Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000,...
-
Upload
charity-tyler -
Category
Documents
-
view
213 -
download
0
Transcript of Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000,...
![Page 1: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/1.jpg)
Patch and Software Management
CSCI N321 – System and Network Administration
Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University
![Page 2: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/2.jpg)
Section Overview
Software bugsPatching ApproachesSoftware InstallationSoftware Inventory and Removal
![Page 3: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/3.jpg)
References
RedHat Fedora 15 Installation GuideRedHat Fedora Support – Documentation
![Page 4: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/4.jpg)
It’s a bug’s life…
Source: Source: History of Computing
Virginia TechVirginia Tech
U.S. Navy Capt. Grace Hopper finds U.S. Navy Capt. Grace Hopper finds first computer bug in August, 1945first computer bug in August, 1945
From Hopper’s logbook From Hopper’s logbook
![Page 5: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/5.jpg)
Computer Bugs
Bug (n): An unwanted and unintended property of a program or piece of hardware, esp. one that causes it to malfunction.*
Security related issuesCoredumpsUnauthorized access
**Source: Source: The New Hackers Dictionary
![Page 6: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/6.jpg)
Software Patches
Fix bugs discovered after version releaseNotification Vendor email lists Security Announcements (i.e. CERT) Software Auditing Agents (i.e. Secunia PSI)
Automated systems Fedora & RedHat: yum update Microsoft: Windows Update
![Page 7: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/7.jpg)
Secunia PSI
Can see current state from Traybar Icon
![Page 8: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/8.jpg)
Patch Integrity
How do you know that a software update is legitimate?Checksums (e.g. Tripwire) Hash Value of package Cryptographically Signed
MS Authenticode
![Page 9: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/9.jpg)
Authenticode Popup
![Page 10: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/10.jpg)
Authenticode
ExecutableExecutableProgramProgram
SignatureSignature
Author CertificateAuthor Certificate
Source: Web Security and Commerce Simson Garfinkel and Gene Spafford
![Page 11: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/11.jpg)
Large Scale Patching/Updating
Pull vs. PushFully Automated?Gradual Rollout One Some Many
Document process
![Page 12: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/12.jpg)
New Software Installations
Binary Packages Fedora & RedHat:
yum install <pkg> (Network) rpm –ihv <pkg> (Local file)
Microsoft: setup.exe (Self-Extracting Zip?) Windows Installer (.msi files)
Java and ActiveX Installers
Source Code Autoconf Look for README files
![Page 13: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/13.jpg)
Installation locations
Windows: Typically c:\Program Files Libraries c:\Windows\System32
Linux: Distribution Packages: /usr Third Party: /usr/local Version Control? (i.e. stow)
![Page 14: Patch and Software Management CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.](https://reader035.fdocuments.us/reader035/viewer/2022070412/5697bf711a28abf838c7e207/html5/thumbnails/14.jpg)
Package Management
Inventory Linux: rpm –qa Microsoft:
Start->All Programs Control Panel->Programs->Programs and Features
Removal Linux: rpm –e <pkg> Microsoft:
Uninstall programs (Start->All Programs) Control Panel->Programs->Programs and Features