A.18 Chapter 17: Keeping Up to Date

  • Learn how to acquire and apply vendor patches to your operating system and applications.

  • Use an available secure system to download patches to apply to a new Unix installation.

  • Verify software with PGP signatures. Make sure you obtain the author's PGP key from a trusted source (or multiple independent sources).

  • Check the MD5 checksum of downloaded software.

  • Read mailing lists that publish general security announcements.

  • Read mailing lists devoted to your vendors' products.

  • Consider when and how you will back out a patch that doesn't work.

    Part VI: Appendixes