Results 1 to 12 of 12

Thread: Is 117.135.139.22 a valid repository?

  1. #1
    Join Date
    2013-Aug
    Posts
    7

    Exclamation Is 117.135.139.22 a valid repository?

    This IP is in China.

    It appeared to me the first time when I tried to install Kali by the mini iso. I installed Kali as a vbox client. I run wireshark at the hosting PC during the installation and found that this IP was feeding me files. I ceased and deleted everything.

    I then tried the bit torrent. Strange enough that the md5sum of the iso does not match with the one in the txt file.
    In txt, it is 68b91a8894709cc132ab7cd9eca57513e1ce478b
    The file from bit torrent gives 7431cfd02f7e96ce2e086bc06029a8a9
    I have not used it.

    I just try to download the iso directly from the link on your download page. Once again, the China IP appears as the source of the download!?

    Is it normal?

  2. #2
    Join Date
    2013-Aug
    Posts
    7
    (I would like to add this to my first post. But as it is still not being released after hours of waiting, I make a new thread.)

    I used md5sum by mistake and sha1sums is used now. Moreover, I have also downloaded the amd64.iso by bit torrent. However, both the i386 and amd64 iso's fail the computed checksum.

    What I get is
    de4ddd0a181dcb680d14b0e286b23001770b76e4 kali-linux-1.0.4-amd64.iso
    f78c60b3a1b60116a319c7289f881127a92a5f59 kali-linux-1.0.4-i386.iso
    None of them match with the corresponding txt file come together, or with records here --> http://archive-6.kali.org/kali-images/SHA1SUMS

    So, what is happening?
    Is the file clean and you are going to update the SHA!SUMS records on your web and the txt file?
    You are hacked and the file is not safe?
    Are you going to give any warning if 117.135.139.22 is NOT you official repository? or clarify if it is?

    I take the "Alert" advice here --> http://http://docs.kali.org/download...i-linux-images very seriously.
    Did I take it too serious?

  3. #3
    You can find a list of Official Kali Linux Mirrors, below:
    Download Links:
    http://cdimage.kali.org/README.mirrorlist

    Repository
    http://http.kali.org/README.mirrorlist
    http://security.kali.org/README.mirrorlist

    Source: http://docs.kali.org/kali-support/kali-linux-mirrors


    Be sure to check the checksum of the downloaded image afterwards:
    Checksums: http://archive-6.kali.org/kali-images/SHA1SUMS
    How to & Information: http://docs.kali.org/downloading/dow...i-linux-images
    Note: the checksums are SHA1, not MD5



    The hash you listed, is a SHA1 (not MD5), and its for 'full' image (not a mini)
    Code:
    68b91a8894709cc132ab7cd9eca57513e1ce478b  kali-linux-1.0.4-i386.iso
    The other hash is unknown. I wouldn't trust it.

  4. #4
    Join Date
    2013-Aug
    Posts
    7
    Thanks for your help.

    1. I downloaded an iso directly from one of your link. sha1sum correct.

    2. 117.135.139.22 is the IP of http://archive-6.kali.org. Never imagine it is in China.
    It explains why I click the download link here and will be forwarded to receive file from there.

    3. Suggest you to double check the bit torrent files here -> http://www.kali.org/downloads
    Both i386 and amd64 iso files fail the sha1sum check.

  5. #5
    Join Date
    2013-Feb
    Posts
    29
    http://archive-6.kali.org is the mirror for China.

  6. #6
    Join Date
    2013-Aug
    Posts
    7
    Quote Originally Posted by bolexxx View Post
    http://archive-6.kali.org is the mirror for China.
    But I do NOT have the freedom to choose not using it.

  7. #7
    Join Date
    2013-Mar
    Posts
    269
    If you are not sure about the iso, I recommend building your own iso. Plus you customize it the way you like if you want. http://forums.kali.org/showthread.ph...ustom-Kali-ISO
    Fact, Science and the Pursuit of Knowledge. Working to secure your networks from threats; Outside and Within.

  8. #8
    Join Date
    2013-Aug
    Posts
    7
    Quote Originally Posted by charonsecurity View Post
    If you are not sure about the iso, I recommend building your own iso. Plus you customize it the way you like if you want. http://forums.kali.org/showthread.ph...ustom-Kali-ISO
    My concern is not about the product, but the source! I am forced to feed files from within China no matter what I do.

    I install Kali as vbox client. I run wireshark on vbox host and monitor all packets from 117.135.139.22.

    What I Have Done to Get Rid of 117.135.139.22
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    I choose "without network" option while installing from full iso off-line (yes, I unplug the physical cable of my PC as well).
    I disable vm's network adapter during first boot; edit /etc/apt/sources.list pointing it to non-China mirror
    After reboot with network adapter, I use -t option during apt-get update.
    Once again, wireshark reveals that source of file is from 117.135.139.22 !!!

    Seems that it is a server side issue. Unlikely customize iso can solve it.

  9. #9
    I altered my source file (twice) to test out using different mirrors.
    Upon doing so, it didn't use anything other than what it was told to, allowing you to use any mirror from any location you wish.

    • The first few commands, is kali using the default values (which automatically locates your nearest mirror and use that).
    • Afterwards, I (backup and then) manually alter it to use 'kali.mirror.garr.it' (193.206.139.34).
    • Then, to use 'mirror.pcextreme.nl' (109.72.87.236).
      Finally, I look up the values of the domain names, and check with Wireshark to see what’s happening (filtering the two locations above, as well as 'archive-6.kali.org').



    The results are as follows:
    Output
    Code:
    ---Removed---

    Screenshot
    Last edited by g0tmi1k; 2013-11-29 at 12:59.

  10. #10
    Join Date
    2013-Aug
    Posts
    7
    Thanks g0tmi1k for your help.

    I try the mirror in your example and can "apt-get update" w/o going thru 117.135.139.22 now. Everything else looks fine too.

    Then, I retry http://archive-5.kali.org , a US mirror which forwarded me to 117.135.139.22 before. The previous issue vanish too!

    Regarding the "automatically locates nearest mirror" feature you mention. Is it if I use
    deb http://http.kali.org/kali kali main non-free contrib
    deb-src http://http.kali.org/kali kali main non-free contrib
    then, the feature will be turned on automatically?
    Or what is(are) the trigger?

  11. #11
    Quote Originally Posted by nobody View Post
    Regarding the "automatically locates nearest mirror" feature you mention. Is it if I use

    then, the feature will be turned on automatically?
    Or what is(are) the trigger?

    Yes, if you use the default values that comes with Kali (which are the same as the ones you listed), it should automatically get the nearest mirror.
    You can find out more information regarding this, including locations & distances here: http://http.kali.org/README.mirrorlist

    I believe this works by using GeoIP.

  12. #12
    Join Date
    2013-Jun
    Posts
    113
    Use IPTables then. If you're really prejudicial, block all!

    inetnum: 117.128.0.0 - 117.191.255.255
    netname: CMNET
    descr: China Mobile Communications Corporation
    Last edited by blackMORE; 2013-09-03 at 03:01.

Similar Threads

  1. [404 Not found repository] Ask for newer repository?
    By justacleverguy in forum TroubleShooting Archive
    Replies: 4
    Last Post: 2016-03-25, 15:57
  2. Replies: 1
    Last Post: 2013-12-21, 09:55
  3. How To Make A Valid Thread
    By g0tmi1k in forum Forums Rules and Guidelines
    Replies: 1
    Last Post: 2013-05-18, 11:19
  4. How To Make A Valid Thread
    By bolexxx in forum Kali Linux General Questions
    Replies: 1
    Last Post: 2013-05-11, 14:43

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •