• reveal the holes in your webserver: nikto 1.35
  
• reveal the holes in your webserver: nikto 1.35 ciont
  
• securing you box with bastille
  
• securing your box with bastille cont
  
• securing your box with bastille cont 2
  

• forensic process and tricks
  
• forensic process and tricks cont
  
• forensic analysis of malcode - step by step
  
• advanced web-based honeypot techniques
  
• custom web-based honeypots with ghh
  

• smtp relay honeypot
  
• web exploits - don't be a victim
  
• scripting internet connections under windows
  
• credit card security
  
• cross posted sql injection measures
  

• making your windows pc more private and secure
  
• a quick introduction to tcp session hijacking
  
• the definitive guide to chrooting
  
• the definitive guide to chrooting cont
  
• te definitive guide to chrooting cont 2
  

• computertutorials
  
• computertutorials2
  
• securitytutorials
  
• computertutorials3
  
• computertutorials4
  
• securitytutorials2
  
• securitytutorials3
  
• securitytutorials4
  

 

SECURING YOUR BOX WITH BASTILLE


Bastille is a hardening tool which is very effective at locking down your system, and all it requires is a few minutes of your time! It is currently available for the major Linux distributions: SUSE, Mandrake (Mandriva releases are still not supported), Fedora Core, Red Hat, Debian, and Gentoo, and it is also available for HP-UX and Mac OS X, as well as the source code which can be compiled on most *nix systems. In this tutorial I shall take you through the steps of installing it and setting it up properly in order to secure your system better than before (this tutorial may not be suitable for you if the computer is not a workstation or for personal use).

First of all, we'll install it. As my demonstration system I am using a laptop running (a slightly outdated) Fedora Core 3. You may use the method described on Bastille's site to install it if you have a different distro/OS to mine. Here is how I installed it:

* Download the Bastille RPM - which will work for Red Hat, Fedora Core, SUSE, or Mandrake. Install it onto your system, either by using the inbuilt package manager or the following commands in console:
Code:
$ su
Password:
# rpm -ivh Bastille-3.0.8-1.0.noarch.rpm

* Now, download perl-Curses (although non-graphical, at the end of the day it tends to cause fewer problems than installing perl-Tk). Choose the correct one for your distro and release at the module table. Install it the same way you installed Bastille in part 1.
* Once you have installed both of these, fire up Bastille's configuration in the console by typing the following command (still as root):
Code:
bastille -c

Note: If that doesn't work, type the following into the console:
Code:
PATH=/usr/sbin:$PATH
- then try to run Bastille again, and it should work.

A word of advice: I may tell you to just 'Press "Next"' or 'Hit "Yes"' in some places, but you should read the text to make sure you understand what you are configuring and that the choice I am leading you to is the right one.

Having started up Bastille, some lines of text should appear on your screen.


* Press Ctrl + C and it will scroll to the end of the text, as shown below:

* Type "accept" and press Enter. Now you will be taken to Bastille's configuration, and introduced to the program. Press "Next" to continue.

* At this first question you may want to press "No", for if not simple commands like 'ifconfig' and 'runlevel' will be disabled to all users but root (and I personally use them quite a lot) - although hitting "Yes" is the more secure option.

* Press "Next".

* Press "No", because if not you will be unable to mount and unmount devices after boot (unless you are root).

* At the next screen, hit "Yes".

* Once again, press "Yes".

* Press "Yes" at the 'r-tools' question.

* And "Yes" at the 'usernetctl' one.

* "Yes" again, to leave traceroute available to all users.

* "Yes" to disable r-protocols.

* At this screen, it is a good idea to press "Yes" - this will get you into the good habit of renewing your password every 60 days.

            * Press "Yes" to set the default umask.

* Here, leaving 077 is a good idea - it means that no other users on your system can read or write to your files (of course, this is your choice). When you're happy, hit Tab and then "Next".

* I have decided to set this one as "Yes", because if you need to become root on the other tty's then you can just 'su' from a normal user's account.

* "No" at password-securing the GRUB prompt, because this isn't necessary unless you're scared a cracker may be able to access your computer physically.

* It's also fine to choose "No" at this one.

* Hitting "Yes" here is a good option.

* Leave the following one as "No".

* For a bit of 'fun', leave this one as "Yes".

 

* Press Tab at this screen.
 

Original Tutorial by j_k9 for TheTAZZone-TAZForum

Originally posted on March 10th, 2006 here

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post...we do not sell, publish, transmit, or have the right to give permission for such...TheTAZZone merely retains the right to use, retain, and publish submitted work within it's Network.