TC7 day 1 – Bastille hardening assessment tool

jay beale
UPDATE: Slides

Bastille is an OS hardening tool for Linux. Jay Beale gave a presentation on how to “lock down” a system using it. Bastille can analyze your current setup and give you a rating based on how secure your system is. The program asks you questions based on your configuration (“Do you want to turn off ### service?”). It explains the possible consequences of taking the suggested actions. The process can be very educational. The system is modular so you can add your own modules by writing a few lines of Perl. Bastille can also generate configurations that can be deployed across multiple machines.

Comments

  1. digitalhead says:

    Nice concept, but the program apparently doesn’t work on any distros of Linux other than the ones listed, not even from source. For instance, Slackware, which I use. It’s sad when even the source limits you to the exact same as the available precompiled packages.

  2. Aaron says:

    Jay Beale’s presentation I assume, is the same at TC as it was at DefCon, or atleast close, and it was a great presentation.

    And the reason bastille has to be maintained for individual distros, even from source, is because most distros use customized kernels and packages, like an ubuntu .deb package is different than the same program’s debian .deb version. And the programs install to different locations, so bastille would have a hard time finding everything. What you could do, is download bastille, look through the files to see what exactly it does, and do the same things by hand, just modified to fit Slackware.

  3. LONELF says:

    My boss paid nearly $300 to send me to a conference with this guy… I was rather dissapointed. For some reason i thought that it would perhaps be more in depth. Not Jay’s fault, but I would reccomend everyone not to pay to sit in on a linuxworld conference, not worth it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 94,048 other followers