I'm not sure about that. I can't ssh back into my box after I did it. =/ I think I know what the problem is though. I belive it put all:all in my hosts.deny. I'll have to get back there and put a keyboard and monitor on it later today.
Adam J. Melancon wrote: > can you uninstall it just as easy and it will reverse the changes? > It would be cool to try it out, but if it's not what you are looking > for, it would be nice to know that it would reverse the changes on an > uninstall. > > > > Adam J. Melancon > > > ----Original Message Follows---- > From: Jason DeWitt <[EMAIL PROTECTED]> > Reply-To: [email protected] > To: [email protected] > Subject: Re: [brlug-general] A quick way to secure a Linux system > Date: Fri, 11 Apr 2003 11:14:14 -0500 > > I just ran bastille on my debian box here at work. It's still > rebooting so I'm not sure what nmap will say after that. It looks to > me like Bastille is simply a perl script that you run as a interface > to modifying some hard to find system settings. I don't think it runs > as a daemon, or "on top of" your current os. > > Brad N Bendily wrote: > >> "So we begin with a fresh install of the system with the Linux >> distribution of your choice, and in that installation process we'll >> choose the security settings for "High" or whatever the equivalent is >> if the option is available. This should enable package filtering, >> regulating what is and isn't allowed to connect to your system." >> >> This article doesn't do much to explain how to secure your system, >> it just says when you install the system choose the "High" secure >> setting. That must mean everything is secure at this point??? >> It doesn't really explain to a person what's going on and how/what they >> can do to help protect themselves. What if someone decides to >> turn off iptables or ipchains because they are not "using" it, as far >> as they know. Then the machine is wide open as far as a firewall is >> concerned. >> >> Also I can make my ports filtered by using my own iptables why do I >> need bastille linux running on top of everything. >> Has anyone ever used Bastille Linux? >> >> The article says Bastille should explain what it's doing along >> the way. I wonder if it shows each iptables command and the different >> options for each? >> >> I'll have to install Bastille somewhere and see what it will do. >> >> Seems like if you are installing Bastille then you wouldn't need >> to install "High" security when installing in the beginning? >> >> Then what happens when a user what's to connect his linux box via >> samba to his windows machine, will he know what to turn off in >> Bastille? >> >> >> Buck, It looks like Bastille is just a package that you can install >> and it will run on top of your current OS. But it will probably >> render the OS useless if you tighten the security as far as it >> will go. For a server that's only running FTP then sure why not >> lock it down, but how many people have a server that's ONLY running >> ftp? >> >> The article does provoke good discussions, but doesn't seem to >> explain much about Linux securty. >> >> >> > > > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net > > > _________________________________________________________________ > Add photos to your e-mail with MSN 8. Get 2 months FREE*. > http://join.msn.com/?page=features/featuredemail > > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net >
