TARA / Tiger ownership/uses/support input needed

[Jamie Bohr]

Is there currently a owners for TARA or Tiger security tools?  TARA is owned
by Advanced Research Corporation and Tiger's support lists are not active.
Are either of these tools worth maintaining or updating?

The reason I ask is because I will be starting a Senior capstone class for
college soon and was wondering how useful would a tool like TARA/Tiger be to
the Open Source community.  I invision it as a client-server application
where either the client or server can initiate a scan and the results would
go into a database (MySQL or PostgreSQL).  From the DB risk acceptance
filters could be applied and reports (Web & email) could be generated.  A
web interface could generate reports for each site or support region.  This
could be used by managment to see how security compliant a given region is.


The DB could also have tables in it to support determining how patch
compliant systems are.  I would like the DB flexable enough to support other
security concerns in the furture.

I would like to hear your thoughts on how useful this would be before I
spend a lot of time working on it.  Of cource it also comes down to if the
professor will accept it as a project.

-- 
Jamie Bohr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060918/44b765ba/attachment-0001.htm>