Re: Certifying a RedHat Install
From: Peter Koinange (pkoinange_at_swiftkenya.com)
Date: Thu, 15 Jul 2004 10:38:47 +0300 To: abe <firstname.lastname@example.org>
try http://www.cisecurity.org/ there are some linux benmark tests you
can ran on the system
> My client wants me to certify there are no back doors in the RedHat 9
> server we are going to deliver. It's a base RH9 install with a few
> extra RPM's, like Guarddog.
> Question is what's the best way for us to certify this?
> * rpm -Va ?
> * A global md5 on each file?
> Also, what's the best way to minimize liability if they are hacked? I
> don't want to get sued because the were negligent.
-- Peter Koinange Swift Global Kenya Limited Tel: 020-229229