The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. Bastille can also assess a system's current state of hardening, granular reporting on each of the security settings with which it works.
Bastille currently supports the Red Hat (Fedora Core, Enterprise, and Numbered/Classic), SUSE, Debian, Gentoo, and Mandrake distributions, along with HP-UX. Bastille's focuses on letting the system's user/administrator choose exactly how to harden the operating system. In its default hardening mode, it interactively asks the user questions, explains the topics of those questions, and builds a policy based on the user's answers. It then applies the policy to the system. In its assessment mode, it builds a report intended to teach the user about available security settings as well as inform the user as to which settings have been tightened.
Installing Bastille Linux:
Open the terminal and type the following command to install Bastille Linux and it;s dependencies:
Using Bastille Linux:
Open the terminal and type the following command to start Bastille Linux Perl/Tk graphical interface:
Reverting Bastille Linux Changes
If you decide that you would like to undo all of the changes made to your Ubuntu system by Bastille Linux, you may use the RevertBastille command to undo all changes made by the Bastille Linux tool. For example, open a Terminal application, and type the following command at the prompt to revert (undo) the changes made by Bastille Linux:
Bastille currently supports the Red Hat (Fedora Core, Enterprise, and Numbered/Classic), SUSE, Debian, Gentoo, and Mandrake distributions, along with HP-UX. Bastille's focuses on letting the system's user/administrator choose exactly how to harden the operating system. In its default hardening mode, it interactively asks the user questions, explains the topics of those questions, and builds a policy based on the user's answers. It then applies the policy to the system. In its assessment mode, it builds a report intended to teach the user about available security settings as well as inform the user as to which settings have been tightened.
Installing Bastille Linux:
Open the terminal and type the following command to install Bastille Linux and it;s dependencies:
sudo apt-get install bastilleThe Bastille includes a user interface and a configuration engine. The primary user interface is an X interface via Perl/Tk.
sudo apt-get install perl-tk
Using Bastille Linux:
Open the terminal and type the following command to start Bastille Linux Perl/Tk graphical interface:
sudo bastilleWhen used interactively (bastille, bastille -x, or bastille -c), the user interface guides the user through a series of questions. Each step contains a description of a security decision involved in hardening an Unix system. Each question describes the cost/benefit of each decision. The Tk interface gives the user the option to skip to another question module and return to the current module later. The X interface provides "Completed Indicators" to show the user which question modules are complete. After the user has answered all of the questions, the interface then provides automated support in performing lock down steps. After performing the steps Bastille can perform automatically, the utility produces a "to do" list that describes remaining actions the user must perform manually to ensure their system is secure.
Reverting Bastille Linux Changes
If you decide that you would like to undo all of the changes made to your Ubuntu system by Bastille Linux, you may use the RevertBastille command to undo all changes made by the Bastille Linux tool. For example, open a Terminal application, and type the following command at the prompt to revert (undo) the changes made by Bastille Linux:
sudo RevertBastilleAfter the RevertBastille tool finishes executing, the system will be configured as it was prior to hardening with Bastille Linux.
0 comments:
Post a Comment