Bug#434392: O: nikto: web server security scanner
On Mon, Jul 23, 2007 at 05:16:21PM +0200, Thomas Seyrat wrote:
> Package: wnpp
> Severity: normal
>
> I am orphaning the nikto package. It's a nice security scanner
> (probably no other open source equivalent), but I have no time to
> maintain it anymore.
>
> Thomas
>
>
> Nikto is a pluggable web server and CGI scanner written in Perl, using
> rfp's LibWhisker to perform fast security or informational checks.
> .
> Features:
> * Easily updatable CSV-format checks database
> * Output reports in plain text or HTML
> * Available HTTP versions automatic switching
> * Generic as well as specific server software checks
> * SSL support (through libnet-ssleay-perl)
> * Proxy support (with authentication)
> * Cookies support
Given that a much-improved nikto 2.0 is available I think this should
rather be removed than kept in Lenny if it's not updated. (It might
people give a false impression of the security state of their setup).
Since it's orphaned for nine months, do you agree with removing it?
If anyone wants to re-introduce a more recent release at a later
point, he/she can still base on the old packages from Sarge or Etch.
Cheers,
Moritz
Reply to: