Time For New Security Package? (was Re: new iss stuff)

[bianco () misty larc nasa gov (David Bianco)]

I, too, was very disappointed to learn that ISS went commercial.  It's
their right, though, and I don't hold it against them.  I hope they
are successful.  I really believe that ISS is such a great tool for
admins to use, though, and a move to the commercial sector leaves a
definate hole in the free security software picture.  I started
thinking about what could be done to fill it.

My thought is that if there was ever a group of people qualified to
write a good security scanner, it'd be the readership of the bugtraq
mailing list.  Would anyone be interested in collaborating on such a
project?  I have in mind a framework which would allow people to
contribute scripts to check for specific holes, so once the framework
is in place anyone could contribute new checks very easily.  

Well, just a random thought.  If you are interested in discussing this
idea in more detail, drop me a line.  If enough people respond, maybe 
we can pull something together...

        David