-
Notifications
You must be signed in to change notification settings - Fork 98
Nessus Agent Upgrade
All FCS systems has Nessus Agent installed. The agent needs to be upgraded on regular basis. Nessus weekly scan report will notify data.gov team when a new version of Nessus Agent is available. This document describes steps to have all agents upgraded on all systems.
Go to https://drive.google.com/drive/folders/0B726fftFCN-oemFRazdnM3FITE0 and download the Nessus Agent package for your system. For Ubuntu 18.04, we use the deb package under folder ubuntu > Ubuntu 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, 16.04 - AMD64
Use this PR as an example, upload the deb package to the repo datagov-deploy-common and create a new PR. Create a new tag after the PR is merged.
Use this PR as an example, update datagov-deploy-common requirement with thre new tag from previous step. After the PR gets approved, it will be deployed on FCS systems.
Staging, production and management jumpboxes do not have the new deployment. Hence this manual step needs to be done on all three jumpboxes.
ubuntu@datagov-jump2d:~/data.gov/
$ git checkout master
$ git pull
$ pipenv sync && pipenv run make vendor
$ pipenv run ansible-playbook ansible/site.yml --limit jumpbox
ubuntu@datagov-jump2d:~/data.gov/
$ pipenv run ansible -a "sudo /opt/nessus_agent/sbin/nessuscli -v" all
Results should show all agent is on new version.