--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ITP: sancp -- network security tool designed to collect statistical information from network traffic
- From: Lars Bahner <bahner@debian.org>
- Date: Mon, 14 Nov 2005 16:42:37 +0100
- Message-id: <E1EbgTd-0001j9-JW@less.e.linpro.no>
Package: wnpp
Severity: wishlist
Owner: Lars Bahner <bahner@debian.org>
* Package name : sancp
Version : 1.6.1
Upstream Author : John Curry [ john dot curry at metre dot net ]
* URL : http://www.metre.net/sancp.html
* License : QPL
Description : network security tool designed to collect statistical information from network traffic
I am querying upstream for a new license.
This is a network security tool designed to collect statistical
information regarding network traffic, as well as, collect the
traffic itself in pcap format, all for the purpose of: auditing,
historical analysis, and network activity discovery. Rules can
be used to distinguish normal from abnormal traffic and support
tagging connections with: rule id, node id, and status id.
>From an intrusion detection standpoint, every connection is an
event that must be validated through some means. Sancp uses rules
to identify, record, and tag traffic of interest. 'Tagging' a
connection is a new feature since v1.4.0 Connections ('stats')
can be loaded into a database for further analysis.
Sancp rules control three types of logging for a connection: pcap,
stats, and realtime 'pcap' refers to packet data collected on the
connection in tcpdump format, 'stats' refers to a single line
summary of an entire connection once it is 'closed' 'realtime' is
a snapshot of 'stats' based on the initial packet, for immediate
reporting. Both 'stats' and 'realtime' contain a number of fields
used for recording packet statistics, TCP flags, p0f data, and
other vitals about how we handle the connection.
--- End Message ---
--- Begin Message ---
Hello,
This is an automatic mail sent to close the ITP you have reported or
are involved with.
Your ITP wnpp bug is being closed because of the following reasons:
- It is, as of today, older than 365 days.
- It hasn't had any activity recently.
As this is an automatic procedure, it could of course have something
wrong and probably it would be closing some bugs that are not
intended by owners and submitters (like you) to be closed, for
example if the ITP is still of your interest, or there has been
some kind of activity around it. In that case, please reopen the
bug, do it, DO IT NOW! (I don't want to be blamed because of
mass closing and not let people know that they can easily reopen
their bugs ;-).
To re-open it, you simply have to mail control@bugs.debian.org
with a body text like this:
reopen 339025
thanks bts
Further comments on the work done in the bug sent to
339025@bugs.debian.org would be truly welcomed.
Anyway, if you have any kind of problems when dealing with
the BTS, feel free to contact me and I'd be more than happy to help
you on this: <damog@debian.org>.
A similar process is being applied to other kind of wnpp bugs.
Thanks for your cooperation,
-- David Moreno Garza <damog@debian.org>.
--- End Message ---