Hewlett Packard Joins Up With Bastille Project

Jay Beale writes: "We've just recently released Bastille Linux 1.2.0 and it's pretty darn cool! It's now smarter, it's got a pretty new X interface and it works with the new 2.4 firewalling. Bastille shipped by default on Mandrake Linux 8 -- now, Hewlett Packard is helping us develop Bastille functionality for HP-UX. The page is here and the press release is here."

Re:bastille

[dair]

Yeah ! but for over three or four centuries, it was proverbial that you can't escape from bastille

Actually, the Bastille spent most of its life as a comfortable prison for aristocrats (who could keep their servants, entertain guests for dinner, etc). The expense of maintaining it meant it was scheduled to be knocked down by the government, and when it was 'stormed' it only held about half a dozen inmates - a couple of forgers, a count committed at the request of his family, and a lunatic.

So perhaps not the best choice of names... :-)

-dair

Re:Let 'em eat cake

[disappear]

Absolutely: the problem wasn't the building, it was the administration.

(Hint: it might help to read previous Slashdot stories to understand new ones. Context is everything.)

Nice but... What's so different

[joq]

Immunix, NSA's SE-Linux, Bastille, Trustix, EnGarde ... All seek to claim "Secure Linux" with their distributions, yet I don't understand why the core developers of Linux don't sit down and audit their coding in better fashion?

Maybe it's because I've used OpenBSD way too long, and am critical but I feel someone somewhere is missing some key factors when creating these so called "Secure" distro's.

If Woody would have checked his code beforehand... this would have never happened. Remember that Woody Woodpecker cartoon? Well since I've made the switch to BSD's (Open for my site, Free @ home) I've never looked back at Linux.

I will however say kudos to the Bastille team for having some positive news on the Linux side of things, and hopefully more vendors will start supporting, even advocating any version of Nix versus the alternative

Hey Mr. Cynic, I take you've never used it

[zrk]

All software can be compromised if you've got the time and effort. But that's not what Bastille is about.

Bastille does you a favor, and asks you if you need certain services or not. Most people don't, and Bastille will turn them off for you. Also, once you've done it, you can duplicate the behavior across your new server farm, saving you Boatloads of time and effort.

Think of it as being the software to lock down your servers by reducing fluff in an easy fashion.

Yes, coders should be "better" and yes, linux providers should be better with coming up with more secure distros, but since they don't, what's the harm in using something that does? For now, Bastille is it.

My one gripe here is that what if you don't want X anywhere near your machine? I guess you're stuck with the clunky curses interface. (eh, well it's really not THAT bad).

bastille

[broohd]

If I'm not mistaken the Bastille was successfully stormed and overrun in the French Revolution. So much for security...

It's a crazy idea, but...

[imipak]

it might just work?

How about a Windows port? Actually, a full-scale rewrite would probably be needed. Sure would get used a lot, though, and it'd be yet another foot-in-the-door for the GPL in Microsoft shops, which can only be a good thing.
--
"I'm not downloaded, I'm just loaded and down"

Go Dog Go!

[standards]

As Jeremey Fulton once said at one of those Linux conferences, "Bastille is a wonderful thing".

In March, my company decided to get in on the Bastille bandwagon, as we thought it was good for us and for our customers. I must say that so far it has been a surprising success... my manager calculates that it'll save us about $25,000 per year - and we're a very small shop!

Of course there are always teething problems, but we have found that the minor and temporary pains are far outweighed by the cleaner, more robust environment.

Highly recommended.