[ubuntu-hardened] msec, Bastille port?
soporte_altex at hotmail.com
Fri Oct 21 09:59:18 CDT 2005
This is the thread with my comments about Debian/Ubuntu in the Bastille
mailllist and the answer by Javier Fernandez-Sanguino , the maintainer of
Bastille in Debian:
I'm also interested in porting Bastille to Ubuntu, we'll have to see how to
coordinate with Javier (he contributes in a lot of stuff related to Debian
security), since it seems what needs to be done is to finish/polish the
Debian version and add some features (like reporting) rather than porting
from scratch to Debian. As I was saying in the other list, if there are no
critical differences in packages regarding Bastille between Debian and
Ubuntu then the Debian version should work for Ubuntu (right?).
>From the point of view of personal preference, I think is better for the
application of security policies to have Mandriva's msec; it's easier for
users to just type "msec 4" and for the sysadmins to have known states of
security policies in different machines (like "critical server is level 5,
workstations are 3) instead of multiple different config files (the simpler
the better). Of course it's not an apples-to-apples comparison since the
hardening of Bastille and msec are different, with some overlapping.
>From: Dave Kempe <dave at solutionsfirst.com.au>
>To: "fernando ." <soporte_altex at hotmail.com>
>CC: ubuntu-hardened at lists.ubuntu.com
>Subject: Re: [ubuntu-hardened] msec, Bastille port?
>Date: Fri, 21 Oct 2005 11:17:34 +1000
>fernando . wrote:
>>Is there any initiative or interest to port a script-based hardening tool
>>like Mandriva's msec (
>>http://mandrake.vmlinuz.ca/bin/view/Main/MandrivaSecurity ) to Ubuntu?
>I am interested in getting Bastille style hardening happening. It adds a
>layer to security that is useful for many organisations.
>I would be happy to hack away on a Bastille port if there is interest.
More information about the ubuntu-hardened