Re: [Savannah-hackers] submission of yersinia - savannah.nongnu.org

[Michael J. Flickinger]

On Saturday 28 August 2004 10:01 am, David Barroso wrote:
> * Michael J. Flickinger (address@hidden) wrote:
> > Hi,
> >
> > I'm evaluating the project you submitted for approval in Savannah.
> >
> > On Friday 27 August 2004 09:08 am, address@hidden wrote:
> > > A package was submitted to savannah.nongnu.org
> > > This mail was sent to address@hidden, address@hidden
> > >
> > >
> > > David Barroso <address@hidden> described the package as follows:
> > > License: gpl
> > > Other License:
> > > Package: yersinia
> > > System name: yersinia
> > > Type: non-GNU
> > >
> > > Description:
> > > yersinia is written in C, and it runs in Linux, *BSD and
> > > Solaris. It is a framework to perform layer 2 attacks
> > > helping the pen-tester. Multiple attacks can be executed in
> > > parallel. It does not pretend to be an ettercap competitor,
> > > since its aims are different. It supports concurrent users
> > > and parallel attacks.
> >
> > "Linux" is just a kernel of a more complex system
> > that we like to refer to as GNU/Linux, to emphasize
> > the ideals of the Free Software movement.
> >
> > Would you mind changing references to Linux as an OS
> > to GNU/Linux?
> >
> > For more information, see
> > http://www.gnu.org/gnu/linux-and-gnu.html
> >
> > > Currently several attacks are available, all of them focused
> > > in the protocols weaknesses. Example of these protocols are:
> > > CDP, BGP, HSRP, ... Multiple users can run different attacks
> > > selecting different network interfaces. Some of the attacks
> > > are DoS, other are implemented to gain control over networks
> > > or devices.
> > >
> > > Currently it has three main modes: ncurses gui, command line
> > > execution, or network daemon. It uses libnet and libpcap for
> > > the network issues, libncurses or libcurses for the GUI, and
> > > pthreads for the multithreading.
> > >
> > > There is some documentation about the attacks implemented,
> > > and also some workarounds for mitigating the attacks.
> > >
> > > It can be also used as a tool for network administrators for
> > > monitoring these protocols
> > >
> > >
> > > Other Software Required:
> > > libnet
> > > libpcap
> > > libncurses
> > > libpthreads
> > >
> > > Other Comments:
> > >
> > >
> > >
> > > _______________________________________________
> > >   Message sent via/by Savannah
> > >   http://savannah.gnu.org/
> >
> > Due to the nature of your program, I am afraid we will not be able to
> > host it at Savannah, as we can't host software that aids people in
> > breaking the law, and by hosting it, we could also be liable.
>
> Hi Michael,
> Could you please explain 'breaking the law'? If in my daily work as a
> pen-tester I am continuosly breaking the law then I should change my job
>
> :) I respect your opinion, but in a fairly manner, everything aids to
>
> break the law (we are using autoconf or automake, or ncurses, therefore,
> do they aid to break the law?
>
> This tool aids administrators and security guys to measure, mitigate or
> eliminate their risks in their networks. Perhaps I have misunderstood
> the Free Software concept: Free as in Freedom; we try to help the
> community, and everybody is free to take advantage of it.
>
>
> _______________________________________________
> Savannah-hackers mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/savannah-hackers

> Could you please explain 'breaking the law'? If in my daily work as a
> pen-tester I am continuosly breaking the law then I should change my job

You are not, and nor did I ever suggest you were breaking the law.

Basically, we don't want to be held accountable for hosting cracking software, 
as currently, there are quite a few unclear laws surrounding the subject.

When you submitted your project you advertised things that crackers would be 
interested in, not to say it's cracking software, of course.

> > > Currently several attacks are available, all of them focused
> > > in the protocols weaknesses. Example of these protocols are:
> > > CDP, BGP, HSRP, ... Multiple users can run different attacks
> > > selecting different network interfaces. Some of the attacks
> > > are DoS, other are implemented to gain control over networks
> > > or devices.

That sure sounds like something crackers would like to me.

It would be better if you could express the uses for the software in a way 
that makes it sound less like cracking software.

For example, instead of outright saying:
"Multiple users can run different attacks selecting different network 
interfaces. Some of the attacks are DoS, other are implemented to gain 
control over networks or devices."

Consider this:
"Yersinia can be configured in multipal ways, allowing for concurrent 
interface tests over multipal interfaces.  Some of the tests allow for 
countering denial of service attacks and ways of testing local network 
security."

Which one appeals more to the cracker?

Additionally, make sure the software itself is primarily aimed towards 
sysadmins.  For example, giving the software functionality for a concurrent 
attack from multipal computers on the internet would not be appropriate.

If you are willing to make your description appeal less to "crackers" and are 
willing to provide us with the source to review in your submission, please 
feel free to resubmit your project.

Thanks for your understanding,

-- 

Michael J. Flickinger