Just like Lynis, Tiger supports multiple UNIX platforms and it is free under GPL License. Besides system hardening tools, system configuration checks etc, Tiger offers host-based intrusion detection, and it is very successful at it.
Its worth to note for Linux/Unix environment newcomers that, while there are lots of intrusion detection tools out there, most of them if not all are command line and offers minimal X based or GUI mode.
As of now, the latest and stable version of Tiger is 3.2.3, and can be obtained at:
I’ll write some Tiger scripts and their use. You are advised to check its documentation and find what interests you and what you are trying to accomplish.
- check_inetd – This script will check your init.d and find any misconfiguration.
- check_group – As its name suggests, it will check group passwords vulnerability, duplication and so on.
- check_accounts – This scrips will check your accounts for anything suspicious, home directories, shells, accounts with no passwords etc.
- check_anonftp – This checks your ftp configuration for any vulnerability.
- check_passwd – Checks for password configurations.