Fwd: Certifying a RedHat Install

• Previous message: Alan Hicks: "Re: Certifying a RedHat Install"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 14 Jul 2004 20:22:03 -0100
To: focus-linux@securityfocus.com

Abe,

You could try a few things:

- Harden the box without being connected to a network

- Install and run tripwire before the machine is connected
to the network. Store the database on read-only media. Run
tripwire on a regular basis once the system is connected
back to the network.

- Run the CIS Security benchmark tool against the system,
this will display a security rating based on standard
criteria.

- Run a nmap scan against the system

- Run a full blown NESSUS scan against the system. NESSUS
will also include nmap as part of the scan.

- Run the latest rootkit check.

- Document your installation procedure so you can prove your
methodology.

- List all isntalled packages

Regards,
Jim

---- Original message ----
>Date: Wed, 14 Jul 2004 10:37:48 -0700
>From: abe <abe@abeowitz.com>
>Subject: Certifying a RedHat Install
>To: focus-linux@securityfocus.com
>
>My client wants me to certify there are no back doors in
the RedHat 9
>server we are going to deliver. It's a base RH9 install
with a few
>extra RPM's, like Guarddog.
>
>Question is what's the best way for us to certify this?
>* rpm -Va ?
>* A global md5 on each file?
>
>Also, what's the best way to minimize liability if they are
hacked? I
>don't want to get sued because the were negligent.
>
>Thanks,
>
>Abe
>

• Previous message: Alan Hicks: "Re: Certifying a RedHat Install"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Adding network and internet to Warp 4 ... install it "found" my NIC card, and loaded the generic Realtek OS/2 ... You should note that there are more than one driver for RealTek NIC. ... Loading Realtek Fast Ethernet Network Adapter driver ... (comp.os.os2.misc) Re: Windows cannot find C: (doc) Make sure you typed the name cor ... default printer back to my brother network printer. ... Windows cannot print due to a problem with the current printer setup ... uninstall the printer driver, and then install the latest version of ... from Outlook email - it opens a blank page in Word 2007 and you ... (microsoft.public.word.application.errors) Re: Rebuild Microsoft Windows XP SP2 - Hardened, comments needed ... chipset & other drivers ... Disconnect network cable ... Disable netbios over tcp/ip {no side effect unless u using ... Install graphics driver ... (microsoft.public.windowsxp.setup_deployment) How I replace SCO OpenServer and VisionFS with FreeBSD and Samba to run FoxPro Unix ... How to make a FreeBSD system.doc Revision date: ... FreeBSd install CD. ... Edit the kernel conf file with edit ... In My Network Place move pr_data->tmp->prstuff.tar to zip ... (comp.unix.bsd.freebsd.misc) Re: Fw: NOT HAPPY after Breezy upgrade/install ... It is connected to my network and is called nomad What was/is your network setup? ... Ubuntu, ... > to do an install. ... Thunderbird is not installed by default in Ubuntu - ... (Ubuntu)