Kali linux update fails with HTTP 403 Forbidden

If one of your kali linux systems fails to update some packages like davtest, dbd, impacket, mimikatz etc using sudo apt-get update with the error "http 403 forbidden", as shown in the following screenshot, a possible cause could be your FortiGate firewall with its UTM antivirus feature:

Kali apt-get update http 403 forbidden

Your Fortinet FortiGate antivirus log might look like this:

FortiGate antivirus kali update

To fix this, create an extra FortiGate antivirus profile which excludes those signatures and use this av profile in the firewall policy of your kali systems. Another 'dirty' workaround could be to change the updates to use HTTPS, as long as you don't do deep packet inspection for TLS traffic on your FortiGate. If so the URI and payload become invisble due to encryption to your FortiGate.

HTTPS for kali updates: https://www.kali.org/news/kali-linux-repository-https-support/

No comments:

Post a Comment