Tiger security tool 3.2.3

Tiger security tool that can be use both as a security audit and intrusion detection system.
Tiger security tool that can be use both as a security audit and intrusion detection system. The project supports multiple UNIX platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only of POSIX tools and is written entirely in shell language.

Tiger has some interesting features that merit its resurrection, including a modular design that is easy to expand, and its double edge, it can be used as an audit tool and a host intrusion detection system tool. Free Software intrusion detection is currently going many ways, from network IDS (with Snort), to the kernel (LIDS, or SNARE for Linux and Systrace for OpenBSD, for example), not mentioning file integrity checkers (many of these: aide, integrit samhain, tripwire...) and logcheckers (even more of these, check the Log Analysis pages). But few of them focus on the host-side of intrusion detection fully.

Tiger complements this tools and also provides a framework in which all of them can work together. Tiger it is not a logchecker, nor it focused in integrity analysis. It does "the other stuff", it checks the system configuration and status. Read the manpage for a full description of checks implemented in Tiger. A good example of what Tiger can do is, for example, check_findelete, a module that can determine which network servers running in a system are using deleted files (because libraries were patched during an upgrade but the server's services not restarted).

Free software Linux/*BSD distributions have a myriad of security tools to do local security checks: Debian's checksecurity, Mandrake's msec, OpenBSD's /etc/security, SUSE's Seccheck... but, even if they do similar checks they have suffered from fragmentation. Tiger is being developed in the hopes that it could substitute them at some point in the future. For a list of system security checks that Tiger provides that others do not you can read this (short) comparison.

last updated on:
September 11th, 2008, 10:07 GMT
price:
FREE!
developed by:
Javier Fernández-Sanguino Peña
homepage:
www.nongnu.org
license type:
GPL (GNU General Public License) 
category:
ROOT \ Security

FREE!

In a hurry? Add it to your Download Basket!

user rating 19

3.3/5
 

0/5

What's New in This Release:
  • This version is mainly a bugfix release that incorporates all the fixes introduced in Debian since 3.2.2.
  • It also updates Linux's gen_mounts to support many more filesystems, and provides a way for local administrators to define local and non-local filesystems.
  • This makes it easier for local admins to define exotic filesystems, if in use, and avoid the warnings Tiger mails each time a script that runs through the filesystems (check_perms, check_known, and find_files) executes.
read full changelog

Add your review!

SUBMIT