Security repo

[aggplanta]

Hi,

I'm looking for a repo that has as much security packages as possibly. What I need at the moment is dsniff, sslsniff etc. The thing is that I have used Gentoo during the years for building my penetration and security boxes. But now it seems like time I should use OpenSuse for more than just desktop. I couldn't find any general repos when searching dsniff only factory repo. And with sslsniff there is nothing in the software search.

regards,

/bengan

[ab@novell.com]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There may be a repository on software.opensuse.org that specifically is
dedicated to security data, but otherwise search all of the OpenSUSE Build
Service and you can probably find what you're after, and if not you can
add it and become the authority yourself.

http://software.opensuse.org/search

Good luck.





aggplanta wrote:
> Hi,
>
> I'm looking for a repo that has as much security packages as possibly.
> What I need at the moment is dsniff, sslsniff etc. The thing is that I
> have used Gentoo during the years for building my penetration and
> security boxes. But now it seems like time I should use OpenSuse for
> more than just desktop. I couldn't find any general repos when searching
> dsniff only factory repo. And with sslsniff there is nothing in the
> software search.
>
> regards,
>
> /bengan
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJKzzzeAAoJEF+XTK08PnB5fB4P/094uaSbZoW5wE68aF/4SV3p
kW3t0D7oG7PArPKRX1NIOP0moII3BxQGU0O+iy5cM5Ps9xHHjK eelOsYsM+RvnLM
lEwVGhLxiq7UPOZ3KbkaoVK3ovbWljkHT3bnk0CxNGgW20Qj74 mLOzx00cNkgi1d
ks7VNaADw3uyhcTOPGB3abGTS2BfmU7MnuoZYxJ7NRbSmtTkV7 s5RUnpOClVrsmB
ONUyenjqmediQVU9lLaXC2EPad0LBI+63W9kzC5aZ+UN/+sO+eK8Qec27ouYN1t9
1B/dJQCq5WJPFWFxP/YKewJMUnckKdVjzMsLp7QrbqczPqiS97XcvTISNY2xHufQ
PcoB+pizEEOUsZpTLsW37VqB0YsCXDN4UnGF8uznRsfAvcE3y3 tb9/9JyKDvqGPL
TlKXUyyUxrJuQfnzpzJfCbxyO2t1ZN++qj2JCUQcr6kh7dBA7v vezXyD6te9HWk6
ZDRm1QbzHsWX6A2vfiJphh3+6fBK9MZ4h/V5rJ9mCGODlPO+cUjCaWrKFhEaLkgX
t6KSxGlVQSHTftRaxY+Q2tL6yqAId1y9BmazE4tdEM/NmNyw5YvFy4xqvNMVHb7k
mTtBKm6RrUqY0Z26+TcF+fdI0ZKcd3TgsF7KbKHBkZJ61QhXuI 9B7f2HjmddpYLn
6XnhGBhbzCI6PkNF+20f
=+DZ0
-----END PGP SIGNATURE-----

[LewsTherinTelemon]

I think Aggplanta makes an excellent point. I have oft been surprised to find that many common and basic security / pen testing / hacking tools are not in the Suse repos, whereas in another distro they are usually easily found.

For example, in this case neither dsniff or sslsniff are in Software.openSUSE.org I had the same experience recently looking for sqlmap and hping, etc, ending up having to build them and then resolve various dependencies, blah blah blah.

Now, granted, these tools are normally quite easy to build - but really that should not be necessary. In Ubuntu (or other) distros they are a command away. I would love to see the same type tools supported in Suse.

Honestly, Ubuntu is a great OS to use to hack / test with as there are SO many tools available instantly. I think making these type packages would help Suse be more appealing to users of other OSes who fit this demographic of security professionals / people formally know as h4x0rs, etc.

Now, I realize I can help contribute too by helping to make these packages. Though, honestly that is not a way I have contributed before, so would have to learn the build service. Not a bad thing, but that is not really my primary point.

I believe its a valid point that there should be more security / testing tools in the main Suse repos and that adding this should be a focus that would help Suse a lot in the long run.

Just my opinion of course, but I'd love to hear what others think. Maybe a few of us can work together to address this?

Cheers,
Lews Therin

[ab@novell.com]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'd be interested in helping with this if you'd like to collaborate a
little. I have managed to get things compiled in the OpenSUSE Build
Service before but have never built an RPM on my own so my experience with
SPEC files is non-existent, and that's what I need to get down before I
can be effective. Once the software is compiled all that is left is to
tell the Build Service (via the SPEC file) which binaries actually go into
the RPM. If you have experience with that I can show you what I've done
previously. There is also a build-service forum dedicated to help with
this kind of thing I should probably ask around in a bit more.

Good luck.






LewsTherinTelemon wrote:
> I think Aggplanta makes an excellent point. I have oft been surprised to
> find that many common and basic security / pen testing / hacking tools
> are not in the Suse repos, whereas in another distro they are usually
> easily found.
>
> For example, in this case neither dsniff or sslsniff are in
> 'Software.openSUSE.org' (http://software.opensuse.org/search) I had the
> same experience recently looking for sqlmap and hping, etc, ending up
> having to build them and then resolve various dependencies, blah blah
> blah.
>
> Now, granted, these tools are normally quite easy to build - but really
> that should not be necessary. In Ubuntu (or other) distros they are a
> command away. I would love to see the same type tools supported in
> Suse.
>
> Honestly, Ubuntu is a great OS to use to hack / test with as there are
> SO many tools available instantly. I think making these type packages
> would help Suse be more appealing to users of other OSes who fit this
> demographic of security professionals / people formally know as h4x0rs,
> etc.
>
> Now, I realize I can help contribute too by helping to make these
> packages. Though, honestly that is not a way I have contributed before,
> so would have to learn the build service. Not a bad thing, but that is
> not really my primary point.
>
> I believe its a valid point that there should be more security /
> testing tools in the main Suse repos and that adding this should be a
> focus that would help Suse a lot in the long run.
>
> Just my opinion of course, but I'd love to hear what others think.
> Maybe a few of us can work together to address this?
>
> Cheers,
> Lews Therin
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJK0l6nAAoJEF+XTK08PnB5jTQP+gPcceFWkj tbLlW1jPZrhgzu
9+ISbMU2wwCFAgkCnVjawGaRADWQ6J9+VLNrYWqKRxedwfmHMK 3h+1dRAzNIHUgB
8dxFDB/qyW8HEnH25Yn/ltXa+YjHvWBXDBGuCEu0BUpXU6A3QH+FL4q28r+QrtwR
tpj4llPEclCVXxrfHmchrJ6ACFmhm8JFnTQEGRXZcpcYbvmsMx 4KT5SD7P2RvdCI
pI6mwytQcaOv76TNV6e4HOEBxLcpjSGQalnErd/CXMV1yCzzFBMyQouyZhLAv3NW
+kXSjtpqj10/3sRg2K52NsSvoWuJKNN9XGMfXK0A+e4c+QucfW5qPhVza0DkxR 6K
B4GYY0E5rUqquFctiQwb5TJgvInnlRL7zb+gu80R7M5b6z5m4J LgiZfJktiM0p5n
0MJMVoYWF8hjqReVImW7J2j4XmYenNVEAspFqHVFly83C9gEMj x4AWukjKKNYXvg
ooqL9Q6y/LfeBGjNR0Yqu/K1pk8mRpMToxP5yzdncJzbqQcnaj1oTZZ9gwohQhdu
mvgDLIgm29UlzA+gOgub9nE7Za/Lkncx9WlpFHEyUC4rTHRujAYlFYxJZqCmS3sO
s8mkBBfYFF7M2WUF0vaw4Vf702pysSit0cFCxX7QgQSjblW4Ao PySF6UNzICClO0
7BZEKM2QVsnLdhjBs91a
=R1Y0
-----END PGP SIGNATURE-----

[canislycan]

I recently started building several security oriented packages with the idea of extending the package set (and possibly customizing them) to the point where I don't need to use another distro like Backtrack. Once a decent amount of security tools were packaged, I was hoping a security assessment centric community could coalesce around building/maintaining these.

One of the major discouragements of continuing down this road is the relatively recent German Anti-Hacker law. This law forbids Germans to research, discuss, and disclose security problems.

This is an ENORMOUS issue for those of us who work in the security field and wish to use openSUSE as a platform for creating/distributing security tools. [I posted about this recently in the OBS forum.]

I don't want to invest more time working on a security centric repository until the openSUSE community/Novell steps up and addresses this issue. If they don't, openSUSE will never be a suitable option for security professionals to use/build upon.

The bigger issue is that this law impacts many of the ideas inherent in a open/free community. If Novell doesn't respond in some fashion, what does that say of their commitment to the openSUSE community?

How much longer will it be before tools like nmap are deemed illegal?

[ab@novell.com]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

While I feel sorry for your (I presume) living in a backwards country with
ignorant politicians, I am a bit perplexed what you expect Novell (a
company based in the US) needs to do about draconian laws in other countries.

Regardless if you have ideas on tools that could be added and perhaps even
SPEC files for them I'll host whatever. I'm not a resident of Germany so
I presume I'm exempt from the law as long as I'm here (not likely to
change any time soon).

Good luck.





canislycan wrote:
> I recently started building several security oriented packages with the
> idea of extending the package set (and possibly customizing them) to the
> point where I don't need to use another distro like Backtrack. Once a
> decent amount of security tools were packaged, I was hoping a security
> assessment centric community could coalesce around building/maintaining
> these.
>
> One of the major discouragements of continuing down this road is the
> relatively recent German Anti-Hacker law. This law forbids Germans to
> research, discuss, and disclose security problems.
>
> This is an ENORMOUS issue for those of us who work in the security
> field and wish to use openSUSE as a platform for creating/distributing
> security tools. [I posted about this recently in the OBS forum.]
>
> I don't want to invest more time working on a security centric
> repository until the openSUSE community/Novell steps up and addresses
> this issue. If they don't, openSUSE will never be a suitable option for
> security professionals to use/build upon.
>
> The bigger issue is that this law impacts many of the ideas inherent in
> a open/free community. If Novell doesn't respond in some fashion, what
> does that say of their commitment to the openSUSE community?
>
> How much longer will it be before tools like nmap are deemed illegal?
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJK1AgYAAoJEF+XTK08PnB5IboQANVgKPEimX h/hXCYL4OF9snQ
nvJNRbm19+KaEJ4ZbklWNFTVAP07M0mYGqZUqRIbUOdCmZxmKS 0iKQOpGQ2kHIgs
NyiDs74u4e0JKGtcOauJpbHA/0uwG2LRQgo25X883Dr1CHbMZbdmCM+ez16E3mHT
lgyjDmPuBSs/n0WWhBRTUJ7MPu9v4TYU0umtOYJlFJX66SJ3QgHiVr8aU+Aw7F QO
1svd4dTo6CEjSKE7aOJym1jkQo40/3sWevnjEJ5vF0bOPRbwQ1O835F9z8ez8um4
ZWvENHoO9F8jFEysSINBqYI/WKllJHTxoJOrDxAyVqUXlZNrRriK/mEySjnEr0+U
CN6msGZT9EUpgPDgeX9O3ZOKx7dL2+aPe+oyub+JKNzcQInL9z OPrcey+dZ9z+dh
DPW2FI8VchNO6nrWckVnGLdHriRPr4hhmTuBg/gVuv0j/fRIjwjgf3uDug/Mtlna
6EIsGuPaLn6f3UHQtP2CqUQGCSRn6h5ftvNQb7sJMp9XoxknDi 02oCCQ3feznJKl
gUyGoXZ2r/ylK8V+XBGZLN5YDA0Tp+BcQMI9em+wwXXKzOoXpu1y/SoinaDD5WHA
EhCFSQEnNqbQcIxEzyB/3Fc5LM3mrQg72vHuuCRAdbVOBMk2dIMBpdHPdSGCR95C
8n5XF4dVQbqhXx/WCyEs
=F+gY
-----END PGP SIGNATURE-----

[buckesfeld]

* canislycan wrote, On 10/13/2009 05:26 AM:

> One of the major discouragements of continuing down this road is the
> relatively recent German Anti-Hacker law. This law forbids Germans to
> research, discuss, and disclose security problems.

Not true.

§202c StGB outlaws *making* software intended to be used for a criminal activity described in §202a StGB (illegal interception/exposure of data) or §202b StGB (data theft). The question is, what did you intend to do when you wrote the app. Did you plan to make a software for illegal purposes or a software for something else, which can be abused for criminal purposes?

The Bundesverfassungsgericht, our constitutional court, made that pretty clear recently.

Example:
Wireshark is a tool which can be used to diagnose network problems as well as intercepting data. If you use it to diagnose problems, that's of course okay. If you use it to sniff internet banking data, you'll be charged according to §202a StGB (amongst others, that is <G>).
Now lets assume I'm the author of wireshark. Will they charge me for breaking the rules in §202c StGB? No. Because I didn't make this software for this purpose. You just abused it.
What about that virus you wrote, intercepting internet banking data and sending it to Russia? Definitely a case of §202c StGB.

BTW, the paragraph mentioned doesn't cover research, discussion or disclosure of security problems at all.

HTH
Uwe

[canislycan]

Here's how I came to understand this (I'm not German, except on my grandfathers side =):

#!/bin/the hacker's choice - THC Press Release

[opensuse-security] Re: [opensuse-buildservice] Metasploit and same type

If I understand correctly what your saying, it all comes down to "intent". If thats the case, it would mean I can package metasploit, w3af, and similar tools on the OBS servers which are located in Germany. Which, is what I want to do.

However, if this is true, why did THC along with other security research groups move out of Germany? Why does someone from SUSE say metasploit is probably illegal to load on the build servers?

Thanks for posting, I appreciate any comments regarding this. It would be great to find some clear resolution to what can/can not be done.

[Akoellh]

Quote:

Originally Posted by canislycan

One of the major discouragements of continuing down this road is the relatively recent German Anti-Hacker law. This law forbids Germans to research, discuss, and disclose security problems.

Now that's interesting, the FUD which is being spread about/through this law, seems to work.

Did you ask a laywer about that or ist this just your interpretation what you heard in the media?

I bet it's the latter.

[buckesfeld]

* canislycan,

outdated information. Back then, people got quite hysterical about this new law. Our constitutional court decided that there's no problem, but that was in June 2009.

http://www.h-online.com/security/App...--/news/113571

has the IMHO correct information about the plot in English.

HTH
Uwe