Post on 17-Jan-2016
Patch and Software Management
CSCI N321 – System and Network Administration
Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University
Section Overview
Software bugsPatching ApproachesSoftware InstallationSoftware Inventory and Removal
References
RedHat Fedora 15 Installation GuideRedHat Fedora Support – Documentation
It’s a bug’s life…
Source: Source: History of Computing
Virginia TechVirginia Tech
U.S. Navy Capt. Grace Hopper finds U.S. Navy Capt. Grace Hopper finds first computer bug in August, 1945first computer bug in August, 1945
From Hopper’s logbook From Hopper’s logbook
Computer Bugs
Bug (n): An unwanted and unintended property of a program or piece of hardware, esp. one that causes it to malfunction.*
Security related issuesCoredumpsUnauthorized access
**Source: Source: The New Hackers Dictionary
Software Patches
Fix bugs discovered after version releaseNotification Vendor email lists Security Announcements (i.e. CERT) Software Auditing Agents (i.e. Secunia PSI)
Automated systems Fedora & RedHat: yum update Microsoft: Windows Update
Secunia PSI
Can see current state from Traybar Icon
Patch Integrity
How do you know that a software update is legitimate?Checksums (e.g. Tripwire) Hash Value of package Cryptographically Signed
MS Authenticode
Authenticode Popup
Authenticode
ExecutableExecutableProgramProgram
SignatureSignature
Author CertificateAuthor Certificate
Source: Web Security and Commerce Simson Garfinkel and Gene Spafford
Large Scale Patching/Updating
Pull vs. PushFully Automated?Gradual Rollout One Some Many
Document process
New Software Installations
Binary Packages Fedora & RedHat:
yum install <pkg> (Network) rpm –ihv <pkg> (Local file)
Microsoft: setup.exe (Self-Extracting Zip?) Windows Installer (.msi files)
Java and ActiveX Installers
Source Code Autoconf Look for README files
Installation locations
Windows: Typically c:\Program Files Libraries c:\Windows\System32
Linux: Distribution Packages: /usr Third Party: /usr/local Version Control? (i.e. stow)
Package Management
Inventory Linux: rpm –qa Microsoft:
Start->All Programs Control Panel->Programs->Programs and Features
Removal Linux: rpm –e <pkg> Microsoft:
Uninstall programs (Start->All Programs) Control Panel->Programs->Programs and Features