The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Поиск:  Каталог документации | Безопасность, защита информации

computer-security/secmaillist FAQ


Archive-name: computer-security/secmaillist
Posting-frequency: monthly
Last-modified: 1995/5/04
Version: 2.00

                           Security Mailing Lists

The following FAQ is a comprehensive list of security mailing lists. These
security mailing lists are important tools to network administrators,
network security officers, security consultants, and anyone who needs to
keep abreast of the most current security information available.

General Security Lists

   * 8lgm (Eight Little Green Men)
   * Academic-Firewalls
   * Alert
   * Best of Security
   * Bugtraq
   * COAST Security Archive
   * Computer Privacy Digest (CPD)
   * Computer Underground Digest (CuD)
   * Cypherpunks
   * Cypherpunks-Announce
   * European Firewalls
   * Firewalls
   * Intruder Detection Systems
   * Infsec-L
   * NT Security
   * Phrack
   * PRIVACY Forum
   * Risks
   * SAS (French Speaking Firewalls)
   * S-HTTP
   * Sneakers
   * Secure Socket Layer - Talk
   * UNINFSEC - University Information Security Forum
   * Virus
   * Virus Alert
   * WWW Security

Security Products

   * Firewall-1
   * Linux
   * Linux Alert
   * SOS Freestone Firewall package
   * Tiger
   * TIS Firewallk Toolkit

Vendors and Organizations

   * CERT
   * CIAC
   * HP
   * SGI
   * Sun

To get the newest updates of Security files check the following services:

     mail info@iss.net with "send index" in message
     http://www.iss.net/
     ftp iss.net /pub/

----------------------------------------------------------------------------

8lgm (Eight Little Green Men)

To join, send e-mail to majordomo@8lgm.org and, in the text of your message
(not the subject line), write:

     subscribe 8lgm-list

Group of hackers that periodically post exploit scripts for various Unix
bugs. (Footnote: 8lgm originally stood for: Eight Legged Groovin' Machine)
----------------------------------------------------------------------------

Academic Firewalls

To join, send e-mail to majordomo@net.tamu.edu and, in the text of your
message (not the subject line), write:

     SUBSCRIBE Academic-Firewalls

This is an unmoderated list maintained by Texas A&M University. Its purpose
is to promote the discussion and use of firewalls and other security tools
in an academic environment. It is complementary to the Firewalls list
maintained by Brent Chapman (send subscription requests to
Majordomo@GreatCircle.COM) which deals primarily with firewall issues in a
commercial environment. Academic environments have different political
structures, ethical issues, expectations of privacy and expectations of
access.

Many documented incidents of cracker intrusions have either originated at or
passed through academic institutions. The security at most universities is
notoriously lax or even in some cases completely absent. Most institutions
don't use firewalls because they either don't care about their institution's
security, they feel firewalls are not appropriate or practical, or they
don't know the extent to which they are under attack from the Internet.

At Texas A&M University we have been using a combination of a flexible
packet filter, intrusion detection tools, and Unix security audit utilities
for almost two years. We have found that simple firewalls combined with
other tools are feasible in an academic environment. Hopefully the
discussion on this list will begin to raise the awareness of other
institutions also.
----------------------------------------------------------------------------

Alert

To join, send e-mail to request-alert@iss.net and, in the text of your
message (not the subject line), write:

        subscribe alert

To remove, send e-mail to request-alert@iss.net and, in the text of your
message (not the subject line), write:

        unsubscribe alert

This is a moderated list in the effort to keep the noise to a minimal and
provide quality security information. The Alert will be covering the
following topics:

   * Security Product Announcements
   * Updates to Security Products
   * New Vulnerabilities found
   * New Security Frequently Asked Question files.
   * New Intruder Techniques and Awareness

----------------------------------------------------------------------------

Best of Security

To join, send e-mail to best-of-security-request@suburbia.net with the
following in the body of the message:

     subscribe best-of-security

REASONS FOR INCEPTION

In order to compile the average security administrator it was found that the
compiler had to parse a foreboding number of exceptionally noisy and
semantically-content-free data sets. This led to exceptionally high load
averages and a dramatic increase in core entropy.

Further, the number, names and locations of this data appears to change on
an almost daily basis; requiring tedious version control on the part of the
mental maintainer. Best-of-Security is at present an un-moderated list. That
may sound strange given our stated purpose of massive entropy reduction; but
because best often equates with "vital" and the moderator doesn't have an
MDA habit it is important that material sent to this list be delivered to
its subscribers' in as minimal period of time as is (in)humanly possible.

If you find *any* information from *any* source (including other
mailinglists, newsgroups, conference notes, papers, etc) that fits into one
of the acceptable categories described at the end of this document then you
should *immediately* send it to "best-of-security@suburbia.net". Do not try
and predict whether or not someone else will send the item in question to
the list in the immediate future. Unless your on a time-delayed mail vector
such as polled uucp or the item has already appeared on best-of-security,
mail the info to the list! Even if it is a widely deployed peice of
information such as a CERT advisory the proceeding argument still applies.
If the information hasn't appeared on this list yet, then SEND IT. It is far
better to run the risk of minor duplication in exchange for having the
information out where it is needed than act conservatively about occasional
doubling up on content.
----------------------------------------------------------------------------

Bugtraq

To join, send e-mail to LISTSERV@NETSPACE.ORG and, in the text of your
message (not the subject line), write:

     SUBSCRIBE BUGTRAQ

This list is for *detailed* discussion of UNIX security holes: what they
are, how to exploit, and what to do to fix them.

This list is not intended to be about cracking systems or exploiting their
vunerabilities. It is about defining, recognizing, and preventing use of
security holes and risks.

Please refrain from posting one-line messages or messages that do not
contain any substance that can relate to this list`s charter.

Please follow the below guidelines on what kind of information should be
posted to the Bugtraq list:

   * Information on Unix related security holes/backdoors (past and present)
   * Exploit programs, scripts or detailed processes about the above
   * Patches, workarounds, fixes
   * Announcements, advisories or warnings
   * Ideas, future plans or current works dealing with Unix security
   * Information material regarding vendor contacts and procedures
   * Individual experiences in dealing with above vendors or security
     organizations
   * Incident advisories or informational reporting

----------------------------------------------------------------------------

COAST Security Archive

To join, send e-mail to coast-request@cs.purdue.edu and, in the text of your
message (not the subject line), write:

     SUBSCRIBE coast

About Purdue's COAST Security Archive
----------------------------------------------------------------------------

Computer Privacy Digest

To join, send e-mail to comp-privacy-request@uwm.edu and, in the text of
your message (not the subject line), write:

     subscribe cpd

The Computer PRIVACY Digest (CPD) (formerly the Telecom Privacy digest) is
run by Leonard P. Levine. It is gatewayed to the USENET newsgroup
comp.society.privacy. It is a relatively open (i.e., less tightly moderated)
forum, and was established to provide a forum for discussion on the effect
of technology on privacy. All too often technology is way ahead of the law
and society as it presents us with new devices and applications. Technology
can enhance and detract from privacy.
----------------------------------------------------------------------------

Computer Underground Digest

To join, send e-mail to CU-DIGEST-REQUEST@WEBER.UCSD.EDU and, in the text of
your message (not the subject line), write:

     SUB CUDIGEST

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Covers many issues of the computer underground.
----------------------------------------------------------------------------

Cypherpunks

To join, send e-mail to majordomo@toad.com and, in the text of your message
(not the subject line), write:

     SUBSCRIBE cypherpunks

The cypherpunks list is a forum for discussing personal defenses for privacy
in the digital domain. It is a high volume mailing list.
----------------------------------------------------------------------------

Cypherpunks Announce

To join, send e-mail to majordomo@toad.com and, in the text of your message
(not the subject line), write:

     SUBSCRIBE cypherpunks-announce

There is an announcements list which is moderated and has low volume.
Announcements for physical cypherpunks meetings, new software and important
developments will be posted there.
----------------------------------------------------------------------------

Euro Firewalls

To join, send e-mail to majordomo@gbnet.net and, in the text of your message
(not the subject line), write:

     SUBSCRIBE firewalls-uk email-addr

Euro flavour firewall list.
----------------------------------------------------------------------------

Firewalls

To join, send e-mail to majordomo@greatcircle.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE firewalls

Useful information regarding firewalls and how to implement them for
security.

This list is for discussions of Internet "firewall" security systems and
related issues. It is an outgrowth of the Firewalls BOF session at the Third
UNIX Security Symposium in Baltimore on September 15, 1992.
----------------------------------------------------------------------------

INFSEC-L Information Systems Security Forum

To join, send e-mail to listserv@etsuadmn.etsu.edu and, in the text of your
message (not the subject line), write:

     SUB infsec-l your-name

INFSEC-L is for discussions of information systems security and related
issues. Discussions are not moderated. Thus, all messages sent to the list
are immediately distributed to members of the list. The discussion list is
an outgrowth of the "Technology for the Information Security '94: Managing
Risk" at Galveston, TX (December 5-8, 1994). The main objective of the list
is to foster open and constructive communication among information systems
security and auditing professionals in government, industry, and academic
institutions. Initial subscriptions are screened by the listowner to ensure
that only appropriate professionals are subscribed.
----------------------------------------------------------------------------

Intrusion Detection Systems

To join, send e-mail to majordomo@uow.edu.au with the following in the body
of the message:

     subscribe ids

The list is a forum for discussions on topics related to development of
intrusion detection systems.

Possible topics include:

   * techniques used to detect intruders in computer systems and computer
     networks
   * audit collection/filtering
   * subject profiling
   * knowledge based expert systems
   * fuzzy logic systems
   * neural networks
   * methods used by intruders (known intrusion scenarios)
   * cert advisories
   * scripts and tools used by hackers
   * computer system policies
   * universal intrusion detection system

----------------------------------------------------------------------------

NT Security

To join, send e-mail to request-ntsecurity@iss.net and, in the text of your
message (not the subject line), write:

        subscribe ntsecurity

To remove, send e-mail to request-ntsecurity@iss.net and, in the text of
your message (not the subject line), write:

        unsubscribe ntsecurity

                          NT Security Mailing List

This is an unmoderated mailing list discussing Windows NT security as well
as the Windows 95 and Windows For Work Group security issues.
The issues discussed will be everything at the host and application level
security as well as at the network level.
----------------------------------------------------------------------------

Phrack

To join, send e-mail to phrack@well.com and, in the text of your message
(not the subject line), write:

     SUBSCRIBE Phrack

Phrack is a Hacker Magazine which deals with phreaking and hacking.
----------------------------------------------------------------------------

PRIVACY Forum

To join, send e-mail to privacy-request@vortex.com and, in the text of your
message (not the subject line), write:

     information privacy

The PRIVACY Forum is run by Lauren Weinstein. He manages it as a rather
selectively moderated digest, somewhat akin to RISKS; it spans the full
range of both technological and non-technological privacy-related issues
(with an emphasis on the former).
----------------------------------------------------------------------------

Risks

To join, send e-mail to risks-request@csl.sri.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE

Risks is a digest that describes many of the technological risks that happen
in today's environment.
----------------------------------------------------------------------------

SAS (French Speaking Firewalls)

To join, send e-mail to majordomo@edelweb.fr and, in the text of your
message (not the subject line), write:

     SUBSCRIBE sas

Cette liste est destinee a la discussion sur la securisation des acces
Internet, principalement a propos des solutions de type "Firewall" (sas de
securite, coupe-feu ou garde-barriere).
----------------------------------------------------------------------------

Secure HTTP

To join, send e-mail to shttp-talk-request@OpenMarket.com and, in the text
of your message (not the subject line), write:

     SUBSCRIBE

Secure NCSA httpd is a World-Wide Web (WWW) server supporting transaction
privacy and authentication for Secure WWW clients over the Internet using
the Secure HyperText Transfer Protocol (S-HTTP). Secure NCSA httpd was
developed by Enterprise Integration Technologies in cooperation with RSA
Data Security and the National Center for Supercomputing Applications at the
University of Illinois, Urbana-Champaign.

The purpose of this mailing list(shttp-talk) is to allow people who are
interested in potentially using SHTTP to ask questions, air issues, express
concerns and discuss the specification and reference implementation.
Information about Secure HTTP can be found on the CommerceNet WWW server.
Here is the URL to take you directly to the pertinent info:

http://www.commerce.net/software/Shttpd/Docs/manual.html
----------------------------------------------------------------------------

Sneakers

To join, send e-mail to majordomo@CS.YALE.EDU and, in the text of your
message (not the subject line), write:

     SUBSCRIBE Sneakers

The Sneakers mailing list is for discussion of LEGAL evaluations and
experiments in testing various Internet "firewalls" and other TCP/IP network
security products.

   * Vendors are welcome to post challenges to the Internet network security
     community
   * Internet users are welcome to post anecdotal experiences regarding
     (legally) testing the defenses of firewall and security products.
   * "Above board" organized and/or loosely organized wide area tiger teams
     (WATTs) can share information, report on their progress or eventual
     success here.

There is a WWW page with instructions on un/subscribing as well as posting,
and where notices and pointers to resources (especially if I set up an
archive of this list) may be put up from time to time:

http://www.cs.yale.edu/HTML/YALE/CS/HyPlans/long-morrow/sneakers.html
----------------------------------------------------------------------------

Secure Socket Layer - Talk

To join, send e-mail to ssl-talk-request@netscape.com and, in the text of
your message (not the subject line), write:

     SUBSCRIBE

Mailing list to discuss secure sockets layer - Netscape's (and,
increasingly, others') approach to providing encryption and authentication
for IP-based services (primarily http, but expanding to address telnet and
ftp as well).
----------------------------------------------------------------------------

UNINFSEC - University Information Security Forum

To join, send e-mail to listserv@cuvmc.ais.columbia.edu and, in the text of
your message (not the subject line), write:

     subscribe uninfsec

This is a closed, unmoderated discussion list for people that have
information security responsibilities in their jobs and who work for
educational institutions or have a close relation with education.
Discussions range from policy discussions, awareness programs, virus
protection, change control, privileges, monitoring, risk assessments,
auditing, business resumption, etc.
----------------------------------------------------------------------------

Virus

To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message
(not the subject line), write:

     SUBSCRIBE virus-l your-name

It is an electronic mail discussion forum for sharing information and ideas
about computer viruses, which is also distributed via the Usenet Netnews as
comp.virus. Discussions should include (but not necessarily be limited to):
current events (virus sightings), virus prevention (practical and
theoretical), and virus related questions/answers. The list is moderated and
digested. That means that any message coming in gets sent to me, the editor.
I read through the messages and make sure that they adhere to the guidelines
of the list (see below) and add them to the next digest. Weekly logs of
digests are kept by the LISTSERV (see below for details on how to get them).
For those interested in statistics, VIRUS-L is now up to about 2400 direct
subscribers. Of those, approximately 10% are local redistribution accounts
with an unknown number of readers. In addition, approximately 30,000-40,000
readers read comp.virus on the USENET.
----------------------------------------------------------------------------

Virus Alert

To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message
(not the subject line), write:

     SUBSCRIBE valert-l your-name

What is VALERT-L?

It is an electronic mail discussion forum for sharing urgent virus warnings
among other computer users. Postings to VALERT-L are strictly limited to
warnings about viruses (e.g., "We here at University/Company X just got hit
by virus Y - what should we do?"). Followups to messages on VALERT-L should
be done either by private e-mail or to VIRUS-L, a moderated, digested, virus
discussion forum also available on this LISTSERV, LISTSERV@LEHIGH.EDU. Note
that any message sent to VALERT-L will be cross-posted in the next VIRUS-L
digest. To preserve the timely nature of such warnings and announcements,
the list is moderated on demand (see posting instructions below for more
information).

What VALERT-L is *not*?

A place to to anything other than announce virus infections or warn people
about particular computer viruses (symptoms, type of machine which is
vulnerable, etc.).
----------------------------------------------------------------------------

WWW Security

To join, send e-mail to www-security-request@nsmx.rutgers.edu and, in the
text of your message (not the subject line), write:

     SUBSCRIBE www-security your_email_address

The list is maintained by the www-security team of Network Services, Rutgers
University Telecommunications Division.

www-security is the official mailing list of the IETF Web Transaction
Security Working Group. While there are many approaches to providing
security services in the Web, most of the current work is concerned with
securing the HyperText Transport Protocol. Because of (1) the great need for
quick implementation of Web security services, (2) HTTP-level solutions
cover a wide range of WWW applications, and (3) the IETF is a proven forum
for promoting standards to vendors and the international networking
community, we suggest that the list focus and development of Internet
standards and related documents for secure services within HTTP.
----------------------------------------------------------------------------

Security Products

----------------------------------------------------------------------------

Firewall-1

To join, send e-mail to majordomo@applicom.co.il and, in the text of your
message (not the subject line), write:

     SUBSCRIBE firewall-1

This list is for discussions of "FireWall-1" issues: problems and
(hopefully) their solution(s), requests for information, and ideas one
wishes to share. The FireWall-1 list is open to the worldwide Unix
community, which consists of commercial, educational, and private users.
----------------------------------------------------------------------------

Linux Security

To join, send e-mail to majordomo@redhat.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE linux-security your-name
     or
     SUBSCRIBE linux-security-digest your-name

What we offer to do is set up a mechanism for Linux that is able to
distribute security-relevant information to Linux users or administrators
that run a networked Linux box. This would allow them to plug any holes
early on, without having to scan all Linux newsgroups and mailing lists all
of the time.
----------------------------------------------------------------------------

Linux Security Alert

To join, send e-mail to majordomo@redhat.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE linux-alert your-name
     or
     SUBSCRIBE linux-alert-digest your-name

This is the announcement list. It is mainly for postings about security
holes, and how to plug them.
----------------------------------------------------------------------------

SOS Freestone Firewall package

To join, send e-mail to majordomo@majordomo.soscorp.com and, in the text of
your message (not the subject line), write:

     SUBSCRIBE freestone

The list is dedicated to the users and administrators of the free SOS
firewall package, Freestone.

For more information, see http://www.soscorp.com .
----------------------------------------------------------------------------

Tiger

To join, send e-mail to majordomo@net.tamu.edu and, in the text of your
message (not the subject line), write:

     SUBSCRIBE tiger

Discussion list for the UNIX security audit tool TIGER

This is the TIGER users mailling list. It is for:

  1. Update announcements
  2. Reporting bugs in TIGER.
  3. Discussing new features for TIGER.
  4. Discussing use of TIGER.
  5. Discussing anything else about TIGER.

What is TIGER?

TIGER is a set of shell scripts, C code and configuration files which are
used to perform a security audit on UNIX systems. The goals for TIGER are to
make it very robust and easy to use. TIGER was originally developed for
checking hosts at Texas A&M University following a break in in the Fall of
1992.

The latest version of TIGER is always available from the directory
net.tamu.edu:/pub/security/TAMU. In addition, updated digital signature
files for new platforms and new security patches will be maintained in the
directory:

net.tamu.edu:/pub/security/TAMU/tiger-sigs.
----------------------------------------------------------------------------

TIS Firewall Toolkit

To join, send e-mail to fwall-users-request@tis.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE

Discussion list for the TIS firewall toolkit
----------------------------------------------------------------------------

Vendors and Organizations

----------------------------------------------------------------------------

CERT (Computer Emergency Response Team) Advisory mailing list.

To join, send e-mail to cert@cert.org and, in the text of your message (not
the subject line), write:

     I want to be on your mailing list.

Past advisories and other information related to computer security are
available for anonymous FTP from cert.org (192.88.209.5).
----------------------------------------------------------------------------

The CIAC (Computer Incident Advisory Capability) of DoE

CIAC has several self-subscribing mailing lists for electronic publications:

  1. CIAC-BULLETIN for Advisories, highest priority - time critical
     information and Bulletins, important computer security information;
  2. CIAC-NOTES for Notes, a collection of computer security articles;
  3. SPI-ANNOUNCE for official news about Security Profile Inspector (SPI)
     software updates, new features, distribution and availability;
  4. SPI-NOTES, for discussion of problems and solutions regarding the use
     of SPI products.

To join, send e-mail to ciac-listproc@llnl.gov and, in the text of your
message (not the subject line), write any of the following examples:

     subscribe ciac-bulletin LastName, FirstName PhoneNumber
     subscribe ciac-notes LastName, FirstName PhoneNumber
     subscribe spi-announce LastName, FirstName PhoneNumber
     subscribe spi-notes LastName, FirstName PhoneNumber
     e.g., subscribe ciac-notes O'Hara, Scarlett 404-555-1212

You will receive an acknowledgment containing address, initial PIN, and
information on how to change either of them, cancel your subscription, or
get help.
----------------------------------------------------------------------------

HP, Hewlett Packard

To join, send e-mail to support@support.mayfield.hp.com and, in the text of
your message (not the subject line), write:

     subscribe security_info

The latest digest of new HP Security Bulletins will be distributed directly
to your mailbox on a routine basis.

SGI

Wiretap

wiretap is an electronic mailing list service that Silicon Graphics, Inc.
provides freely for the security minded community. Members of this mailing
list receive (via email) SGI Security Advisories. Individuals interested in
this service can subscribe to this mailing list by following the steps
below.

To join, send e-mail to external-majordomo@postofc.corp.sgi.com and in the
text of your message (not the subject line), write:

     subscribe wiretap

----------------------------------------------------------------------------

Sun Security Alert

To join, send e-mail to security-alert@sun.com and, in the subject of your
message write:

     SUBSCRIBE CWS your-email-addr

The message body should contain affiliation and contact information.
----------------------------------------------------------------------------

Acknowledgements

I would like to thank the following people for the contribution to this FAQ
that has helped to update and shape it:

   * Steve Kennedy (steve@gbnet.org)
   * Jacob Langseth (jacob@esisys.com)
   * Dave Millar (millar@pobox.upenn.edu)
   * Bill Bauriedel (Bill.Bauriedel@Forsythe.Stanford.EDU)
   * Seth Robertson (seth@soscorp.com)
   * Marc Baudoin (Marc.Baudoin@hsc.fr.net)

----------------------------------------------------------------------------

Copyright

This paper is Copyright (c) 1994, 1995, 1996
   by Christopher Klaus of Internet Security Systems, Inc.

Permission is hereby granted to give away free copies electronically. You
may distribute, transfer, or spread this paper electronically. You may not
pretend that you wrote it. This copyright notice must be maintained in any
copy made. If you wish to reprint the whole or any part of this paper in any
other medium excluding electronic medium, please ask the author for
permission.

Disclaimer

The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are
NO warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is at the
user's own risk.

Address of Author

Please send suggestions, updates, and comments to:
Christopher Klaus <cklaus@iss.net> of Internet Security Systems, Inc.
<iss@iss.net>

Internet Security Systems, Inc.

ISS is the leader in network security tools and technology through
innovative audit, correction, and monitoring software. The Atlanta-based
company's flagship product, Internet Scanner, is the leading commercial
attack simulation and security audit tool. The Internet Scanner SAFEsuite is
based upon ISS' award-winning Internet Scanner and was specifically designed
with expanded capabilities to assess a variety of network security issues
confronting web sites, firewalls, servers and workstations. The Internet
Scanner SAFEsuite is the most comprehensive security assessment tool
available. For more information about ISS or its products, contact the
company at (770) 395-0150 or e-mail at iss@iss.net. ISS maintains a Home
Page on the World Wide Web at http://www.iss.net
-- 
Christopher William Klaus            Voice: (770)395-0150. Fax: (770)395-1972
Internet Security Systems, Inc.              "Internet Scanner SAFEsuite finds
Ste. 660,41 Perimeter Center East,Atlanta,GA 30346 your network security holes
Web: http://www.iss.net/  Email: cklaus@iss.net        before the hackers do."



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру