Re: What should a Debian-security metapackage should provide?
On Mon, Dec 04, 2000, Javier Fernandez-Sanguino Peña wrote:
> For example, I would add dependancies on snort, nessus, nmap, queso,
> cracklib2, ethereal, firestarter (when available as a Debian package),
> john, netdiag, sniffit, otp, makepasswd, logcheck, secpolicy, libpam,
> lasg... (might have left others outs). Kind of a swiss-army security
> knife :)
I would remove sniffit from the list, since the sniffit development
seems to have stopped, since sniffit is not as secure as it should be
(numerous buffer overflows were found some times ago), and since snort
is far more efficient and secure.
I would also add ippl (IP Protocols Logger). Well, many other things
could be added, other removed, maybe other reconfigured (?) in order to
harden the Debian system. Should this be discussed now/here?