Tiger Unix Security Auditing Tool V.3.2.2 available

TIGER is a set of Bourne shell scripts, C programs, and data files which are used to perform a security audit of Unix systems. The security audit results are useful both for system analysis (security auditing) and for real-time, host-based intrusion detection.

Here is a great news for Tiger Auditing Software supporters and lovers (i felt in love with Tiger since branch 2.x). A new update has been posted on savannah.nongnu.org website. Tiger was left unchanged since 2004.

Tiger is back again with these new features

  • Applied patches from Ryan Bradetich to fix Makefiles in HPUX
  • Fixed bashisms in scripts
  • Fixed YPCAT calls
  • Added the audit scripts collection (audit/ subdir). These
    scripts extract information for a given operating system
    for offline review and have been provided by Marc Heuse and
    improved by me. For more information see the README file in
    that dir.
  • Supported OSes:
  • AIX (tested in 4.x and 5.x)
  • Debian GNU/Linux
  • HPUX 10/11
  • Nokia IPSO
  • ORACLE
  • RedHaT GNU/Linux
  • Slackware
  • Solaris
  • SuSE Linux
  • Windows XP/2000/2003
  • Added support for a check.d directory where administrators can dump scripts and have Tiger run them periodically
  • Small improvements to the messages’s documentation. Including fixes to some error Ids which were not correct
  • Documentation improvements: explain new options and behaviour
    in the manpages, overall improvements to text files provided in sources.
  • Fixed scripts: check_accounts, check_aliases, check_anonftp, check_crontabs, check_devices, check_embedded, check_exports, check_finddeleted,check_ftpusers, check_group, check_inetd, check_known, check_listeningprocs, check_logfiles, check_netrc, check_passwd, check_passwdformat, check_path,check_printcap, check_rhosts, check_root, check_rootdir, check_rootkit,check_runprocs, check_sendmail, check_services, check_ssh, check_system,check_tcpd, check_umask, check_xinetd, find_files (Over 60 reported bugs fixed)
  • New checks: check_ntp, check_omniback, (Linux-specific) check_xinetd,
  • Many fixes in HPUX and Linux checks.
  • Added support for Solaris 8 and Solaris 9. New checks:
  • ’check_listeningproces’ check for this OS too (uses pfiles instead of lsof)
  • ’check_patches’: uses a patchdiag.xref file to look for missing patches
  • Added Tru64 support
  • Added HPUX-specific tigerrc file
  • Added spec file to build RPM packages
  • Move checks that need to be done to a TODO.check file