6.2. Bastille Linux

http://bastille-linux.sourceforge.net/ is an automatic hardening tool originally oriented towards the Red Hat and Mandrake Linux distributions. However, the bastille package provided in Debian (since woody) is patched in order to provide the same functionality for Debian GNU/Linux systems.

Bastille può essere utilizzato con diversi frontend (sono tutti documentati nella rispettiva pagina man inclusa nel pacchetto Debian) e questo permette all'amministratore di:

Answer questions step by step regarding the desired security of your system (using InteractuveBastille(8)
Use a default setting for security (amongst three: Lax, Moderate or Paranoia) in a given setup (server or workstation) and let Bastille decide which security policy to implement (using BastilleChooser(8)).
Take a predefined configuration file (could be provided by Bastille or made by the administrator) and implement a given security policy (using AutomatedBastille(8)).