[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#434392: O: nikto: web server security scanner

On Mon, Jul 23, 2007 at 05:16:21PM +0200, Thomas Seyrat wrote:
> Package: wnpp
> Severity: normal
> 
>   I am orphaning the nikto package. It's a nice security scanner
>   (probably no other open source equivalent), but I have no time to
>   maintain it anymore.
> 
>   Thomas
> 
> 
>  Nikto is a pluggable web server and CGI scanner written in Perl, using
>  rfp's LibWhisker to perform fast security or informational checks.
>  .
>  Features:
>   * Easily updatable CSV-format checks database
>   * Output reports in plain text or HTML
>   * Available HTTP versions automatic switching
>   * Generic as well as specific server software checks
>   * SSL support (through libnet-ssleay-perl)
>   * Proxy support (with authentication)
>   * Cookies support

Given that a much-improved nikto 2.0 is available I think this should
rather be removed than kept in Lenny if it's not updated. (It might
people give a false impression of the security state of their setup).

Since it's orphaned for nine months, do you agree with removing it?

If anyone wants to re-introduce a more recent release at a later
point, he/she can still base on the old packages from Sarge or Etch.

Cheers,
        Moritz
Reply to: