Difference between revisions of "Manual Package Updates"

From NST Wiki
Jump to navigationJump to search
(Updated directions for arp-scan)
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
Currently, there are no packages which have "add-ons" which need to be manually updated.
+
= Package Data Files =
  
* Boot a recent build and bring up Firefox. Make sure that Firefox has its default settings set as specified on the [[Firefox Configuration]] page.
+
== arp-scan ==
  
* The Metasploit exploits need to be manually updated to the latest version by hand before building the final release.
+
Update the yum/pkgs/arp-scan/src/ieee-oui.txt included in the arp-scan package by:
  
= Packages Which Are Updatable =
+
* Use the "Update OUI" button in the settings panel on the NST WUI.
 +
* Copy the updated /usr/share/arp-scan/ieee-oui.txt file from the NST system to the yum/pkgs/arp-scan/src/ieee-oui.txt location on the NST build system.
 +
* Bump the release number in yum/pkgs/arp-scan/pkginfo.xml.
 +
* Update the change log in yum/pkgs/arp-scan/template.spec.
  
Some other packages also have the notion of "updates", but these are either done automatically during the build process, or manually by the end user.
+
= Check Package URLs =
  
* The clamav package should ship with the latest signatures (this should be automatic in the configure/build process).
+
There are many ''pkginfo.xml'' files which are associated with the RPM packages making up the NST yum repository. Each of these ''pkginfo.xml'' files will have two or more URLs. As time goes by these URLs may ''move'' and need to be updated. You can run the ''make url-check'' command from the ''yum'' directory to:
  
* The nikto package has a update feature, but at this time it is not done prior to build the ISO image.
+
* Extract the URLs from each fo the ''pkginfo.xml'' files.
 +
* Run the ''curl -head'' command on each of the extracted URLs.
 +
* See '''ok''', '''skip''' or '''FAIL''' displayed on the screen next to each URL as it is checked.
 +
* Create two log files: ''url-check.log'' and ''url-check-details.log''.
  
* The Nessus package allows one to update rules, but these rules can not be re-distributed. Hence the end users need to do this on their own.
+
Here is a example of running the command:
  
* The Snort package is similar to Nessus.
+
[root@taco-dev32 dev]# cd yum
 +
[root@taco-dev32 yum]# make url-check
 +
[ok]  file:///root/dev/yum/pkgs/ipsc/src/ipsc-0.4.3.tar.bz2
 +
[ok]  file:///root/dev/yum/pkgs/nst-disk-speed/src/seeker.c
 +
[ok]  file:///root/dev/yum/pkgs/smtpclient/src/smtpclient-1.0.0.tar.gz
 +
[ok]  file:///root/dev/yum/pkgs/tcptrack/src/tcptrack-1.4.2.tar.gz
 +
 +
... output continues as all URLs are checked ...
 +
 +
[root@taco-dev32 yum]#
  
* The GeoIP databases are similar to Nessus.
+
If you just want to see the list of URLs with issues, you can run the following '''grep''' command on the generated log file:
 +
 
 +
[root@taco-dev32 yum]# grep -v ok url-check.log
 +
[skip] git://github.com/gnumaniacs/netsniff-ng.git
 +
[root@taco-dev32 yum]#
 +
 
 +
NOTE: The ''skip'' entries indicate protocols which '''curl''' is unable to handle and verification is skipped. If you would like to verify the skipped entries, you will need to do it manually.
 +
 
 +
= Check Date Change Logs =
 +
 
 +
Run the following command to verify that all change log dates in the spec files are good.
 +
 
 +
[nst28-repo@nst yum]$ make changelog-date-check
 +
all - Changelog date(s) ok
 +
[nst28-repo@nst yum]$

Latest revision as of 03:42, 7 May 2024

Package Data Files

arp-scan

Update the yum/pkgs/arp-scan/src/ieee-oui.txt included in the arp-scan package by:

  • Use the "Update OUI" button in the settings panel on the NST WUI.
  • Copy the updated /usr/share/arp-scan/ieee-oui.txt file from the NST system to the yum/pkgs/arp-scan/src/ieee-oui.txt location on the NST build system.
  • Bump the release number in yum/pkgs/arp-scan/pkginfo.xml.
  • Update the change log in yum/pkgs/arp-scan/template.spec.

Check Package URLs

There are many pkginfo.xml files which are associated with the RPM packages making up the NST yum repository. Each of these pkginfo.xml files will have two or more URLs. As time goes by these URLs may move and need to be updated. You can run the make url-check command from the yum directory to:

  • Extract the URLs from each fo the pkginfo.xml files.
  • Run the curl -head command on each of the extracted URLs.
  • See ok, skip or FAIL displayed on the screen next to each URL as it is checked.
  • Create two log files: url-check.log and url-check-details.log.

Here is a example of running the command: 

[root@taco-dev32 dev]# cd yum
[root@taco-dev32 yum]# make url-check
[ok]   file:///root/dev/yum/pkgs/ipsc/src/ipsc-0.4.3.tar.bz2
[ok]   file:///root/dev/yum/pkgs/nst-disk-speed/src/seeker.c
[ok]   file:///root/dev/yum/pkgs/smtpclient/src/smtpclient-1.0.0.tar.gz
[ok]   file:///root/dev/yum/pkgs/tcptrack/src/tcptrack-1.4.2.tar.gz

... output continues as all URLs are checked ...

[root@taco-dev32 yum]#

If you just want to see the list of URLs with issues, you can run the following grep command on the generated log file: 

[root@taco-dev32 yum]# grep -v ok url-check.log
[skip] git://github.com/gnumaniacs/netsniff-ng.git
[root@taco-dev32 yum]#

NOTE: The skip entries indicate protocols which curl is unable to handle and verification is skipped. If you would like to verify the skipped entries, you will need to do it manually.

Check Date Change Logs

Run the following command to verify that all change log dates in the spec files are good. 

[nst28-repo@nst yum]$ make changelog-date-check
all - Changelog date(s) ok
[nst28-repo@nst yum]$
Retrieved from "https://wiki.networksecuritytoolkit.org/nstwiki/index.php?title=Manual_Package_Updates&oldid=10143"