Tool and Usage
|Latest release||3.2.3 |
|Author||Dave K. Hess, Dave R. Safford, Douglas Lee Schales, Khalid Warraich|
Why this tool?
The Tiger tool is used to scan your system and perform a security audit. Tiger checks configuration files and the system state. Based on the findings it will show suggestions to improve the security level of the system.
The Tiger project also states on their project page it can be used as an intrusion detection tool. This promise is somewhat outdated. To be effective in the area of intrusion detection, its technology needs to be kept up-to-date. Still, the tool might find traces that give away a system breach.
How it works
The engine of Tiger is based on small scripts that do individual checks. A typical example of such check is to look for a configuration file and see if its settings are in a preferred state.
Like other tools in this category, Tiger is light on resources. It uses shell script as its core and leverages common system utilities to do the work.
Tiger was a popular tool to audit systems and originates from work at the Texas A&M University. After 2008 there were not many updates released, showing the project is stalled. For that reason, we suggest using more active projects.
Usage and audience
Tiger is commonly used for intrusion detection, IT audit, system hardening, or vulnerability scanning. Target users for this tool are security professionals and system administrators.
- Tiger is written in shell script
- Command line interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Used language is shell script
- + Project is mature (10+ years)
- + The source code of this software is available
- - No updates for a while
Supported operating systems
Tiger is known to work on AIX, FreeBSD, Linux, NetBSD, OpenBSD, and Solaris.
Similar tools to Tiger:
Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.
Otseca is a security tool that helps with gathering system information. It can be useful for penetration tests and security assessments, to automate some parts of the process.
CS Suite is a security toolkit that allows scanning Amazon, Google, and Azure cloud platforms. Read how it works in this review.
This tool page was updated at . Found an improvement? Help the community by submitting an update.