How to update packages and apply hardening rules on servers without internet connection?

Orlando Agustin

10/10/22, 11:54 AM

I have several new Ubuntu 18.04 servers that were scanned for compliance and vulnerabilities. The scan results show that I need to update certain packages and apply hardening rules. These servers are interconnected, but will not have internet connection.

I did some research and came across CIS Compliance Tools from Canonical. Is it possible to download this application and install the package (complete with its dependencies) on each of the servers, then run it to apply the hardening rules? I believe I have to pay for the support services in order for me to download the package.

For updating the packages, any suggestions on how to do this?

I would appreciate any help and inputs.

0 + 4

offline

18.04

user535733

10/10/22, 12:52 PM

AskUbuntu is run by volunteers and enthusiasts. It's not for Canonical customer service or sales inquiries. We don't answer questions about commercial Canonical products.

user535733

10/10/22, 12:58 PM

Does this answer your question? [How to download Ubuntu updates to a flash drive, and use it to update other PCs?](https://askubuntu.com/questions/1261501/how-to-download-ubuntu-updates-to-a-flash-drive-and-use-it-to-update-other-pcs)

Orlando Agustin

10/13/22, 8:20 AM

As for updating the packages, it seems apt-offline is the solution that I can use. But how about server hardening? Any ideas? @user535733

user535733

10/13/22, 2:16 PM

Ubuntu Server is already designed to be safe out-of-the-box. Your Question claims that you already have some list of hardening suggestions. Implement them, or do not. It's up to you.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to update packages and apply hardening rules on servers without internet connection?

TH: จะอัปเดตแพ็คเกจและใช้กฎการเสริมความแข็งแกร่งบนเซิร์ฟเวอร์โดยไม่ต้องเชื่อมต่ออินเทอร์เน็ตได้อย่างไร

RO: Cum se actualizează pachetele și se aplică reguli de întărire pe servere fără conexiune la internet?

RU: Как обновить пакеты и применить правила защиты на серверах без подключения к интернету?

VI: Làm cách nào để cập nhật các gói và áp dụng quy tắc cứng trên máy chủ không có kết nối internet?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.