:: Re: [Dng] Please!! revive Bastille …
Top Page
Delete this message
Reply to this message
Author: william moss
Date:  
To: dng
Subject: Re: [Dng] Please!! revive Bastille hardening tool for Devuan
If find conversations like this annoying and inappropriate for a BLOG
that portends to be for building a new distribution of Linux.

When working (I'm retired) I dealt with such intransigent attitudes
across the spectrum. From my first work with computers using CP/M and
System 370, through Bell Labs Version 7 of Unix, BSD, AT&T System III,
System V, MS Windows, etc..

Things go out of date. Some times due to simple change is best for our
profit (MS is a good example of this), some times due to better
algorithms (e.g., the Unix scheduler going from round robin to
preemptive priority queuing) and sometimes due to a language definition
being tightened (e.g., K&R Vs. ISO C, Perl V.5.14 Vs. 5.8).

A little less bombast and more constructive criticism would be in order.
The peer reviews used to defend mathematical proposals and the
discussion style of magazines from the ACM or IEEE would be more
appropriate.

That said, a simple and basic security script would be useful. I find
that most computer users are clueless about security. Most either have
no firewall and anti-malware daemon running, or a thoroughly out of date
one in the case of Window's systems. I still hear from people that
identity theft is really an urban legend or that there are no
consequences, so who cares.

On Linux or BSD systems, I set up a simple firewall for people; being
lazy I use fwbuilder or something similar to build initial iptables and
then either modify the chain rules in fwbuilder or the rules text file.

Clamav seems to be the easiest anti malware to use.

I also turn off any FTP or other older login methods and set up SSH
using seahorse or other easy to use GPG utility so the user can maintain it.

One other thing that I have trouble convincing people to use is a heavy
weight mail client (e.g., Thunderbird) that supports GPG (enigmail).
Email and social media sites are still the biggest threats to a system
after the end users themselves.

FYI:
I first used Linux at version 1.13.
BSD since it was created at the University of California at Berkley.
AT&T Unix since Bell Labs version 7.

I currently run freeBSD (LAN server), Debian wheezy and a custom system
that I maintain Via source code or RPM. I'm rather tired of this and
will either find a Linux that is based on the Unix principles of KISS
and do one thing and only one thing and do it well, or return to my BSD
roots.

The current Linux wars remind me of the Unix wars of 1985-1995 and VMS
Vs. Unix. History keeps repeating, sad to say.

Good Luck in creating something in the public sphere that again
resembles Unix/POSIX.