On Wed, 2004-06-23 at 09:50 -0500, Erik Kamerling wrote:
> Hi James,
>
> > Could anyone recommend a good "one-stop" tutorial for all of this?
>
> On the security side of things, a truly superb system security tool for
> hardening publicly exposed Linux machinery is the Bastille Linux Project. You
> mentioned a tutorial and Bastille immediately jumps to mind. The Bastille
> scripts are designed to be just as much of a learning tool/security tutorial
> for system administrators as a centralized way to implement industry standard
> security controls on your system.
>
> Every security ehancement suggested for your system offers a full explanation
> before you apply. You can also revert any part of the system security plan
> that you implement after the fact, by re-running the bastille scripts if you
> discover that your implemented controls are too stringent.
>
> It offers both a Tk and Curses interface for machines with and without
> XWindows.
>
> You can find a general overview at http://www.bastille-linux.org, and they
> have debian packages.
>
> This is a very good tool to run --after you are done with configuring your
> system but --before you interface your machine to the public Internet.
And it's in Debian...
$ apt-cache show bastille
Package: bastille
Priority: optional
Section: admin
Installed-Size: 1504
Maintainer: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Architecture: i386
Version: 1:2.1.1-6
Depends: perl5, libcurses-perl
Recommends: whois, psad, bind9-host | host
Suggests: acct, perl-tk (>= 1:800.011) | libgtk-perl
Conflicts: libcurses-widgets-perl
Filename: pool/main/b/bastille/bastille_2.1.1-6_i386.deb
Size: 366274
MD5sum: 0f4588ceb523f85c9c568183df16899b
Description: Security hardening tool
Bastille Linux is a security hardening program for Linux. That is,
it can tighten your operating system and improving its security. Both
removing unnecessary services and improving your local configuration
security-wise.
.
The main goal of Bastille Linux is not only to secure the system, but
also to educate the installing administrator about the security issues
involved in what it does. Each step (all are optional) provides
extensive
descriptions on what security issues are involved.
If run in the preferred Interactive mode, it can teach you a good deal
about Security while personalizing your system security state. If run
in the quicker Automated mode, it can quickly tighten your machine,
once
a default profile is selected.
.
Bastille Linux works for several Linux distributions, this package
has been specifically modified to work for the Debian GNU/Linux
distribution.
.
Homepage: http://www.bastille-linux.org/
-- ----------------------------------------------------------------- Ron Johnson, Jr. ron.l.johnson@cox.net Jefferson, LA USA When Swedes start committing terrorism, I'll become suspicious of Scandinavians. ___________________ Nolug mailing list nolug@nolug.orgReceived on 06/23/04
This archive was generated by hypermail 2.2.0 : 12/19/08 EST