PCI compliance and backporting

Due to the complex and sensitive environments of today world many groups of servers will require to get quarterly or annual security audits especially if they are part of PCI. Unfortunately for Sysadmin’s most security scanning tools are blind to backports done by both redhat and novell. backporting is where the security patches are applied to the older (current) versions of the packages that was shipped with a particular version of the operating system. So while you can have 1 major version of the package installed it will have many different versions of backports applied to it. The process itself… Continue Reading