Re: What should a Debian-security metapackage should provide?

To: debian-security@lists.debian.org
Subject: Re: What should a Debian-security metapackage should provide?
From: Michel Kaempf <maxx@via.ecp.fr>
Date: Mon, 4 Dec 2000 23:15:09 +0100
Message-id: <[🔎] 20001204231509.A9772@via.ecp.fr>
In-reply-to: <[🔎] 3A2BDEF5.35B7E676@sgi.es>; from jfernandez@sgi.es on Mon, Dec 04, 2000 at 07:14:13PM +0100
References: <[🔎] 3A2BDEF5.35B7E676@sgi.es>

On Mon, Dec 04, 2000, Javier Fernandez-Sanguino Peña wrote:
> For example, I would add dependancies on snort, nessus, nmap, queso,
> cracklib2, ethereal, firestarter (when available as a Debian package),
> john, netdiag, sniffit, otp, makepasswd, logcheck, secpolicy, libpam,
> lasg... (might have left others outs). Kind of a swiss-army security
> knife :)

I would remove sniffit from the list, since the sniffit development
seems to have stopped, since sniffit is not as secure as it should be
(numerous buffer overflows were found some times ago), and since snort
is far more efficient and secure.

I would also add ippl (IP Protocols Logger). Well, many other things
could be added, other removed, maybe other reconfigured (?) in order to
harden the Debian system. Should this be discussed now/here?

Best regards,

-- 
MaXX

Reply to:

References:
- What should a Debian-security metapackage should provide?
  - From: Javier Fernandez-Sanguino Peña <jfernandez@sgi.es>

Prev by Date: Re: What should a Debian-security metapackage should provide?
Next by Date: Re: What should a Debian-security metapackage should provide?
Previous by thread: Re: What should a Debian-security metapackage should provide?
Next by thread: Re: What should a Debian-security metapackage should provide?
Index(es):
- Date
- Thread