How to Harden Your Linux Servers Security with Bastille
The Bastille hardening program “locks down” an operating system, pro-actively configuring the system for increased security and decreasing its susceptibility to compromise and downtime. Bastille can also assess a system’s current state of hardening, granularly reporting on each of the security settings with which it works. It currently supports the Red Hat (Fedora, Enterprise, and Numbered/Classic), SUSE, Ubuntu, Debian, Gentoo, Mandrake, Mac OS X and HP-UX.
Bastille’s focuses on letting the system’s user/administrator choose exactly how to harden the operating system. In its default hardening mode, it interactively asks the user questions, explains the topics of those questions, and builds a policy based on the user’s answers. It then applies the policy to the system. In its assessment mode, it builds a report intended to teach the user about available security settings as well as inform the user as to which settings have been tightened.
Install Bastille on Ubuntu/Debian
Install Bastille using the following command on Ubuntu/Debian and its derivatives:
sk@sk:~$ sudo apt-get install bastille perl-tk
Execute the following command to start using Bastille:
sk@sk:~$ sudo bastille
First it will display License Agreement. Type accept to agree:
[...] You must accept the terms of this disclaimer to use Bastille. Type "accept" (without quotes) within 5 minutes to accept the terms of the above disclaimer > accept
Then you may see a screen like below. Click Ok to proceed further.
The installer will ask you the series of questions, mostly the questions are yes or no type. Each question is self-explanatory. Go through the each question carefully and setup your server security accordingly. If don’t know what to set, just click on Restore Default. Bastille will select the default settings for you automatically.
After you answered all questions, it will ask you to save the changes. If you are happy with the settings, just click on Save configuration, or click on Go back and change the configuration to perform all the steps from beginning.
Revert Bastille Settings
If you wish to revert all the changes done by Bastille, run the following command. It will let your system to its default state:
sk@sk:~$ sudo RevertBastille
I must say that this tool is more easy than manually changing settings and will be definitely useful for new system administrators who don’t have much experience in server security hardening methods.
Like us on Facebook
We need your assistance to stay live
This week Top Posts
- Top Things To Do After Installing Ubuntu 13.10 'Saucy Salamander' : Ubuntu 13.10 Saucy Salamander will be released on coming October 17th with many new salient featur...0 comments |
- News from Kaspersky Lab: Tor is protecting criminals : In a previous article I wrote a bit about Tor. Free browser, relays bouncing your IP all over the ...1 comment |
- Grive: An Unofficial, Open Source Linux Client For Google Drive : A couple of months before, we have featured a Linux client for Google Drive named Syncdrive, which w...2 comments |
- How To Access A LVM Drive / Partition in Ubuntu : Hey Guys, I installed Fedora on an external drive (LVM) recently and was trying to access it from U...0 comments |
- Adding and Deleting Cluster Resources (corosync pacemaker) : In our previous tutorial, we have shown you how to install corosync and pacemaker. We will show y...0 comments |
- Install Satis On Ubuntu Sever 13.10/13.04 : Satis is a simple static composer repository generator. It is used in any composer.json file as i...0 comments |
- Adding and Deleting Cluster Resources (corosync pacemaker)
- News from Kaspersky Lab: Tor is protecting criminals
- Install Satis On Ubuntu Sever 13.10/13.04
- How To Access A LVM Drive / Partition in Ubuntu
- How To Disable Remember Open Files in Sublime Text 3
- Install Sublime Text 3 In Fedora Easily With Fedy
- Grive: An Unofficial, Open Source Linux Client For Google Drive
- Install nSnake Game In Terminal
- How To “Fix E: Could not open file /var/lib/dpkg/status”
- Wow! Linux Foundation To Offer Free Linux Course This Summer Worth $2,400 on EdX
This work by unixmen.com is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
Copyright © 2008-2013 Unixmen.com .