Today I got this error from this cron job on my Kali box
test -x /usr/bin/geoipupdate && /usr/bin/geoipupdate
The error:
Error retrieving updates: error updating GeoLite2-Country: error updating: unexpected HTTP status code: 401 Unauthorized: An account ID and license key are required to use this service.
On this error I found these two issues on GitHub:
https://github.com/maxmind/geoipupdate-legacy/issues/95
https://github.com/maxmind/geoipupdate/issues/61
Okay, so MaxMind has changed the free GeoIP use, requiring an account since 2019.
A quick search on my Kali box reveals that Netsniff and Nginx use GeoIP:
root@kali:~# locate geoip.conf /etc/netsniff-ng/geoip.conf /etc/nginx/modules-enabled/50-mod-http-geoip.conf /usr/share/nginx/modules-available/mod-http-geoip.conf
The first link above on github gives some further information. There should be a GeoIP.conf with some details. Let’s check that out:
root@kali:~# locate GeoIP.conf /etc/GeoIP.conf
So true, this is the content:
Please see https://dev.maxmind.com/geoip/geoipupdate/ for instructions on setting up geoipupdate, including information on how to download a pre-filled GeoIP.conf file. Enter your account ID and license key below. These are available from https://www.maxmind.com/en/my_license_key. If you are only using free GeoLite databases, you may leave the 0 values. AccountID 0 LicenseKey 000000000000 Enter the edition IDs of the databases you would like to update. Multiple edition IDs are separated by spaces. # Include one or more of the following edition IDs: * GeoLite2-ASN - GeoLite 2 ASN * GeoLite2-City - GeoLite 2 City * GeoLite2-Country - GeoLite2 Country EditionIDs GeoLite2-Country GeoLite2-City
As you can see the AccountID and LicenseKey are zero’s. This would be fine a year earlier, but now you need to get an account and fill these details in the GeoIP.conf file accordingly.
You can find more information here:
https://dev.maxmind.com/geoip/geoipupdate/#For_Free_GeoLite2_Databases
To apply for a free license you go here:
https://dev.maxmind.com/geoip/geoip2/geolite2/ and click on the button Sign up for Geolite2. Follow the instructions to set up an account.
After logging in you can go to License Key (under Services) and generate a license key. So pick up the Account ID and LicenseKey and store it in a safe place. After that you can place this stuff in the GeoIP.conf. Do mind that it takes 5 minutes for the license key to be activated, so don’t go updating GeoIP right away.
So we test this with the same line the cronjob has used, followed by geoipupdate -v to acually see some output of the process:
root@kali:~# test -x /usr/bin/geoipupdate && /usr/bin/geoipupdate root@kali:~# geoipupdate -v Using config file /etc/GeoIP.conf Using database directory /var/lib/GeoIP Acquired lock file lock (/var/lib/GeoIP/.geoipupdate.lock) Performing get filename request to https://updates.maxmind.com/app/update_getfilename?product_id=GeoLite2-Country Calculated MD5 sum for /var/lib/GeoIP/GeoLite2-Country.mmdb: 82124032f2f9118c6cb9d6ae4e033a75 Performing update request to https://updates.maxmind.com/geoip/databases/GeoLite2-Country/update?db_md5=82124032f2f9118c6cb9d6ae4e033a75 No new updates available for GeoLite2-Country Performing get filename request to https://updates.maxmind.com/app/update_getfilename?product_id=GeoLite2-City Calculated MD5 sum for /var/lib/GeoIP/GeoLite2-City.mmdb: 67cbff9edd4d6144daba0ceb58f4a5c7 Performing update request to https://updates.maxmind.com/geoip/databases/GeoLite2-City/update?db_md5=67cbff9edd4d6144daba0ceb58f4a5c7 No new updates available for GeoLite2-City root@kali:~#
Success!
Now to be sure make a copy of you GeoIP.conf file, so that if it’s overwritten in an upgrade or update, you can use your backup to restore your GeoLite2 settings.
root@kali:~# cp -pi /etc/GeoIP.conf /etc/GeoIP.conf_bck
