Patching SecOnion 2 OS #13386
-
|
We currently run an air-gapped distributed setup. We installed via the SecOnion2 ISO image on all our devices. We were asked to run a nessus scan against all of SO2 devices (Manager, Forward Nodes, Search Nodes) to find vulnerabilities. Naturally, it came back with vulns related to it's base OS (Oracle Linux 9) My question is it possile to run vulnerability patches on the sec onion nodes? Or do those kind of things come bundled within each incremental update? Additionally, there was interest in running a STIG compliance checklist, is there way to access the underlying OS or would any setting changes compromise SO2 in general? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
For airgap installations, OS updates are included in the latest ISO image. When you run soup, it will automatically install those OS updates from that ISO image. For more information, please see:
Security Onion Pro includes STIG: |
Beta Was this translation helpful? Give feedback.
-
|
Much appreciated! Last question on STIGs. is purchasing the Pro license the only way to STIG the OS? We were interested in doing it manually with the STIG viewer tool. |
Beta Was this translation helpful? Give feedback.
-
|
You may be able to apply STIG manually, but it's not trivial and we don't provide any support for that. |
Beta Was this translation helpful? Give feedback.
For airgap installations, OS updates are included in the latest ISO image. When you run soup, it will automatically install those OS updates from that ISO image. For more information, please see:
https://docs.securityonion.net/en/2.4/airgap.html#airgap
https://docs.securityonion.net/en/2.4/soup.html#airgap
Security Onion Pro includes STIG:
https://docs.securityonion.net…