Joep Vesseur wrote: > Interesting case... At first I thought it was April 1st already, but I guess > we'll see more tools like this appearing as familiarity cases (NFS-shell > anyone?) > > I realize that any user can install this software by downloading and > compiling, but I'm left with two questions when it's present out of the box: > > - what privileges are needed by this software? Can any regular user run this > and, perhaps accidentally, create havoc on the networks he's connected to? > I guess it would be nice if only users with "Network Security" or another > suitable profile were able to use this program. > > - The FOSS document states that there are no network services provided by > this software and no authentication performed. The man-page however > mentions a daemon mode that offers a Cisco-like CLI that people can use > to monitor and launch attacks from. Who can start this daemon and how is > access to the daemon controlled? > > Joep > I'm actually of the opinion that this is not something we ought to be bundling with our systems. I understand there might be some intent to allow administrators to do penetration testing, but I really believe we shouldn't be encouraging end-users to do this. Basically, tools like this just facilitate life for the "script kiddies". From an architectural point of view, does it make sense that we include tools that have the primary purpose of being used to identify and exploit weaknesses in the network infrastructure? I really don't think so.
If just one corporate catastrophe is avoided by not having this kind of software "too readily available", then I'll be glad we haven't shipped it. I think this case pushes the "familiarity envelope" just a bit too far. My fingers are hovering over the derail button... but I'll give the submitter/owner a chance to help me understand the architectural vision here -- how does offering this in prepackaged form do more good than harm? - Garrett