What people are saying...
"I've learned more just by going through the script (esp. the IP Chains goodies) than by hacking through a stack of O'Reilly books."
"[Bastille] explains itself extremely well during the course of a Bastille session. If you take the time to read this script's explanations of its own questions, you'll learn a lot about system-hardening."
"The reaction to Bastille has been excellent here, by the way. A couple of our department IT contacts and a lot of the students have raved about it, especially the ease-of-use and the run-time explanations. I think Bastille is currently doing something you can't find anyone else doing."
"Bastille-Linux should be a Red Hat user's FIRST download. Every healthcare organization utilizing Red Hat in any capacity should place running the Bastille-Linux scripts at the top of their "must-do" list for information security."
"We've been using Bastille since February on our Red Hat boxes, and it rocks. It's fast and comprehensive and makes it easy to do the right thing."
"Honestly though, Bastille has taught me so much about Linux security already (and how much I don't know)."
"...Don't try to set up a Linux firewall or webserver
"Also, the project is a godsend for beginner or medium level admins, and I for one thank you. It's helped me not get hacked since I started working with it months ago."
"Thanks to Bastille, I'm still alive! ... I can't imagine I would be in such shape had I not run Bastille a couple of months ago--even though I didn't take all of the advice in the Bastille scripts."
"I think someone needs to check out the fantastic Bastille Linux project."
"Looking through the changes Bastille Linux made, I am impressed."
"Bastille can automate the process of locking down a machine, or it can be used interactively, both to give you control of what services get disabled or reconfigured, and also as an invaluable tutorial. Plus, since it's written in Perl, it's easy to modify or extend. Don't try to set up a Linux firewall or webserver without Bastille's help."
"I'd like to express my appreciation to you & all who have made Bastille possible. I'd very much like to specialize in Info Security, and a program that works as a hands-on tutorial is an absolute godsend. Again, *Thank You*."
"You guys have done an awesome job. Keep it up."
"I think that Bastille's policy of user education provides the most intelligent way of securing a Linux box. Since Bastille tells the new system administrator the rationale behind every action, security is simpler to live with and more likely to work."
"Bastille has made me aware of many important linux security issues. I've learned a lot about configuring services and system settings from the step by step configuration program."
"In real world environments, many people do not have the time or desire to research and implement good security practices. Bastille can help people to take sensible precautions without requiring them to become experts."
"Bastille linux is a highly recommended way for the masses to easily secure Redhat 6.0."
"We are using it [Bastille] and will continue to use it. We are rolling out linux builds and that I anticipate that Bastille will be very helpful."
"What Bastille has already done for me, is twofold. Firstly, it forced me to think about more issues in setting up machines - issues that are too easy to gloss over when you're "in a hurry". Secondly, I'm also pleased to say that some of what it did seemed to have tidied up some sloppy configuration and in fact made at least one of the machines here perceptibly faster than a stock RH6 install. Both of these are good things."
"I think your effort is very important, because many people are [connecting via] DSL lines. These machines, as you know, will be potential targets for Distributed Denial of Service operations. So, common people must awake for this kind of problem. Bastille is well fitted for common people with [less] knowledge about the complex aspects of security issues."
"I downloaded the new bastille. I would just like to say it's a real great program, comes in handy too... Keep up the good work, I look forward to seeing more developments of your program. -=)"
"Thank you for your efforts, and the efforts of the Bastille team. Tools like Bastille will make secure computing simpler."
"You guys have captured a truly astounding amount of hardening experience here! I'm pleasantly surprised by the elegant design and clean, well-commented code. Some open-source projects (and some of my own code) have the look of a quick hack to get the job done. Not your code! Nice job."
"I wrote also some Firewall-scripts, I tested out yours, and so far, I liked yours the most :) Great Work."
"All my wishes for this excellent project!"