[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Guaranteeing running code is signed



On Sat, 2009-05-09 at 21:36 +0300, Ahmed Kamal wrote:
> Is there any technology in fedora, that enables me to ensure that ALL
> running code on a certain server (even code not installed from RPMs, such as
> say by a legacy admin), has been signed by redhat, and to warn me about
> un-signed code that is running or about to run. I am interested to verify a
> server is in a "known-good" state

1) look into "FIPS mode"

2) rpm --query --all --verify

3) System fingerprinting tools such as AIDE

-- 
Jesse Keating
Fedora -- FreedomĀ² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]