Solved

Ubuntu Patches and misc checks

Posted on 2012-04-04
4
397 Views
Last Modified: 2012-04-24
1) Do ubuntu release security updates for their OS, if so often are they released, perhaps on a monthly scale. Are there any tools to identify missing linux security patches?

2) How can you run a list of server apps running on the server with their software version

3) How can you run a list of all local user accounts on the server and audit their password strength/policy? Is there anywhere to see a "password last changed" type feature?
0
Comment
Question by:pma111
  • 2
4 Comments
 
LVL 77

Accepted Solution

by:
arnold earned 250 total points
ID: 37809176
apt-get or aptitude if you are running a GUI, there is a system tool for software updates that will list the data and let you decide whether you want to install.
Ubuntu releases updates, it does not maintain versions and.

Usually there should be one question per post as multiple unrelated question lead to long running correspondence.
http://www.cyberciti.biz/faq/debian-ubuntu-linux-list-available-package-update/
http://www.cyberciti.biz/tips/linux-debian-package-management-cheat-sheet.html
Ubuntu is a Using similar features to Debian.


dpkg --get-selections
0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 37809206
Hi,

1) Ubuntu releases security and bugfix patches regularly. They are released as soon as they prepare a package. Sometimes they issue patches for several programs and sometimes there are 2-3 days with no patches. So there's not a specific time on how often they do. But they so it regularly and the package manager continuously monitor for new patches and notifies you when threes a new patch to retrieve.  The package manager checks updates and lists the missing patches to you immediately.

2) The command to get a list of all installed software you can use this command:

# sudo dpkg --get-selections

Open in new window


3) Ubuntu employs a tool called pam_cracklib and audits the strength of passwords and does not allow very weak passwords. The complexity requirements also can be set using the config files. But as with windows once a password  was accepted it is encrypted with a one-way algorithm and only way to audit the strength of a password after input is try to crack it. There are tools such as john the ripper. Which can run a rule-based bruteforce and dictionary attack on  a given account.  if you cat /etc/shadow you will get  list of all current users and the active accounts are the ones that the following field (":" is the separator between fields)is not an asterisk or a double exclamation marks. They are service / disabled accounts. So you can feed the accounts to jack the ripper nd it can try to crack passwords.
sudo chage -l username

Open in new window

Will display additional info including last password change date for a given user.

Cheers,
K.
0
 
LVL 3

Author Comment

by:pma111
ID: 37826653
>>The package manager

Could you provide a screenshot of the package manager so I can visualise how this appears in terms of here are the out of date software?
0
 
LVL 77

Expert Comment

by:arnold
ID: 37827830
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Guacamole and browser performance 1 64
LINUX, CPANEL & WHM 5 44
Check if a filw is immutable for a certain amount of time 6 48
wipe a usb using python 5 30
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now