Re: Linux offline patching

[k41zen Me <k41zen () me com>]

Thanks to all for your help. 

We are, apart from this appliance, a M$ house and so going the Satellite route didn't seem ideal so we've allowed this 
server to obtain updates from the RH repositories.

My Nessus scanners are on laptops which, once connected to the networks, are not allowed to connect back to the 
Internet. Because of this Nessus is updated offline which works well. Every couple of weeks (or depending on if a new 
or updated tool is released) I rebuild them from scratch using an updated build image.

On 23 Nov 2010, at 23:05, Timothy Legge wrote:

> On 2010-11-23, at 6:04 PM, Zate Berg <zate75 () gmail com> wrote:
>
> > And on top of that, you said you are scanning with Nessus, how does the nessus box get it's updates?  Just curious.
>
> In my setup I have a system that is allowed to access the Nessus update site.  I have a fairly simple script that 
> downloads the updates for several licensed feeds to that server and drops them in a web server directory.
>
> The nessus servers then requests the correct update file for it's license via a cron job.  
>
> The setup just requires me to drop a file in the correct directory on the web server machine to make it request a new 
> scanner's feed file. 
>
> Tim
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com