Bastille

[sparkes]

GR Gaudreau wrote:
> I've downloaded bastille to "harden" security on my box. I was wondering
> if anyone knew of this software and was it worth using it? Will it turn
> the security settings to a paranoid level, and can I undo what bastille
> has done if I "go to far?" Thanks
> 
you already have what would be considered a *hard* system by many people 
by default.  Because you don't run any daemons attached to open ports by 
default.

AFAIK (and if my memory serves me right) bastille is very tightly tied a 
a single version and release of a distro so the debian bits might throw 
up some errors or even break your system YMMV

it might be a useful exercise for someone to port the debian security 
tools.  They clash with all potentially dodgy debs and uninstall when 
you attempt to install a telnet server (for example).  They also include 
a security policy that is shown to users when they log in (although 
strangly only at the console and not via ssh, I had to edit that by hand)

sparkes

-- 
<davee> "Sparkes, the Pete Best of LugRadio"