Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks

To: Thibaut Paumard <thibaut@debian.org>
Cc: 858612@bugs.debian.org, Sophie Brun <sophie@freexian.com>, Debian Debian Developers <debian-devel@lists.debian.org>
Subject: Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
From: Raphael Hertzog <hertzog@debian.org>
Date: Mon, 27 Mar 2017 11:33:07 +0200
Message-id: <[🔎] 20170327093307.qvjmjnfpeunnr23u@home.ouaza.com>
Mail-followup-to: Thibaut Paumard <thibaut@debian.org>, 858612@bugs.debian.org, Sophie Brun <sophie@freexian.com>, Debian Debian Developers <debian-devel@lists.debian.org>
In-reply-to: <[🔎] 3be043b1-aff5-72a2-12e6-a0453dc634b1@debian.org>
References: <[🔎] 149036157263.4955.11186991379445117010.reportbug@x250-sophie> <[🔎] 4e6d70ae-b9ab-4780-b90b-207510673ba7@email.android.com> <[🔎] 20170325104431.ykd6dsu3d6ln7ffh@home.ouaza.com> <[🔎] 3be043b1-aff5-72a2-12e6-a0453dc634b1@debian.org>

On Mon, 27 Mar 2017, Thibaut Paumard wrote:
> Thanks for the pointer. Just out of curiosity, do you intend on using
> the blends framework for the pkg-security team?

This is not part of any current plan but I have no objection if someone
wants to do the required work.

> If you have pointers about those best security practices, I'll gladly
> take them.

I'm not a penetration tester myself. But a good starting point is to
not use "http" at all on connections that you do not trust and also using
tools to ensure that you get the same https certificate that you use to
get over a secure connection.

> Quickly Googling "pkg-security" and "Debian security" did not reveal a
> prominent central place for this sort of information. Although not
> Debian-specific, a starting point at debian.org for raising awareness
> for our users would be nice. If the pkg-security team could take it on
> its shoulders...

The pkg-security team is about packaging tools, not about this, sorry. 

https://wiki.debian.org/Teams/pkg-security

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Reply to:

Follow-Ups:
- Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
  - From: Sean Whitton <spwhitton@spwhitton.name>

References:
- Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
  - From: Sophie Brun <sophie@freexian.com>
- Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
  - From: Thibaut Paumard <thibaut.paumard@obspm.fr>
- Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
  - From: Thibaut Paumard <thibaut@debian.org>

Prev by Date: Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
Next by Date: Re: convention on listen port local or all network interfaces etc. - revision 2
Previous by thread: Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
Next by thread: Re: Bug#858612: ITP: wifiphisher -- Automated phishing attacks against Wi-Fi networks
Index(es):
- Date
- Thread