On Sat, May 2, 2009 at 1:14 PM, Nitin Kanaskar <nitinv...@gmail.com> wrote:
> Ok - I am not clear about the terminology - > packages, versions... > But i need to install gentoo 2004/2005 - if this > is right. I am a graduate student doing research on > vulnerabilities, exploits and IDS. Hence I am looking > for older gentoo installations which i know have > some vulnerabilities. > If i have to build whole OS from source, I am willing > to do that - but could not find any resource on that > old stuff. > > Hope I am clear about why I am looking for > such old stuff. i hope you are already a subscriber of the great mailing list: full-disclosure i dont think gentoo/portage is the easiest software to look at for old vulnerabilities, reason is, portage will syncronise with current 'version' so you probably want to look at older version of the portage package or older version of some other software. if you prefer to go toward some other software, checkout insecure.org(nmap's former official website) there is a section for mailing lists and links to that full disclosure list with archives. High volume list, vulnerabilites are disclosed about all kinds of software (90% linux software and some of other OSes). Good luck!
