RE: Linux Hardening



I spoofed the Name in the /etc/redhat-release to RH4. Everything worked
fine.


-------------------------------------------------------------
Harry E Smith Jr.
Senior Staff System Engineering
(408) 473 6491 (work)
(408) 888 5209 (cell)
(877) 635 1529 (pager)

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Joe_Wulf
Sent: Thursday, October 11, 2007 6:43 PM
To: 'JP Vicente'; 'Matthew Lee Hinman'
Cc: focus-linux@xxxxxxxxxxxxxxxxx; Jay Beale
Subject: RE: Linux Hardening

That's pretty normal behavior, actually. RHEL5 (32 and 64 bit) reports
this as well.
Bastille has been developed for older versions of RHEL. A newer version
of the OS has been published/released, but Bastille hasn't yet been
updated.

Do make sure you've got a compatible version of Perl-Tk installed along
with bastille.

R,
-Joe Wulf, CISSP, USN(RET)
Senior IA Engineer
ProSync Technology Group, LLC
www.prosync.com

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of JP Vicente
Sent: Thursday, October 11, 2007 17:04
To: Matthew Lee Hinman
Cc: focus-linux@xxxxxxxxxxxxxxxxx
Subject: RE: Linux Hardening

Below is the exact error that I got when I ran Bastille on FC7 and
RHEL5.


[root@localhost ~]# InteractiveBastille
ERROR: Couldn't determine Red Hat version! Setting to 9!
ERROR: Couldn't determine Red Hat version! Setting to 9!
ERROR: Couldn't determine Red Hat version! Setting to 9!
NOTE: Valid display found; defaulting to Tk (X) interface.
ERROR: Couldn't determine Red Hat version! Setting to 9!
NOTE: Using Tk user interface module.
ERROR: Couldn't determine Red Hat version! Setting to 9!
NOTE: Only displaying questions relevant to the current
configuration.
ERROR: Couldn't determine Red Hat version! Setting to 9!
ERROR: Could not load the 'Tk.pm' interface module.This may be due to
an
invalid $DISPLAY setting,or the module not being visible to
Perl.


-----Original Message-----
From: Matthew Lee Hinman [mailto:matthew.hinman@xxxxxxxxx]
Sent: Thursday, October 11, 2007 4:21 PM
To: JP Vicente
Cc: focus-linux@xxxxxxxxxxxxxxxxx
Subject: Re: Linux Hardening

The tool is still being actively developed and supported. 3.09 is indeed
the latest verion (found here:
http://bastille-linux.sourceforge.net/index.html)
Can you give a little bit more info about how this isn't working on
later versions of Linux? (like an error message, etc)

- Lee

* jvicente@xxxxxxxx <jvicente@xxxxxxxx> [2007-10-11 12:36:39 -0000]:

Hi,


I was looking for a Linux hardening tool. I found Bastille. The latest
= version
that I was able to find is 3.09. I cannot seem to get this = version to
work on later versions of Linux (RHEL 5, FC 6,7) = distributions.


Is this tool still being supported? Is there a similar tool out there?


Thanks in advance,

JP

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.8/1063 - Release Date:
10/11/2007 9:11 AM



No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.8/1063 - Release Date:
10/11/2007 9:11 AM




Relevant Pages

  • RE: Linux Hardening
    ... Bastille has been developed for older versions of RHEL. ... Subject: Linux Hardening ... Below is the exact error that I got when I ran Bastille on FC7 and RHEL5. ... Couldn't determine Red Hat version! ...
    (Focus-Linux)
  • RE: Linux Hardening
    ... I would take a serious look at gentoo-hardened, modern system hardening includes things like applying patches to the kernel to utilize canary values to detect memory based attacks, inserting random spacing so memory addresses commonly used to exploit an executable are harder to hit, making sure users can not see other users processes, and then all kinds of service specific stuff depending on what kind of services you want to run. ... Subject: Linux Hardening ... Bastille has been developed for older versions of RHEL. ... Couldn't determine Red Hat version! ...
    (Focus-Linux)
  • RE: Linux Hardening
    ... Subject: Linux Hardening ... I don't think the Bastille project has any activity. ... SELinux is already included in RHEL and their clones. ...
    (Focus-Linux)
  • RE: Linux Hardening
    ... I don't think the Bastille project has any activity. ... I was looking for a Linux hardening tool. ... SELinux is already included in RHEL and their clones. ...
    (Focus-Linux)