Bastille + books better (Score 5, Informative)

Bastille is a great tool, but it's no match for understanding what you're doing. It has really nice explanations of all the things it could do, but it doesn't actuall yshow you how to do them. Also, it doesn't do well with non-recent installs, and if you end up installing software later that could have been modified by bastille, it's too late to change the config.

If you want to do it right, you want to learn about how to secure your machine yourself. That means not being scared by coniguration files, and knowing how to use netstat on the command line to find the servers you're running, knowing what inetd or xinetd do, etc. bastille won't teach you that.

(I'm not dissing Bastille - it does exactly what it is supposed to do, but it's not a teacher, it's a tool.)

The only linux security books out there that are worth their salt are hacking linux exposed, 2nd edition, followed by the Linux Firewalls, 2nd edition book. The former doesn't have enough space to cover firewalls in enough depth, while the later fills that need perfectly.

If you want a lot of disjointed hacks, the recent O'Reilly hacks books are good fun. I learned a lot from the google hacks book, for example. However they are far from comprehensive (that's not their mandate) and this cookbook really should have been in the *hacks line. Their building secure servers with linux book falls into the same hole - it was based on linux journal entries, and is not a comprehensive security book.

If you want to learn about linux security in a complete fashion, HLE and LF are the only contenders.

(I'd also vote for the Linux Security newsletter which was meantioned below by an AC. Very good. Of course, it falls into the small tidbits of wisdom camp, rather than being a complete solution/education, but that's what you expect in a mailing list.)