sergio_sd 0 Posted February 16, 2021 Share Posted February 16, 2021 Good day comrad, May i use mirror tools linux as offline repository virus signature? I have Linux ESET Protect 8.0, and performed the mirror tool. Opened the directory of mirrorepo through apache on http. Acted according to the instructions: https://help.eset.com/protect_install/80/en-US/mirror_tool_linux.html Setting test workstation (ESET MA 8.0.1238.0 and ESET EA 6.5.2132.6 ) on intranet repository and when update virus signature have error "File on server not found" Link to comment Share on other sites More sharing options...
Administrators Marcos 5,242 Posted February 16, 2021 Administrators Share Posted February 16, 2021 A preferred way to update more machines in a network is via an http proxy. Unlike update from a mirror, the machines would receive streamed updates and would also communicate with LiveGrid servers and thus receive maximum protection at all times. As for the issue updating from the mirror, how did you configure the update server on clients? Can the path to the mirror be opened in a browser? Link to comment Share on other sites More sharing options...
sergio_sd 0 Posted February 16, 2021 Author Share Posted February 16, 2021 (edited) 10 minutes ago, Marcos said: As for the issue updating from the mirror, how did you configure the update server on clients? For begin i setting update server manualy hxxp://192.168.0.25/mirrorRepo 10 minutes ago, Marcos said: Can the path to the mirror be opened in a browser? Yes, it`s opened. Apache log when trying to update a workstation: 192.168.0.124 - - [16/Feb/2021:10:18:28 +0300] "HEAD /mirrorRepo/update.ver HTTP/1.1" 404 196 "-" "ESS Update (Windows; U; 32bit; PVT F; BPC 6.5.2132.6; OS: 5.1.2600 SP 3.0 NT; TDB 48489; CL 1.0.0; LNG 1049; x32c; APP eea; ASP 0.0; PX 0; PUA 1; CD 0; RA 1; UNS 1; SHA256 0; WU 4; HWF: 010075DE-583E-8AA1-EC9D-A2A92FEEF81C; PLOC ru_ru; PCODE 107.0.0; PAR -1; ATH -1; DC 0; RET 2103)" Use command for create repo: ./MirrorTool --repositoryServer AUTOSELECT \ --offlineLicenseFilename /etc/eset/ERA-Endpoint.lic \ --intermediateRepositoryDirectory /tmp/repoTemp \ --outputRepositoryDirectory /var/www/html/mirrorRepo/ \ --languageFilterForRepository ru_RU \ --productFilterForRepository Antivirus Security \ --downloadLegacyForRepository Edited February 16, 2021 by sergio_sd Link to comment Share on other sites More sharing options...
sergio_sd 0 Posted February 16, 2021 Author Share Posted February 16, 2021 Quote The Proxy does not cache or open the communication; it only forwards it. This is upset Link to comment Share on other sites More sharing options...
Administrators Marcos 5,242 Posted February 16, 2021 Administrators Share Posted February 16, 2021 2 minutes ago, sergio_sd said: This is upset https://help.eset.com/protect_install/80/en-US/apache_http_proxy.html Caching function Apache HTTP Proxy downloads and caches: •ESET module updates •Installation packages from repository servers •Product component updates Cached data is distributed to endpoint clients on your network. Caching can significantly decrease internet traffic on your network. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,242 Posted February 16, 2021 Administrators Share Posted February 16, 2021 22 minutes ago, sergio_sd said: Apache log when trying to update a workstation: 192.168.0.124 - - [16/Feb/2021:10:18:28 +0300] "HEAD /mirrorRepo/update.ver HTTP/1.1" 404 196 "-" "ESS Update (Windows; U; 32bit; PVT F; BPC 6.5.2132.6; OS: 5.1.2600 SP 3.0 NT; TDB 48489; CL 1.0.0; LNG 1049; x32c; APP eea; ASP 0.0; PX 0; PUA 1; CD 0; RA 1; UNS 1; SHA256 0; WU 4; HWF: 010075DE-583E-8AA1-EC9D-A2A92FEEF81C; PLOC ru_ru; PCODE 107.0.0; PAR -1; ATH -1; DC 0; RET 2103)" It looks like that module updates work. If you want to update from a mirror and troubleshoot the issue, please provide a screen shot from Endpoint with the error. Link to comment Share on other sites More sharing options...
sergio_sd 0 Posted February 16, 2021 Author Share Posted February 16, 2021 root@esetsrv:/var/www/html# ls -la /var/www/html/mirrorRepo/ итого 20 drwxr-xr-x 4 root root 4096 фев 12 15:14 . drwxrwxr-x 5 tomcat tomcat 4096 фев 12 15:56 .. drwxr-xr-x 3 root root 4096 фев 12 15:09 com -rw-r--r-- 1 root root 3621 фев 12 15:14 info.meta drwxr-xr-x 3 root root 4096 фев 12 15:09 third_party root@esetsrv:/var/www/html# No file update.ver Link to comment Share on other sites More sharing options...
Rincewind 4 Posted February 16, 2021 Share Posted February 16, 2021 (edited) 1 hour ago, sergio_sd said: Use command for create repo: ./MirrorTool --repositoryServer AUTOSELECT \ --offlineLicenseFilename /etc/eset/ERA-Endpoint.lic \ --intermediateRepositoryDirectory /tmp/repoTemp \ --outputRepositoryDirectory /var/www/html/mirrorRepo/ \ --languageFilterForRepository ru_RU \ --productFilterForRepository Antivirus Security \ --downloadLegacyForRepository Be aware that this creates a software repository (offline copy of the installers) and not a module update mirror. The mirror tool will create either a repository or a update mirror depending on the parameters. An example for creating a update mirror look like this: sudo ./MirrorTool --mirrorType regular \ --intermediateUpdateDirectory /tmp/mirrorTool/mirrorTemp \ --offlineLicenseFilename /tmp/mirrorTool/offline.lf \ --outputDirectory /tmp/mirrorTool/mirror You can find a full rundown of the parameters in the online help pages: https://help.eset.com/protect_install/80/en-US/mirror_tool_linux.html Edited February 16, 2021 by Rincewind Link to comment Share on other sites More sharing options...
sergio_sd 0 Posted February 16, 2021 Author Share Posted February 16, 2021 Rincewind, thanks. I missed this option, and not understanding manual. Im be trying it now. Say, what`s difference "regular" and "pre-release" type of mirror? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,242 Posted February 16, 2021 Administrators Share Posted February 16, 2021 The pre-release update channel serves modules before they are server on the regular update channel. I'd say that in 99% modules from the pre-release channel are same as those that are later put on the release channel. However, we don't recommend using pre-release modules on production machines. On the other hand, we recommend using them on a few non-critical systems so that you can notify us about possible issues before the modules are released for all users. Regarding mirror vs http proxy update, here are several benefits of using http proxy: - streamed updates; machines are updated every few minutes which enables them to protect you from the very latest threats - LiveGrid provides another technique for providing rapid response to new threats - only files that are actually needed to update clients are downloaded. Mirror contains a lot of files that clients will never need. This way you should be able to save even GBs of Internet traffic per month. Link to comment Share on other sites More sharing options...
sergio_sd 0 Posted February 16, 2021 Author Share Posted February 16, 2021 Great, it`s work. ./MirrorTool --mirrorType regular \ --intermediateUpdateDirectory /tmp/mirrorTool/mirrorTemp \ --offlineLicenseFilename /etc/eset/MirrorSMK.lf \ --outputDirectory /var/www/html/mirror \ --excludedProduct ep4 ep5 ep7 era6 Now be try proxy-apache. Thanks Marcos, thanks Rincewind. Link to comment Share on other sites More sharing options...
Recommended Posts