Learning the basics of architectural security
Storming the Bastille
Security applications like antivirus protectors respond to events, rather than preventing them from happening, but the best security in Linux is architectural – that is, in its configuration.
Architectural security – security through system configuration – is often compromised by distributions for short-term convenience; it requires expert knowledge as well. That's where Bastille Linux [1] comes in, helping you improve security while educating you about the basics.
Despite the name, Bastille is not a distribution but a hardening program. It was first written more than a decade ago by security expert Jay Beale [2], and now has a network of maintainers who keep it available for a number of Linux distributions and Unix-like operating systems, including Debian, Ubuntu, and Gentoo, as well as older releases of Red Hat, Fedora Core, and SUSE [3]. Packages are available in some distribution's repositories, and the source code is also available [4].
Running Bastille properly will probably take you an hour or more, but the time is well worth spending. At the end of the process, you will not only have a more secure system, you'll also have a better understanding of what security is about.
[...]
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia