[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#339025: marked as done (ITP: sancp -- network security tool designed to collect statistical information from network traffic)

Your message dated Thu, 16 Nov 2006 11:59:37 -0700
with message-id <E1GkmSX-0008Pm-UF@merkel.debian.org>
and subject line WNPP bug closing
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: wnpp
Severity: wishlist
Owner: Lars Bahner <bahner@debian.org>


* Package name    : sancp
  Version         : 1.6.1
  Upstream Author : John Curry [ john dot curry at metre dot net ] 
* URL             : http://www.metre.net/sancp.html
* License         : QPL
  Description     : network security tool designed to collect statistical information from network traffic

I am querying upstream for a new license.

This is a network security tool designed to collect statistical
information regarding network traffic, as well as, collect the
traffic itself in pcap format, all for the purpose of: auditing,
historical analysis, and network activity discovery. Rules can
be used to distinguish normal from abnormal traffic and support
tagging connections with: rule id, node id, and status id.
>From an intrusion detection standpoint, every connection is an
event that must be validated through some means. Sancp uses rules
to identify, record, and tag traffic of interest. 'Tagging' a
connection is a new feature since v1.4.0 Connections ('stats')
can be loaded into a database for further analysis.

Sancp rules control three types of logging for a connection: pcap,
stats, and realtime 'pcap' refers to packet data collected on the
connection in tcpdump format, 'stats' refers to a single line
summary of an entire connection once it is 'closed' 'realtime' is
a snapshot of 'stats' based on the initial packet, for immediate
reporting. Both 'stats' and 'realtime' contain a number of fields
used for recording packet statistics, TCP flags, p0f data, and
other vitals about how we handle the connection.

--- End Message ---
--- Begin Message --- 
Hello,

This is an automatic mail sent to close the ITP you have reported or 
are involved with.

Your ITP wnpp bug is being closed because of the following reasons:
- It is, as of today, older than 365 days.
- It hasn't had any activity recently.

As this is an automatic procedure, it could of course have something
wrong and probably it would be closing some bugs that are not 
intended by owners and submitters (like you) to be closed, for
example if the ITP is still of your interest, or there has been 
some kind of activity around it. In that case, please reopen the
bug, do it, DO IT NOW! (I don't want to be blamed because of
mass closing and not let people know that they can easily reopen
their bugs ;-).

To re-open it, you simply have to mail control@bugs.debian.org
with a body text like this:

reopen 339025
thanks bts

Further comments on the work done in the bug sent to
339025@bugs.debian.org would be truly welcomed.
Anyway, if you have any kind of problems when dealing with
the BTS, feel free to contact me and I'd be more than happy to help
you on this: <damog@debian.org>.

A similar process is being applied to other kind of wnpp bugs.

Thanks for your cooperation,

 -- David Moreno Garza <damog@debian.org>.

--- End Message ---
Reply to: