A vulnerability scan on a web server told me that my version of Java needs to be updated. We run .NET web applications on this server, and to my knowledge there is nothing that uses Java. How can I determine if I can safely uninstall Java? I don't want to just uninstall it and then have something break. Is there an easy way to check if anything is dependent on it?
Asked
Active
Viewed 1,756 times
5 Answers
4
One solution, would be to update Java to remove the vulnerability. Next, write a small application that wraps the java executable (ie: rename java.exe to java-real.exe and make an app called java.exe that just passes all the arguments to java.exe and logs the calls to a file. After a month (or however long until you feel comfortable), if the log's empty, uninstall Java.
Swoogan
- 2,087
- 1
- 14
- 21
-
3You gotta be really careful just upgrading versions. Alot of java apps are really sensitive to what version is installed. So upgrading can break things just as badly as removing java. – Zypher Dec 14 '09 at 23:29
-
Mighty fine point sir. – Swoogan Dec 15 '09 at 01:58
-
@Zypher Exactly, thank you. I guess when I said "an easy way" I really meant "a non-malicious way". – Josh Stodola Dec 15 '09 at 05:46
-
I ended up just updating. – Josh Stodola Dec 17 '09 at 21:28
2
You could use Systernal's Process Monitor.
It will by default list all registry, file, process, etc activity on the system.
You could set a filter for Java, leave it running for however long you wish and see what kind of activity you get.
Such as add a filter for "When Path contains Java then Include".
You may also want "When Result is SUCCESS then Include" so that you don't get a bunch of attempts at things that aren't there. For example, if java is being called from within the PATH variable, before it finds java where it actually is, there will be attempts for it at C:\Windows, C:\Windows\System32, etc.
ManiacZX
- 1,656
- 13
- 16
-
I gave two separate answers as the other is specific to Java and this one could be used for checking access to any application on windows. – ManiacZX Dec 14 '09 at 23:22
1
On such occasions I often try these:
find /some/path/ -type f -atime -50 # has any file been accessed (read) in last 50 days?
find /some/path/ -type f -ctime -50 # has any file had attributes changed in last 50 days?
find /some/path/ -type f -mtime -50 # has any file had been modified in last 50 days?
EDIT: missed the Windows 2003 tag... You can still use these commands on cygwin. Or run File Explorer -> F3 -> search all -> sort them by access time -> check manually -> sort them by modify time -> check manually). If the file was not accessed/modified, it probably means it is not required by anything.
Of course you can test uninstall to see if the removal of package requires removing something else, but it's a trivial case. (EDIT W2k3... not-so-trivial)
kubanczyk
- 13,812
- 5
- 41
- 55
0
What kind of Java is installed?
Is it just the plain Java Runtime Environment or some server-side thing like Tomcat/JBoss/AnotherApplicationServer?
Chances are it simply go tinstalled when someone was browsing a website; but it could also be actually used by something else; but there's no easy way to tell.
Massimo
- 70,200
- 57
- 200
- 323
0
Java has some internal tracing/logging options you could turn on and monitor the log to see what kind of activity occurs.
See Tracing and Logging on Sun's site.
ManiacZX
- 1,656
- 13
- 16
-
I gave two separate answers as this one is specific to Java and the other could be used for checking access to any application on windows. – ManiacZX Dec 14 '09 at 23:23