티스토리 뷰
https://code.google.com/p/security-onion/wiki/Upgrade
Security Onion 12.04 Update Procedure
Initiating an update over SSH
If you're updating your Security Onion box over an SSH connection and your connection drops, then your update process may be left in an inconsistent state. It is therefore recommended to run byobu so that your session will continue to run on the Security Onion box even if your connection drops. Byobu is very handy and we recommend running it all the time to avoid forgetting about it before an update.
# install byobu
sudo apt-get install byobu
# enable byobu
byobu-enable
# you're now ready to update
For more information about byobu, please see: https://help.ubuntu.com/community/Byobu
Distributed deployments
Always update the master server first before updating sensors.
soup - Security Onion UPdate
We recommend using the "soup" script to automatically install updates while avoiding the MySQL/PF_RING issues described below.
sudo soup
If you get the following error:
sudo: soup: command not found
then do the following:
sudo apt-get update && sudo apt-get install securityonion-sostat
For more information, please see: http://blog.securityonion.net/2013/08/new-securityonion-packages.html
Standard Ubuntu package management tools
Since all of our packages are in a standard Ubuntu Launchpad PPA,
you can use standard Ubuntu package management tools to update ALL packages
(Ubuntu and Security Onion). However, there are some caveats to be aware of:
- MySQL - if you've already run Setup, please see the recommended procedure for updating the MySQL packages.
- PF_RING and new kernel packages
You may be prompted to update your kernel packages and PF_RING at the same time. If you do so, the PF_RING kernel module will get built for your current kernel and not for the newly installed kernel and upon reboot services will fail. To avoid this, you should install just the PF_RING kernel module by itself and then install the kernel and any other remaining package updates. Here's a one-liner that will do that:
$ sudo apt-get update
$ sudo apt-get install securityonion-pfring-module
$ sudo apt-get dist-upgrade
If you accidentally install both the kernel and PF_RING packages at the same time and then reboot and find out that PF_RING services (Snort and Suricata) are failing, you can reinstall the securityonion-pfring-module package:
sudo apt-get install --reinstall securityonion-pfring-module
'Study > System' 카테고리의 다른 글
| Windows Server 2008/2012 관리자 패스워드 분실시 복구 (0) | 2014.02.17 |
|---|---|
| [Solaris]솔라리스 서비스 관리 (0) | 2014.02.10 |
| 메모리 보호 기법 설정 및 해제(Linux) (0) | 2013.12.04 |
| 시스템 정보 확인 - dmidecode (0) | 2013.11.19 |
| openssl을 통한 인증서 발급 (0) | 2013.11.14 |
- Total
- Today
- Yesterday
- oracle 11gr2
- filesystem check
- metasploitable3
- excel_aton
- megacli
- recovery file on linux
- webhack
- editcap
- ${1##*.}
- tcpdstat
- bash parameter
- 도커
- 윈도우 패스워드 복구
- history timestamp
- bash modification
- dvwa_command
- capinfos
- ssl decrypt
- tshark
- NX ASLR
- cisco ssh
- dvwa
- mergecap
- docker
- 리눅스 버전
- dvwa_bruteforce
- text2pcap
- pcapng
- MySQL csv
- docker_dvwa
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |