Your message dated Mon, 10 Apr 2017 20:39:08 +0200
with message-id <20170410203908.38f81e2d@localhost>
and subject line arpwatch no longer starts after fresh install
has caused the Debian Bug report #327226,
regarding arpwatch: Might disclose sensitive information in default
configuration
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
327226: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327226
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: arpwatch
Version: 2.1a13-2
Severity: important
I installed arpwatch and it startet sending reports of new stations
(which is ok) right away (which is not ok). Why is this? I'm sending
mail to root to an external network account. Most of the time this is
ok, and I chose to do so. But in the case of arpwatch, I do not want
this information to be disclosed via an unsecured channel, since it
gives away configuration details (IPs if internal network, hardware and vendor
information) to the external world. There is a -Q flag which prevents
the sending of the reports via email, but it is not activated in the
default configuration. Arpwatch should send reports via email only when
expressly configured to do so.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-386
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)
Versions of packages arpwatch depends on:
ii adduser 3.63 Add and remove users and groups
ii debianutils 2.8.4 Miscellaneous utilities specific t
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libpcap0.8 0.8.3-5 System interface for user-level pa
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 2.1a15-3
Hi,
I recently took over maintenance of arpwatch as part of the pkg-security
team. Version 2.1a15-3 (currently only available in experimental due to
the freeze) ships with systemd unit files, which required some changes
in the arpwatch startup.
The interfaces, that arpwatch should monitor, now always need to be
configured. As there is no sensible default interface, the updated
version of the arpwatch package will no longer start the daemon by
default.
Consequently, the admin has the ability to change the configuration
before enabling one of the interfaces and either silencing the reports
or redirecting them to a different e-mail address.
Regards
Lukas
pgpfoM_S92f9Q.pgp
Description: OpenPGP digital signature
--- End Message ---
