LinuxLinks.com
Newbies What Next ? News Forums Calendar
Home | Register | News | Group Tests | Forums | Calendar | Submit News | Polls | Personalise | Bookmark

Search





News Sections
Home
General News (3972/0)
Reviews (626/0)
Press Releases (464/0)
Distributions (187/0)
Software (807/0)
Hardware (522/0)
Security (192/0)
Tutorials (337/0)
Off Topic (180/0)


User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User


Events
There are no upcoming events



Bastille Linux update: Hardening the OS with help from Uncle Sam   
Tuesday, April 19 2005 @ 04:26 PM EDT
Contributed by: glosser

The NewsForge interviews the Bastille Linux team and learns of the new security measures they have added.

The Bastille Linux project has recently been working with the U.S. government to improve and harden the operating system security software. Project leader Jay Beale took some time to tell NewsForge readers what's been going on recently with Bastille.

NF: You mentioned recently that Bastille Linux has been under major development -- please talk a little bit about what is happening.

Beale: Until today, Bastille could only harden or "lock down" systems. It did this by deactivating unnecessary operating system components and better configuring the ones that remained. It took proactive steps to make a system harder to compromise, reducing the probability that the next item in the attacker's toolkit will be successful against your system.

We've just finished adding reporting functionality to Bastille, so that it can tell you what parts of the system aren't locked down. It examines the system in a read-only fashion, reporting on the status of each of its hardening items. For example, Bastille might check whether the DNS server is locked in a chroot prison, whether telnet is turned off, or even if passwords are required to be a good length. You can take a look at a Web-only demo of this through this link.

Bastille's new reporting functionality even assigns you a score, using weights you supply. These weights allow you to make some items count more than others, or even not count at all. You can use our weights, but you can just as easily use weights that are provided by one of the standards bodies or your organization's IT security or system administration staff.

The score idea is actually pretty central here. When I first heard about it, I thought it was overly simplistic, but people really do get motivated and sometimes even jazzed up about improving the score on a system. They'll get a lower score than their ego tells them they should and will turn around and harden a few items on the box just to achieve a more encouraging score.

Anyway, we're quite excited about Bastille's ability to report on a system. This is an entire second mission for Bastille, though it's quite related to hardening. It's one that we achieved thanks to help both from Hewlett-Packard, which has been donating developer time for a few years now, and from the U.S. government.

Full interview
  [ Views: 1655 ]  


Bastille Linux update: Hardening the OS with help from Uncle Sam | 0 comments | Create New Account
The following comments are owned by whoever posted them. This site is not responsible for what they say.
No user comments.
What's Related
  • Full interview
  • More by glosser
  • More from Security


    • Story Options
  • Mail Story to a Friend
  • Printable Story Format


    • We have written a range of guides highlighting excellent free books for popular programming languages. Check out the following guides: C, C++, C#, Java, JavaScript, CoffeeScript, HTML, Python, Ruby, Perl, Haskell, PHP, Lisp, R, Prolog, Scala, Scheme, and SQL.

    About | Donate | FAQ | Press Releases | Privacy | Awards | Contact
    Built with GeekLog and phpBB
    Comments to the webmaster are welcome
    Copyright 2009 LinuxLinks.com - All rights reserved