Mandrake Linux ships the Bastille security tools suite. It is a set of two tools — one for basic configuration, and one allowing complex settings, which should make your machine much more secure. It is highly recommended that you run one of those tools just after installing your machine, and even before connecting it to the network.
The BastilleChooser tool allows inexperienced users to easily secure their machine, while not imposing too many constraints on the daily use of the machine. The tool is a little wizard whose steps we are now going to describe. To launch it, you need to run the command BastilleChooser from a Terminal as root. It is part of the Bastille-Chooser RPM package.
Introduction (figure 15-1): click to go to first step, or to abort the wizard.
You can see figure 15-2 the first step to using the wizard is to select the level of security to be applied to your machine. As the text states, a high level of security has to be balanced against the ease of use — the friendliness of your system.
When this is done, you are asked whether your machine will act as a server or not (see figure 15-3). If you choose No here, all ports on the machine will be closed, and the wizard will finish. If you choose Yes, you will be presented with another dialog, where you can choose which services will be used by the machine.
See Security Levels in Details for explanations on the different security levels for both workstation and server uses.
As you chose Yes in the previous wizard, you are now asked to select the services allowed to get in your machine (figure 15-4). Check the corresponding choice for each available service, and click the button. The firewall will allow requests concerning the services marked as Yes in this dialog.
That's all! If you found that this wizard does not offer all the options you would have liked to configure, read the next section.