is depends on the amount of tests to run.
+     However the resources it take can be slighty lowered by increasing the
+     pause_between_tests profile option. Keep in mind this increases the total
+     length of the scan to complete.
+
+
+
+[+] Network related issues
+-------------------------------
+
+  Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,
+     how can I hide this warning?
+  A: Whitelist the interface in the profile file (if_promisc).
+
+
+
+================================================================================
+ Lynis - Copyright 2007-2014, Michael Boelen - The Netherlands
+ http://cisofy.com