Software is the attack surface. Every installed package is a potential vulnerability. As a security professional, you need to know how to install, update, audit, and remove software on Linux systems — and how to identify when installed software has known vulnerabilities. This lesson covers package management from both Debian/Ubuntu (APT) and RHEL/CentOS (DNF/YUM) families, plus software security auditing.
APT Package Management (Debian/Ubuntu/Kali)
APT (Advanced Package Tool) is the package management system used by Debian, Ubuntu, Kali Linux, and their derivatives. It handles dependency resolution, installation, updates, and removal of .deb packages.
Essential APT Commands
root@vulnarex:~## Update package lists (always do this first)
sudo apt update
# Upgrade all installed packages
sudo apt upgrade -y
# Install a security tool
sudo apt install nmap wireshark tcpdump -y
# Remove a package completely (including config)
sudo apt purge telnet -y
# Search for available packages
apt search vulnerability scanner
# Show package information
apt show openssh-server
# List all installed packages
dpkg -l | wc -l
# List manually installed packages
apt-mark showmanual
DNF/YUM Package Management (RHEL/CentOS/Fedora)
RHEL-based distributions use DNF (or the older YUM) to manage .rpm packages. The commands are similar to APT but with different syntax.
Essential DNF Commands
root@vulnarex:~## Update package metadata
sudo dnf check-update
# Upgrade all packages
sudo dnf upgrade -y
# Install a package
sudo dnf install nmap wireshark -y
# Remove a package
sudo dnf remove telnet -y
# Search for packages
dnf search metasploit
# Show package info
dnf info openssh-server
# List installed packages
dnf list installed | wc -l
# Show what package provides a file
dnf provides /usr/bin/nmap
Software Security Auditing
Knowing what software is installed is only half the battle. You need to know which installed packages have known vulnerabilities. This is where security auditing comes in.
Check for Security Updates and Vulnerabilities
root@vulnarex:~## Check for available security updates (Ubuntu)
sudo apt update
apt list --upgradable 2>/dev/null | grep -i security
# Check which packages need security updates
/usr/lib/update-notifier/apt-check --human-readable 2>&1
# Use apt-audit to check for CVEs (install apt-audit first)
sudo apt install apt-audit
apt-audit
# On RHEL, check security advisories
dnf updateinfo list security
# Check a specific package for known CVEs
dnf updateinfo list --cve CVE-2024-1234
Minimizing the Attack Surface
One of the most effective hardening techniques is removing unnecessary software. Every installed package increases your attack surface. Here is how to audit and minimize:
Audit and Remove Unnecessary Packages
root@vulnarex:~## List all installed packages with descriptions
dpkg -l | awk '{print $2}' | while read pkg; do
echo "=== $pkg ==="
apt show $pkg 2>/dev/null | grep -E "(Priority|Section|Description)"
done
# Find and remove orphaned packages
sudo apt autoremove --purge -y
# Check for packages installed from non-standard repos
apt-cache policy $(dpkg -l | awk '/^ii/{print $2}') | grep -B1 "\*\*\*" | grep -v "\*\*\*" | sort -u
# Identify packages not from official repos
apt-forktracer 2>/dev/null || echo "Install apt-forktracer for this check"
info
💡 Legacy protocols like telnet, ftp, rsh, and rlogin transmit credentials in plaintext. They should never be installed on modern systems. Replace them with SSH and SFTP. During audits, flag any system with these packages installed as a finding.
Repository Security
Package repositories must be trusted. An attacker who compromises a repository can distribute malicious packages to every system that uses it. Always use signed repositories and verify GPG keys.
bash
STRICT SECURE AUDIT RULE
⚠️ Never add third-party repositories without verifying their authenticity. Supply chain attacks against package repositories are a growing threat. Always check GPG signatures and use HTTPS for repository URLs.
quiz BLOCK (★ 50 XP)
During a security audit, you find that a production server has telnet, ftp, and rsh installed. What is the PRIMARY security concern?
Select your proof vectors above
Verification Proof Checkpoint
Verify exercises to earn ★ 130 XP and unlock next lab level.