[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What should a Debian-security metapackage should provide?

from the secret journal of Javier Fernandez-Sanguino Pe?a (jfernandez@sgi.es):
> 	For example, I would add dependancies on snort, nessus, nmap, queso, cracklib2,
> ethereal, firestarter (when available as a Debian package), john, netdiag,
> sniffit, otp, makepasswd, logcheck, secpolicy, libpam, lasg... (might have left
> others outs). Kind of a swiss-army security knife :)

for the same reason as including security documentation, i would include
pwgen rather than (or in addition to) makepasswd. pwgen makes pronouncable
random passwords that are easier for users to remember, and thus less likely
to be on a postit note on the monitor.

> 	It could also Conflict with known no-security packages..
> 	Any ideas? Is it really interesting or just a pointless idea?

i think it's a good idea, but i haven't read the rest of this thread yet :)

> 	Javi

jacob kuntz

Reply to: