[svlug] [svlug-announce] SVLUG Aug 06: Jay Beale: Locking Down Systems with Bastille Linux

stevegt@svlug.org stevegt at svlug.org
Sat Aug 2 20:49:38 PDT 2003

We're pleased to announce the next meeting of the Silicon Valley Linux
Users Group!  


  Locking Down Systems with Bastille Linux


  Wednesday, 06 Aug, 7pm-9pm or so.


  Jay Beale, Lead Developer of Bastille Linux

  Bastille Linux hardens an operating system by deactivating unused
  programs or functionality, tweaking security-related settings, and
  employing other standard "tricks" like chroot prisons to block or
  contain attacks. Bastille currently locks down five Linux
  distributions, HP-UX and Mac OS X. This talk will introduce Bastille
  and explore how it can be easily extended to include new
  functionality, requiring only minimal knowledge of Perl. In the
  process of understanding how Bastille works, we'll discuss and
  demonstrate what actions Bastille takes on a sample system. This
  talk should prove useful to non-programmers who want to understand
  how to harden an operating system by hand or with
  automated tools. It will definitely be useful to Perl programmers
  who wish to extend Bastille.


  Jay Beale is a security specialist focused on host lockdown and
  security audits. He is the Lead Developer of the Bastille project,
  which creates a hardening script for Linux, HP-UX, and Mac OS X, a
  member of the Honeynet Project, and a core participant in the Center
  for Internet Security. A frequent conference speaker and trainer,
  Jay speaks and trains at the Black Hat and LinuxWorld conferences,
  among others. A senior research scientist with the George Washington
  University Cyber Security Policy and Research Institute, Jay makes
  his living as a security consultant through Baltimore-based JJBSec,
  LLC, reachable via www.jjbsec.com.

  Jay writes the Center for Internet Security's Unix host security
  tool, currently in use worldwide by organizations from the Fortune
  500 to the Department of Defense. He maintains the Center's Linux
  Security benchmark document and, as a core participant in the
  non-profit Center's Unix team, is working with private enterprises
  and US agencies to develop Unix security standards for industry and

  Aside from his CIS work, Jay has written a number of articles and
  book chapters on operating system security. He is a columnist for
  Information Security Magazine and previously wrote a number of
  articles for SecurityPortal.com and SecurityFocus.com. He authored
  the Host Lockdown chapter in 'Unix Unleashed,' served as the
  security author for 'Red Hat Internet Server' and co-authored 'Snort
  2.0 Intrusion Detection.' Jay's currently finishing the Addison
  Wesley book, 'Locking Down Linux.'

  Formerly, he served as the Security Team Director for MandrakeSoft,
  helping set company strategy, design security products, and pushing
  security into the third largest retail Linux distribution. He now
  works to further the goal of improving operating system security. To
  read Jay's past articles and learn about his past and future
  conference talks, take a look at his site at


Cisco Building 9.  The land of NUMBERS.  The VINEYARDS conference
center.  The side we are on is the Silver Oak/Jordan conference rooms,
where a large Cisco fountain is usually not turned on.  Directions on
how to get there are listed at:


We've tried our very best for these directions to be accurate.  If you
have any improvements to make, please let our Web Team know!
web-team at svlug.org


It's best if you arrive close to on time, as otherwise there may not
be someone posted at the door to let you in.  After the speakers end
their presentation there is usually a Q&A session, time for job
seekers and employers to meet, and often a few door prizes.  When the
meeting is over people are encouraged to chat a bit, but also to exit
the building so Cisco can lock up.  Don't worry, a lot of us go to
dinner afterward so there's plenty of time to chat outdoors or

We look forward to seeing you there!

svlug-announce mailing list
svlug-announce at lists.svlug.org

More information about the svlug mailing list