[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RFC: A security-base package for Debian

[I take this discussion over to the devel-l for a broader audience]

Hello List 

After taking over the packaging of the snort portscan detector I 
discussed with some other maintainers about a creation of a Debian 
security-base package that should be a package with the following

1. Includes many network security related documents, all in some 
   categories and maybe converted to text and/or html (we must see) and
   some short description to read them in a convinient way.

2. The package has dependencies to all security related programs like
   port scan detectors, fakebo, tcpdump, nmap etc pp.

3. It will (maybe later) contain some scripts that check the security
   of the localhost. No intent to replace SATAN-like tools but simply
   telling the user: hey fingerd is not really needed....

read you,


BTW: I cc'd this post to the debian-firewall-l. Maybe we should diskuss
     there further ?
On Tue, Jul 13, 1999 at 07:55:29PM +0200, Martin Schulze wrote:
> Brent Fulgham wrote:
> > I agree with Hamish, that a dummy package would be preferable to
> > encasing several existing packages in a new package.
> > 
> > I wonder if there would be any benefit to creating a script that
> > could evaluate a user's settings for security problems.  We
> > all know that many newbie Linux users have all kinds of system
> > services running that they have no intention of every using.
> > For example, someone on a dialup ISP may have a running FTP
> > server, NFS server, etc.  These things are not useful if you
> > do not have a local network of some kind, and provide access
> > points for an attacker.
> > 
> > I think it might be useful to include some Security HOW-TO type
> > information in the package as part of the documentation.
> That would be appreciated, maybe combined with some more security
> related papers from the internet so the admin who has this package
> installed is able to learn about security without searching the
> net for things he don't even know about.
> Regards,
> 	Joey

Christian Hammers              WESTEND GmbH              Tel 0241/701333-0
ch@westend.com      DPN Verbund-Partner Aachen u. Dueren   Fax 0241/911879

Reply to: