Chapter 13. Securing Your Machine

Table of Contents
13.1. Easy Configuration
13.2. Advanced security configuration
13.3. Security Levels in Details
13.3.1. Workstation Configuration
13.3.2. Server Configuration

Mandrake Linux ships the Bastille security tools suite. It is a set of two tools — one for basic configuration, and one allowing complex settings, which should make your machine much more secure. It is highly recommended that you run one of those tools just after installing your machine, and even before connecting it to the network.

13.1. Easy Configuration

The BastilleChooser tool allows inexperienced users to easily secure their machine, while not imposing too many constraints on the daily use of the machine. The tool is a little wizard whose steps we are now going to describe. To launch it, you need to run the command BastilleChooser from a Terminal as root. It is part of the Bastille-Chooser RPM package.

  1. Introduction (figure 13-1): Click Next to go to first step, or Cancel to abort the wizard.

    Figure 13-1. Introduction to the BastilleChooser wizard

  2. You can see figure 13-2 the first step to using the wizard is to select the level of security to be applied to your machine. As the text states, a high level of security has to be balanced against the ease of use - the 'friendliness of your system.

    Figure 13-2. Choosing a Security Level

  3. When this is done, you are asked whether your machine will act as a server or not (see figure 13-3). If you choose No here, all ports on the machine will be closed, and the wizard will finish. If you choose Yes, you will be presented with another dialog, where you can choose which services which will be used by the machine.

    See Security Levels in Details for explanations on the different security levels for both workstation and server uses.

    Figure 13-3. Is your machine acting as a server?

  4. As you chose Yes in the previous wizard, you are now asked to select the services allowed to get in your machine (figure 13-4). Check the corresponding choice for each available service, and click the Finish button. The firewall will allow requests concerning the services marked as Yes in this dialog.

    Figure 13-4. Choosing allowed services

That's all! If you found that this wizard does not offer all the options you would have liked to configure, read the next section.


Tux on Star from MandrakeSoft Linux is a registered trademark of Linus Torvalds. All other trademarks and copyrights are the property of their respective owners.
Unless otherwise stated, all the content of these pages and all images are Copyright MandrakeSoft S.A. and MandrakeSoft Inc. 2001.
http://www.mandrakelinux.com/