Learning the basics of architectural security
Storming the Bastille
Security applications like antivirus protectors respond to events, rather than preventing them from happening, but the best security in Linux is architectural – that is, in its configuration.
Architectural security – security through system configuration – is often compromised by distributions for short-term convenience; it requires expert knowledge as well. That's where Bastille Linux [1] comes in, helping you improve security while educating you about the basics.
Despite the name, Bastille is not a distribution but a hardening program. It was first written more than a decade ago by security expert Jay Beale [2], and now has a network of maintainers who keep it available for a number of Linux distributions and Unix-like operating systems, including Debian, Ubuntu, and Gentoo, as well as older releases of Red Hat, Fedora Core, and SUSE [3]. Packages are available in some distribution's repositories, and the source code is also available [4].
Running Bastille properly will probably take you an hour or more, but the time is well worth spending. At the end of the process, you will not only have a more secure system, you'll also have a better understanding of what security is about.
[...]
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Two New Distros Adopt Enlightenment
MX Moksha and AV Linux 25 join ranks with Bodhi Linux and embrace the Enlightenment desktop.
-
Solus Linux 4.8 Removes Python 2
Solus Linux 4.8 has been released with the latest Linux kernel, updated desktops, and a key removal.
-
Zorin OS 18 Hits over a Million Downloads
If you doubt Linux isn't gaining popularity, you only have to look at Zorin OS's download numbers.
-
TUXEDO Computers Scraps Snapdragon X1E-Based Laptop
Due to issues with a Snapdragon CPU, TUXEDO Computers has cancelled its plans to release a laptop based on this elite hardware.
-
Debian Unleashes Debian Libre Live
Debian Libre Live keeps your machine free of proprietary software.
-
Valve Announces Pending Release of Steam Machine
Shout it to the heavens: Steam Machine, powered by Linux, is set to arrive in 2026.
-
Happy Birthday, ADMIN Magazine!
ADMIN is celebrating its 15th anniversary with issue #90.
-
Another Linux Malware Discovered
Russian hackers use Hyper-V to hide malware within Linux virtual machines.
-
TUXEDO Computers Announces a New InfinityBook
TUXEDO Computers is at it again with a new InfinityBook that will meet your professional and gaming needs.
-
SUSE Dives into the Agentic AI Pool
SUSE becomes the first open source company to adopt agentic AI with SUSE Enterprise Linux 16.