[ Thanks to jjb
for this link. ]
“LinuxSecurity.com: Can you briefly describe the bastille-linux
project? What is the goal/objective of bastille?”
“Jay Beale: Bastille Linux is a project to harden, or
“lock-down,” Linux systems. It asks the user a number of questions,
which it uses to provide the most comprehensive security, without
removing needed functionality. We’re trying to make a more secure
environment for every class of user, without restricting them too
much.”
“We’ve been very successful so far – Bastille can stop
almost every single root grab vulnerability that I know of against
Red Hat 6.x. In the case of the well-known BIND remote root
vulnerability, we had secured against that one before it was even
discovered!“
“LinuxSecurity.com: How was it started?”
“Jay Beale: Bastille started about almost two years ago, when
Jon Lasser began making UMBC Linux, a secure distribution that he
could give out to students and faculty, without worrying that their
new boxes would be quickly “rooted.” While at a SANS conference, he
met a number of people who were doing the same thing. Through a
beer-enabled Birds of a Feather (BoF) session, they decided to stop
duplicating effort, banding together to create the new Bastille
Linux distribution.”