Re: HP-UX Bastille released!

Keith Buck · ‎08-21-2002

(In case you haven't heard, HP-UX Bastille is a tool that will walk you through many of the important steps in securing your HP-UX machine)

First, a hearty thanks to all the beta testers out there who provided us with feedback. If you are one of them, please do upgrade to the official version as soon as it is convenient.

This version has a safer "revert" facility than the initial beta version and uses the official, supported version of Perl/Tk. (Perl 5.6.1.E is basically perl 5.6.1 with Perl/Tk)

If you have an HP-UX support contract, then this version offers the additional benefit of official support from HP. The product can be downloaded from:

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6849AA

Note: If, for some reason, you are unable to upgrade to the latest supported version of Perl from HP, you can probably get it to work by compiling your own Perl/Tk module. Using the supported version of Perl with Tk is highly recommended.

Victor_5 · ‎08-21-2002

Good news, very happy to hear that, thanks!

Sajid_1 · ‎08-21-2002

Thanks for the information! Is it the final version? OR still something needs to be added?

learn unix ..

Pete Randall · ‎08-21-2002

Keith,

I enjoyed the beta and look forward to exploring this latest version. Thanks.

Pete

Pete

James R. Ferguson · ‎08-21-2002

Hi Keith:

The efforts of yourself and other HP Support engineers to post messages notifying this community of new documentation, new software tools, and patches that implement new features (e.g. the 11.x patches implementing intrinsic RockRidge CD mount support) should be highly commended.

These contributions are greatly appreciated. Thanks to all of you!

Regards!

...JRF...

Keith Buck · ‎08-21-2002

Sajid,

I'm not sure how to answer your question. This is not a Beta version. It is an official release. I'm certainly not going to preclude us from releasing later versions with more functionality :)

In fact, any feedback on new features for future versions is still appreciated.

-Keith

Tim D Fulford · ‎08-21-2002

Excelent news!

Tim

-

Sajid_1 · ‎08-21-2002

Keith:

Thanks for the information. I didn't try the beta version, but I will defenitley load this. Will give you the feedbacks.

rgds,

learn unix ..

Michael Tully · ‎08-21-2002

I'll have this on a machine within an hour and under the bosses nose before close of business.

It is these types of initiatives by HP that keep great interest going..... Take a bow!

Cheers
Michael

Anyone for a Mutiny ?

Rodney Hills · ‎08-21-2002

I read the whitepaper on Bastille and it looks like something I gotta have.

The only thing that concerns me is... Do I have to convert to a trusted system?
All the forum items regarding trusted systems talk about problems when working with LDAP, and I was planning on installing LDAP for login verification.

Is going to a trusted system a requirement?

-- Rod Hills

There be dragons...

Kelli Ward · ‎08-21-2002

Hi Keith,

I'm very interested in checking Bastille out.
Unfortunately, I'm getting a 404 error on both your link and through software.hp.com
I'll keep checking back, if you have any updates on the status (in case it's not from my end), please let me know.

Looking forward with great interest,
Kel

The more I learn, the more I realize how much more I have to learn. Isn't it GREAT!

harry d brown jr · ‎08-21-2002

Actually, ALL links on the software site FAIL:

Not Found
The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it. Please inform the site administrator of the referring page.

Oh well, I'll have to play with it tomorrow.

live free or die
harry

Live Free or Die

Donald Kok · ‎08-21-2002

The provided link works for me. However there is a strange behaviour:

- When I rightclick -> open new window, then I have to enter an order number which I can get while purchasing the product.
- When I click I am directed to a screen where I can receive a free copy.

Apart from this I am glad there is a new good tool to get systems secure.

My systems are 100% Murphy Compliant. Guaranteed!!!

Yogeeraj_1 · ‎08-21-2002

hi,
Thanks for the information!
We curious to install and check what's in it.

Interesting features and benefits:
- configures daemons and system settings to be more secure
- turns off unneeded services such as pwgrd
- helps create chroot jails that partially limit the vulnerability of common Internet services such as Web servers and DNS
- the user interface is designed to educate users
- the "revert" feature returns the security configuration to the state before Bastille was run

We are eager to download and try it. ;)

Thanks again
Yogeeraj

No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)

John Bolene · ‎08-22-2002

Wonderful, we will give it a try.

It is always a good day when you are launching rockets! http://tripolioklahoma.org, Mostly Missiles http://mostlymissiles.com

James Beamish-White · ‎08-22-2002

Thanks! Of course, this makes my detailed script that does bastion host conversion redundant, but hey, I didn't need those weeks anyway! :-)

Chers!
James

GARDENOFEDEN> create light

Ian Cameron · ‎08-22-2002

Thanks to you and all the HP Engineers. I am looking forward to having a tool to help me on the road to securing the equipment I am responsible for which was looking like a very daunting task.

Ian

harry d brown jr · ‎08-22-2002

Good, NOW the link works.

Live Free or Die

Justo Exposito · ‎08-22-2002

Hi,

Good, Thanks for the information.
I'll try to test it.

Regards,

Justo.

Help is a Beatiful word

Kurt Beyers. · ‎08-22-2002

Thanks for the info Keith! I'll test it out.

Kurt

Kelli Ward · ‎08-22-2002

Hi,
I got it this morning.
Thanks,
Kel

The more I learn, the more I realize how much more I have to learn. Isn't it GREAT!

Keith Buck · ‎08-22-2002

Response to Rodney:

All actions within Bastille are optional. If you answer "No" to every question, then it will make no changes (except maybe write to the action log that it didn't do anything :) )

One such optional action is converting to a trusted system. Bastille is designed to allow you to customize your security to fit your needs.

As far as LDAP and trusted, it should work but I don't have any personal experience. As far as I know, NIS is incompatible with trusted systems (because it's a clear-text protocol and doesn't make any sense to do that with trusted.) Alternatives include NIS+, LDAP and others. These are mentioned within the Bastille question about trusted systems.

By the way, if anyone finds a question in Bastille which doesn't fully characterize the consequences of an action (e.g. if LDAP and trusted really don't work together, it should say that), please do let us know so we can update the question in future versions. You can do that either here or through

bastille-feedback@fc.hp.com

Also, thanks for everyone's encouragement! It's good to feel appreciated :) Also, buy more stuff from HP :)

MARTINACHE · ‎08-22-2002

Excellent !

I didn't test the beta I didn't know that it exists ...

Where can I find informations on beta testing ?

Patrice.

Patrice MARTINACHE

Keith Buck · ‎08-22-2002

Response to Patrice:

The Beta was announced here in the forums; we had a couple rounds. Now that we have a real version, there's no Beta as such, but we're still interested in feedback for future enhancements.

In particular, I asked a question a while ago about if people were interested in high level options rather than having to walk through every question individually. This use model would be much less educational, but would allow you to quickly apply a pre-canned security configuration to your machine.

None of the Beta testers seemed too interested in that idea...I wonder how the less adventurous types will feel :)

Joanne Keegan · ‎08-22-2002

What good news! I have tried out the beta version - which certainly made it easier to secure a system. Now I'm looking forward to using the supported version.

Regards,

Jo

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: HP-UX Bastille released!

HP-UX Bastille released!