From: CSBVAX::CSBVAX::MRGATE::"SMTP::PYRITE.RUTGERS.EDU::SECURITY-REQUEST" 3-DEC-1988 08:16 To: MRGATE::"ARISIA::EVERHART" Subj: The List Returns Sender: security-request@pyrite.rutgers.edu Date: Sat, 3 Dec 1988 5:51:00 EST From: *Hobbit* Subject: The List Returns To: security Yes, you heard it correctly; the Security list is being reactivated after a long vacation in limbo. The vax it was being distributed from got sold off as a doorstop and replaced with this Sun 4/280 [an even better personal workstation!]. Via a combination of my not knowing *anything* about the un*x mailers at the time, and piles of Real Work to do [such as learn all the *other* things about the unix box!] the Security list fell into a state of dusty shelvedness. Now that I've gotten to where I can beat Sendmail over the head enough to make it work the way I wanted and re-wrote various emacs macros for sending mail, the list can now come back to life. The additional prod of the RTM virus uproar helped a lot... There are a number of points that need to be made. This is important; the underlying functions of this shiny new refurbishment may be different from what you remembered in the past. This also reflects what I've learned from running the list in the past, and I've given it quite a bit of thought. First: This is *not* the "unix security mailing list". That is a separate entity run by Andrew Burt [aburt@isis.uucp]. It deals exclusively with unix security problems, and membership is restricted in a number of ways. That list's mail can also contain explicit security reports/fixes that one would not want "just anybody" to see, thus the restrictions. *This* list is much more open and deals with a much more general group of security-related fields. Anyone can receive it; submissions are moderated in an attempt to prevent "sensitive" information from being re-sent by mistake. There is at least one other "restricted" security list floating around out there somewhere as well, but I have no clue as to its identity. Its moderator[s] have never gotten in touch with me. I do not refer here to the more recent virus-related one, either... I'm not sure how to react to the "call for votes" deal in the tcp-ip and the news.* groups. This list has been and will continue to be very general, since *I'm* interested in lots of security topics, not just those concerning computers, and a lot of the readership is similarly minded. If people want to form a "computers-only" newsgroup, moderated or not, this isn't under my control, but keep in mind that such topics are certainly fair game here. Do we need area-specific groups? I can't answer that myself. I do, however, offer a high S/N ratio of what you actually read, since flamers and name- callers will be summarily sat on. Keep in mind that signal/noise ratio is ultimately up to the *contributors*; if I'm forced to moderate garbage, it's still garbage. Replies about this to the list, please, not the newsgroups. Ones worth forwarding will show up in misc.security. My own list contains over 300 addresses at this time, many of which are local redistributions at other sites. A *lot* of people are on the list. Most of the grunge work in running a large list is dealing with mailer errors from faraway places. Please help minimize the lossage I get back by keeping your host tables/nameservers up to date and making sure your .forward files and such work correctly. I am going to be very intolerant of other peoples' mailers acting up -- this isn't to be nasty, it's a survival effort to keep from being snowed in under a continual barrage of error messages. The most consideration a site will get is a query to its postmaster containing the error, and if no action is taken I will be forced to remove it from the list. If I get time I will periodically go through the "broken" entries and see if they're alive again, but doing this is a very low priority. So it behooves the reader to keep its mailer in good shape and its host up and connected. Misc.security is the corresponding moderated newsgroup. In theory postings to the group will be forwarded to me, and things I forward back to the group actually get posted. This is *NOT* the preferred posting method, however. I would much prefer that submissions be directly mailed to me; this way they get here more reliably and I don't have to deal with the "Submission for misc.security" sort of message that always seems somehow malformed. Any site administrator who wishes to completely disable "posting" to the group may do so; it may help ease his news worries, and will force people to use the preferred method. It is hoped that this method will also keep people from sending in huge right-widgeted [>] inclusions, which absolutely turn my stomach and are really not very necessary to restore context. Messages containing more than a screenful of ">"-lines will probably be deleted unread, so if you want your message to get out, please trim your inclusions severely before sending it off. Messages of a commercial nature will not be forwarded. There is a broad fuzzy line here going between "I used product X and I like it, and by the way here's their address" to "I wrote this really neat package and I'm selling it for $49.95, send your money to...". Please use your discretion, and I will use mine. If it's apparent that you're trying to advertise, it won't make it to the list. I apologize for seeming so harsh in the above, but again, there are a lot of people on the list, and a lot of mailers out there, and I have to hold down a Real Job along with running this thing. I hope to provide a service for everyone with minimal special effort on my end. The following is the "welcome message" I send out to new recipients when they ask to be added. You old-timers may note that some of the information has changed, in particular the hostname. It contains the answers to the most commonly-asked questions. As of this writing, there are two lies in it: Anonymous FTP doesn't work pending the security fix [cough...], and the digestifier needs a little work. These will be fixed RSN. ______________________________________________________________________________ This is a generic reply to your recent addition request. Unless you are a Bitnet recipient, I have added you to the list. Bitnet recipients can add themselves by sending a message to LISTSERV@UGA containing SUB SECURITY . Please note that SECURITY has recently moved from aim.rutgers.edu to pyrite.rutgers.edu, if you happened to hear about it via outdated material. If you are on a unix site that receives the misc.security newsgroup, please read the material from there and save network bandwidth, unless you have some special requirement. This list is gatewayed to the newsgroup. In any case, welcome to the list! We are here to discuss any and all security topics, ranging from physically securing your machine room, your car, or whatever, to how to prevent crackers from running rampant all over your system, to encryption techniques. In short, if it smells of security, it's fair game for this list. Messages are moderated [by me] before redistribution. I support both recognized types of distribution; the normal one is direct-remail in which as I read and forward messages they are sent across the network singly; and digest format, in which messages are collected into a larger file an re-sent periodically in this "digestified" format. As a new recipient you have been added to the direct-remail list. If you prefer the digest format, please indicate this to security-request. Archives currently live at pyrite.rutgers.edu, in /security/security.n where n is a digit. The highest digit is the latest file. For historical reasons and to provide the most generic possible file format, all such files are in VMS sequential-mail format, with messages separated by formfeeds. These are easy to convert to mbox format, and thence to others. There are some other articles of interest there if you care to browse. We do standard anonymous FTP. Bitnet recipients may send the following commands to LISTSERV at UGA or FINHUTC, whichever host is closest to you: GET SECURITY FILELIST ;; for archive index GET SECURITY LOGyymm ;; yy = year; mm = month Requests above and beyond this should be forwarded to security-request. In short: Please send submissions to security@pyrite.rutgers.edu, even if you're reading from misc.security; and all adminstrative requests and questions to security-request@pyrite.rutgers.edu. Cheers! I am, your humble moderator, *Hobbit* One of several jacks-of-all-trades for LCS at Rutgers Security-request@pyrite.rutgers.edu _H*