man bastille (Conventions) - programs to harden the security of a UNIX host
NAME
Bastille - programs to harden the security of a UNIX host
SYNOPSIS
InteractiveBastille
AutomatedBastille
BastilleChooser
BastilleBackEnd
RevertBastille
DESCRIPTION
This manual page documents Bastille briefly
This manual page was written for the Debian GNU/Linux distribution because the original package does not have a manual page.
Bastille Linux is a security hardening program for Mandrake, Red Hat, and Debian GNU/Linux. If run in the preferred Interactive mode (using InteractiveBastille), it can teach you a good deal about security while enhancing your system's protection against attacks. If run in the quicker Automated mode (using AutomatedBastille), it can quickly tighten your machine, but not nearly as effectively (since user/sysadmin education is an important step!)
Bastille offers different security profiles which can be selected using BastilleChooser. However, note that even if servers and workstations have very different security levels, general security levels are not as good as security levels adapted to your own security policy.
Bastille can secure a number of hosts easily by defining a general configuration file and running BastilleBackEnd on each host individually. All security measures defined will be implemented (if possible) on all of them. Bastille changes can also be undone by using the RevertBastille command.
INTERFACES
There is no best interface to run Bastille. However, each interface will depend on some specific software which is not provided by Bastille itself. If you want to use BastilleChooser you will need the Perl GTK modules (in Debian GNU/Linux provided by the libgtk-perl package), if you want to use InteractiveBastille you will need either the Perl's Curses modules (in Debian GNU/Linux provided by libcurses-perl) or the TK modules (in Debian GNU/Linux provided by perl-tk) depending on wether you want the console (-c) or X (-x) interfaces.
FILES
/etc/Bastille/config
Configuration file which defines the security measures to be taken,
as selected by the administrator.
/var/log/Bastille/action-log
/var/log/Bastille/error-log
Logs of actions taken.
/var/log/Bastille/undo/
Directory containing all information for the undo operation.
SEE ALSO
RevertBastille(8),
AutomatedBastille(8),
BastilleBackEnd(8),
InteractiveBastille(8),
BastilleChooser(8).
The programs have more documentation available at
/usr/share/doc/bastille
on Debian systems.
AUTHOR
This manual page was written by Javier Fernandez-Sanguino Peña <jfs@computer.org> for the Debian GNU/Linux system (but may be used on other systems).
Bastille was primarily written by Jay Beale, and is licensed under the GNU General Public License