[plug] Bastille
Alan Graham
alan.graham at infonetsystems.com.au
Mon Sep 3 11:04:33 WST 2001
I've been using it for months now. However, I'm *not* a security expert by
any stretch of the imagination, so Bastille is heaps better than my roll
your own firewall sripts. It worked fine (as far as I could tell) on a
2.2.26 kernel, and handled the swith to 2.4.4 without missing a beat. All
of the changes that I've made have been actioned, but they've been along
the lines of opening or closing particular port ranges, so easy to check.
I haven't examined the results in as much detail as looking at SUID status.
Alan
On 2001.09.03 19:40 Rob Dunne wrote:
> Hi list,
> has anyone used Bastille?
>
> I have had a go, just making a simple change, disabling SUID status for
> mount/umount, so that I can see what is happening.
>
> Bastille makes a
> configuration script containing this
> # Q: Would you like to disable SUID status for mount/umount?
> FilePermissions.suidmount="Y"
>
>
> But when I tell it to make the changes it doesnt change anything.
> Also
> http://www.securityfocus.com/frames/?focus=linux&content=/focus/linux/articles/linux-bastille.html
> says that Bastille has a logging mode -- I cant see any sign of this
>
>
> bye
> rob
>
> --
> Rob Dunne Fax: +61 8 9333 6121 Tel: +61 8 9333 6178
> CSIRO Mathematical and Information Sciences
> Leeuwin Centre for Earth Sensing Technologies
> Private Bag 5, P.O., Wembley, Western Australia, 6013
> http://matilda.vu.edu.au/~dunne Email: Robert.Dunne at cmis.csiro.au
>
> Java has certainly revolutionized marketing and litigation.
>
>
>
More information about the plug
mailing list