Certifying a RedHat Install

From: abe (abe_at_abeowitz.com)
Date: 07/14/04

Next message: Shay Wilson: "RE: Visited by a cracker"

Previous message: Christian: "Re: Visited by a cracker"
In reply to: Alan Hicks: "Re: Visited by a cracker"
Next in thread: corey: "RE: Certifying a RedHat Install"
Reply: corey: "RE: Certifying a RedHat Install"
Reply: Alan Hicks: "Re: Certifying a RedHat Install"
Maybe reply: abe: "Re: Certifying a RedHat Install"
Reply: Michael LaSalvia: "RE: Certifying a RedHat Install"
Reply: Peter H. Lemieux: "Re: Certifying a RedHat Install"
Reply: Peter Koinange: "Re: Certifying a RedHat Install"
Reply: Thomas Corriher: "Re: Certifying a RedHat Install"
Maybe reply: Eric Gunnett: "Re: Certifying a RedHat Install"
Maybe reply: Gunnoe, Jason: "RE: Certifying a RedHat Install"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 14 Jul 2004 10:37:48 -0700
To: focus-linux@securityfocus.com

My client wants me to certify there are no back doors in the RedHat 9
server we are going to deliver. It's a base RH9 install with a few
extra RPM's, like Guarddog.

Question is what's the best way for us to certify this?
* rpm -Va ?
* A global md5 on each file?

Also, what's the best way to minimize liability if they are hacked? I
don't want to get sued because the were negligent.

Thanks,

Abe

Next message: Shay Wilson: "RE: Visited by a cracker"

Previous message: Christian: "Re: Visited by a cracker"
In reply to: Alan Hicks: "Re: Visited by a cracker"
Next in thread: corey: "RE: Certifying a RedHat Install"
Reply: corey: "RE: Certifying a RedHat Install"
Reply: Alan Hicks: "Re: Certifying a RedHat Install"
Maybe reply: abe: "Re: Certifying a RedHat Install"
Reply: Michael LaSalvia: "RE: Certifying a RedHat Install"
Reply: Peter H. Lemieux: "Re: Certifying a RedHat Install"
Reply: Peter Koinange: "Re: Certifying a RedHat Install"
Reply: Thomas Corriher: "Re: Certifying a RedHat Install"
Maybe reply: Eric Gunnett: "Re: Certifying a RedHat Install"
Maybe reply: Gunnoe, Jason: "RE: Certifying a RedHat Install"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: frontpage 2003, no support?
... Define "doesn't support 2003" and define "has to certify them". ... 2003 doesn't require anything special on the server. ... extensions you are talking about, they can use the FP2002 server extensions. ...
(microsoft.public.frontpage.programming)
Re: RHEL vs Fedora
... > like these guys are not even bothering to populate their database with ... I assume Redhat is only going to focus on big ... 1) vendors pay big bucks to get RH to test and certify their ...
(linux.redhat)