Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Fwd: Certifying a RedHat Install
From: Jim Horwath (jim.horwathrcn.com)
Date: Wed Jul 14 2004 - 16:22:03 CDT
You could try a few things:
- Harden the box without being connected to a network
- Install and run tripwire before the machine is connected
to the network. Store the database on read-only media. Run
tripwire on a regular basis once the system is connected
back to the network.
- Run the CIS Security benchmark tool against the system,
this will display a security rating based on standard
- Run a nmap scan against the system
- Run a full blown NESSUS scan against the system. NESSUS
will also include nmap as part of the scan.
- Run the latest rootkit check.
- Document your installation procedure so you can prove your
- List all isntalled packages
---- Original message ----
>Date: Wed, 14 Jul 2004 10:37:48 -0700
>From: abe <abeabeowitz.com>
>Subject: Certifying a RedHat Install
>My client wants me to certify there are no back doors in
the RedHat 9
>server we are going to deliver. It's a base RH9 install
with a few
>extra RPM's, like Guarddog.
>Question is what's the best way for us to certify this?
>* rpm -Va ?
>* A global md5 on each file?
>Also, what's the best way to minimize liability if they are
>don't want to get sued because the were negligent.