Starting Back Up!!!

January 29th, 2012: We are starting back up with active development! Stay tuned for news!

A New Name and a Pending Release

September 12, 2007: There's a release coming tomorrow - stay tuned. In the meantime, we've changed our name to Bastille UNIX. This is something we've been meaning to do for a while, but a domain squatter has dictated our timing. Read more about that here. ToorCon 2006: Bastille for OS X Tiger

Jay is giving a talk at ToorCon on Bastille for OS X Tiger.

Def Con14 - Bastille for OS X talk

August, 2006: Jay just gave a talk at Def Con about Bastille for OS X. He demonstrated Bastille on OS X Tiger. Code will be released by August 11th.

Black Hat Training 2006 - UNIX Aikido

July, 2006: Jay will be teaching UNIX Aikido at Black Hat USA 2006 this year in Las Vegas. Sign up and learn how to go beyond Bastille! It's hands-on and you'll learn how to lock down Linux / UNIX systems with some great tools. Among those are our own Mike Rash's Firewall Knock Operator (fwknop).

Updating for latest Fedora Core, SUSE 10, Mandriva/Mandrake 10.x, 2006*
April 18th, 2006: Updated for Fedora Core 5, SUSE 10.0, Mandriva/Mandrake 10.x, 2006..., and preliminary support for OS X Tiger.

More info soon.

Bastille's New Assessment Mode!
April 19th, 2005: We've completed and tested Bastille's new Assessment mode. Bastille can now run in a separete "read-only" mode, where it assesses the current state of the hardening settings that it knows about and presents a report. To understand this more fully, please take a look at the sample report. Jay talks about this in an interview published on Newsforge. We're very proud of this new technology, whose creation was developed by Jay Beale, working with Carsten Gehrke and Charlie Long, contractors at the Space and Naval Warfare Systems Center San Diego (SPAWAR), who were sponsored by the US Government's TSWG. The internal test infrastructure on which this is built was developed by Keith Buck and his colleagues Robert Fritz and Tyler Easterling at Hewlett Packard.

This mode has only been tested on Red Hat Linux (Enterprise, Fedora, Legacy) and SUSE Linux (Professional/Personal and Enterprise), so please don't use it on other platforms unless you're helping with the testing process on those platforms. To help with the testing process on that platform, please contact Jay Beale or Bastile's development coordinator on that platform.

Fixing bugs, adding features!
March 24th, 2005: We've just eliminated a few bugs that were giving people a bit of trouble. First, we eliminated a bug that stopped Bastille from asking most of its questions on Fedora Core. Second, we fixed a bug that stopped Bastille from setting a GRUB bootloader password on some distributions. Finally, we added support for questions to eliminate extraneous users and groups. The latter was associated with the Fort Knox Linux project, which you'll hear more about soon.

Codebase Transition to 2.2.x Line
March 18th, 2005: We've just transitioned from the 2.1.x tree (previous stable) to the 2.2.x tree, which was the top of CVS. This code brings substantial internal changes, representing the work that HP and I have been doing to add make the underlying infrastructure easier to develop on, especially as the number of target operating systems increases. There's a lot more functionality coming soon too...

Gentoo Linux and Red Hat Fedora Core 3
January 27th 2005: We've released RPM's to cover Fedora Core 3. Additionally, an independent Gentoo developer ported Bastille to Gentoo. Follow the Gentoo link on the sidebar at right for more information.

This brings our supported Linux distributions to: Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo. We also run on HP-UX, where we've shipped with the latest distributions, and on Apple's OS X. Some of our development effort over the next few months will go into solidifying stronger compatibility on these, from updating our supported distro versio\ ns to the latest available to increasing the number of hardening steps available on each distribution.

You can help by testing on your distribution of choice! To go further, consider submitting patches to help, after you make sure you understand the code well enough. Get yourself in our credits file and mentioned on this page! - Jay

Development in High Gear
January 27 2005: Development is in high gear on the Bastille Linux project. We're working to make Bastille smarter, to add questions/items so Bastille can harden a system more fully, and also working to expand our distribution support. One of these days we'll cover FreeBSD and Solaris!

Bastille works on Red Hat Enterprise 3 and Fedora Core 1-3!
January 26th 2005: We made our own perl-Tk rpm for RHEL3 and Fedora Core, but module skipping in the GUI may crash the GUI. To avoid this, install the perl-Tk module from CPAN or source. (Bug reports to

Gentoo Support!
January 21st 2005: We just learned that a Gentoo developer has ported Bastille to Gentoo! You can get Bastille for Gentoo through the portage system. We'll be working hard to merge this code in with Bastille's core code so that Gentoo users can install from the mainstream source, but Bastille is ready to use on Gentoo!