ARTICLE

Tiger Unix Security Auditing Tool V.3.2.2 available

Sunday 30 September 2007

TIGER is a set of Bourne shell scripts, C programs, and data files which are used to perform a security audit of Unix systems. The security audit results are useful both for system analysis (security auditing) and for real-time, host-based intrusion detection.

Here is a great news for Tiger Auditing Software supporters and lovers (i felt in love with Tiger since branch 2.x). A new update has been posted on savannah.nongnu.org website. Tiger was left unchanged since 2004.

Tiger is back again with these new features

- Applied patches from Ryan Bradetich to fix Makefiles in HPUX
- Fixed bashisms in scripts
- Fixed YPCAT calls
- Added the audit scripts collection (audit/ subdir). These scripts extract information for a given operating system for offline review and have been provided by Marc Heuse and improved by me. For more information see the README file in that dir.
- Supported OSes:

  • AIX (tested in 4.x and 5.x)
  • Debian GNU/Linux
  • HPUX 10/11
  • Nokia IPSO
  • ORACLE
  • RedHaT GNU/Linux
  • Slackware
  • Solaris
  • SuSE Linux
  • Windows XP/2000/2003

- Added support for a check.d directory where administrators can dump scripts and have Tiger run them periodically
- Small improvements to the messages’s documentation. Including fixes to some error Ids which were not correct
- Documentation improvements: explain new options and behaviour in the manpages, overall improvements to text files provided in sources.
- Fixed scripts: check_accounts, check_aliases, check_anonftp, check_crontabs, check_devices, check_embedded, check_exports, check_finddeleted,check_ftpusers, check_group, check_inetd, check_known, check_listeningprocs, check_logfiles, check_netrc, check_passwd, check_passwdformat, check_path,check_printcap, check_rhosts, check_root, check_rootdir, check_rootkit,check_runprocs, check_sendmail, check_services, check_ssh, check_system,check_tcpd, check_umask, check_xinetd, find_files (Over 60 reported bugs fixed)
- New checks: check_ntp, check_omniback, (Linux-specific) check_xinetd,
- Many fixes in HPUX and Linux checks.
- Added support for Solaris 8 and Solaris 9. New checks:

  • ’check_listeningproces’ check for this OS too (uses pfiles instead of lsof)
  • ’check_patches’: uses a patchdiag.xref file to look for missing patches

- Added Tru64 support
- Added HPUX-specific tigerrc file
- Added spec file to build RPM packages
- Move checks that need to be done to a TODO.check file


POSTSCRIPTUM

Download Tiger Auditing Suite


RELATED ARTICLES

Configurations checks, Local auditing, Security Solutions, Tiger,

30 September 2007 : Tiger Unix Security Auditing Tool V.3.2.2 available