TC7 day 1 – Bastille hardening assessment tool

posted Sep 17th 2005 9:03am by
filed under: Uncategorized

jay beale
UPDATE: Slides

Bastille is an OS hardening tool for Linux. Jay Beale gave a presentation on how to “lock down” a system using it. Bastille can analyze your current setup and give you a rating based on how secure your system is. The program asks you questions based on your configuration (“Do you want to turn off ### service?”). It explains the possible consequences of taking the suggested actions. The process can be very educational. The system is modular so you can add your own modules by writing a few lines of Perl. Bastille can also generate configurations that can be deployed across multiple machines.

Read



3 Responses to TC7 day 1 – Bastille hardening assessment tool

  • digitalhead says:
    September 18, 2005 at 12:36 pm

    Nice concept, but the program apparently doesn’t work on any distros of Linux other than the ones listed, not even from source. For instance, Slackware, which I use. It’s sad when even the source limits you to the exact same as the available precompiled packages.

    Reply Report comment
  • Aaron says:
    September 18, 2005 at 4:10 pm

    Jay Beale’s presentation I assume, is the same at TC as it was at DefCon, or atleast close, and it was a great presentation.

    And the reason bastille has to be maintained for individual distros, even from source, is because most distros use customized kernels and packages, like an ubuntu .deb package is different than the same program’s debian .deb version. And the programs install to different locations, so bastille would have a hard time finding everything. What you could do, is download bastille, look through the files to see what exactly it does, and do the same things by hand, just modified to fit Slackware.

    Reply Report comment
  • LONELF says:
    September 19, 2005 at 4:07 pm

    My boss paid nearly $300 to send me to a conference with this guy… I was rather dissapointed. For some reason i thought that it would perhaps be more in depth. Not Jay’s fault, but I would reccomend everyone not to pay to sit in on a linuxworld conference, not worth it.

    Reply Report comment

    • Leave a Reply

    XHTML: You can use these tags: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    Hack a Day serves up fresh hacks each day, every day from around the web as well as hacking related news.

    Send us your hacks










         



    Hacks

    Resources