Mirrortool for Linux

ewong · June 1, 2019

Hi,

Can someone point out if the Linux mirrortool creates all platform's offline repositories (i.e. updates/program updates for Windows/Linux/Mac)? or is it only for Linux updates; and so I'd need to set up an offline repository for Windows?

Also, can someone point out if [1] is supposed to be a copy of [2] instead of being Linux specific?

Thanks

Edmund

[1] https://help.eset.com/esmc_install/70/en-US/offline-repository.html?mirror_tool_linux.html

[2] https://help.eset.com/esmc_install/70/en-US/offline-repository.html?mirror_tool_windows.html

ewong · June 1, 2019

Further addendum from fiddling around with setting up the offline repo:

1) The offline repository is split into different paths which I suspect are the different available versions (6.x, 7.x..etc)

2) I needed to create a new update policy to specify the actual path for the systems.

i.e. hxxp://update.server.local/ep7/ to specify (I think) for Version 7 stuff

Edmund

ewong · June 1, 2019

I suspect I'm doing something wrong or misunderstanding the offline repository setup.

This is what I did (assuming that the Linux offline repository setup can also serve Windows machines):

Download and ran the mirror tool via:
1. mirrortool --mirrorType regular --intermediateUpdateDirectory ./tmp --outputDirectory /var/www/html --offlineLicenseFilename ./local_cache.lf
  1. (I assummed the offline license filename should be the "local cache" type.)
setup httpd to serve /var/www/html
created a new policy: with the following:
1. Updates->Update Server: hxxp://update.server.local/ep7/
2. Advanced Settings-> Repository: hxxp://update.server.local/ep7/

Since I don't understand the contents of ep7/, I'm assuming that the dll/ contents have updates to the engines/binaries.

If not, can someone clarify what I'm misunderstanding?

Thanks!

Ed

Marcos · June 1, 2019

2 hours ago, ewong said:

Since I don't understand the contents of ep7/, I'm assuming that the dll/ contents have updates to the engines/binaries.

That is correct. Does Endpoint update from the mirror alright?

ewong · June 1, 2019

3 minutes ago, Marcos said:

That is correct. Does Endpoint update from the mirror alright?

I think it does as I see the accesses via the http logs.

That said, I figured out what I was wrong with. In my haste, I had looked at the offline repository setup and how to run the mirror tool and thought the commands were the same. It took a few tries in manual updating the repo to realize my stupid mistake. I kept on getting that offline repository needed the output repository and intermediate directories. That's when the word "intermediateRepository" popped up.

So right now I"m running the mirrortool for both the updates and the engine/binaries.

Will see how this goes.

Thanks Marcos!

Ed

Marcos · June 1, 2019

By the way, do the machines have access to the Internet? If they are offline but have access to the machine that creates a mirror, it'd be much better to use HTTP proxy than mirror. With HTTP Proxy, machines would be able to communicate with LiveGrid servers and download streamed updates and so protect better from newly emerging threats.

ewong · June 5, 2019

On 6/1/2019 at 1:05 PM, Marcos said:

By the way, do the machines have access to the Internet? If they are offline but have access to the machine that creates a mirror, it'd be much better to use HTTP proxy than mirror. With HTTP Proxy, machines would be able to communicate with LiveGrid servers and download streamed updates and so protect better from newly emerging threats.

I've managed to fix the mirrortool situation.

Regarding the HTTP Proxy, some systems aren't supposed to have Internet access so they aren't able to access LiveGrid. If I set up the HTTP proxy, those offline systems are now considered online (as they were activated with an offline license). Am I right?

Ed

Marcos · June 5, 2019

Computers with access to the Internet should not be activated with an offline license. Offline licenses are intended only for machines that are always offline, otherwise a notification will appear in the license manager.

Computers that are without Internet connection but can connect to the machine running HTTP Proxy can still benefit from LiveGrid, streamed updates, etc. It restricts access only to ESET's servers so users won't be able to misuse it to connect elsewhere.

ewong · June 6, 2019

On 6/5/2019 at 12:08 PM, Marcos said:

Computers with access to the Internet should not be activated with an offline license. Offline licenses are intended only for machines that are always offline, otherwise a notification will appear in the license manager.

Computers that are without Internet connection but can connect to the machine running HTTP Proxy can still benefit from LiveGrid, streamed updates, etc. It restricts access only to ESET's servers so users won't be able to misuse it to connect elsewhere.

Ah Thanks for the clarification, Marcos!

Edmund

ewong · June 10, 2019

On 6/5/2019 at 12:08 PM, Marcos said:

Computers that are without Internet connection but can connect to the machine running HTTP Proxy can still benefit from LiveGrid, streamed updates, etc. It restricts access only to ESET's servers so users won't be able to misuse it to connect elsewhere.

Marcos,

I was working on fixing the whole setup; but got confused. If the offline computers can access the HTTP Proxy system (and in turn, access the ESET servers), wouldn't that mean that they aren't truly 'offline' and thus can't use the offline license? So with regards to those systems, do I use the offline or online license?

Thanks

Edmund

Marcos · June 10, 2019

Quote

If the offline computers can access the HTTP Proxy system (and in turn, access the ESET servers), wouldn't that mean that they aren't truly 'offline' and thus can't use the offline license?

Correct. Such machines can reach ESET's servers and thus are not considered offline. An offline license is intended for activating machines that are completely offline, e.g. computers on ships.

ewong · June 10, 2019

1 minute ago, Marcos said:

Correct. Such machines can reach ESET's servers and thus are not considered offline. An offline license is intended for activating machines that are completely offline, e.g. computers on ships.

Thanks.. so the Eset Live grid won't work then on those instances.

Marcos · June 10, 2019

4 minutes ago, ewong said:

Thanks.. so the Eset Live grid won't work then on those instances.

Not on machines that are completely offline. If a machine can access ESET's servers via HTTP Proxy, then LiveGrid will work.

ewong · June 10, 2019

26 minutes ago, Marcos said:

Not on machines that are completely offline. If a machine can access ESET's servers via HTTP Proxy, then LiveGrid will work.

I have some offline systems here that I've disabled Eset Live Grid; but now instead of amber alerts, I get red alerts due to the fact that their Eset Live Grid option is disabled (via policy). How do I get them to not give me the red alert notifications?

Thanks

Edmund

Marcos · June 10, 2019

On offline computers you can keep LiveGrid enabled but disable the application status "ESET LiveGrid is not accessible". This can be accomplished via policies as well:

Sign In

Mirrortool for Linux

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Recently Browsing 0 members

Quick search

FAQ

Topics