Lynis - System Audits

Lynis is a tool, that scans your local system for misconfigurations. At the end, you will get an index score, that indicates how safe your system is. Anything above 80 is fine. Everything below 70 is worrisome. You can install Lynis the following way:

sudo apt install apt-transport-https ca-certificates host gnupg
sudo wget -O - https://packages.cisofy.com/keys/cisofy-software-public.key | sudo apt-key add -
sudo echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list
sudo apt update
sudo apt install lynis host

Update the database:

sudo lynis update info

To audit your system run

sudo lynis audit system

Below your score, you will also see a list of recommended actions to take. Keep in mind, that Lynis is not perfect, so it might also show errors, for stuff you fixed in a different way than Lynis expected.