Re: OS Hardening
> It would be _nice_, however, if the Debian installer/scripts could setup
> some of the things mentioned in the HOWTO at installation time or at
> least give the user the option to select some additional
> security-related tasks to be done.
This is basically what Bastille-Linux does (http://www.bastille-linux.org/).
I've played with it on RH, and it's a sort of interactive HOWTO that points
out certain known security issues, and asks you if you want to fix them
(disable telnet/rsh, install ssh, disable atd, etc.) The good thing about
it is that is that it deals with the practical side (like a hardening script)
but also educates (like a howto).
Currently it's targetted at RH, but apparently they're looking and
modularising it to make it portable. Supposedly there's a debian version
in the works. There's an interview with the authors on slashdot that
discusses this.
Cheers,
Steve
---------------------------------------------
This message was sent using Endymion MailMan.
http://www.endymion.com/products/mailman/
Reply to: