Bug#776441: harden-nids: Alternative to snort is not NIDS software

Wed, 28 Jan 2015 04:22:43 -0800 

Hi

I agree. Thanks for the patch.

// Ola

On Wed, Jan 28, 2015 at 2:07 AM, Javier Fernández-Sanguino Peña <
j...@debian.org> wrote:

> Source: harden
> Version: 0.1.38+nmu1
> Severity: important
> Tags: patch
>
> The harden-nids package claims to provide a network intrusion detection
> upon
> installation but depends on: 'snort | ntop'
>
> Snort is a network intrusion detection program, but ntop is not. Ntop is a
> network traffic probe that makes it possible to do traffic analysis but it
> does not have any capabilities to detect malicious network traffic either
> through behavioural or signature-based mechanisms (an upstream does not
> claim
> it to).
>
> Ntop does not comply with the package description definition either: " A
> network intrusion detection system is a tool that analyzes network packets
> and
> logs anomalies or known crack attempts. "
>
> I would suggest the package to remove ntop and include 'suricata' instead
> which
> *is* a network intrusion system. Attached is a patch that does just that.
>
> I'm setting the severity to 'important' since currently, in testing, Snort
> is
> not available (due to a removal from the Release Managers in December) and
> users installing this package currently in testing (and possibly in the
> 'jessie' release) would be just installing 'ntop' and not really an NIDS.
>
> In that way, the package description would be completely misleading.
>
>
> -- System Information:
> Debian Release: 8.0
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: i386 (i686)
>
> Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
> Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>



-- 
 --- Inguza Technology AB --- MSc in Information Technology ----
/  o...@inguza.com                    Annebergsslingan 37        \
|  o...@debian.org                   654 65 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---------------------------------------------------------------

Reply via email to