461385 – Review Request: hydra - A very fast network logon cracker

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 461385 - Review Request: hydra - A very fast network logon cracker

Summary: Review Request: hydra - A very fast network logon cracker

Keywords:
Status:	CLOSED CANTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Package Review
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Andreas Thienemann
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	FE-Legal FE-SECLAB
TreeView+	depends on / blocked

Reported:	2008-09-07 03:51 UTC by Conrad Meyer
Modified:	2012-01-22 05:19 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-10-22 20:36:03 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Conrad Meyer 2008-09-07 03:51:26 UTC

Spec URL: http://konradm.fedorapeople.org/fedora/SPECS/hydra.spec
SRPM URL: http://konradm.fedorapeople.org/fedora/SRPMS/hydra-5.4-1.fc9.src.rpm
Description:
Hydra is a parallized login cracker which supports numerous protocols
to attack. New modules are easy to add, beside that, it is flexible
and very fast. Currently this tool supports:
  TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC,
  RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS,
  ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable,
  LDAP2, Cisco AAA (incorporated in telnet module).

This tool is a proof of concept code, to give researchers and security
consultants the possiblity to show how easy it would be to gain
unauthorized access from remote to a system.

Comment 1 Andreas Thienemann 2008-10-20 18:14:06 UTC

That one was a pretty quick review as it didn't compile in mock. Please check

OK - source files match upstream:
 cd2e7e5ea479d50982b08334b1f4477a6620e6b45bc79ab55ddd07b128c64611  hydra-5.4-src.tar.gz
OK - package meets naming and versioning guidelines.
??? - specfile is properly named, is cleanly written and uses macros consistently.
 Shouldn't the sed cack for the Makefile go into the prep phase?
OK - dist tag is present.
OK - build root is correct.
NOK - license field matches the actual license.
NOK - license is open source-compatible.
 While the code is GPLv2, there's a LICENCE.HYDRA file adding additional 
 stipulations. Please check this, blocking FE-LEGAL until cleared up.
OK - license text included in package.
OK - latest version is being packaged.
NOK - BuildRequires are proper.
 Missing buildrequires.
OK - compiler flags are appropriate.
OK - %clean is present.
NOK - package builds in mock.
 At least one missing dependency on openssl-devel, possibly other. Please check.

NOTCHECKED:
package installs properly.
debuginfo package looks complete.
rpmlint is silent.
final provides and requires are sane:
  (paste in the rpm -qp --provides and --requires output)
%check is present and all tests pass:
  (if possible, include some info indicating a successful test suite)
  (it's OK if there's no test suite, but if one is there it should be run if possible)
no shared libraries are added to the regular linker search paths.
  (or, if shared libraries are present, make sure ldconfig is run)
owns the directories it creates.
doesn't own any directories it shouldn't.
no duplicates in %files.
file permissions are appropriate.
no scriptlets present.
  (or, if scriptlets are present, compare them against the ScriptletSnippets page)
code, not content.
documentation is small, so no -docs subpackage is necessary.
%docs are not necessary for the proper functioning of the package.
no headers.
no pkgconfig files.
no libtool .la droppings.
desktop files valid and installed properly.

Comment 2 Tom "spot" Callaway 2008-10-22 20:07:35 UTC

The additional restrictions in LICENCE.Hydra make this non-free (and unacceptable for Fedora).

Comment 3 Conrad Meyer 2008-10-22 20:36:03 UTC

(In reply to comment #2)
> The additional restrictions in LICENCE.Hydra make this non-free (and
> unacceptable for Fedora).

OK, closing the bug then.

Note You need to log in before you can comment on or make changes to this bug.