Re: [security-onion] How to update and upgrade SO (and all its components) with no Internet access

[Doug Burks]

I haven't tested it personally, but I think it should work fine.
Please test it and let us know how it goes!

Thanks,
Doug

On Fri, Apr 26, 2013 at 7:41 AM, Gabrielle S.
<gabriell...@gmail.com> wrote:
> Hi all,
>
> I currently have a standalone SO server that cannot access the Internet, but still need to get the latest updates.
>
> I have read some interesting things about updating offline thanks to apt-offline (http://manpages.ubuntu.com/manpages/lucid/en/man8/apt-offline.8.html ) but I'm not sure if I can use it with SO.
>
> Any thoughts about this ?
>
> Gabrielle
>
> --
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion?hl=en-US.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>



--
Doug Burks
http://securityonion.blogspot.com

[Doug Burks]

more /etc/apt/sources.list.d/securityonion-stable-precise.list

deb http://ppa.launchpad.net/securityonion/stable/ubuntu precise main
deb-src http://ppa.launchpad.net/securityonion/stable/ubuntu precise main

On Fri, Apr 26, 2013 at 8:08 AM, Gabrielle S.
<gabriell...@gmail.com> wrote:
> I'll try, then
>
> Can you give me the SO repo address ?
>
> Thanks,

[Jeffrey Hilgers]

So with regards to the soup script, it would no longer be able to install things for you correctly in an offline mode situation; correct?

[Doug Burks]

Hi Jeff,

Soup should work fine if you're able to set up your own apt mirror on your network and point your sensor(s) at that. 

On Saturday, February 7, 2015, Jeffrey Hilgers <jeff.w....@gmail.com> wrote:

So with regards to the soup script, it would no longer be able to install things for you correctly  in an offline mode situation; correct?

--
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To post to this group, send email to securit...@googlegroups.com.

Visit this group at http://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.

--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com

[Jeffrey H]

Doug,
Alright, I will need to find an alternate way looks like. It will probably have to be the way the Ubuntu describes it - download things manually, move it to a specified directory, and then let it install them. I won't have a way to create an internal web server to do what you mentioned. I am hoping Gabrielle gets back to this post with some additional news and testing results.
If I have to install things manually, what order should I be doing them in as the soup script would do?

[Doug Burks]

As mentioned in the PulledPork thread, Security Onion includes an
Apache web server, so you should be able to use that to host your apt
mirror.

Also see:
https://www.howtoforge.com/local_debian_ubuntu_mirror

[Jeffrey H]

Okay I will look into that also. Now will there be a certain way in which the packages will need to be arranged on this web server location or will the soup know how to sort and execute them properly upon download?

[Doug Burks]

Soup is just a simple wrapper around apt-get. See the code at /usr/bin/soup.

Assuming you host all update packages using Apache on your master
server and then update the apt configuration on all Security Onion
boxes to point to https://MasterServer, then apt-get (and by extension
soup) should work fine.