Hack Proofing Linux: A Guide to Open Source Security
Excellent detailed introduction to key Linux security tools and
techniques, for non-system administrators.
TABLE OF CONTENTS Hack Proofing Linux: A Guide to Open Source Security
Appendix A: Bastille Log
The following table is provided for logging your Bastille choices. Bastille is simple to use, but it s easy to lose track of the changes you implement. This can be a problem if you are unable to perform a typical operation on the system, or are denied access to a command or service. Many times, it is because you locked down part of the system by mistake, or misjudged the impact of a particular Bastille choice. It is always a good idea to create a hard-copy log of the options you select in Bastille. When you configure Bastille on your systems, use this Bastille log to record the changes you implemented.
| Question | Yes | No |
|---|---|---|
| Module 1: IPChains.pm | ||
| 1. Would you like to run the ipchains script? (Choosing No will skip to Module 2.) | ||
| 2. Do you need the advanced networking options? | ||
| 3. DNS Servers | ||
| 4. Public interfaces | ||
| 5. TCP services to audit (name or port number) | ||
| 6. UDP services to audit (name or port number) the Back Orifice port number on Microsoft clients is listed by default. | ||
| 7. ICMP services to audit (name or port number) an example is the Microsoft echo-request service (Microsoft ping and tracert commands). | ||
| 8. TCP service names or port numbers to allow on public interfaces (typical workstations should not allow any services). | ||
| 9. UDP service names or port numbers to allow on ... |
Copyright Syngress Publishing, Inc. 2001 under license agreement with Books24x7
