Here is an interesting one…
I was installing Kali Linux on a virtual machine and I then ran the updates. They failed.
The error message was “499 Update request forbidden by antivirus”. But Kali doesn’t have antivirus running by default.
It turns out that the virtual machine was trying to download a packet from the repository and the AV on the host was recognising it as a virus signature - it was a Wi-Fi cracking tool - and the AV on the host was blocking the download.
Fair enough, the host PC acts as a bridge and all traffic passes through it and fair enough, the AV software flagged the Wi-Fi cracking tool (for Linux) as malware.
What I find interesting is that Kali Linux managed to interpret the AV software on the host blocking the download as different to the network simply being capped or the file not being found. I’m guessing that VMware or the AV software somehow can signal that it was the host av software that caused the problem.
I’ll try doing some research, but it is very interesting. I managed to get around the problem by temporarily deactivating the AV software, downloading the update and re-enabling the AV software, so it was definitely the host AV software that caused the problem.
The only thing that could be better is if Kali said it was the external (host/network) AV that was causing the problem and not some AV running on Kali… I knew Kali didn’t have AV, so I knew the problem lay elsewhere.