Bastille on opensuse 11.2

if this is the wrong thread please move it. i was looking for security related thread, cause this possibly describes my problem more exact.

i want to write a security related script for opensuse 11.2 and above. For this reason i want to install and run bastille to check and recognize what security issues exists and how i can fix them.

i downloaded and installed bastille rpm over the sourceforge website. And i installed the mandatory packages perl-Tk and perl-Cursers via zypper.

I run bastille as follows:


bastille -x

and than it tells me


SE11.2' is not a supported operating system.
Valid operating system versions are as follows:

 OSX:
         'OSX10.2' 'OSX10.3' 'OSX10.4' 
         HP-UX:
         'HP-UX11.00' 'HP-UX11.11' 'HP-UX11.22' 'HP-UX11.23' 'HP-UX11.31' 
         
         LINUX:
         'DB2.2' 'DB3.0' 'RH6.0' 'RH6.1' 'RH6.2' 
         'RH7.0' 'RH7.1' 'RH7.2' 'RH7.3' 'RH8.0' 
         'RH9' 'RHEL5' 'RHEL4AS' 'RHEL4ES' 'RHEL4WS' 
         'RHEL3AS' 'RHEL3ES' 'RHEL3WS' 'RHEL2AS' 'RHEL2ES' 
         'RHEL2WS' 'RHFC1' 'RHFC2' 'RHFC3' 'RHFC4' 
         'RHFC5' 'RHFC6' 'RHFC7' 'RHFC8' 'MN6.0' 
         'MN6.1 ' 'MN7.0' 'MN7.1' 'MN7.2' 'MN8.0' 
         'MN8.1' 'MN8.2' 'MN10.1' 'SE7.2' 'SE7.3' 
         'SE8.0' 'SE8.1' 'SE9.0' 'SE9.1' 'SE9.2' 
         'SE9.3' 'SE10.0' 'SE10.1' 'SE10.2' 'SE10.3' 
         'SESLES8' 'SESLES9' 'SESLES10' 'TB7.0' 


obviously bastille doesnt support opensuse 11.2. does anybody know a trick or a workaround to get this running anyway.

greetz l1zard

I guess there is a conflict with apparmor or SELinux. I use this on Ubuntu and it works there. Let me try installing it on opensuse.

Check whether you have Perl module Tk

And i installed the mandatory packages perl-Tk and perl-Cursers via zypper.

S | Name | Typ | Version | Arch | Repository
–±------------±------±-------------±-----±-----------------
i | perl-Curses | Paket | 1.27-2.1 | i586 | openSUSE-11.2-Oss
i | perl-Tk | Paket | 804.028-51.4 | i586 | openSUSE-11.2-Oss

do bastille -c and check whether you go somewhere

on buntu i have not used tk yet but i managed by -c

its the same as expected scince -c uses the same profile config files as -x. the differnce between both is just the interface.

and no i have not ubuntu. i have opensuse. this is a completely different distrtibuiton

Yup, i know that just wanted to make sure. I am in buntu right now, will run bastille in suse when i get in there.

do check this Bastille problem in opensuse 11.1 - Antionline Forums - Maximum Security for a Connected World

thx. so all i need now is good manual howto setup apparmor and how to setup the firewall correctly. has anybody a good tutorial or something on app armor and suse firewall. what does dmz mean what are the differences between the zones?

Deny incoming traffic and that should set your firewall. Install nmap and scan yourself for finding open ports. YaST will assist you with AppArmor.

May the force be with you.