Another solution would be a gui (ncurses) for msec and one for shorewall, or
one for both. The gui(s) could explain the reasons of a policy, as Bastille
did.
A ncurses gui for msec could be useful, or at least the commented level.local
proposed in a previous mail.
gauret
Le Dimanche 18 Ao�t 2002 09:42, rghetta a �crit :
> It's possible to have Bastille back ? Yes, I know, much of its
> functionality can be obtained by shorewall and msec, but still Bastille
> is an useful package for someone who wants to learn more about security.
> You can significantly enhance the security of an out-of-box installation
> simply answering some questions. And you will be told why you need
> some changes, what the changes are, and so on.
> Yes, you _can_ use msec level 4 and get a more secure box, but then you
> will face many little inconveniences, like being unable to login as root.
> You _can_ customize msec and you _can_ configure shorewall, but you need
> to know in advance how and, more importantly, when and why.
> If you know all these things, if you can understand msec reports, I
> think you are no longer a newbie.
> Don't me wrong here: I think msec and shorewall are good packages, but
> with them most users will have to accept the defaults or follow a steep
> learning curve.
> Bastille, OTH, will give you a gentler starting point, from wich you can
> easily learn more.
> I think most of Mdk users will simply accept the defaults, but for the
> more adveturous, Bastille should be here.
--
Gauret!!
,--.-'-,--.
\ /-~-\ /
/ )' . . `( \
( ( ,---. ) )
\ `(_o_o_)' /
\ `-' /
| |---| |
[_] [_]
