Unleash the Power of CSI Linux: Redefining Digital Investigations

Updating the
CSI Linux Platform
© CSI Linux – csilinux.com 1
 Unleash the Power of CSI Linux: Redefining Digital Investigations

Table of Contents
..................................................................................................................................................... 1
Importance of Keeping Linux Up to Date ................................................................................. 3
dpkg: Debian Package Management Tool ................................................................................. 4
apt: Advanced Package Tool ....................................................................................................... 6
Troubleshooting Broken Dependencies with apt ................................................................ 8
Securing APT Repositories in the Post-apt-key Era ............................................................. 9
Fixing and Replacing Old Keys .............................................................................................10
Setting Up Unattended Upgrades ............................................................................................11
CSI Powerup: CSI Linux Platform Update ...............................................................................13

© CSI Linux – csilinux.com 2

 Unleash the Power of CSI Linux: Redefining Digital Investigations

Importance of Keeping Linux Up to Date

In the rapidly evolving world of technology, software, and security, it is crucial to keep
your Linux system up to date. Regular updates bring many benefits that resonate not just
with system stability and performance but also with the overall security and
functionality of the machine.

1. Security Updates: Security patches are one of the essential reasons to keep your system
updated. Attackers constantly look for vulnerabilities in software. When these vulnerabilities
are discovered, the software's developers usually release updates to fix them. If you don't
update your system, you may expose it to malware, ransomware, and other cyber threats.

For example, a recent update might include a patch for a newly discovered vulnerability that could
allow unauthorized access to your system.

2. Bug Fixes: Updates often include fixes for bugs that might have slipped through the initial
testing phase. These bugs can cause your system to freeze, crash, or behave unpredictably.
Regular updates ensure these issues are addressed, leading to a more stable and reliable system.

3. New Features and Improvements: Keeping your system up to date means you can always access
the latest features and enhancements. Software developers are continually working on
improving their programs' efficiency, performance, and usability. Regular updates allow you
to enjoy these improvements and make the most of your system.

4. Compatibility: Software and hardware manufacturers often develop their products based on
the latest versions of operating systems. Keeping your system up to date ensures you can run
the latest software and connect to the newest hardware without compatibility issues.

5. Compliance: In some environments, especially in businesses and regulated industries, there

might be legal or policy requirements to keep systems updated to certain security standards.
Regular updates help in maintaining compliance with these regulations.

Keeping your Linux system updated is not merely a recommended practice; it's necessary
in today's digital environment. The process of updating includes ensuring that your
system is secure, stable, compatible with new hardware and software, and compliant
with relevant laws and regulations. By staying on top of updates, you are essentially
maintaining the health of your system and safeguarding it from potential threats.

In the following sections, we will delve into the tools and procedures you can use to keep
Ubuntu and CSI Linux up to date, including utilizing powerful commands like dpkg, apt,
adding repositories, and setting up unattended updates.

© CSI Linux – csilinux.com 3

 Unleash the Power of CSI Linux: Redefining Digital Investigations

dpkg: Debian Package Management Tool

`dpkg` is a low-level tool for handling Debian packages (`*.deb`). While it can manage
individual packages, it doesn't handle dependencies independently, so higher-level tools
like `apt` are often used. However, understanding `dpkg` provides a solid foundation
in package management and can be particularly useful in various scenarios.

1. Installing Packages: Install a `.deb` file using the following command.

sudo dpkg -i package_name.deb

2. Removing Packages: You can remove a package without removing the configuration files.

sudo dpkg -r package_name

3. Removing Packages and Configuration: You can remove both.

sudo dpkg -P package_name

4. Listing Installed Packages: To list all installed packages.

dpkg -l

5. Filtering: You can filter the results by package name.

dpkg -l | grep 'package_name'

6. Checking Package Information: Check information about a specific installed package.

dpkg -s package_name

7. Unpacking Packages: You can unpack a package without configuring it.

sudo dpkg --unpack package_name.deb

8. Configuring Packages: If you've unpacked a package and want to configure it.

sudo dpkg --configure package_name

© CSI Linux – csilinux.com 4

 Unleash the Power of CSI Linux: Redefining Digital Investigations

9. Handling Dependencies: `dpkg` doesn't handle dependencies. If you encounter dependency

issues, you may need to run.

sudo apt --fix-broken install

10. Filtering Status: You can filter packages by their status, such as installed, not-installed, etc.

dpkg --get-selections | grep 'install'

11. Reconfigure the settings of installed packages: For example, reconfigure the package "tzdata"
which sets the system timezone.

sudo dpkg-reconfigure tzdata

Note: This command would open an interactive dialog to help you choose and set the system's
timezone.

`dpkg` provides a powerful way to manage individual packages within a Debian-based

system. It's an essential tool for anyone looking to understand better how package
management works on these systems. However, daily package management generally
prefers tools like `apt` that handle dependencies.

Our next section will explore `apt`, which builds upon `dpkg`, providing an even more
user-friendly way to manage packages, including handling dependencies.

© CSI Linux – csilinux.com 5

 Unleash the Power of CSI Linux: Redefining Digital Investigations

apt: Advanced Package Tool

Excellent! Let's explore `apt`, one of the most used package management command-line
tools in Debian-based systems such as Ubuntu and CSI Linux.

`apt` simplifies managing packages on Linux by automating the retrieval,

configuration, and installation of software packages, including their dependencies.
Here's how you can harness the power of `apt`.

1. Updating Package Lists: Before installing new packages or updating existing ones, it's
important to update the package lists to know the latest versions available.

sudo apt update

2. Upgrading Packages: Upgrade all installed packages to their latest versions.

sudo apt upgrade

3. Full Upgrade of Packages: A more extensive upgrade that may change essential packages.

sudo apt full-upgrade

or

sudo apt dist-upgrade

Note: Before doing a full-upgrade, it's good practice to ensure you've taken backups of your system
or know how to roll back changes if something goes wrong. A full-upgrade has a broader impact
than a regular upgrade and might significantly change your system.

4. Installing Packages: To install a specific package.

sudo apt install package_name

5. Removing Packages: To remove a package but keep its configuration files.

sudo apt remove package_name

6. Removing Both Package and Configuration: To both.

sudo apt purge package_name

© CSI Linux – csilinux.com 6

 Unleash the Power of CSI Linux: Redefining Digital Investigations

7. Searching Packages: You can search for a package in the repositories.

apt search package_name

8. Listing Installed Packages: To list all installed packages.

apt list --installed

9. Show Package Information: To get detailed information about a package.

apt show package_name

10. Adding Repositories: You may need additional repositories to install specific packages. You can
add a repository with

sudo add-apt-repository "repository_details"

Note: Don't forget to update the package lists after adding a new repository:

sudo apt update

11. Auto-Remove Unused Packages: Over time, no longer-needed obsolete dependencies can
accumulate. You can remove them with

sudo apt autoremove

`apt` is a powerful and user-friendly tool that takes much of the complexity out of
managing software packages on Debian-based systems. From basic tasks like installing
and removing software to more advanced operations like managing repositories and
handling dependencies, `apt` provides a unified interface for all your package
management needs.

By understanding both `dpkg` and `apt`, you have a strong foundation in managing
software on Debian-based systems, ensuring that you can keep your system up to date,
secure, and tailored to your specific needs.

Next, we'll look into adding repositories and setting up the unattended updater in
Ubuntu, followed by specific instructions for updating CSI Linux using the "powerup"
tool.

© CSI Linux – csilinux.com 7

 Unleash the Power of CSI Linux: Redefining Digital Investigations

Troubleshooting Broken Dependencies with apt

Occasionally, when managing packages, you might run into broken dependencies. These
can occur for various reasons such as a disrupted package installation or incompatible
package versions. Thankfully, apt has ways to handle and fix these issues.

1. Fix Broken Dependencies: If you ever encounter an error about unsatisfied dependencies or
broken packages.

sudo apt --fix-broken install

This command attempts to correct broken dependencies by downloading and installing missing
packages.

2. Clean the Package Cache: Sometimes, corrupted downloads can cause problems. Cleaning the
local repository of retrieved package files can help.

sudo apt clean

3. Clean Obsolete Packages: For a more extended cleanup that also removes obsolete .deb files.

sudo apt autoclean

4. Reconfigure Unpacked Packages: Sometimes, a package might need to be configured correctly.

You can reconfigure an unpacked package using.

sudo dpkg --configure -a

© CSI Linux – csilinux.com 8

 Unleash the Power of CSI Linux: Redefining Digital Investigations

Securing APT Repositories in the Post-apt-key Era

In response to the deprecation of apt-key, developers and system administrators must

now employ updated techniques to manage APT repositories securely. The primary shift
is the direct storage of GPG keys within a designated directory rather than using apt-key
to manage them. For instance, the GPG key of a repository can be fetched and stored
directly using commands like wget combined with tee. Moreover, pre-existing keys can
be located and then migrated to the new format for those transitioning. The addition of
repositories has also evolved, with increased emphasis on specifying the keyring in the
sources list or within individual files in /etc/apt/sources.list.d/.

1. Importing the GPG Key: Instead of using apt-key, you can directly download and store the GPG key
in the appropriate directory:

wget -O- https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo tee

/etc/apt/trusted.gpg.d/repository_name.gpg

Note: Make sure to replace the URL with the one provided by the repository owner.

2. Replacing Old Keys: If you have existing keys that need to be replaced, you can find them using.

sudo apt-key list

Then, you can convert the old keys using:

sudo apt-key export KEY_ID | sudo gpg --dearmour -o

/usr/share/keyrings/new_keyring.gpg

Make sure to replace KEY_ID with the key ID to replace and specify the new keyring file's name.

3. Adding the Repository: You can add the repository by editing the sources list or creating a new file
under /etc/apt/sources.list.d/.

deb [arch=amd64 signed-by=/usr/share/keyrings

© CSI Linux – csilinux.com 9

 Unleash the Power of CSI Linux: Redefining Digital Investigations

Fixing and Replacing Old Keys

If you have old keys that need to be replaced, you can do so with the following process:

1. List Existing Keys: First, list all the keys, including deprecated ones, by running.

sudo apt-key list

Take note of the key ID you wish to replace.

2. Export the Old Key: Export the old key into a new keyring file.

sudo apt-key export OLD_KEY_ID | sudo gpg --dearmour -o

/usr/share/keyrings/new_keyring.gpg

Replace OLD_KEY_ID with the key ID you found in step 1, and new_keyring.gpg with the desired
name for the new keyring file.

3. Add the New Repository (With Signed Key): Edit the appropriate source list file or create a new
one under /etc/apt/sources.list.d/, then add the repository using the new keyring file.

deb [arch=amd64 signed-by=/usr/share/keyrings/new_keyring.gpg]

https://repository-url/ stable main

Replace the placeholders with the actual values for your repository.

4. Delete the Old Key: Once the new key is in place and the repository is updated, delete the old key.

sudo apt-key del OLD_KEY_ID

Again, replace OLD_KEY_ID with the actual key ID you wish to delete.

5. Update the Repositories: To ensure all changes are applied, and the system recognizes the updated
key and repository, run.

sudo apt update

This step-by-step guide provides a clear process to replace old keys with new keyring files
in Debian-based systems. Following this procedure ensures a more secure and stable
package management experience in alignment with modern best practices.

This method avoids using deprecated tools and ensures that you are using the latest and
most secure keys for your repositories.

© CSI Linux – csilinux.com 10

 Unleash the Power of CSI Linux: Redefining Digital Investigations

Setting Up Unattended Upgrades

Ubuntu's unattended-upgrades package offers a streamlined solution for ensuring the
system is always updated with the latest security patches and updates. As the name
suggests, this tool automates the process, periodically checking for and installing
available upgrades without manual intervention. This is especially vital for systems
exposed to the internet or those handling sensitive data, as security vulnerabilities can
be exploited if not patched promptly. By leveraging unattended-upgrades,
administrators can maintain system security and stability, reducing the window of
vulnerability and ensuring that systems stay safeguarded against known threats. Not
only does it enhance system security, but it also alleviates the administrative burden of
regularly manually checking and applying updates.

1. Install the Unattended Upgrades Package: Install the unattended-upgrades package. If it is not
already installed, you can do so with:

sudo apt install unattended-upgrades

2. Enable Unattended Upgrades: Enable unattended upgrades by running.

sudo dpkg-reconfigure --priority=low unattended-upgrades

Note: This command will prompt you with a question about whether you want to enable
unattended upgrades. Select “Yes.”

3. Configure Unattended Upgrades: The main configuration file is located at

/etc/apt/apt.conf.d/50unattended-upgrades. You can edit this file to customize the behavior of
unattended upgrades.

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Here, you can specify which packages to upgrade, how to handle reboots, whether to remove
unused dependencies and more.

For example, to set up automatic updates for security patches, you might have the following lines:

Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
};

You can further configure the automatic removal of unused dependencies:

Unattended-Upgrade::Remove-Unused-Dependencies "true";

© CSI Linux – csilinux.com 11

 Unleash the Power of CSI Linux: Redefining Digital Investigations

4. Configure the Update Schedule: The schedule for unattended-upgrades can be set in
/etc/apt/apt.conf.d/20auto-upgrades. You can edit this file.

sudo nano /etc/apt/apt.conf.d/20auto-upgrades

And set the frequency of updates:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

Here, "1" means that the package list will be updated, and unattended-upgrades will be performed
daily.

5. Monitor Unattended Upgrades: Logs for unattended upgrades are kept in /var/log/unattended-
upgrades. You can monitor these logs to keep track of what has been updated.

Setting up unattended-upgrades helps to keep your system secure and up to date with
minimal intervention. By automating the upgrade process, you ensure that critical
updates, particularly security patches, are applied promptly. Customizing the behavior
of unattended-upgrades provides flexibility to suit various requirements and
preferences.

Remember to test your configurations in a controlled environment before deploying

them to production systems, as incorrect settings may lead to unexpected behaviors.

© CSI Linux – csilinux.com 12

 Unleash the Power of CSI Linux: Redefining Digital Investigations

CSI Powerup: CSI Linux Platform Update

CSI Linux has an update/upgrade tool called “powerup”. This tool is designed to keep the
OS updated, the CSI Tools, and most of the 3rd party tools. The information previously
covered is important for ensuring the base OS is patched, and apt will need to be run if
CSI Linux has not been updated in a long time. This will minimize potential issues with
system applications during the scripted update during the powerup.

The biggest “challenge” during a scripted update is when a major application waits for
user input to configure a newer version. If the process runs through a bash shell and
other things are lining up to run, sometimes the interactive window for an installer
breaks when you hit enter.

We will walk through the process of updating CSI Linux system for the first time or after
it has been several weeks before the last update. Open a terminal window and type the
following commands:

sudo apt update

sudo apt upgrade -y
powerup
powerup

It is suggested to run powerup twice if CSI Linux has made major revisions. This will
ensure that the latest tools and CSI Powerup are installed, and your platform is patched
and current,

© CSI Linux – csilinux.com 13