Unable to download Wireshark Patches

book

Article ID: 207230

calendar_today

Updated On:

Products

Issue/Introduction

There are a few customer that are unable to download Wireshark Patches using the SMP Console.  Customer checked with firewall team if any port is blocking the download from the Altiris Console but everything looks fine from their end. They are able to access the download link via browser from our computers and the SMP (The Download link is found in the SMP Logs - open LogViewer to review the logs). 

We were able to use the PSPing command (included with Sysinternals PSTools) to validate customer has access to 2.na.dl.wireshark.org, and can download the files from a Browser when logged into the SMP with the Application Identification account.
 
One thing that has changed, is that Wireshark updated the URL for download.  Previous URL was www.wireshark.org and the new URL is 2.na.dl.wireshark.org.  Customers state that previous updates were staged just fine on the SMP.

Cause

From the SMP Logs we found that the download failed for: https://2.na.dl.wireshark.org/win64/Wireshark-win64-3.2.10.exe

Error message: The request was aborted: Could not create SSL/TLS secure channel.

We also see these download links, and their intended destination:

Start download [from:'https://2.na.dl.wireshark.org/win32/Wireshark-win32-3.4.6.exe' to:':\Program Files\..\Updates\WIRES34-210603\{82584f57-1ff4-4042-8866-04971aa0c13b}\Wireshark-win32-3.4.6.exe' task:Download Software Update Package]
Finished download [from:'https://2.na.dl.wireshark.org/win32/Wireshark-win32-3.4.6.exe' to:':\Program Files..\..\Updates\WIRES34-210603\{82584f57-1ff4-4042-8866-04971aa0c13b}\Wireshark-win32-3.4.6.exe' task:Download Software Update Package time:00:01:00.5092000]

Environment

Patch Management 8.x

Resolution

While the URL is the only thing that has changed programmatically, we suspect that this issue is environmental as our testing has shown that these packages are able to be downloaded and staged in most environments.  If you have other information that would help us resolve this issue for our customers, please contact support.

Workaround. Create a Software Package by Importing the Wireshark files as a new Software Package; then create a Managed Software Policy to deploy the Software Package, and finally create a Target of vulnerable systems.

Steps to complete the Workaround #1 using MANAGED SOFTWARE DELIVERY POLICY:

  1. Download the files to any computer
    1. The specific URL can be found in the SMP Logs for the patch you are trying to download, alternatively Google may be helpful
  2. Copy the file over to the SMP
  3. Use the Import Method to create a new Software Package
    1. See Page 39 of KB 175693 (Software Management Best Practices) for additional information and instructions
  4. Create a Managed Software Delivery Policy to deploy the package to targeted systems.
    1. See Page 77 of KB 175693 for additional instructions
  5. Create a Target of systems to deploy
    1. Pages 78 and 71 of KB 175693

 

Workaround #2 brings the Wireshark update into PATCH MANAGEMENT by recreating the expected File Structure as if the files were downloaded by another SMP, and then Importing the Files.

Part 1 - manually create the staging paths and files:

  1. Open up the Altiris LogViewer(Start > Symantec > Altiris LogViewer)
  2. Find the Failed download messages.  If needed, use the Find: to search for "Wireshark"
  3. There will be 2 error messages like this for each .exe:
    1. [1 / 4] Downloading Software Update Package [Wireshark-win64-X.X.XX.exe for WIRES34-XXXXX]
    2. Start download [from:'https://2.na.dl.wireshark.org/win64/Wireshark-win64-X.X.X.exe' to:'X:..\...\Updates\WIRES34-XXXX\{<XXXXXXX-some-GUID>}\Wireshark-win64-X.X.X.exe' task:Download Software Update Package]
  4. These Log messages tell us:
    1. How many Files there are
    2. the Name of the Bulletin we are downloading
    3. the GUID for that Bulletin
    4. the URL / Download location for each file
  5. Create a folder named Updates on the Desktop, or another location of your choice
  6. Using the information from the Log file, create the expected Name \ {<GUID>} path in the Updates folder on the Desktop of the SMP
    1. NOTE: Name of each bulletin and GUID will be different with each release. 
  7. Find file [1 / X], Locate it's URL and Download the File using the browser of your choice.
  8. Put the downloaded file in the following Path on the SMP: ..\Desktop\Updates\NameOfBulletin\{GUIDofBulletin}\File.exe
  9. Repeat steps 6 - 8 with the next file until all files have been downloaded and put in the correct {GUIDofBulletin} folder.  Make sure to add the { } around the GUID as part of the path.
  10. On the Desktop you will now have created the needed File Structure to Import the files into the SMP, continue to Part 2.

Part 2 - Importing the Staged files into the SMP

  1. Open the SMP Console and go to Settings > All Settings > Software > Patch Management > Core Services
  2. In Core Services we are going to redirect the download to come from our Desktop, or other location
  3. Check the box next to Download from staging location: and enter the location of the files we created, i.e. C:\Users\MyUser\Desktop\Updates, and click save changes
  4. Make sure the Application ID has rights to the location, and Use Application Credentials.  Alternatively enter user credentials needed.
  5. In the SMP Console - find to the Wireshark Bulletin you want to roll out in the Patch Remediation Center and click "Download Packages"
    1. The Files should be downloaded from your Desktop\Updates folder, or other location
  6. When the files complete, go back to Core Services, and uncheck the option "Download from staging location", and save changes
  7. Check your Download Location in Core Services for the packages (i.e. ..\Program Files\Altiris\Patch Management\Packages\Updates)
    1. They should be there just like they were created: Bulletin Name \ {GUID folder} \ .exe
  8. At this point you should be able to use the Patch Remediation Center to create a Patch Policy and distribute the files to targeted systems.