I just ran bastille on my debian box here at work. It's still rebooting so I'm not sure what nmap will say after that. It looks to me like Bastille is simply a perl script that you run as a interface to modifying some hard to find system settings. I don't think it runs as a daemon, or "on top of" your current os.
Brad N Bendily wrote: >"So we begin with a fresh install of the system with the Linux >distribution >of your choice, and in that installation process we'll choose the security >settings for "High" or whatever the equivalent is if the option is >available. This should enable package filtering, regulating what is and >isn't allowed to connect to your system." > >This article doesn't do much to explain how to secure your system, >it just says when you install the system choose the "High" secure >setting. That must mean everything is secure at this point??? >It doesn't really explain to a person what's going on and how/what they >can do to help protect themselves. What if someone decides to >turn off iptables or ipchains because they are not "using" it, as far >as they know. Then the machine is wide open as far as a firewall >is concerned. > >Also I can make my ports filtered by using my own iptables >why do I need bastille linux running on top of everything. >Has anyone ever used Bastille Linux? > >The article says Bastille should explain what it's doing along >the way. I wonder if it shows each iptables command and the >different options for each? > >I'll have to install Bastille somewhere and see what it will do. > >Seems like if you are installing Bastille then you wouldn't need >to install "High" security when installing in the beginning? > >Then what happens when a user what's to connect his linux box via >samba to his windows machine, will he know what to turn off in >Bastille? > > >Buck, It looks like Bastille is just a package that you can install >and it will run on top of your current OS. But it will probably >render the OS useless if you tighten the security as far as it >will go. For a server that's only running FTP then sure why not >lock it down, but how many people have a server that's ONLY running >ftp? > >The article does provoke good discussions, but doesn't seem to >explain much about Linux securty. > > >
