Certifying a RedHat Install
From: abe (abe_at_abeowitz.com)
Date: Wed, 14 Jul 2004 10:37:48 -0700 To: email@example.com
My client wants me to certify there are no back doors in the RedHat 9
server we are going to deliver. It's a base RH9 install with a few
extra RPM's, like Guarddog.
Question is what's the best way for us to certify this?
* rpm -Va ?
* A global md5 on each file?
Also, what's the best way to minimize liability if they are hacked? I
don't want to get sued because the were negligent.