This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Solution for keeping an isolated linux machine with no network up to date

Hi, I've been looking for a while but it doesn't seem clear if everything we need is possible.

 

We need to be able to do the following:

  • Install Anti-Virus for Linux on an offline machine
  • Be able to get virus definition updates directly to that machine via USB
  • Update the Anti-Virus software offline via USB
  • Run on demand scans

The one part I can't find a clear solution for is updating the virus definitions. From what I've found it looks like we'd require an installation of the Anti-Virus on another machine that is connected to the internet and then we'd have to do the following:

  • Copy the updates from the internet connected machine under what looks like "/opt/sophos-av/update/cache/" to USB
  • Copy the files from USB to the offline machine
  • Configure savupdate to update from a local source
  • Run savupdate to update the definitions on demand

Is it possible to update the definitions this way?

 



This thread was automatically locked due to age.
Parents
  • Hello Callum Finnamore,

    the mechanism for updating software and the one for virus definitions is the same. You need a machine with the same platform (Linux in your case) that updates from Sophos. The reason is that the downloader verifies the completeness and consistency of the source as a whole. You copy the Cache or Warehouse, if you have a SEC/SUM you use a copy of the CID,
    I can't test right now but AFAIK you can use a local path (in addition to HTTP and UNC/SMB) as update source.

    Just curious: What's the purpose of the scheduled scans? What should they scan?

    Christian

  • Hi Christian,

    Thank you, that answer is what I needed. So long as I can update the machine locally from a copy of the necessary files from an internet connected machine running the same software, then this should work fine for us.

     

    As for the scans, we require on demand scans of removable media as part of our existing sheep dip process. The reason I needed to know how to update the definitions was to determine how easy it would be to update Sophos compared to our existing Anti Virus.

  • Hello Callum Finnamore,

    sheep dip
    was my prime suspect.
    Please be aware that on Linux there is no On-Demand scan like the right-click scan on Windows, i.e. a  "spur-of-the-moment" scan that utilizes the already initialized engine (savscand). The command line savscan has a considerable overhead (I'm nevertheless talking about just a bunch of seconds here) that might or might not be acceptable.

    Christian

Reply
  • Hello Callum Finnamore,

    sheep dip
    was my prime suspect.
    Please be aware that on Linux there is no On-Demand scan like the right-click scan on Windows, i.e. a  "spur-of-the-moment" scan that utilizes the already initialized engine (savscand). The command line savscan has a considerable overhead (I'm nevertheless talking about just a bunch of seconds here) that might or might not be acceptable.

    Christian

Children
No Data