RE: Linux Hardening



That's pretty normal behavior, actually. RHEL5 (32 and 64 bit) reports this as
well.
Bastille has been developed for older versions of RHEL. A newer version of the
OS
has been published/released, but Bastille hasn't yet been updated.

Do make sure you've got a compatible version of Perl-Tk installed along with
bastille.

R,
-Joe Wulf, CISSP, USN(RET)
Senior IA Engineer
ProSync Technology Group, LLC
www.prosync.com

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of JP Vicente
Sent: Thursday, October 11, 2007 17:04
To: Matthew Lee Hinman
Cc: focus-linux@xxxxxxxxxxxxxxxxx
Subject: RE: Linux Hardening

Below is the exact error that I got when I ran Bastille on FC7 and RHEL5.


[root@localhost ~]# InteractiveBastille
ERROR: Couldn't determine Red Hat version! Setting to 9!
ERROR: Couldn't determine Red Hat version! Setting to 9!
ERROR: Couldn't determine Red Hat version! Setting to 9!
NOTE: Valid display found; defaulting to Tk (X) interface.
ERROR: Couldn't determine Red Hat version! Setting to 9!
NOTE: Using Tk user interface module.
ERROR: Couldn't determine Red Hat version! Setting to 9!
NOTE: Only displaying questions relevant to the current configuration.
ERROR: Couldn't determine Red Hat version! Setting to 9!
ERROR: Could not load the 'Tk.pm' interface module.This may be due to an
invalid $DISPLAY setting,or the module not being visible to Perl.


-----Original Message-----
From: Matthew Lee Hinman [mailto:matthew.hinman@xxxxxxxxx]
Sent: Thursday, October 11, 2007 4:21 PM
To: JP Vicente
Cc: focus-linux@xxxxxxxxxxxxxxxxx
Subject: Re: Linux Hardening

The tool is still being actively developed and supported. 3.09 is indeed the
latest verion (found here: http://bastille-linux.sourceforge.net/index.html)
Can you give a little bit more info about how this isn't working on later
versions of Linux? (like an error message, etc)

- Lee

* jvicente@xxxxxxxx <jvicente@xxxxxxxx> [2007-10-11 12:36:39 -0000]:

Hi,


I was looking for a Linux hardening tool. I found Bastille. The latest = version
that I was able to find is 3.09. I cannot seem to get this = version to work on
later versions of Linux (RHEL 5, FC 6,7) = distributions.


Is this tool still being supported? Is there a similar tool out there?


Thanks in advance,

JP

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.8/1063 - Release Date: 10/11/2007 9:11
AM



No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.8/1063 - Release Date: 10/11/2007 9:11
AM




Relevant Pages

  • RE: Linux Hardening
    ... Senior Staff System Engineering ... Subject: Linux Hardening ... Bastille has been developed for older versions of RHEL. ... Couldn't determine Red Hat version! ...
    (Focus-Linux)
  • RE: Linux Hardening
    ... I would take a serious look at gentoo-hardened, modern system hardening includes things like applying patches to the kernel to utilize canary values to detect memory based attacks, inserting random spacing so memory addresses commonly used to exploit an executable are harder to hit, making sure users can not see other users processes, and then all kinds of service specific stuff depending on what kind of services you want to run. ... Subject: Linux Hardening ... Bastille has been developed for older versions of RHEL. ... Couldn't determine Red Hat version! ...
    (Focus-Linux)
  • Re: Linux Hardening
    ... Given that Bastille hasn't yet been built for RHEL5 and FC7 (hence why ... Couldn't determine Red Hat version! ... Valid display found; defaulting to Tk interface. ...
    (Focus-Linux)
  • RE: Linux Hardening
    ... Subject: Linux Hardening ... I don't think the Bastille project has any activity. ... SELinux is already included in RHEL and their clones. ...
    (Focus-Linux)
  • RE: Linux Hardening
    ... I don't think the Bastille project has any activity. ... I was looking for a Linux hardening tool. ... SELinux is already included in RHEL and their clones. ...
    (Focus-Linux)