The Security List is back

*Hobbit* hobbit at rutgers.rutgers.edu
Sat Dec 3 21:49:53 AEST 1988


Yes, you heard it correctly; the Security list is being reactivated after
a long vacation in limbo.  The vax it was being distributed from got sold
off as a doorstop and replaced with this Sun 4/280 [an even better personal
workstation!].  Via a combination of my not knowing *anything* about the
un*x mailers at the time, and piles of Real Work to do [such as learn all
the *other* things about the unix box!] the Security list fell into a state
of dusty shelvedness.  Now that I've gotten to where I can beat Sendmail over
the head enough to make it work the way I wanted and re-wrote various emacs
macros for sending mail, the list can now come back to life.  The additional
prod of the RTM virus uproar helped a lot...

There are a number of points that need to be made.  This is important; the
underlying functions of this shiny new refurbishment may be different from
what you remembered in the past.  This also reflects what I've learned from
running the list in the past, and I've given it quite a bit of thought.

First: This is *not* the "unix security mailing list".  That is a separate
entity run by Andrew Burt [aburt at isis.uucp].  It deals exclusively with unix
security problems, and membership is restricted in a number of ways.  That
list's mail can also contain explicit security reports/fixes that one would
not want "just anybody" to see, thus the restrictions.  *This* list is much
more open and deals with a much more general group of security-related
fields.  Anyone can receive it; submissions are moderated in an attempt to
prevent "sensitive" information from being re-sent by mistake.

There is at least one other "restricted" security list floating around out
there somewhere as well, but I have no clue as to its identity.  Its
moderator[s] have never gotten in touch with me.  I do not refer here to
the more recent virus-related one, either...

I'm not sure how to react to the "call for votes" deal in the tcp-ip and
the news.* groups.  This list has been and will continue to be very general,
since *I'm* interested in lots of security topics, not just those concerning
computers, and a lot of the readership is similarly minded.  If people want
to form a "computers-only" newsgroup, moderated or not, this isn't under
my control, but keep in mind that such topics are certainly fair game here.
Do we need area-specific groups?  I can't answer that myself.  I do, however,
offer a high S/N ratio of what you actually read, since flamers and name-
callers will be summarily sat on.  Keep in mind that signal/noise ratio is
ultimately up to the *contributors*; if I'm forced to moderate garbage, it's
still garbage.  Replies about this to the list, please, not the newsgroups.
Ones worth forwarding will show up in misc.security.

My own list contains over 300 addresses at this time, many of which are
local redistributions at other sites.  A *lot* of people are on the list.
Most of the grunge work in running a large list is dealing with mailer errors
from faraway places.  Please help minimize the lossage I get back by keeping
your host tables/nameservers up to date and making sure your .forward files
and such work correctly.  I am going to be very intolerant of other peoples'
mailers acting up -- this isn't to be nasty, it's a survival effort to keep
from being snowed in under a continual barrage of error messages.  The most
consideration a site will get is a query to its postmaster containing the
error, and if no action is taken I will be forced to remove it from the list.
If I get time I will periodically go through the "broken" entries and see
if they're alive again, but doing this is a very low priority.  So it behooves
the reader to keep its mailer in good shape and its host up and connected.

Misc.security is the corresponding moderated newsgroup.  In theory postings
to the group will be forwarded to me, and things I forward back to the group
actually get posted.  This is *NOT* the preferred posting method, however.
I would much prefer that submissions be directly mailed to me; this way they
get here more reliably and I don't have to deal with the "Submission for
misc.security" sort of message that always seems somehow malformed.  Any site
administrator who wishes to completely disable "posting" to the group may
do so; it may help ease his news worries, and will force people to use the
preferred method.  It is hoped that this method will also keep people from
sending in huge right-widgeted [>] inclusions, which absolutely turn my
stomach and are really not very necessary to restore context.  Messages
containing more than a screenful of ">"-lines will probably be deleted
unread, so if you want your message to get out, please trim your inclusions
severely before sending it off.

Messages of a commercial nature will not be forwarded.  There is a broad
fuzzy line here going between "I used product X and I like it, and by the
way here's their address" to "I wrote this really neat package and I'm
selling it for $49.95, send your money to...".  Please use your discretion,
and I will use mine.  If it's apparent that you're trying to advertise,
it won't make it to the list.

I apologize for seeming so harsh in the above, but again, there are a lot of
people on the list, and a lot of mailers out there, and I have to hold down
a Real Job along with running this thing.  I hope to provide a service for
everyone with minimal special effort on my end.

The following is the "welcome message" I send out to new recipients when they
ask to be added.  You old-timers may note that some of the information has
changed, in particular the hostname.  It contains the answers to the most
commonly-asked questions.  As of this writing, there are two lies in it:
Anonymous FTP doesn't work pending the security fix [cough...], and the
digestifier needs a little work.  These will be fixed RSN.
______________________________________________________________________________

This is a generic reply to your recent addition request.  Unless you are a
Bitnet recipient, I have added you to the list.  Bitnet recipients can add
themselves by sending a message to LISTSERV at UGA containing

	SUB SECURITY <User's name>.

Please note that SECURITY has recently moved from aim.rutgers.edu to
pyrite.rutgers.edu, if you happened to hear about it via outdated material.
If you are on a unix site that receives the misc.security newsgroup, please
read the material from there and save network bandwidth, unless you have some
special requirement.  This list is gatewayed to the newsgroup.

In any case, welcome to the list!  We are here to discuss any and all security
topics, ranging from physically securing your machine room, your car, or
whatever, to how to prevent crackers from running rampant all over your
system, to encryption techniques.  In short, if it smells of security, it's
fair game for this list.

Messages are moderated [by me] before redistribution.  I support both
recognized types of distribution; the normal one is direct-remail in which as
I read and forward messages they are sent across the network singly; and
digest format, in which messages are collected into a larger file an re-sent
periodically in this "digestified" format.  As a new recipient you have been
added to the direct-remail list.  If you prefer the digest format, please
indicate this to security-request.

Archives currently live at pyrite.rutgers.edu, in /security/security.n where n
is a digit.  The highest digit is the latest file.  For historical reasons and
to provide the most generic possible file format, all such files are in VMS
sequential-mail format, with messages separated by formfeeds.  These are easy
to convert to mbox format, and thence to others.  There are some other
articles of interest there if you care to browse.  We do standard anonymous
FTP.  Bitnet recipients may send the following commands to LISTSERV at UGA or
FINHUTC, whichever host is closest to you:

	GET SECURITY FILELIST		;; for archive index
	GET SECURITY LOGyymm		;; yy = year; mm = month

Requests above and beyond this should be forwarded to security-request.

In short: Please send submissions to security at pyrite.rutgers.edu, even if
you're reading from misc.security; and all adminstrative requests and questions
to security-request at pyrite.rutgers.edu.

Cheers!  I am, your humble moderator,

	*Hobbit*
	One of several jacks-of-all-trades for LCS at Rutgers
	Security-request at pyrite.rutgers.edu

_H*



More information about the Comp.unix.wizards mailing list