Tiger Local Security Audit

By | 2010/12/21

Tiger is an excellent local Linux (*nix) system security audit tool.

sudo apt-get install tiger

Then run:

sudo tiger

Tiger checks various things such as all user accounts on the machine, problematic cron and service entries, complete system file permission check, rootkits, backdoors, (Debian/Ubuntu example: complete md5sum of installed files against Debian Security Advisories), listening services audit, and more!

The log file will be written to /var/log/tiger/security.report[hostname].[date-time].

Potential problems will be marked with FAIL in all captial letters, followed by a FAIL code.

Issue the command tigexp code for more details:

tigexp netw020f

This means there is no /etc/ftpusers file, for example which is ok. 🙂