Bastille Linux is a comprehensive, rapidly-developing hardening script for Red Hat Linux. This talk begins with a brief history of Bastille Linux, beginning with the impetus for the project's creation, and continues up through the current version of the code. A thorough step-by-step overview of Bastille Linux's security features follows, with special attention to innovative and controversial features of the script. Next, an overview of the Bastille Linux development philosophy is presented, followed by a high-level description of the Bastille Linux architecture and API. Finally, lessons learned from the development effort are presented, with reference to Eric S. Raymond's well-known "The Cathedral and the Bazaar" essay and its companions. The target audience for this talk is both system administrators who are interested in finding out what Bastille Linux can do for them, and developers who are interested in contributing to or learning from our effort. Some experience with security-related system administration tasks would be helpful for audience members, as would an abstract understanding of software development.

Jon Lasser is a Unix Systems Administrator at the University of Maryland, Baltimore County (UMBC) where he works with Linux, Irix, and Solaris systems. He is Founder of and Lead Coordinator for the Bastille Linux Project, about which he has presented papers and lead Birds-of-a-Feather sessions at the 1999 Usenix Technical Conference, 1999 Atlanta Linux Showcase, and the 1999 SANS Security San Francisco conference. He is a member of the DC Linux Users Group, the UMBC LUG, and both DC and Old Bay (Baltimore) SAGE.