Re: Linux Hardening

From: Pierre Spielmann (
Date: 05/25/02

Date: Sat, 25 May 2002 12:44:39 +0200
From: Pierre Spielmann <>

sorry for the late posting, but my first mail was rejected due to
cross posting ...

On Wed, May 22, 2002 at 12:29:14PM -0400, Fallon, Benjamin wrote:
> Anyone know where I can find step-by-step documentation
> on Hardening RH Linux boxes? I usually just use Bastille
> Linux to do the hardening but I'd also like a better
> understanding to be able to also perform the task manually
> as well.

I am still a beginner in the security field, but learning; there might
be much more and much better documentation out in the web, but...

There is a book about securing and optimizing RH Linux 6.2 (about 500
pages), which should give you some hints where to start. It is freely
look for
title : "Securing and Optimizing Linux Red Hat Edition - A Hands on Guide"
author: Gerhard Mourani, <>

Some things mentioned there will never outdate, but anyhow, you can buy a
more recent version on the websites of the original autor(s):

There should also be some detailed explanations of what bastille is doing
in the documentation - I never used it, but I read somewhere, that there
is an command-line-option for "beginners" to explain step-by-step what the
scripts are going to do next. (This is also one of the things in my

There is also a really big book about securing linux (nearly 900 pages)
title: Maximum Linux Security
by: John Ray
ISBN: 0672321343
I don't know it (yet), but "Maximum Security" from the same editor is
really a nice introduction about IT security in general. (No codes given,
but a lot of links to the internet-resouces.)

Otherwise you can also have a look at, they are
the publisher of and they published also a really
secured linux-distribution: (much more than simply
hardening scripts! It is _designed_ to be secure.) Try out EngardeLinux,
look how it works and you will have a much better feeling how to set up
a secure Linux.
(Please no flame! I know that the bastille script is a good tool, but as
I understand this is only one part of a secure setup.)
Have a look at the resources on theier websites... you can find a lot of
links to interesting articles.

Hope I could give some helpful tips. If someone has some more suggestions,
references or reading tips, share them with all the beginners to security
questions and post them!

Pierre Spielmann

> Thanks,
> Ben