Bastille  is  a  system hardening / lockdown program which enhances the
security of a Unix host.  It configures daemons, system settings and 
firewalls to be more secure.  It can shut off unneeded services and r-tools,
like rcp and rlogin, and helps create "chroot jails" that help limit the
vulnerability of common Internet services like Web services and DNS.

This tool currently hardens Red Hat 6.0-7.3, Mandrake 6.0-8.1, HP-UX 11.00,
and HP-UX 11i v1 (AKA 11.11).  It is still being tested, but thought to be
stable, on Debian, SuSE and Turbo Linux.

If run in the preferred Interactive mode, it can teach you a good deal about 
Security while personalizing your system security state.  If run in the 
quicker Automated mode, it can quickly tighten your machine, but not nearly
as effectively (since user/sysadmin education is an important step!)

To run:

bastille [(-b|-c|-r|-x)]

 -b : use a saved config file to apply changes directly to system
 -c : use the Curses (non-X11) GUI (Linux only)
 -r : revert Bastille changes to original file versions (pre-Bastille)
 -x : use the Perl/Tk (X11) GUI
