1
00:00:00,000 --> 00:00:01,270
[No audio]

2
00:00:01,270 --> 00:00:05,310
One of the most important method of securing your

3
00:00:05,420 --> 00:00:10,590
operating system is to remove unnecessary or orphan packages.

4
00:00:11,630 --> 00:00:15,138
So unnecessary packages are the packages that you do

5
00:00:15,164 --> 00:00:18,906
not need or your system or your application does not

6
00:00:18,968 --> 00:00:22,546
require to have it on your system. And orphan packages

7
00:00:22,618 --> 00:00:26,238
are those that are left behind after you move the

8
00:00:26,264 --> 00:00:28,950
packages and there are dependency on them.

9
00:00:29,060 --> 00:00:33,380
So the first rule is to keep your server lean and mean.

10
00:00:34,070 --> 00:00:36,810
So basically no fat on it.

11
00:00:36,920 --> 00:00:40,940
Install only those packages that you really needed.

12
00:00:41,390 --> 00:00:43,698
If there are unwanted packages, what do you need

13
00:00:43,724 --> 00:00:47,310
to do is simply slash them, delete them.

14
00:00:47,480 --> 00:00:51,920
Fewer the packages, the less chances of unpatched code.

15
00:00:52,430 --> 00:00:57,450
Meaning every time there are issues to any packages that

16
00:00:57,500 --> 00:01:01,218
are installed in your system, there has to be a

17
00:01:01,244 --> 00:01:05,206
code upgrade to upgrade or update that package.

18
00:01:05,337 --> 00:01:07,218
So of course, if you have less of the

19
00:01:07,244 --> 00:01:09,320
packages, the less of the code to fix.

20
00:01:09,950 --> 00:01:11,022
So here are a couple of

21
00:01:11,036 --> 00:01:12,666
guidelines that you should follow.

22
00:01:12,848 --> 00:01:16,194
Number one is do not install packages that you

23
00:01:16,232 --> 00:01:19,950
do not need during the initial installation period.

24
00:01:21,110 --> 00:01:24,834
The initial period or initial installation is when

25
00:01:24,872 --> 00:01:28,160
you are actually going through the installation process.

26
00:01:28,550 --> 00:01:30,546
Make sure you do not pick

27
00:01:30,608 --> 00:01:32,538
any packages that are not needed.

28
00:01:32,684 --> 00:01:35,910
Pick the basic which is base install.

29
00:01:36,080 --> 00:01:38,274
Even without GUI, I would recommend

30
00:01:38,372 --> 00:01:40,278
in corporate environment, don't even pick

31
00:01:40,304 --> 00:01:43,210
the GUI, simply install the Linux,

32
00:01:43,270 --> 00:01:45,680
that gives you a simple command line.

33
00:01:46,370 --> 00:01:50,406
Then if you have to install any packages later on,

34
00:01:50,528 --> 00:01:54,046
pay very close attention to the add on packages.

35
00:01:54,238 --> 00:01:56,578
There are packages that will be added

36
00:01:56,614 --> 00:02:00,070
on as a dependency that are required

37
00:02:00,250 --> 00:02:02,926
for a package to be successfully installed.

38
00:02:03,058 --> 00:02:05,802
So you could install those packages, that is fine,

39
00:02:05,876 --> 00:02:09,234
but there might be some add on additional that

40
00:02:09,270 --> 00:02:12,918
are not needed, but the program gives you like

41
00:02:12,943 --> 00:02:15,620
a promotion kind of thing to install to it.

42
00:02:16,370 --> 00:02:18,694
Please make sure you pay close attention

43
00:02:18,742 --> 00:02:20,480
to it and do not install.

44
00:02:21,350 --> 00:02:23,362
To get a list of all the packages

45
00:02:23,446 --> 00:02:26,866
that your system has right now, the command

46
00:02:26,938 --> 00:02:31,186
that you should run is rpm -qa.

47
00:02:31,318 --> 00:02:34,998
Of course, this is a command that works on

48
00:02:35,084 --> 00:02:39,450
Redhat, CentOS, and Fedora type of Linux distributions.

49
00:02:39,770 --> 00:02:43,518
You could get the listing of all the packages that

50
00:02:43,544 --> 00:02:46,666
you have in your Linux machine through that command.

51
00:02:46,798 --> 00:02:49,570
And the same command, I mean the same purpose

52
00:02:49,630 --> 00:02:52,002
can be served from a different command on a

53
00:02:52,016 --> 00:02:59,210
Ubuntu server, which is apt list -installed.

54
00:02:59,390 --> 00:03:03,070
By the way, both of these commands gives you the same

55
00:03:03,120 --> 00:03:06,250
results to get you the list of all the packages.

56
00:03:06,930 --> 00:03:09,790
What you should do is if you are going

57
00:03:09,840 --> 00:03:15,634
through the package validations or auditing and securing your

58
00:03:15,672 --> 00:03:18,178
system, then what you should do is you should

59
00:03:18,204 --> 00:03:22,970
run these commands, output to a file.

60
00:03:23,090 --> 00:03:25,498
When you get a listing of all the packages you have

61
00:03:25,524 --> 00:03:29,434
installed, put that output to a file and then you should

62
00:03:29,472 --> 00:03:32,758
go through each and every package one by one.

63
00:03:32,904 --> 00:03:37,102
Now I do understand and I completely agree

64
00:03:37,176 --> 00:03:39,442
for those who are thinking right now that

65
00:03:39,516 --> 00:03:43,618
oh my god, I have 1300, 1400 packages. Are you kidding me?

66
00:03:43,644 --> 00:03:47,400
I have to go through it all those packages, one by one?

67
00:03:48,030 --> 00:03:51,910
Okay, the answer, and the hard answer is yes.

68
00:03:52,080 --> 00:03:55,834
If you wanted to secure your system, you have

69
00:03:55,872 --> 00:03:58,414
to go through all of them one by one.

70
00:03:58,512 --> 00:04:01,858
Now, the good news is that when you go through all

71
00:04:01,884 --> 00:04:05,518
of them one by one, and you have a standard build

72
00:04:05,664 --> 00:04:09,818
that your systems, that you're going to be building more systems

73
00:04:09,854 --> 00:04:12,658
down the road, and these are the packages that you need

74
00:04:12,684 --> 00:04:15,958
to install, and the remaining ones you could get rid of,

75
00:04:16,103 --> 00:04:18,910
then it means all that effort will pay off.

76
00:04:19,019 --> 00:04:20,134
You don't have to go

77
00:04:20,172 --> 00:04:22,906
through that filtering process again.

78
00:04:23,028 --> 00:04:24,718
You could just compare what you have, what

79
00:04:24,744 --> 00:04:26,161
you don't need, and then what you don't

80
00:04:26,185 --> 00:04:28,017
need, you could just simply discard it.

81
00:04:28,164 --> 00:04:32,338
So most of the time, as a general practice, most

82
00:04:32,364 --> 00:04:35,722
of the corporate environments do have that practice in place.

83
00:04:35,856 --> 00:04:38,998
If you join a company, they probably have something,

84
00:04:39,144 --> 00:04:42,034
a template of a system that tells you hey,

85
00:04:42,072 --> 00:04:43,802
these are the package that should be installed.

86
00:04:43,826 --> 00:04:46,450
And these are package should not be installed. Perfect.

87
00:04:46,560 --> 00:04:48,874
You're in a perfect world, you get in awesome.

88
00:04:48,972 --> 00:04:51,154
But what if you get into a job and

89
00:04:51,192 --> 00:04:53,990
they don't have that type of standard or template?

90
00:04:54,050 --> 00:04:57,070
Then, then it's a time for you to shine.

91
00:04:57,390 --> 00:04:59,280
Basically, this is your opportunity.

92
00:04:59,910 --> 00:05:02,940
Go to your manager, tell them hey, listen,

93
00:05:03,450 --> 00:05:06,134
I noticed that we are installing every package

94
00:05:06,182 --> 00:05:08,146
in the system and we should not.

95
00:05:08,328 --> 00:05:10,762
So let's remove them.

96
00:05:10,956 --> 00:05:13,750
Also, one of the great things every great

97
00:05:13,800 --> 00:05:15,658
manager asks you when you go for an

98
00:05:15,684 --> 00:05:19,154
interview, how do you make your system secure?

99
00:05:19,322 --> 00:05:21,434
And if you answer I will remove

100
00:05:21,482 --> 00:05:24,490
all unnecessary packages or orphan packages,

101
00:05:24,870 --> 00:05:26,446
you'll score it right there.

102
00:05:26,508 --> 00:05:28,620
You'll understand where you're coming from.

103
00:05:29,730 --> 00:05:32,662
Anyway, go back to the point and make sure you have

104
00:05:32,676 --> 00:05:35,806
a list of all packages, go through them and remove them.

105
00:05:35,988 --> 00:05:39,394
To remove packages, the command you would have to use

106
00:05:39,432 --> 00:05:43,186
is rpm -e to erase and package name.

107
00:05:43,308 --> 00:05:46,018
And then of course, rpm is the command of Redhat or

108
00:05:46,044 --> 00:05:50,114
CentOS. For Ubuntu type of Linux distribution,

109
00:05:50,162 --> 00:05:53,610
you have to use app-get, which is app

110
00:05:53,610 --> 00:05:56,122
hyphen get space remove and space

111
00:05:56,196 --> 00:05:59,962
package name. Both performs the same function, as

112
00:05:59,976 --> 00:06:01,740
long as you get the desired result.

113
00:06:02,190 --> 00:06:04,894
Now, about orphan packages, what are those?

114
00:06:04,932 --> 00:06:06,178
Let's talk about them.

115
00:06:06,324 --> 00:06:08,446
The objective is to remove all

116
00:06:08,508 --> 00:06:11,270
orphan packages from CentOS Linux.

117
00:06:11,450 --> 00:06:16,114
By orphan packages we mean all packages which are

118
00:06:16,152 --> 00:06:19,810
no longer serve a purpose of a package dependencies.

119
00:06:20,250 --> 00:06:22,654
For example, let me give you a quick

120
00:06:22,692 --> 00:06:24,782
example so you will have a better understanding

121
00:06:24,866 --> 00:06:29,578
what exactly the above paragraph means. Package A,

122
00:06:29,664 --> 00:06:31,390
any package called a package A

123
00:06:31,440 --> 00:06:33,360
is dependent on package B.

124
00:06:33,360 --> 00:06:36,734
Thus, in order to install package A, package

125
00:06:36,782 --> 00:06:39,674
B must be installed and required. Understood.

126
00:06:39,842 --> 00:06:42,074
Once package A is removed, package

127
00:06:42,122 --> 00:06:44,690
B might still be installed.

128
00:06:44,870 --> 00:06:45,960
Do you see that?

129
00:06:46,290 --> 00:06:49,838
Therefore the package B is now orphan package.

130
00:06:49,934 --> 00:06:53,410
So you have removed package A, but package B was

131
00:06:53,460 --> 00:06:56,534
required to have a package A, but now since package

132
00:06:56,582 --> 00:06:59,854
A is gone, you don't need package B, right?

133
00:06:59,952 --> 00:07:04,546
So those packages that classify in package B

134
00:07:04,668 --> 00:07:08,230
are orphan packages and you should delete them.

135
00:07:08,340 --> 00:07:12,406
Now how do you identify those packages? Good question.

136
00:07:12,528 --> 00:07:15,374
Moving on, there is a built in utility

137
00:07:15,482 --> 00:07:18,818
which allows you to check for orphaned packages

138
00:07:18,914 --> 00:07:22,774
in your Linux machine. For CentOS type of

139
00:07:22,872 --> 00:07:26,522
Linux distributions or CentOS or Redhat,

140
00:07:26,666 --> 00:07:29,558
that utility is called yum utilities,

141
00:07:29,654 --> 00:07:32,098
of course it's in rpm packages as well.

142
00:07:32,244 --> 00:07:34,834
If you have that installed, then it means you have

143
00:07:34,872 --> 00:07:37,246
that command that I'm going to show you right now.

144
00:07:37,428 --> 00:07:39,586
Check if that exists in your system.

145
00:07:39,648 --> 00:07:42,938
Meaning check if the dependency, sorry orphan

146
00:07:42,974 --> 00:07:44,880
packages exist in your system.

147
00:07:46,050 --> 00:07:48,466
Sorry, let me take one step back.

148
00:07:48,528 --> 00:07:52,814
What I meant is check if that utility yum-utils exists

149
00:07:52,862 --> 00:07:57,662
in your system, is to run Rrpm -qa | grep yum-utils

150
00:07:57,806 --> 00:08:00,322
If that package is there, then it means

151
00:08:00,396 --> 00:08:02,710
you don't have to download or install it.

152
00:08:02,760 --> 00:08:04,214
But what if it does not exist?

153
00:08:04,262 --> 00:08:07,982
Then simply you could do yum install yum-utils.

154
00:08:08,126 --> 00:08:09,598
Okay, so once you have that

155
00:08:09,624 --> 00:08:11,038
installed, let's suppose you have it,

156
00:08:11,064 --> 00:08:13,234
now the next question is get a list of all

157
00:08:13,272 --> 00:08:20,174
orphaned packages and that is package-cleanup -leaves.

158
00:08:20,282 --> 00:08:22,042
It will give you everything, all

159
00:08:22,056 --> 00:08:24,060
the orphaned packages in your system.

160
00:08:24,570 --> 00:08:26,818
Once you identify them, what do you need to do?

161
00:08:26,844 --> 00:08:28,018
You need to remove them.

162
00:08:28,104 --> 00:08:30,682
Of course you could do rpm -e, or you

163
00:08:30,696 --> 00:08:33,482
could simply use this command which is a lot easier.

164
00:08:33,626 --> 00:08:37,462
yum remove `package-cleanup -leaves`

165
00:08:37,476 --> 00:08:39,097
the same command that we ran earlier,

166
00:08:39,134 --> 00:08:40,970
but of course with backticks.

167
00:08:41,150 --> 00:08:42,717
Backticks are the one that is

168
00:08:42,744 --> 00:08:44,520
right below your escape key.

169
00:08:44,909 --> 00:08:48,770
And of course for Ubuntu system type of systems,

170
00:08:48,830 --> 00:08:51,854
all you have to do is app-get autoremove,

171
00:08:51,962 --> 00:08:54,720
and it will do all the job for you.

172
00:08:55,830 --> 00:08:57,142
All right, so that's about

173
00:08:57,216 --> 00:08:59,702
removing unnecessary or orphaned packages.

174
00:08:59,786 --> 00:09:05,146
Now I want you to actually log into your Linux system

175
00:09:05,208 --> 00:09:08,482
and follow the way I'm going to log into my system

176
00:09:08,556 --> 00:09:11,426
and I'm going to go through these few commands.

177
00:09:11,618 --> 00:09:14,460
So I have my Linux machine right here.

178
00:09:15,330 --> 00:09:17,350
And first of all, I'm going to check

179
00:09:17,460 --> 00:09:19,198
the list of all the packages that I

180
00:09:19,224 --> 00:09:23,126
have, which we covered in the last slide.

181
00:09:23,318 --> 00:09:24,946
So I'm going to do more and

182
00:09:25,068 --> 00:09:27,070
look at how many packages I have.

183
00:09:27,120 --> 00:09:29,182
Now if I want to count how many file I

184
00:09:29,196 --> 00:09:34,618
have, I could do simply rpm -qa | wc -l, and

185
00:09:34,644 --> 00:09:38,798
it's going to tell me I have 1411 packages.

186
00:09:38,894 --> 00:09:42,478
No kidding. Yes, that is a high number.

187
00:09:42,564 --> 00:09:44,902
But anyway, as I said, what you have to do is you

188
00:09:44,916 --> 00:09:52,990
have to output to a file like /tmp/system-rpms. It

189
00:09:53,040 --> 00:09:59,078
creates a file and outputs by getting the output of rpm -qa..

190
00:09:59,114 --> 00:10:01,282
Then you go through all those packages, as I

191
00:10:01,296 --> 00:10:04,258
said, one by one, and you delete them.

192
00:10:04,284 --> 00:10:05,518
Now, the next command is to

193
00:10:05,544 --> 00:10:08,870
remove rpms or remove orphan packages.

194
00:10:08,990 --> 00:10:11,462
And for the utility, you need to have the utility.

195
00:10:11,606 --> 00:10:13,630
And to find out whether you have

196
00:10:13,680 --> 00:10:20,420
that utility, run rpm -qa | grep yum-utils.

197
00:10:21,610 --> 00:10:23,162
Yes, I do have it. Perfect.

198
00:10:23,236 --> 00:10:24,782
I don't have to install it.

199
00:10:24,976 --> 00:10:27,830
If I didn't, then you would have to install it.

200
00:10:27,940 --> 00:10:30,602
Now, the next one is clean up

201
00:10:30,676 --> 00:10:32,622
to check all the offered packages.

202
00:10:32,706 --> 00:10:37,518
So package-cleanup --leaves.

203
00:10:37,554 --> 00:10:40,226
By the way, it's --leaves not just

204
00:10:40,288 --> 00:10:45,158
one single hyphen, it's two hyphens. There you go.

205
00:10:45,184 --> 00:10:46,562
So it's give me all these

206
00:10:46,636 --> 00:10:49,190
listed listing of those packages.

207
00:10:49,750 --> 00:10:51,494
By the way, how many we have,

208
00:10:51,592 --> 00:10:54,302
wc -l, eight of them.

209
00:10:54,376 --> 00:10:56,018
So I want to get rid of them. Perfect.

210
00:10:56,104 --> 00:10:58,646
So how do I do that?

211
00:10:58,828 --> 00:11:07,122
Simply run yum remove backticks, backticks close, and hit enter.

212
00:11:07,316 --> 00:11:09,630
And it is going to remove all

213
00:11:09,680 --> 00:11:13,542
those packages that are listed above. There you go.

214
00:11:13,556 --> 00:11:14,970
It's going through that. It's just asking

215
00:11:15,020 --> 00:11:16,398
you want to go ahead and remove it?

216
00:11:16,424 --> 00:11:17,934
Yes, I wanted to go ahead and remove it.

217
00:11:17,972 --> 00:11:20,830
Erasing, erasing, erasing, and so on and so forth.

218
00:11:20,950 --> 00:11:22,042
And it is completed.

219
00:11:22,066 --> 00:11:23,190
Now, if you run that same

220
00:11:23,240 --> 00:11:26,238
command, it shouldn't give you any.

221
00:11:26,324 --> 00:11:29,262
If it does, then you could run these commands a

222
00:11:29,276 --> 00:11:32,254
few more times to make sure you have a fully

223
00:11:32,302 --> 00:11:37,650
complete system that is free of all orphan packages.

224
00:11:38,210 --> 00:11:44,422
Anyway, so that's how you do remove unnecessary and orphan packages.

225
00:11:44,506 --> 00:11:46,998
Again, if you have any questions, please send

226
00:11:47,024 --> 00:11:49,074
me a message and I'm always here to

227
00:11:49,112 --> 00:11:52,782
answer any questions you guys have. Thank you.

228
00:11:52,782 --> 00:11:54,325
[No audio]