本教程用于搭建kali源服务器
服务器版本:Ubuntu 16.04.1 LTS
kali基础知识
Q:kali是什么系统? A:Kali是基于Debian的发行版(eg:Ubuntu,kali) Q:如何查看自己的kali linux版本? A:使用命令lsb_release -a Q:kali 有哪些版本? A:kali一共有两个版本,sana,以及2016年1月发行版本Kali Rolling Q:Kali Rolling与Debian的标准版有什么不同? A:为了让用户能更好地理解Kali Rolling的不同之处,我想,用一张图来说明Kali Rolling是如何运行的,是再合适不过了。Kali虽然是基于Debian的一个linux版本,但它却不同于Debian7,8,9等这些版本,并且和以前采用的测试方法也不同。不再采用那些,有时被认为是全新的,主流的,有时又是过时的循环软件测试。Kali Rolling是Debian的即时更新版,只要Debian中有 更新,更新包就会放入Kali Rolling中,供用户下载使用。它为提用户提供了一个稳定更新的版本,同时会带有最新的更新安装包。 Q:目前官方kali源有哪些? A:
#deb cdrom:[Debian GNU/Linux 7.0 Kali - Official Snapshot amd64 LIVE/INSTALL Binary 20150312-17:50]/ kali contrib main non-free
#deb cdrom:[Debian GNU/Linux 7.0 Kali - Official Snapshot amd64 LIVE/INSTALL Binary 20150312-17:50]/ kali contrib main non-free
deb http://http.kali.org/kali moto main non-free contrib
deb-src http://http.kali.org/kali moto main non-free contrib
deb http://security.kali.org/ moto/updates main contrib non-free
deb-src http://security.kali.org/ moto/updates main contrib non-free
#中科大kali源
deb http://mirrors.ustc.edu.cn/kali kali main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali main non-free contrib
deb http://mirrors.ustc.edu.cn/kali-security kali/updates main contrib non-free
#新加坡kali源
deb http://mirror.nus.edu.sg/kali/kali/ kali main non-free contrib
deb-src http://mirror.nus.edu.sg/kali/kali/ kali main non-free contrib
deb http://security.kali.org/kali-security kali/updates main contrib non-free
deb http://mirror.nus.edu.sg/kali/kali-security kali/updates main contrib non-free
deb-src http://mirror.nus.edu.sg/kali/kali-security kali/updates main contrib non-free
#阿里云kali源
deb http://mirrors.aliyun.com/kali kali main non-free contrib
deb-src http://mirrors.aliyun.com/kali kali main non-free contrib
deb http://mirrors.aliyun.com/kali-security kali/updates main contrib non-free
#163 Kali源
deb http://mirrors.163.com/debian wheezy main non-free contrib
deb-src http://mirrors.163.com/debian wheezy main non-free contrib
deb http://mirrors.163.com/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163.com/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163.com/debian-security wheezy/updates main non-free contrib
deb http://mirrors.163.com/debian-security wheezy/updates main non-free contrib
#auto
deb http://http.kali.org/kali kali-rolling main non-free contrib
#中科大
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
#浙大
deb http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
deb-src http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
#东软大学
deb http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
deb-src http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
#重庆大学
deb http://http.kali.org/kali kali-rolling main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
#官方源
deb http://http.kali.org/kali kali-rolling main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
如何更换源?
- 首先修改/etc/apt/sources.list文件里面的源地址
- 执行命令,更新源:apt-get update & apt-get upgrade
- 更新完成后再输入:apt-get dist-upgrade
- 清理:apt-get clean
- 重启:reboot
回到正题:如何搭建kali源服务器?
1、准备工作:
- 搭建一个web服务器
- 大量磁盘空间,良好的带宽,rsync和SSH访问权限
- 主程序包存储库大约为450 GB,ISO映像存储库大约为50 GB,但可以预期这些数字会定期增长。 镜像站点应该通过HTTP和RSYNC使文件可用,因此需要启用这些服务。
2、创建镜像用户:
adduser -p password archvsync
3、为镜像创建目录:
sudo mkdir /srv/mirrors/kali{,-images}
sudo chown archvsync:archvsync /srv/mirrors/kali{,-images}
4、配置rsync:
sudo sed -i -e "s/RSYNC_ENABLE=false/RSYNC_ENABLE=true/" /etc/default/rsync
$ sudo vim /etc/rsyncd.conf
$ cat /etc/rsyncd.conf
uid = nobody
gid = nogroup
max connections = 25
socket options = SO_KEEPALIVE
[kali]
path = /srv/mirrors/kali
comment = The Kali Archive
read only = true
[kali-images]
path = /srv/mirrors/kali-images
comment = The Kali ISO images
read only = true
$ sudo service rsync start
Starting rsync daemon: rsync.
5、配置镜像:
$ sudo su - archvsync
$ wget http://archive.kali.org/ftpsync.tar.gz
$ tar zxf ftpsync.tar.gz
现在我们需要创建一个配置文件。
$ cp etc/ftpsync.conf.sample etc/ftpsync-kali.conf
$ vim etc/ftpsync-kali.conf
$ grep -E '^[^#]' etc/ftpsync-kali.conf
MIRRORNAME=`hostname -f`
TO="/srv/mirrors/kali/"
RSYNC_PATH="kali"
RSYNC_HOST=archive.kali.org
6、设置SSH密钥:
最后一步是设置.ssh / authorized_keys文件,以便archive.kali.org可以触发您的镜像:
$ mkdir -p .ssh
$ wget -O - -q http://archive.kali.org/pushmirror.pub >>.ssh/authorized_keys
7、配置镜像:
在官网选择一个最近的镜像地址进行rsync同步
http://http.kali.org/README.mirrorlist
然后执行以下命令
$ rsync -qaH archive-4.kali.org::kali /srv/mirrors/kali/ &
$ rsync -qaH archive-4.kali.org::kali-images /srv/mirrors/kali-images/ &
碰到的一些坑
- 网上源很多,一定要先看好自己的系统版本,不然会发现一堆not found
- 更新源时候,出现提示证书错误(签名无效之类的),解决办法就是修改/etc/apt/apt.conf.d下的70debconf文件,在里面加上:Acquire::AllowInsecureRepositories “true”;然后运行命令查看apt的对应配置有无生效:apt-config dump
