Red Hat Bugzilla – Bug 399461
Review Request: dsniff - Tools for network auditing and penetration testing
Last modified: 2007-12-07 20:31:11 EST
Spec URL: http://labs.linuxnetz.de/bugzilla/dsniff.spec SRPM URL: http://labs.linuxnetz.de/bugzilla/dsniff-2.4-0.1.b1.src.rpm Description: A collection of tools for network auditing and penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively monitor a network for interesting data (passwords, e-mail, files). Arpspoof, dnsspoof and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). Sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
I personally don't like very much adding new features as patches, like the patch pcap_read_dump does, but it is not a blocker. Shouln't dsniff.magic be %config and not %config(noreplace)? If you want to keep the man pages timestamps (not a must), you can try adding INSTALL='install -p' or similar on the make install line. I suggest using %defattr(-,root,root,-) instead of %defattr(-,root,root) Regarding the license, remote.c base64.c looks more MIT to me than BSD, and magic.c is under a license I have never seen before. It may be argued that dsniff isn't fully compliant with this license since the name of some authors doesn't seems to be in the documentation as asked for. However no authors really appears in the documentation since there is no AUTHORS or CREDITS file. Not a blocker, but may be worth reporting upstream, though looks like upstream is dead, so reporting to debian could be relevant. Please take those comments into account when you feel they are relevant, but these are not blockers. * rpmlint is silent * follow packaging and naming guidelines * free software license. An author of one file who ask for being in the documentation isn't mentioned in this documentation, but no author is mentioned in the documentation * match upstream 2f761fa3475682a7512b0b43568ee7d6 dsniff-2.4b1.tar.gz * %files section right APPROVED
New Package CVS Request ======================= Package Name: dsniff Short Description: Tools for network auditing and penetration testing Owners: robert Branches: F-7 F-8 EL-4 EL-5 InitialCC: Cvsextras Commits: no
cvs done.
37283 (dsniff): Build on target fedora-4-epel succeeded. 37288 (dsniff): Build on target fedora-5-epel succeeded. Package: dsniff-2.4-0.1.b1.fc7 Tag: dist-fc7-updates-candidate Status: complete Package: dsniff-2.4-0.1.b1.fc8 Tag: dist-f8-updates-candidate Status: complete Package: dsniff-2.4-0.1.b1.fc9 Tag: dist-f9 Status: complete