The University of Southampton
University of Southampton Institutional Repository

Linux patch management: With security assessment features

Linux patch management: With security assessment features
Linux patch management: With security assessment features
The lack of patch management has been identified as the main reason for many ransomware attacks. The cost of patch management is still an obstacle for many small and medium-size businesses. There are many open source, free of charge, patch management systems but these require many pre-configuration steps making them complicated to use. Hence, this paper presents a patch management system that is cost-effective but also efficient in terms of set-up time. We have written the system in Python with Puppet and Mcollective to aid the configuration steps. An additional feature of this system is the ability to assess the security of the system being patched, using CVE scanning.
Patch Management, Linux, Software Inventory, CVE Scanning, Security, Puppet, Mcollective.
270-277
Midtrapanon, Soranut
1a941a91-047e-4df9-bfc8-9369dd9fa4b5
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0
Midtrapanon, Soranut
1a941a91-047e-4df9-bfc8-9369dd9fa4b5
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0

Midtrapanon, Soranut and Wills, Gary (2019) Linux patch management: With security assessment features. 4th International Conference on Internet of Things, Big Data and Security, IoTBDS 2019, Heraklion, Crete, Greece. 02 - 04 May 2019. pp. 270-277 .

Record type: Conference or Workshop Item (Paper)

Abstract

The lack of patch management has been identified as the main reason for many ransomware attacks. The cost of patch management is still an obstacle for many small and medium-size businesses. There are many open source, free of charge, patch management systems but these require many pre-configuration steps making them complicated to use. Hence, this paper presents a patch management system that is cost-effective but also efficient in terms of set-up time. We have written the system in Python with Puppet and Mcollective to aid the configuration steps. An additional feature of this system is the ability to assess the security of the system being patched, using CVE scanning.

Text
Patch Management - Accepted Manuscript
Download (912kB)

More information

Published date: 4 May 2019
Venue - Dates: 4th International Conference on Internet of Things, Big Data and Security, IoTBDS 2019, Heraklion, Crete, Greece, 2019-05-02 - 2019-05-04
Keywords: Patch Management, Linux, Software Inventory, CVE Scanning, Security, Puppet, Mcollective.

Identifiers

Local EPrints ID: 433023
URI: https://eprints.soton.ac.uk/id/eprint/433023
PURE UUID: cef899f4-80d7-4ec7-ac7a-48db0a5ca3f3
ORCID for Gary Wills: ORCID iD orcid.org/0000-0001-5771-4088

Catalogue record

Date deposited: 06 Aug 2019 16:30
Last modified: 07 Aug 2019 00:50

Export record

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of https://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×