Friday, August 28, 2020
Apt-Cacher-NG SecurityOnion
I built out a SecuriyOnion Master server 16.04.2 (wanted an older copy), and wanted to use Master Server since this is what I work on mostly. I am pretty sure they renamed it from Master server, but off the top of my head I cannot remember what is the new term.
From there I ran the full setup and made sure that SecurityOnion was able to process data, next I installed Apt-cacher-NG on this machine. The setup was pretty strait forward.
sudo apt get apt-cacher-ng
edit the apng.conf file
sudo ufw allow 3142 (the port for other machines to talk to the caching server)
Next I ran sudo-soup and watched the updates come in. Verified it was updated to SecurityOnion 16.04.07.
After this I built a second machine running SecurityOnion 16.04.2 and edited the sources.list, adding the IP address of the primary client to the front end of each of the repo locations.
From there I ran sudo soup, and watched it connect to the primary SecurityOnion server and process all the updates. After reboot I verified that this was brought up to SecurityOnion 16.04.7 also.
One issue/question that I have right now is that I believe docker is not part of the repo checking, and that it looks somewhere else to do those updates. I will need to figure out how to do the docker updates on the "repo" so that I can do the docker in an offline update.
I think next I am going to download a vanillia version of ubuntu and verify that I can pull updates from the SecurityOnion "Repo" server to update that to the newest version of Ubuntu (16.04).
I know that I am running older versions of software, but I am locked into a certain version of software, so I have to work with what I am allowed.
Labels:
apt-cacher-ng,
docker,
offline,
SecurityOnion
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment