exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

AA-93.01.MegaPatch.1.5

AA-93.01.MegaPatch.1.5
Posted Sep 23, 1999

AA-93.01.MegaPatch.1.5

SHA-256 | 9ae7e6c762ccbcd1d0ce0878130ef85fa058525979b09362f28dfd7b4b814e07

AA-93.01.MegaPatch.1.5

Change Mirror Download

As part of the SERT initiative, a "MegaPatch" has been developed to install
security patches on Sun Microsystems machines running SunOS 4.1.3. The
purpose of this message is to announce the availability of The MegaPatch
version 1.5, and to notify SERT constituents of the forthcoming version 1.6.
Both of these versions are applicable only to SunOS 4.1.3.

Development is under way on a MegaPatch for SunOS 4.1.2. This package is
not yet available.

If you have any questions regarding the MegaPatch, please send electronic
mail to megapatch@sert.edu.au.


MegaPatch version 1.5
=====================

Release Date: 19/03/1992

This MegaPatch has been developed to apply a number of security patches in a
one time manner to SunOS. The MegaPatch is an un-productised version of Sun
Microsystems's ConSePT and as such may have additional features/
enhancements/improvements which are not supported by Sun.

The MegaPatch currently works for SunOS systems 4.1.3 only and will
require approximately 5-10Mb of free disk space to install and execute.
It is recommended that this be installed on a freshly installed version
of SunOS, as it is then unlikely that trojan horse or other similarly
modified programs will exist on your machine.

The MegaPatch is supplied as a compressed tar archive - there is a script file
supplied for easy installation. It is distributed on an "all care and no
responsibility" basis - that is, every care has been taken in it's
development, but no responsibility will be accepted for unexpected results.
The MegaPatch has been used by several sites already.

The MegaPatch is available by anonymous ftp from ftp.qut.edu.au, under the
security directory.

The MegaPatch currently includes these patches: 100103-10 files, 100173-10 NFS,
100296-04 NFS, 100305-10 lpr, 100372-02 C2 & tfs, 100377-05 sendmail,
100383-05 rdist, 100448-01 OW3, 100478-01 OW3, 100482-04 NIS, 100507-04 tmpfs,
100513-01 tty, 100564-05 C2 & NIS, 100567-04 network, 100630-01 login/su,
100633-01 ARM/ASET

Additional localisation routines have been added to the MegaPatch to enhance
site security. The local scripts are detailed below:

local.aaa A script to fix some of the permissions after the installation
of the MegaPatch.
local.log_tcp A script to install the TCP/IP firewall program log_tcp version
4.3. This restricts TCP/IP access to telnet and ftp by
changing /etc/inetd.conf and further restricts these
connections to this hosts. To allow wider access edit the
file /etc/hosts.allow to add hosts or domains in comma
separated lists.
local.rmrhosts This script removes all .rhosts files and /etc/hosts.equiv,
this makes the use of rsh... a little more secure.
local.rread This script processes the binary system executables and removes
the read permission on these. This make it more difficult for
users to pull apart programs with the strings command or for
users to accidently copy large amounts of data or to copy a
program such as telnet to a file such as vi in their directory
to evade system accounting.
local.tripwire This script installes a default installation of tripwire 1.02
in the directory /usr/local/etc, with the database of file
signatures being stored in /usr/local/etc/databases.
local.ttytab This script ensures that secure is set ONLY for the console in
the /etc/ttytab file. This way root can only login on the
console.
local.xx-cops This script will install a minimal installation of COPS in
/usr/local/etc and produce a report on the security of your
system. The report will be placed in the directory
/usr/local/etc/cops_104/`hostname`.
local.zz-kernel This script will ask additional questions with regard to which
options you wish added or deleted from the kernel. To ensure
maximum security, answer y to all questions (but be aware that
this may limit the use of some subsystems). Then the kernel
will be re-configured and rebuilt, even if their is no
pre-existing kernel configuration file.
THE KERNEL MUST BE REBUILT EITHER BY THIS SCRIPT OR MANUALLY AS
SOME OF THE PATCHES CONTAIN FILES WHICH WILL AFFECT THE
OPERATION OF THE KERNEL.

If sites have already installed some of the patches, then perform the
following steps before running the MegaPatch.

1. Determine the previously installed patches which are contained in
the MegaPatch.

2. Look in each of the relevant directories at the installpatch script.
The first action of the script file is to check for a file which has
been renamed to filename.pre-$PATCHNUMBER.

3. To stop a certain patch executing, touch a file of the corresponding
name as detailed in step 2 above.

(eg. to stop Patch 100372-02 being re-installed touch the following file
touch /usr/etc/tfsd.pre-100372-02 )



The following changes are planned for release 1.6
=================================================

Due date for release: 30/03/1993 (although this is not cast in stone).

1. The following patches will be upgraded to the latest release:
Previous version Current version Detail
--------------------------------------------------------------
100173-09 100173-10 NFS jumbo
100305-10 100305-11 lpr
100383-05 100383-06 rdist
100513-01 100513-02 tty jumbo

2. The following patches will be added according to advise from CIAC
(Advisory number D-11 on March 19, 1993):
Patch number Detail
----------------------------------------
100224-06 /bin/mail jumbo patch
100623-03 UFS jumbo patch
100891-01 libc replacement

3. The size of MegaPatch 1.6 will increase substantially due to the libc
patch. It is anticipated that the compressed patch will now be
approximately 6Mb (compared to approximately 3Mb for version 1.5).




The MegaPatch is a result of the SERT initiative. The development work has
been a joint effort between QUT staff and Sun Microystems. A MegaPatch for
SunOS 4.1.2 is currently under development, and announcements will be made
at the appropriate time.

If you have any questions regarding the MegaPatch, please send electronic
mail to megapatch@sert.edu.au.

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close