By default, Redhat installed off the internet does not necessarily install with the latest packages and a CD-ROM install may be out of date or have bugs that can be used for hackers to attach your Redhat Linux system. Thus checking for updated programs and RPMs (Redhat Package Manager) are mandatory. The AutoRPM (http://www.autorpm.org/) program by Kirk Bauer makes this much easier to do and can potentially automate this process. Be wary that updating some progarms such as netscape may require manual intervention due to strangeness with the dependencies that autorpm cannot handle.
Another note of warning is to be wary that on automatically updating programs as described here as the updating might over-write a secure configation file with a default configuration file. If concerned about this, it may be best not to have automatic updates of installed programs but be warned of updates and then update manually.
Note: Because of variations in install, multiple toolsets, (never knowing whether a previous install might have affected the next one); some/all(?) of the following information might be wrong; and there are probably better methods for doing the following. Keep this in mind and feel free to think a bit before blindly following the instructions. It is assumed you are logged in a root to do the following.
Autorpm can be used on other types of Linux (Debian Linux has it's own auto-updating system using the apt program - refer: http://www.debian.org/security/).
A related package (mainly for validating what is installed) is CheckPackages ("Compares filesystem against RPM database") (http://www.autorpm.org/)
To run autorpm to upgrade your Redhat Linux distribution, first decide which update area you
will be targetting based on the closest Redhat Mirror area:
Edit the /etc/autorpm.d/pools/redhat-updates file and delete the mirrors that you don't want used in the pool.
This may take a while depending on the internet link and the speed of the computer). On completion, (and if there are any changes/updates/potential installs) autorpm will E-mail you with an output stating (with the above configuration) what files it updated and what files are new/require manual intervention for updating. Note that if it thinks there may be a problem updating a particular RPM, it will not do this but state this in the Email it sends (most commonly this would be due to the RPM missing dependencies).
Be wary that after running "autorpm" that some services may have been restarted in a mode that may make it visible it to hackers. A Redhat 6.0 example was with XFree86 in that Port 6000 became visible again (this was disabled in the Redhat Linux install tutorials using the "-nolisten tcp" option)