man bastille (Conventions) - programs to harden the security of a UNIX host

NAME

Bastille - programs to harden the security of a UNIX host

SYNOPSIS

InteractiveBastille

AutomatedBastille

BastilleChooser

BastilleBackEnd

RevertBastille

DESCRIPTION

This manual page documents Bastille briefly

This manual page was written for the Debian GNU/Linux distribution because the original package does not have a manual page.

Bastille Linux is a security hardening program for Mandrake, Red Hat, and Debian GNU/Linux. If run in the preferred Interactive mode (using InteractiveBastille), it can teach you a good deal about security while enhancing your system's protection against attacks. If run in the quicker Automated mode (using AutomatedBastille), it can quickly tighten your machine, but not nearly as effectively (since user/sysadmin education is an important step!)

Bastille offers different security profiles which can be selected using BastilleChooser. However, note that even if servers and workstations have very different security levels, general security levels are not as good as security levels adapted to your own security policy.

Bastille can secure a number of hosts easily by defining a general configuration file and running BastilleBackEnd on each host individually. All security measures defined will be implemented (if possible) on all of them. Bastille changes can also be undone by using the RevertBastille command.

INTERFACES

There is no best interface to run Bastille. However, each interface will depend on some specific software which is not provided by Bastille itself. If you want to use BastilleChooser you will need the Perl GTK modules (in Debian GNU/Linux provided by the libgtk-perl package), if you want to use InteractiveBastille you will need either the Perl's Curses modules (in Debian GNU/Linux provided by libcurses-perl) or the TK modules (in Debian GNU/Linux provided by perl-tk) depending on wether you want the console (-c) or X (-x) interfaces.

FILES

/etc/Bastille/config Configuration file which defines the security measures to be taken, as selected by the administrator. /var/log/Bastille/action-log

/var/log/Bastille/error-log Logs of actions taken. /var/log/Bastille/undo/ Directory containing all information for the undo operation.

SEE ALSO

RevertBastille(8), AutomatedBastille(8), BastilleBackEnd(8), InteractiveBastille(8), BastilleChooser(8).

The programs have more documentation available at /usr/share/doc/bastille on Debian systems.

AUTHOR

This manual page was written by Javier Fernandez-Sanguino Peña <jfs@computer.org> for the Debian GNU/Linux system (but may be used on other systems).

Bastille was primarily written by Jay Beale, and is licensed under the GNU General Public License