IDS mailing list archives

RE: Information required about Bastille-linux

From: "john lokka" <merigoth () gmail com>
Date: Wed, 13 Jun 2007 07:55:42 -1000

Hopefully, this will answer most of your questions

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of ahm_irf () yahoo com
Sent: Tuesday, June 12, 2007 9:52 PM
To: focus-ids () securityfocus com
Subject: Information required about Bastille-linux

1) I need to know advantages and disadvatages of Bastille-linux
Advantages - locks down red hat and mandrake linux platforms
                 - created via scripts (don't remember which language)
                 - easily modifible
                 - has a verification function (compare and contrast
between the "stored" baseline and the actual implementation

Disadvantages - none really.

2) how sound Bastille-linux is in terms of intrusion detection. Is
there any criteria through which we can compare or measure its
soundness.
Bastille does not monitor for intrusion detection. Bastille is a
lockdown (permissions, open ports) script

3) As I know it is portable for few linux flavors. Is there a way we
can make it portable for other operating systems as well.
It's a script. so long as the script engine is supported, the only
thing would be to tweak the what gets lockeddown

4) Can one suggest me any good detailed technical documentation about
Bastille-linux.

http://www.bastille-linux.org/ (but i'm sure you've checked there already.)
------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?

Find out quickly and easily by testing itwith real-world attacks from CORE IMPACT.Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfwto learn more.

------------------------------------------------------------------------

Current thread:

Information required about Bastille-linux ahm_irf (Jun 13)
- <Possible follow-ups>
- RE: Information required about Bastille-linux john lokka (Jun 13)
  - Re: Information required about Bastille-linux Michael Rash (Jun 15)