For those who don't know,
Bastille Linux is a
Quote:
|
Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling. It currently functions on Red Hat (Fedora Core, Legacy and Enterprise) SuSE, Gentoo, Mandra
|
... Note, linux is pretty secure to start with and most of us have experimented with ways to harden it further. Written in perl, it simply, as stated, modifies existing security measures by fiddling their scripts and config files. There is a review
here and an interveiw [http://slashdot.org/interviews/00/11/08/1616204.shtml]here[/url]. Both excellent.
Quote:
|
1) I need to know advantages and disadvatages of Bastille-linux
|
These depend on the exact use you have in mind. In general, disadvantages include reduced flexability and that someone you don't know has done stuff you don't understand to your security. (There is no substitute for knowledge here. However, run interactively, the system can teach you a lot about your system and security.) The advantages are the same of course.
Quote:
|
2) how sound Bastille-linux is in terms of intrusion detection. Is there any criteria through which we can compare or measure its soundness.
|
Give me a benchmark... what do you mean by "sound"? Mostly in keeps track of the "system state" to aid sysadmins in detecting intrusions. There is a problem in that it is quite difficult to define "intrusion": people attempt to exploit weaknesses in security so that
they have permission to do something you didn't intend. This is difficult to distinguish from a regular user innocently acting with permission you gave them.
Quote:
|
3) As I know it is portable for few linux flavors. Is there a way we can make it portable for other operating systems as well.
|
Yes. It is written in perl and works by editing existing configuration files. Linux distributions include their own config files and daemons as well as the generic. All you need to do is work out which ones are different for the distro you want to support.
Quote:
|
4) Can one suggest me any good detailed technical documentation about Bastille-Linux.
|
The first stop is the project website... the tarball contains some documentation... and the source code has useful comments about what it is doing at each stage. The software interactive mode is deliberately designed to be educational.
It is not a greatly technical bit of software. It explains what it is up to... more detail is available from the target component (i.e. Apache) documentation.
