Man Linux: Main Page and Category List


       Bastille - programs to harden the security of a UNIX host




       This manual page documents Bastille briefly

       This  manual  page  was  written  for the Debian GNU/Linux distribution
       because the original package does not have a manual page.

       Bastille Linux is a security hardening program for Mandrake,  Red  Hat,
       and  Debian GNU/Linux.  If run in the preferred Interactive mode (using
       InteractiveBastille), it can teach you a good deal about security while
       enhancing  your  system’s  protection  against  attacks.  If run in the
       quicker  Automated  mode  (using  AutomatedBastille),  it  can  quickly
       tighten   your   machine,   but   not   nearly  as  effectively  (since
       user/sysadmin education is an important step!)

       Bastille offers different security profiles which can be selected using
       BastilleChooser.   However,  note that even if servers and workstations
       have very different security levels, general security levels are not as
       good as security levels adapted to your own security policy.

       Bastille  can  secure  a  number  of hosts easily by defining a general
       configuration  file  and   running   BastilleBackEnd   on   each   host
       individually.  All  security  measures  defined will be implemented (if
       possible) on all of them.  Bastille changes can also be undone by using
       the RevertBastille command.


       There  is  no  best  interface to run Bastille. However, each interface
       will depend on some specific software which is not provided by Bastille
       itself.  If you want to use  BastilleChooser you will need the Perl GTK
       modules (in Debian GNU/Linux provided by the libgtk-perl  package),  if
       you  want  to  use  InteractiveBastille you will need either the Perl’s
       Curses modules (in Debian GNU/Linux provided by libcurses-perl) or  the
       TK  modules  (in  Debian  GNU/Linux  provided  by perl-tk) depending on
       wether you want the console (-c) or X (-x) interfaces.


              Configuration file which defines the  security  measures  to  be
              taken, as selected by the administrator.
              Logs of actions taken.
              Directory containing all information for the undo operation.


       RevertBastille(8),       AutomatedBastille(8),      BastilleBackEnd(8),
       InteractiveBastille(8), BastilleChooser(8).
       The    programs    have     more     documentation     available     at
       /usr/share/doc/bastille on Debian systems.


       This   manual  page  was  written  by  Javier  Fernandez-Sanguino  Peña
       <> for the Debian GNU/Linux system (but may be used  on
       other systems).

       Bastille  was primarily written by Jay Beale, and is licensed under the
       GNU General Public License

                                10th May, 2001