InteractiveBastille - bastion a host using Bastille
This manual page documents InteractiveBastille briefly.
This manual page was written for the Debian GNU/Linux distribution
InteractiveBastille asks questions to the user in order to define what
security measures must be implemented on the current system. The
intention is to both educate administrators on security and harden the
host’s security. The configuration file generated by
InteractiveBastille is then used by BastilleBackEnd to make the changes
to the local system if the administrator agrees to run the changes. In
any case, the same configuration can be used to harden other (similar)
hosts non-interactively using AutomatedBastille.
InteractiveBastille uses the following options:
-x Use the Perl/Tk (X11) GUI (In Debian GNU/Linux this requires
that the perl-tk package is installed)
-c Use the Curses (non-X11) GUI (In Debian GNU/Linux this requires
that the libcurses-perl package is installed)
-T, Test mode only, the questions in the database are tested but
nothing is done.
Ask all questions, even ones that do not apply.
-v Verbose mode, actions are printed to the logs and to STDOUT.
-l Log-only mode: no action is taken; only logs what changes would
have been made.
All the filenames are prefixed with PREFIX (/etc/whatever
becomes /PREFIX/etc/whatever). This option could be used to
commit changes to NFS filesystems, or file systems with a
different mount point than the current root (/) filesystem.
Configuration file which defines all the security measures
selected by the administrator to be enabled.
Logs that hold information of actions taken on the system.
bastille(7), AutomatedBastille(8), BastilleBackEnd(8).
The programs have more documentation available at
/usr/share/doc/bastille on Debian systems.
This manual page was written by Javier Fernández-Sanguino Peña
<firstname.lastname@example.org> for the Debian GNU/Linux system (but may be used on
Bastille was primarily written by Jay Beale, and is licensed under the
GNU General Public License
10th May, 2001