Darren J Moffat wrote: > Kais Belgaied wrote: >> Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI >> This information is Copyright 2009 Sun Microsystems >> 1. Introduction >> 1.1. Project/Component Working Name: >> FOSS case: Yersinia Layer 2 Attack Tool >> 1.2. Name of Document Author/Supplier: >> Author: Si-wei Liu >> 1.3 Date of This Document: >> 24 November, 2009 >> >> 2. Project Summary >> 2.1 Project Description >> >> This project introduces the package of yersinia 0.7.1 into the >> SFW consolidation. >> >> 4. Technical Description >> >> Yersinia implements several attacks for the following protocols: > > I really question the need for this in the default OpenSolaris > repositories. What is driving this being part of our architecture ? > > Is it being included as a functional testing tool for our networking > technologies or because it is a hacking/penetration testing tool ? Currently, the former case. > > Given the description of the tool and the fact it says "attacks" I > feel this is a very different case to including tools like nmap which > are scanners. > In fact I'd prefer to call it as "Penetration testing tool for layer 2 attacks", which corresponds to the name and command notes in the proposal material. But we feel that it could bring more values to OpenSolaris, i.e. an network administrator can take advantage of this tool to diagnosing system vulnerability, and troubleshooting network problems.
-- Thanks, Siwei
