Security Offline Updates
313 views
Skip to first unread message
Anthony F
Dec 13, 2017, 11:59:04 AM12/13/17
to security-onion
Hello all,
I'm looking for some assistance regarding an offline Security Onion install. The server will be on an isolated network that has no route to the internet. There are no other nodes on this network that have internet access either. Another particular difficulty is that USB devices are not allowed (without great difficulty) on this network either. The most common way data transfer takes place is via optical media.
So here's the challenge: is there a way to keep Security Onion properly updated using optical media to transfer updates from an internet connected system to our isolated network? I've been searching around for ways to use the iso image as an update repository, but I haven't found anything comprehensive.
I'm looking for some assistance regarding an offline Security Onion install. The server will be on an isolated network that has no route to the internet. There are no other nodes on this network that have internet access either. Another particular difficulty is that USB devices are not allowed (without great difficulty) on this network either. The most common way data transfer takes place is via optical media.
So here's the challenge: is there a way to keep Security Onion properly updated using optical media to transfer updates from an internet connected system to our isolated network? I've been searching around for ways to use the iso image as an update repository, but I haven't found anything comprehensive.
Doug Burks
Dec 13, 2017, 12:03:40 PM12/13/17
to securit...@googlegroups.com
Hi Anthony,
Yes, this should be possible.
Also see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Airgapped-Networks
> --
> Follow Security Onion on Twitter!
> https://twitter.com/securityonion
> ---
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at https://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
Yes, this should be possible.
Also see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Airgapped-Networks
> Follow Security Onion on Twitter!
> https://twitter.com/securityonion
> ---
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at https://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
KennyWap
Dec 14, 2017, 3:27:02 PM12/14/17
to security-onion
Anthony,
Another way to do this would be creating an apt-mirror and hosting all OS updates, security updates, and onion updates while using its Apache/Nginx server to distribute rule updates as well.
Anthony F
Dec 15, 2017, 9:11:46 PM12/15/17
to security-onion
On Thursday, December 14, 2017 at 9:27:02 PM UTC+1, KennyWap wrote:
> Anthony,
>
> Another way to do this would be creating an apt-mirror and hosting all OS updates, security updates, and onion updates while using its Apache/Nginx server to distribute rule updates as well.
> Anthony,
>
> Another way to do this would be creating an apt-mirror and hosting all OS updates, security updates, and onion updates while using its Apache/Nginx server to distribute rule updates as well.
I do not know much about any of these things. I know of apt in general, but I'm a relatively new linux administrator. Would it be possible to create this mirror on the SO server itself?
KennyWap
Dec 16, 2017, 11:47:36 AM12/16/17
to security-onion
Absolutely you could by installing apt-mirror then hosting it with the Apache that Security Onion is using.
I would not recommend putting this burden on a production Security Onion server though.
In this thread I helped another get started with apt-mirror:
Reply all
Reply to author
Forward
0 new messages