[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: CSP (fwd)
From: Julian Assange <proff () suburbia ! net>
Date: 1995-08-20 17:18:16
[Download RAW message or body]
Forwarded message:
>From sotmesc@datasync.com Mon Aug 21 03:05:13 1995
Date: Sun, 20 Aug 1995 12:08:26 -0500
From: SotMESC <sotmesc@datasync.com>
Message-Id: <199508201708.MAA27099@osh1.datasync.com>
To: proff@suburbia.apana.org.au
Subject: CSP
Coup :::
I created a Security Mailing List FAQ. I didnt know if CSP wanted to
be added or not - but figured CSP was semi-private and therefore
I'd let Frosty decide if he wanted on.
If you know of any other mailing lists, please let me know.
Security Mailing Lists FAQ
Version: 1.0
-------------------------------------------------------------------------------
This Security FAQ is a resource provided by:
Internet Security Systems, Inc.
2000 Miller Court West Tel: (770) 441-4531
Norcross, Georgia 30071 Fax: (770) 441-2431
- Internet Scanner ... the most comprehensive "attack simulator"
available. -
-------------------------------------------------------------------------------
To get the newest updates of Security files check the following services:
mail info@iss.net with "send index" in message
http://iss.net/
ftp iss.net /pub/
-------------------------------------------------------------------------------
Security Mailing Lists
The following FAQ is a comprehensive list of security mailing lists. These
security mailing lists are important tools to network administrators, network
security officers, security consultants, and anyone who needs to keep abreast
of the most current security information available.
General Security Lists
* Academic-Firewalls
* Best of Security
* Bugtraq
* Computer Underground Digest (CuD)
* Cypherpunks
* Cypherpunks-Announce
* Firewalls
* Intruder Detection Systems
* Sneakers
* Virus
* Virus Alert
Security Products
* Tiger
Vendors and Organizations
* CERT
* CIAC
* HP
* Sun
-------------------------------------------------------------------------------
Academic Firewalls
To join, send e-mail to majordomo@net.tamu.edu and, in the text of your message
(not the subject line), write:
SUBSCRIBE Academic-Firewalls
This is an unmoderated list maintained by Texas A&M University. Its purpose is
to promote the discussion and use of firewalls and other security tools in an
academic environment. It is complementary to the Firewalls list maintained by
Brent Chapman (send subscription requests to Majordomo@GreatCircle.COM) which
deals primarily with firewall issues in a commercial environment. Academic
environments have different political structures, ethical issues, expectations
of privacy and expectations of access.
Many documented incidents of cracker intrusions have either originated at or
passed through academic institutions. The security at most universities is
notoriously lax or even in some cases completely absent. Most institutions
don't use firewalls because they either don't care about their institution's
security, they feel firewalls are not appropriate or practical, or they don't
know the extent to which they are under attack from the Internet.
At Texas A&M University we have been using a combination of a flexible packet
filter, intrusion detection tools, and Unix security audit utilities for almost
two years. We have found that simple firewalls combined with other tools are
feasible in an academic environment. Hopefully the discussion on this list will
begin to raise the awareness of other institutions also.
-------------------------------------------------------------------------------
Best of Security
To join, send e-mail to best-of-security-request@suburbia.net with the
following in the body of the message:
subscribe best-of-security
REASONS FOR INCEPTION
In order to compile the average security administrator it was found that the
compiler had to parse a foreboding number of exceptionally noisy and
semantically-content-free data sets. This led to exceptionally high load
averages and a dramatic increase in core entropy.
Further, the number, names and locations of this data appears to change on an
almost daily basis; requiring tedious version control on the part of the mental
maintainer. Best-of-Security is at present an un-moderated list. That may sound
strange given our stated purpose of massive entropy reduction; but because best
often equates with "vital" and the moderator doesn't have an MDA habit it is
important that material sent to this list be delivered to its subscribers' in
as minimal period of time as is (in)humanly possible.
If you find *any* information from *any* source (including other mailinglists,
newsgroups, conference notes, papers, etc) that fits into one of the acceptable
categories described at the end of this document then you should *immediately*
send it to "best-of-security@suburbia.net". Do not try and predict whether or
not someone else will send the item in question to the list in the immediate
future. Unless your on a time-delayed mail vector such as polled uucp or the
item has already appeared on best-of-security, mail the info to the list! Even
if it is a widely deployed peice of information such as a CERT advisory the
proceeding argument still applies. If the information hasn't appeared on this
list yet, then SEND IT. It is far better to run the risk of minor duplication
in exchange for having the information out where it is needed than act
conservatively about occasional doubling up on content.
-------------------------------------------------------------------------------
Bugtraq
To join, send e-mail to LISTSERV@NETSPACE.ORG and, in the text of your message
(not the subject line), write:
SUBSCRIBE BUGTRAQ
This list is for *detailed* discussion of UNIX security holes: what they are,
how to exploit, and what to do to fix them.
This list is not intended to be about cracking systems or exploiting their
vunerabilities. It is about defining, recognizing, and preventing use of
security holes and risks.
Please refrain from posting one-line messages or messages that do not contain
any substance that can relate to this list`s charter.
Please follow the below guidelines on what kind of information should be posted
to the Bugtraq list:
* Information on Unix related security holes/backdoors (past and present)
* Exploit programs, scripts or detailed processes about the above
* Patches, workarounds, fixes
* Announcements, advisories or warnings
* Ideas, future plans or current works dealing with Unix security
* Information material regarding vendor contacts and procedures
* Individual experiences in dealing with above vendors or security
organizations
* Incident advisories or informational reporting
-------------------------------------------------------------------------------
Computer Underground Digest
To join, send e-mail to LISTSERV@VMD.CSO.UIUC.EDU and, in the text of your
message (not the subject line), write:
SUB CUDIGEST
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Covers many issues of the computer underground.
-------------------------------------------------------------------------------
Cypherpunks
To join, send e-mail to majordomo@toad.com and, in the text of your message
(not the subject line), write:
SUBSCRIBE cypherpunks
The cypherpunks list is a forum for discussing personal defenses for privacy in
the digital domain. It is a high volume mailing list.
-------------------------------------------------------------------------------
Cypherpunks Announce
To join, send e-mail to majordomo@toad.com and, in the text of your message
(not the subject line), write:
SUBSCRIBE cypherpunks-announce
There is an announcements list which is moderated and has low volume.
Announcements for physical cypherpunks meetings, new software and important
developments will be posted there.
-------------------------------------------------------------------------------
Firewalls
To join, send e-mail to majordomo@greatcircle.com and, in the text of your
message (not the subject line), write:
SUBSCRIBE firewalls
Useful information regarding firewalls and how to implement them for security.
This list is for discussions of Internet "firewall" security systems and
related issues. It is an outgrowth of the Firewalls BOF session at the Third
UNIX Security Symposium in Baltimore on September 15, 1992.
-------------------------------------------------------------------------------
Intrusion Detection Systems
To join, send e-mail to majordomo@uow.edu.au with the following in the body of
the message:
subscribe ids
The list is a forum for discussions on topics related to development of
intrusion detection systems.
Possible topics include:
* techniques used to detect intruders in computer systems and computer
networ ks
* audit collection/filtering
* subject profiling
* knowledge based expert systems
* fuzzy logic systems
* neural networks
* methods used by intruders (known intrusion scenarios)
* cert advisories
* scripts and tools used by hackers
* computer system policies
* universal intrusion detection system
-------------------------------------------------------------------------------
Sneakers
To join, send e-mail to majordomo@CS.YALE.EDU and, in the text of your message
(not the subject line), write:
SUBSCRIBE Sneakers
The Sneakers mailing list is for discussion of LEGAL evaluations and
experiments in testing various Internet "firewalls" and other TCP/IP network
security products.
* Vendors are welcome to post challenges to the Internet network security
community
* Internet users are welcome to post anecdotal experiences regarding
(legally) testing the defenses of firewall and security products.
* "Above board" organized and/or loosely organized wide area tiger teams
(WATTs) can share information, report on their progress or eventual
success here.
There is a WWW page with instructions on un/subscribing as well as posting, and
where notices and pointers to resources (especially if I set up an archive of
this list) may be put up from time to time:
http://www.cs.yale.edu/HTML/YALE/CS/HyPlans/long-morrow/sneakers.html
-------------------------------------------------------------------------------
Virus
To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message
(not the subject line), write:
SUBSCRIBE virus-l your-name
It is an electronic mail discussion forum for sharing information and ideas
about computer viruses, which is also distributed via the Usenet Netnews as
comp.virus. Discussions should include (but not necessarily be limited to):
current events (virus sightings), virus prevention (practical and theoretical),
and virus related questions/answers. The list is moderated and digested. That
means that any message coming in gets sent to me, the editor. I read through
the messages and make sure that they adhere to the guidelines of the list (see
below) and add them to the next digest. Weekly logs of digests are kept by the
LISTSERV (see below for details on how to get them). For those interested in
statistics, VIRUS-L is now up to about 2400 direct subscribers. Of those,
approximately 10% are local redistribution accounts with an unknown number of
readers. In addition, approximately 30,000-40,000 readers read comp.virus on
the USENET.
-------------------------------------------------------------------------------
Virus Alert
To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message
(not the subject line), write:
SUBSCRIBE valert-l your-name
What is VALERT-L?
It is an electronic mail discussion forum for sharing urgent virus warnings
among other computer users. Postings to VALERT-L are strictly limited to
warnings about viruses (e.g., "We here at University/Company X just got hit by
virus Y - what should we do?"). Followups to messages on VALERT-L should be
done either by private e-mail or to VIRUS-L, a moderated, digested, virus
discussion forum also available on this LISTSERV, LISTSERV@LEHIGH.EDU. Note
that any message sent to VALERT-L will be cross-posted in the next VIRUS-L
digest. To preserve the timely nature of such warnings and announcements, the
list is moderated on demand (see posting instructions below for more
information).
What VALERT-L is *not*?
A place to to anything other than announce virus infections or warn people
about particular computer viruses (symptoms, type of machine which is
vulnerable, etc.).
-------------------------------------------------------------------------------
Security Products
-------------------------------------------------------------------------------
Tiger
To join, send e-mail to majordomo@net.tamu.edu and, in the text of your message
(not the subject line), write:
SUBSCRIBE tiger
Discussion list for the UNIX security audit tool TIGER
This is the TIGER users mailling list. It is for:
1. Update announcements
2. Reporting bugs in TIGER.
3. Discussing new features for TIGER.
4. Discussing use of TIGER.
5. Discussing anything else about TIGER.
What is TIGER?
TIGER is a set of shell scripts, C code and configuration files which are used
to perform a security audit on UNIX systems. The goals for TIGER are to make it
very robust and easy to use. TIGER was originally developed for checking hosts
at Texas A&M University following a break in in the Fall of 1992.
The latest version of TIGER is always available from the directory
net.tamu.edu:/pub/security/TAMU. In addition, updated digital signature files
for new platforms and new security patches will be maintained in the directory:
net.tamu.edu:/pub/security/TAMU/tiger-sigs.
-------------------------------------------------------------------------------
Vendors and Organizations
-------------------------------------------------------------------------------
CERT (Computer Emergency Response Team) Advisory mailing list.
To join, send e-mail to cert@cert.org and, in the text of your message (not the
subject line), write:
I want to be on your mailing list.
Past advisories and other information related to computer security are
available for anonymous FTP from cert.org (192.88.209.5).
-------------------------------------------------------------------------------
The CIAC (Computer Incident Advisory Capability) of DoE
CIAC has several self-subscribing mailing lists for electronic publications:
1. CIAC-BULLETIN for Advisories, highest priority - time critical
information and Bulletins, important computer security information;
2. CIAC-NOTES for Notes, a collection of computer security articles;
3. SPI-ANNOUNCE for official news about Security Profile Inspector (SPI)
software updates, new features, distribution and availability;
4. SPI-NOTES, for discussion of problems and solutions regarding the use of
SPI products.
To join, send e-mail to ciac-listproc@llnl.gov and, in the text of your message
(not the subject line), write any of the following examples:
subscribe ciac-bulletin LastName, FirstName PhoneNumber
subscribe ciac-notes LastName, FirstName PhoneNumber
subscribe spi-announce LastName, FirstName PhoneNumber
subscribe spi-notes LastName, FirstName PhoneNumber
e.g., subscribe ciac-notes O'Hara, Scarlett 404-555-1212
You will receive an acknowledgment containing address, initial PIN, and
information on how to change either of them, cancel your subscription, or get
help.
-------------------------------------------------------------------------------
HP, Hewlett Packard
To join, send e-mail to support@support.mayfield.hp.com and, in the text of
your message (not the subject line), write:
subscribe security_info
The latest digest of new HP Security Bulletins will be distributed directly to
your mailbox on a routine basis.
-------------------------------------------------------------------------------
Sun Security Alert
To join, send e-mail to security-alert@sun.com and, in the subject of your
message write:
SUBSCRIBE CWS your-email-addr
The message body should contain affiliation and contact information.
-------------------------------------------------------------------------------
Copyright
This paper is Copyright (c) 1995
by Christopher Klaus of Internet Security Systems, Inc.
Permission is hereby granted to give away free copies electronically. You may
distribute, transfer, or spread this paper electronically. You may not pretend
that you wrote it. This copyright notice must be maintained in any copy made.
If you wish to reprint the whole or any part of this paper in any other medium
excluding electronic medium, please ask the author for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are NO
warranties with regard to this information. In no event shall the author be
liable for any damages whatsoever arising out of or in connection with the use
or spread of this information. Any use of this information is at the user's own
risk.
Address of Author
Please send suggestions, updates, and comments to:
Christopher Klaus <cklaus@iss.net> of Internet Security Systems, Inc.
<iss@iss.net>
Internet Security Systems, Inc.
Internet Security Systems, Inc, located in Atlanta, Ga., specializes in the
developement of security scanning software tools. Its flagship product,
Internet Scanner, is software that learns an organization's network and probes
every device on that network for security holes. It is the most comprehensive
"attack simulator" available, checking for over 100 security vulnerabilities.
--
Christopher William Klaus Voice: (770)441-2531. Fax: (770)441-2431
Internet Security Systems, Inc. "Internet Scanner lets you find
2000 Miller Court West, Norcross, GA 30071 your network security holes
Web: http://iss.net/ Email: cklaus@iss.net before the hackers do."
* sotmesc@datasync.com aka ---* Frosty, ilKhan of the SotMESC
* To send a submission, use this address with 'CSP' in the Subject line
* Thanks to: Voyager, 2600, LOD, Knight Lightning for supporting us
* To get information about the SotMESC, just Email and ask us =:)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic