Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm using Mandrake 8.1 (just installed yesterday), and I'm having trouble setting up Bastille. I went into the control center/settings/software, and installed the Bastille software. When I boot up Linux, I see that it loads the Bastille firewall. However, I would have assumed that I'd have to go into some kind of Bastille configuration for setup. I cannot find Bastill anywhere on my desktop or "start applications" on my KDE desktop. I have no idea where I would find the settings etc for this program. can anyone help?
SU to root, then go into the /etc/Bastille directory and look at the file bastille-firewall.cfg. Note that the directory name has an initial cap but all the other names are lower-case.
The comments in the file give you pretty good directions on editing it. There's another file in that same directory, config, that has the questions asked by the setup program if you use it, but I found it much easier to just edit the cfg file using vi...
After using Bastille for a month or so, though, I decided to switch to using straight "iptables" so that I had better control of what was happening. I started out by doing "/sbin/iptables-save >newtable" while in my own home directory (as root, of course). This made a copy of the rules that Bastille had installed at boot time. I then edited those rules to make them do what I wanted, and copied the edited version to /etc/sysconfig/iptables to become the rules installed by /sbin/iptables at boot time. With that done, I opened the Mandrake Control Center's "system" area, selected "services," and un-checked Bastille from the "on boot" column, then checked "iptables" to take its place. Next step was to click the "start" button for iptables, to replace Bastille's set with my own. Final step was to apply the changes and leave MCC.
Hope this helps... I don't remember exactly where that setup file that gives you a GUI interface to Bastille is located, unfortunately!
Thanks for your help. I'm not sure if I'll ever get past Bastille for security control, I have no idea what rules I would set up! I'm more used to something like Window's ZoneAlarm.
I really have no idea yet on where programs go, once they're installed etc..., which is why I asked about the gui. I have a lot of reading to do, but unfortunately the Mandrake manuals give very little info on the details beneath the surface of their gui and linux.
You can do the editing of the bastille-firewall.cfg file from the KDE GUI too, and it's easier than using vi at least at first. Log in as "root" and proceed on through the warning you'll get for doing so, then click the "Home" icon. The hardest habit I had to break, coming from 12 years of working with Windows, was that of double-clicking! If you do that you'll get two instances of the file browser...
In the left side of the browser window you'll see a line for "Root Directory" and you click the + box to expand it. In the expanded tree you'll see "etc" and again click the + to expand that. In that tree you'll see "Bastille" and this time click the name to bring up its content in the main window. You should see four file icons, one of which is the cfg file. Right-click the cfg file's icon and it should give you among other choices a list of editors you can use to edit the file. Take your pick, and it'll bring up the editor, which will work very much like NotePad did in Windows.
Don't worry too much about doing something wrong when editing. Most of the entries are pretty well explained in the comments right above the actual entry itself. You can always come back and change things later if you don't like the initial results. Bastille itself will write the actual rules, using the information you give it in this file. Thus it's not all that different from setting up ZoneAlarm!
After you make your changes and save them, you need to launch the Mandrake Control Center, select "system" and from it, "services," and then click the "start" button for Bastille on the screen that results. Don't worry that it's shown as "stopped." The Bastille script runs when you click start, or at boot, and plugs the rules into the kernel, then gets out of the way since its job is done. Don't click the "stop" button for Bastille, though, unless you really do want to open your system up to the world, because that will erase all the rules and leave you wide open!
PS: For your reading I can recommend Marcel Gagne's new book on Linux System Administration. I found it extremely helpful in getting my feet on the ground in a hurry, expecially when it comes to setting up good system security. I found my copy at Barnes and Noble but most bookstores probably have it in stock.
Use file manager, click the up arrow, go to usr/sbin you will see an icon InteractiveBastille.
turn on the terminal emulator and type (without "marks")
"chmod a+x InteractiveBastille" press enter
then type (without "marks")
"./InteractiveBastille" press enter
GUI will pop up and walk you through everything
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.