Monitoring for New Vulnerabilities

New exploits to vulnerabilities appear every day, so it is a full-time job to keep a system without known vulnerabilities. Administrators have to monitor patches and updates to all the software on their systems. Some vendors will bundle security- related fixes into general release patches, so it is not enough to remain current with security patches; all software patches have to be managed.

Keeping Software Current

Keeping the software current is extremely important in keeping the system secure. A system that is well-managed, with a system manager who keeps current with the activities of his system and its users, is much less likely to become the victim of a successful attack.

New versions of software fix known bugs that could have been used to compromise a system, sometimes without any notification of the repair. It is more likely that older versions of software have had their behavior studied and their flaws exploited. Most security incidents are caused by exploiting known security problems, generally with older software.

The Red Hat Update Agent, up2date , can retrieve the latest software packages directly from Red Hat. This tool can be used to keep the system up-to-date with all security patches, bug fixes, and software package enhancements. Your system will have to be configured with the current Red Hat GPG key to verity the authenticity and integrity of the software being downloaded.

Installing Security Patches

By the time a security issue has been defined and a repair has been released for it, the hacker community also knows about the problem and how to exploit it. This is why it is imperative that you install all applicable security patches. This will protect you from known problems. Quite often it is these defects that are the basis of tools created to compromise a system that are utilized by unskilled hackers.

^[82] Frank, Diane, "Feds Leave Door Open for Hackers," Federal Computer Week , 20 December 1999.

Subscribe to security mailing lists, especially those specific to your vendor. These mailing lists will discuss current attacks that have been experienced and will announce security patches when they become available. Read these lists and heed the suggestions in them.

Obtaining HP-UX Security Bulletins

Security software patches are available via e-mail from the HP Electronic Support Center, which encompasses all aspects of support for HP products. An up-to-date security patch matrix and the Security Bulletin archives which requires registration. Follow the instructions at the following web page.

http://www.hp.com/security/support/notification.html

You should also examine the security bulletins themselves , because not all security bulletins result in a patch.

Linux Security Alerts

All Security Alerts, Bug Fix Alerts, and Enhancement Alerts (collectively known as Errata Alerts) can be retrieved directly from Red Hat. Red Hat Network (rhn.redhat.com) is an Internet service designed to aid in the managing of Red Hat Linux systems. It keeps track of when Errata Updates are released and sends you e-mail notifications, thereby reducing the time and effort required by system administrators to stay on top of the errata list, minimize security vulnerabilities in your network by providing the patches as soon as they are released and schedule automatic update delivery to selected systems.