Question

WHAT YOU WILL LEARN IN THIS CHAPTER:

• Patch Management
• ManageEngine Desktop Central
• Configuration Management
• Clonezilla live

I had so much fun this past October at the Wild West Hacking Fest (WWHF) in South Dakota. Conferences are a great way to connect to people who share the same interests as you, and when you get all that intelligence and weirdness in the same room, it's just phenomenal. I've been to BlackHat, DefCon, and BSides, but the WWHF by far has been the most hands‐on con I've ever had the pleasure of attending. Any conference you attend and find yourself with James Lee (aka Egypt), the author of many Metasploit exploits, and Johnny Long, the original Google Dork, sitting across the table from you working on the same hack is a conference that you put on your agenda for the next year. Ed Skoudis was the keynote speaker and was able to give us the backstory to WebExec, the vulnerability in Cisco's WebEx client software. Ed's team at CounterHack discovered the vulnerability in July 2018 and worked with Cisco's PSIRT team to remediate. He was able to discuss the advisory at the conference on October 24, the day of his keynote speech.

One of the best things about the WWHF is that all the talks are online. If you can't get to South Dakota, you can still listen to all the talks given by subject‐matter experts. Ed's keynote topic was the “Top 10 Reasons It's GREAT to Be a PenTester.” Number 9 was Java and Adobe Flash. They are incredibly vulnerable, and so many organizations do not have a solid patch‐management program. In fact, Magen Wu, senior associate at Urbane Security and my favorite red‐shirted Goon at DefCon, says that in her experience of small to medium businesses, only one business in five has a well‐documented patch‐management policy in place. That's not good.

Patch management is a vital area of systems management. As your security model matures, it becomes necessary to develop a strategy for managing patches and upgrades to systems and software. Most software patches are necessary to fix existing problems with software that are discovered after the initial release. A great many of these are security focused. Other patches might have to do with some type of specific addition or enhancement to functionality of software. As you see in Figure 12.1 , the patch management lifecycle is similar to the vulnerability management lifecycle I discussed in Chapter 4 , “OpenVAS: Vulnerability Management.”

Figure 12.1 : The patch management lifecycle