Welcome to my site. Please CLICK HERE to give your opinions regarding this new look of "PCTipsbyAnu". Thanks for visiting.

Friday, April 8, 2011

Browse » Home » , , , , , » Track down security problems in Linux...

Track down security problems in Linux...

Tiger is a collection of scripts, code and data files for tracking down security problems. It scans file systems and configuration files, checking for possible security issues. It's built around several dozen modules that check everything from guessable passwords to the presence of a rootkit.

To install and run it:

# sudo apt-get install tiger
# sudo tiger

The report is written to /var/log/tiger and named  security.report.hostname.YYMMDD-hh:mm
You can simply cat this, (note that only root can view it):

# sudo cat /var/log/tiger/security.report.hostname.YYMMDD-hh:mm

but it's a big report and you're really only interested in failed items. Try this instead:

# sudo grep FAIL /var/log/tiger/security.report.hostname.YYMMDD-hh:mm

Failures are logged against an explanatory code, like this:

--FAIL-- [ftp007f] Anonymous FTP directory owned and writable by 'ftp'.
--FAIL-- [lin016f] The system permits source routing from incoming packets

--FAIL-- [lin019f] The system does not have any local firewall rules

You can obtain more details by appending the code to the Tiger Explanation Generator. For example:

# tigexp ftp007f


The indicated file is owned by the 'ftp' account and is writable.
This may allow unauthorized access to the machine.  The indicated file should be owned by 'root' and not writable by group or world.

See CERT advisory CA-93:10 for information on setting up an anonymous FTP server.

Tiger's well-commented configuration file resides in /etc/tiger/tigerrc.

You can leave a response, or trackback from your own site.

About 'Anu': My name is 'Anu' also Known as 'ANU 007 TIGER' .I'm administrator of 'PC Tips by Anu' blog .This blog was opened for sharing contents about hacking n cracking.


Post a Comment

Back to Top