Bastille Linux: A Walkthrough
You use a “hardening program” to try to make your system as secure as possible, from the ground up. Generally, you deactivate unnecessary services and better the configurations of the ones you leave enabled. This is wildly effective, as it can eliminate many of the vulnerabilities that are common on Linux/Unix platforms. This article presents a walkthrough of Bastille Linux, a popular hardening program for Red Hat and Mandrake, available for free from Jon Lasser, Pete Watkins, myself, and the rest of the Bastille Linux project. This walkthrough won’t be the kind of “paranoid” setup that I enjoy most, as that could remove too much functionality for the average reader. Don’t worry – I’ll explain what we’ll break in each setting, how we’ll break it, and how you can fix it. But first, a shameless plug: I’ll let you know about the cool features in the newest Bastille version, which we’ve just released.
