Re: Certifying a RedHat Install
From: Eric Gunnett (eric_at_zoovy.com)
Date: 07/15/04
- Previous message: Thomas Corriher: "Re: Certifying a RedHat Install"
- Maybe in reply to: abe: "Certifying a RedHat Install"
- Next in thread: Gunnoe, Jason: "RE: Certifying a RedHat Install"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 15 Jul 2004 14:15:56 -0700 To: <abe@abeowitz.com>, <focus-linux@securityfocus.com>
Out it in writing that you did not install any back doors. Have them hire an independant auditor to verify this. Sounds to me like they just do not trust you, and at that point there is not much you can say to them in order for them to believe you have not installed any backdoors.
Eric Gunnett
System Administrator
>>> abe <abe@abeowitz.com> 07/14/04 01:42PM >>>
Thanks for everyone's answers so far, but perhaps I need to restate my question...
>>>What can I do to assure my customer that I have installed no back doors for
myself.<<<
rpm -Va will check the size, date & permissions of all rpm installed files. I
don't know if it will do an md5 or similar. But such a command would be a quick
integrity test, yes?
md5's of most of the system will allow direct comparisons with a known good RH9
install.
I have to use RH9 as the application they need only works on RH9. Otherwise,
yes I'd've installed a more current version or different flavor...
Thanks!
-Abe
- Previous message: Thomas Corriher: "Re: Certifying a RedHat Install"
- Maybe in reply to: abe: "Certifying a RedHat Install"
- Next in thread: Gunnoe, Jason: "RE: Certifying a RedHat Install"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
