Bug#760453: RFS: amap/5.4+dfsg-1

To: Tobias Frost <tobi@frost.de>, "760453@bugs.debian.org" <760453@bugs.debian.org>
Subject: Bug#760453: RFS: amap/5.4+dfsg-1
From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Date: Thu, 4 Sep 2014 14:36:50 +0100
Message-id: <[🔎] 1409837810.11109.YahooMailNeo@web171803.mail.ir2.yahoo.com>
Reply-to: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>, 760453@bugs.debian.org
In-reply-to: <[🔎] 9a24c0615c7f62cc3591ebce0254884e.squirrel@isengard.linuxd.net>
References: <[🔎] 1409823561.18114.YahooMailNeo@web171801.mail.ir2.yahoo.com> <[🔎] 9a24c0615c7f62cc3591ebce0254884e.squirrel@isengard.linuxd.net>


> 
> Hi Gianfranco,
> 
> Well, amap has been previously been removed from Debian due to licesnse
> reasons. (Please see #346313) You write in #753704 that is no longer is the
> case -- I just saw that LICENSE.AMAP is still there without any further
> digging; can you briefly update me?
> 

Hi Tobias,

In #346313 the developer says:

"hmmm so basically I need to edit the LICENSE.GNU file to remove the
license name as well as to remove the "no further restrictions"
paragraph from it?
ok, I will do that then for the next release ..."


Seems that the developer didn't do this, but in the source files (headers) you can see the license is GPL, and the LICENSE.GNU is almost the same as the one in usr/share/common-licenses.

So IANAL, but we can just refer to the GPL-2 license, because the other one is not actually used?

> Otherwise, would be non-free possible (I need to think about it -- its complex
> topic -- if an upload to non-free could be possible instead license-wise)
> 

I don't know about this, I still don't understand this kind of licenses war (I mean, I understand them but I don't like them) ;)

> Upstream also writes that amap is depreciated in favour of nmap... Do you have
> any specific *why* wee still should have it in Debian, this question is not to
> torture, but this question could come up from other parties.

some tools (e.g. openvas) uses it, moreover for some specific applications should perform better than nmap.

"So today, I recommend to rather use nmap -sV for application fingerprinting rather than amap (although in some circumstances amap will yield better results, but these are rare)."

"    Currently there are two tools for this purpose: amap (you are looking
    at it), and nmap (www.insecure.org/nmap).
    Both have their strength and weaknesses, as they deploy different techniques.
    We recommend to use both tools for reliabe identification.
"

I know some penetration testing distros uses it, but I don't know how better performs than nmap, so maybe we can just leave it go.


thanks,

Gianfranco
> 
> --
> tobi
>

Reply to:

Follow-Ups:
- Bug#760453: RFS: amap/5.4+dfsg-1
  - From: Tobias Frost <tobi@debian.org>

References:
- Bug#760453: RFS: amap/5.4+dfsg-1
  - From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
- Bug#760453: RFS: amap/5.4+dfsg-1
  - From: "Tobias Frost" <tobi@frost.de>

Prev by Date: Bug#760453: RFS: amap/5.4+dfsg-1
Next by Date: Bug#744823: RFS: gnuais/0.3.0-1 [ITP]
Previous by thread: Bug#760453: RFS: amap/5.4+dfsg-1
Next by thread: Bug#760453: RFS: amap/5.4+dfsg-1
Index(es):
- Date
- Thread