Hi, I have a few suggestions for packages, which I am starting to pack, about what I would like to see comments from dd's wheter they are good or not. Then I will see if I can find a sponsor..
It would be great, IMHO, if we could see more security tools in Debian, even those that are commonly used only by the crackers, like rootkits and sniffers. Knowing these tools is an important task for security professionals and system administrators. It is quite desirable to make them largely available. An issue is that I don't know wheter this kind of applications can enter the official Debian repository or not. Among these applications I would include packet sniffers (czsniff, readsmb, linsniffer [old] etc), common rootkits (adore, suckit, etc [see chkrootkit]) and other tools (hydra and other bruteforce applications, glftpd [a free "beer" ftpd application with features that please pirates]). I also think that distributing exploits that could be used to test vulnerabilites is interesting too. I don't think exploits would ever enter official debian repository. But I am thinking about making a repository for that, and, either or both, publish only verified (which is not hard) exploits and warn the admins not to use them in their production systems. But this would be a future work. It is obvious that these tools are to be used by system administrators, not crackers. I don't think I must note that only root or users with the correct permissions can "apt-get install". Also, rootkits wouldn't just start and run after an 'apt-get install' instruction. The admin would have to be warned about what that rootkit does and how do remove it. Efforts would be made so that the rootkits were easy to be uninstalled or disabled, and to avoid accidents (like losing/deleting the "uninstall" tool). As most of these tools don't worry much about documentation, detailed man pages and README should be specifically written (oh.. my poor english). Maybe, as I could notice at #debian-devel in freenode, many won't find any use for shipping rootkits and exploits with debian. I believe, though, that many will. System administrators could find them very useful to do tasks like setting a honeypot and monitoring activities in their boxen. If my suggestions are ok, would somebody here have time and will to sponsor me? Although I have made packages before, I am starting with a simple one, a very simplistic identd server "identd <username>". I've had no problems yet, but I need somebody to review it. Also, I still need to keep reading the devel docs at d.o. If, after that, I perform a good job, can I apply to be a DD? As a thankful and happy Debian user, I would be very glad if I could make it. Sorry for my poor english. Thanks in advance. - Yves Junqueira a.k.a. nictuku BrasÃlia, DF, Brasil
