TIGER, or the 'tiger' scripts, is a set of tools (Bourne shell scripts and C programs) which are used to perform a security audit of different operating systems components. The tools can be both run all at once to generate an audit report of the system and to detect elements that could be fixed when hardening it.
TIGER has one primary goal: report ways the system's security can be compromised.
Most of the tools are independent, but some of them rely on specialised external security tools such as John the Ripper, Chkroot and integrity check tools (like Tripwire, Integrit or Aide) to execute some tasks.
The same checks are also configured by default to run periodically and detect deviations or unauthorised changes. This makes it possible to used them also as a host intrusion detection mechanism. This review mechanism relies on the use of the cron task scheduler and an email delivery system to report errors and deviations.
This package provides all the security scripts and data files for Linux. A separate package is available providing the scripts for other operating systems so they can be run from a centralised repository.
The Linux scripts incorporate specific checks targetting the Debian OS including: md5sums checks of installed files, location of files not belonging to packages, and analysis of local listening processes.
Alternatives to TIGER available in Debian include lynis and ossec. If you are aiming for a small set of checks, try checksecurity, lsat or yasat.