Keep Linux Patches Up to Date to Avoid Getting Hacked
Ongoing patching is perhaps the best thing you can do to enhance the security of your Linux systems and avoid those pesky hackers. Regardless of the Linux distribution you use, using a tool to assist in your patching efforts makes your job a lot easier.
Often, Linux is completely out of the patch management loop. With the focus on patching Windows, many network administrators forget about the Linux systems they have on their network. Don’t fall into this trap.
The distribution process is different on every distribution of Linux. You can use the following tools, based on your specific distribution:
Red Hat: The following tools update Red Hat/Fedora Linux systems:
Red Hat Package Manager (RPM), which is the GUI-based application that runs in the Red Hat GUI desktop. It manages files with an .rpm extension that Red Hat and other freeware and open source developers use to package their programs.
up2date, a command-line, text-based tool that’s included in Red Hat/Fedora.
Debian: You can use the Debian Package System (dpkg) included with the operating system to update Debian Linux systems.
Slackware: You can use the Slackware Package Tool (pkgtool) included with the operating system to update Slackware Linux systems.
SUSE: SUSE Linux includes YaST2 Software Management.
In addition to Linux kernel and general operating system updates, make sure you pay attention to Apache, OpenSSL, OpenSSH, MySQL, and other software on your systems. They have weaknesses that you probably don’t want to overlook.
Multi-platform update managers
The open source option for multiple Linux platforms called RPM Package Manager is worth checking out. Commercial tools have additional features, such as correlating patches with vulnerabilities and automatically deploying appropriate patches. Commercial tools that can help with Linux patch management include Kaseya Patch Management and Lumension Patch and Remediation.