It’s been a while since Matt or I have posted as we start some new journeys in our lives.
I’ve now started a new role and as part of that, I’ve become an advisor for a Cyber Community at work. This has led to me building our CTF platform available at cyberranges.co.uk where you can host your own competitions independent of another competition taking place. This platform makes use of Docker to be able to host images of challenges that participants can spin up on demand.
This tale came about this weekend when I was stumped trying to create a new challenge that my brother-in-law created for us. This challenge made use of apt-get update using Debian in the Dockerfile, the issue was every time I tried building the image the build failed after about 10 minutes. When investigating the build was showing the following:
Ign:1 http://archive.ubuntu.com/ubuntu nobel InReleaseI ran some additional tests to see what might be going on in particular using WGET I could see that I was getting a TCP connection but no HTTP response:
wget --spider http://archive.ubuntu.com/ubuntu
Spider mode enabled. Check if remote file exists.
--2024-07-29 10:39:37-- http://archive.ubuntu.com/ubuntu
Resolving archive.ubuntu.com (archive.ubuntu.com)... 185.125.190.83, 185.125.190.81, 91.189.91.83, ...
Connecting to archive.ubuntu.com (archive.ubuntu.com)|185.125.190.83|:80... connected.
HTTP request sent, awaiting response...The worst bit about this was the final response I got from apt update:
Connection failed [IP: 91.189.91.81 80]I tried many different things from DNS to internal IP Addressing changes to see if something weird was going on in the internal network. I tried a different mirror which worked perfectly so it was something specific to archive.ubuntu.com. I also tried building a new Ubuntu server which had the same problem. If I wanted to use a different mirror the issue is in your Dockerfile you need to replace your sources file before you try apt update and I didn’t want to have to force anyone creating a challenge to do that.
Ultimately, I decided to request a new IP Address from my service provider which did the trick. I have no idea why I didn’t get a 4XX response from the server but there you go. If ever faced with this issue try getting a new IP Address first before going down the rabbit hole I did.
What broke me was the fact that I have four Ubuntu servers and a Debian server sat behind this IP Address where two of the Ubuntu servers were fine and two were not. Very odd. Anyway, lesson learned.
Random IT Stuff 