Unable to download Wireshark Patches

book

Article ID: 207230

calendar_today

Updated On:

Products

Patch Management Solution Management Platform (Formerly known as Notification Server) Patch Management Solution for Windows

Issue/Introduction

There are a few customer that are unable to download Wireshark Patches using the SMP Console.  Customer checked with firewall team if any port is blocking the download from the Altiris Console but everything looks fine from their end. They are able to access the download link via browser from our computers and the SMP (The Download link is found in the SMP Logs - open LogViewer to review the logs). 

We were able to use the PSPing command (included with Sysinternals PSTools) to validate customer has access to 2.na.dl.wireshark.org, and can download the files from a Browser when logged into the SMP with the Application Identification account.
 
One thing that has changed, is that Wireshark updated the URL for download.  Previous URL was www.wireshark.org and the new URL is 2.na.dl.wireshark.org.  Customers state that previous updates were staged just fine on the SMP.

Cause

From the SMP Logs we found that the download failed for: https://2.na.dl.wireshark.org/win64/Wireshark-win64-3.2.10.exe

Error message: The request was aborted: Could not create SSL/TLS secure channel.

We also see these download links, and their intended destination:

Start download [from:'https://2.na.dl.wireshark.org/win32/Wireshark-win32-3.4.6.exe' to:'X:\..\..\Updates\WIRES34-210603\{82584f57-1ff4-4042-8866-04971aa0c13b}\Wireshark-win32-3.4.6.exe' task:Download Software Update Package]
Finished download [from:'https://2.na.dl.wireshark.org/win32/Wireshark-win32-3.4.6.exe' to:'X:\..\..\Updates\WIRES34-210603\{82584f57-1ff4-4042-8866-04971aa0c13b}\Wireshark-win32-3.4.6.exe' task:Download Software Update Package time:00:01:00.5092000]

Environment

Patch Management 8.x

Resolution

While the URL is the only thing that has changed programmatically, we suspect that this issue is environmental as our testing has shown that these packages are able to be downloaded and staged in most environments.  If you have other information that would help us resolve this issue for our customers, please contact support.

Workaround. Create a Software Package by Importing the Wireshark files as a new Software Package; then create a Managed Software Policy to deploy the Software Package, and finally create a Target of vulnerable systems.

Steps to complete the Workaround:

  1. Download the files to any computer
    1. The specific URL can be found in the SMP Logs for the patch you are trying to download, alternatively Google may be helpful
  2. Copy the file over to the SMP
  3. Use the Import Method to create a new Software Package
    1. See Page 39 of KB 175693 (Software Management Best Practices) for additional information and instructions
  4. Create a Managed Software Delivery Policy to deploy the package to targeted systems.
    1. See Page 77 of KB 175693 for additional instructions
  5. Create a Target of systems to deploy
    1. Pages 78 and 71 of KB 175693

 

Here is other workaround that brings the .exe into Patch Management by recreating the expected File Structure, and then Importing the Files.

  1. Locate the URL for all packages (If download errors out for 1 of 4, you'll need to download All 4 files)
    1. [2 / 4] Downloading Software Update Package 'Wireshark-win64-3.4.6.exe' for 'WIRES34-210603'
  2. With all of the files downloaded, we need to put them in the following Format on the SMP (Desktop is fine): NameOfBulletin\GUIDofBulletin\File.exe
  3. NOTE: Name of each bulletin and GUID will be different with each release.  Below are examples.
  4. For each .exe, there will be these 2 messages:
    1. [1 / 4] Downloading Software Update Package [Wireshark-win64-3.2.14.exe for WIRES34-210603]
    2. Start download [from:'https://2.na.dl.wireshark.org/win64/Wireshark-win64-3.4.6.exe' to:'X:..\...\Updates\WIRES34-210603\{06fccdf5-cf77-42d3-9955-4c8ec401bca0}\Wireshark-win64-3.4.6.exe' task:Download Software Update Package]
    3. These messages tell us How many Files there are, the Name of the Bulletin and the GUID
    4. Recreate the Expected Name \ {GUID} location on the Desktop of the SMP
  5. Find File [1 / X], and complete step 4 to Download the file, and put this file in the correct Name \ GUID path on the SMP (Desktop).
  6. Continue with the next file until all files have been downloaded and put in the correct GUID folder on the SMP.
  7. On the Desktop you will now have created the needed File Structure to Import the files into the SMP.
  8. Open the SMP Console and go to Settings > All Settings > Software > Patch Management > Core Services
  9. In Core Services we are going to redirect the download to come from our Desktop, or other location
  10. Check the box next to Download from staging location: and enter the location of the files we created, i.e. C:\Users\MyUser\Desktop, and click save changes
  11. Make sure the Application ID has rights to the location, and Use Application Credentials.  Alternatively enter user credentials needed.
  12. In the SMP Console - go to the Wireshark Bulletins and click "Download Packages"
    1. The Files should be downloaded from your Desktop, or other location
  13. When the files complete, go back to Core Services, and uncheck the option "Download from staging location", and save changes
  14. Check your Download Location in Core Services for the packages (i.e. ..\Program Files\Altiris\Patch Management\Packages\Updates)
    1. They should be there just like they were created: Bulletin Name \ GUID folder \ .exe
  15. At this point you should be able to create a Policy and distribute the files, as if they were download directly from wireshark.com.