0x0e.org | pentesting perspective

braindump on pentesting, QA, metasploit, constant learning

Apt-proxy installation notes

with 6 comments

No big secret that i’m a huge fan of ubuntu as a pentesting platform, and run it as my main OS. Recently I’ve had enough systems to justify tossing in an apt-proxy installation. Nothing groundbreaking, but may save a few mins for you. Here’re my notes.

SERVER CONFIGURATION:

Choose an (ubuntu) machine to install apt-proxy on:

$ sudo apt-get install apt-proxy

After the install, edit the /etc/apt-proxy/apt-proxy-v2.conf file to configure your listening address:

address = [internal listening address]

Restart the apt-proxy daemon:

$ sudo /etc/init.d/apt-proxy restart

That’s it for the server

CLIENT:

Setting a client up to use the proxy requires editing a few lines of your /etc/apt/sources.list. The Apt-proxy howto (https://help.ubuntu.com/community/AptProxy) gives a good example:

Replace mentions of specific repository URL (in /etc/apt/sources.list) with references to your server and the backend for it; such as:

deb http://archive.ubuntu.com/ubuntu karmic main restricted
deb http://security.ubuntu.com/ubuntu karmic-security main restricted universe

would become:

deb http://server:9999/ubuntu karmic main restricted
deb http://server:9999/ubuntu-security karmic-security main restricted universe

Pretty straightforward. Just make sure you append the “-security” piece onto the proxy URL for both security and updates. In the case of my /etc/apt/sources.list:

# standard packages
deb http://%5Binternal listening address]:9999/ubuntu karmic main restricted universe multiverse
deb-src http://%5Binternal listening address]:9999/ubuntu karmic main restricted universe multiverse

# update packages
deb http://%5Binternal listening address]:9999/ubuntu karmic-updates main restricted universe multiverse
deb-src http://%5Binternal listening address]:9999/ubuntu karmic-updates main restricted universe multiverse

# security packages
deb http://%5Binternal listening address]:9999/ubuntu-security karmic-security main restricted universe multiverse
deb-src http://%5Binternal listening address]:9999/ubuntu-security karmic-security main restricted universe multiverse

Run an apt-get update / apt-get upgrade and you’re golden. Rinse & repeat for all clients.

Cheers!

Advertisements

Written by jcran

July 5, 2010 at 8:21 PM

Posted in Uncategorized

Tagged with , , , , ,

6 Responses

Subscribe to comments with RSS.

  1. Great post, never used apt-proxy before but it seems to be a interesting tool. I have used apt-mirror before but I didn’t like the idea of mirroring every version of Ubuntu locally. We have about 20 Ubuntu boxes on my team that I think I will get transitioned over to this.

    hammackj

    July 12, 2010 at 12:54 PM

  2. glad it helped!

    jcran

    July 12, 2010 at 12:57 PM

  3. @hammackj – if you’re really crazy, check out apt-torrent :p

    jcran

    July 12, 2010 at 1:01 PM

  4. That is awesome. I think the network guys would freak out of every apt-get was a torrent pull =) Great idea though.

    hammackj

    July 12, 2010 at 1:13 PM

  5. apt-proxy has scaling problems, and likely won’t work for 20 simultaneous machines. We switched to approx because it’s a lot more stable. It also has a really simple configuration.

    Joe McDonagh

    July 14, 2010 at 12:29 AM


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: