Security Mailing Lists
8lgm (Eight Little Green Men)
Academic-Firewalls
Alert
Best of Security
Bugtraq
COAST Security Archive
Computer Privacy Digest (CPD)
Computer Underground Digest (CuD)
Cypherpunks
Cypherpunks-Announce
European Firewalls
Firewalls
Intruder Detection Systems
Infsec-L
Phrack
PRIVACY Forum
Risks
SAS (French Speaking Firewalls)
S-HTTP
Sneakers
Secure Socket Layer - Talk
UNINFSEC - University Information Security Forum
Virus-L
Virus Alert
WWW Security
CFS
Firewall-1
Linux Security
Linux Alert
SOS Freestone Firewall package
SPI Announce
SPI Notes
SSLeay
Tiger
TIS Firewallk Toolkit
CERT Advisories
CERT Tools
To join, send e-mail to majordomo@8lgm.org and, in the text of your message (not thesubject line), write:
subscribe 8lgm-list
Group of hackers that periodically post exploit scripts for various Unix bugs.(Footnote: 8lgm originally stood for: Eight Legged Groovin' Machine)
To join, send e-mail to majordomo@net.tamu.edu and, in the text of your message (notthe subject line), write:
SUBSCRIBE Academic-Firewalls
This is an unmoderated list maintained by Texas A&M University. Its purpose is topromote the discussion and use of firewalls and other security tools in an academicenvironment. It is complementary to the Firewalls list maintained by Brent Chapman (sendsubscription requests to Majordomo@GreatCircle.COM) which deals primarily with firewallissues in a commercial environment. Academic environments have different politicalstructures, ethical issues, expectations of privacy and expectations of access.
Many documented incidents of cracker intrusions have either originated at or passedthrough academic institutions. The security at most universities is notoriously lax oreven in some cases completely absent. Most institutions don't use firewalls because theyeither don't care about their institution's security, they feel firewalls are notappropriate or practical, or they don't know the extent to which they are under attackfrom the Internet.
At Texas A&M University we have been using a combination of a flexible packetfilter, intrusion detection tools, and Unix security audit utilities for almost two years.We have found that simple firewalls combined with other tools are feasible in an academicenvironment. Hopefully the discussion on this list will begin to raise the awareness ofother institutions also.
To join, send e-mail to request-alert@iss.net and, in the text ofyour message (not the subject line), write:
subscribe alert
To remove, send e-mail to request-alert@iss.net and, in the text of your message (notthe subject line), write:
unsubscribe alert
This is a moderated list in the effort to keep the noise to a minimal and providequality security information. The Alert will be covering the following topics:
- Security Product Announcements
- Updates to Security Products
- New Vulnerabilities found
- New Security Frequently Asked Question files.
- New Intruder Techniques and Awareness
To join, send e-mail to best-of-security-request@suburbia.net with the following in thebody of the message:
subscribe best-of-security
REASONS FOR INCEPTION
In order to compile the average security administrator it was found that the compilerhad to parse a foreboding number of exceptionally noisy and semantically-content-free datasets. This led to exceptionally high load averages and a dramatic increase in coreentropy.
Further, the number, names and locations of this data appears to change on an almostdaily basis; requiring tedious version control on the part of the mental maintainer.Best-of-Security is at present an un-moderated list. That may sound strange given ourstated purpose of massive entropy reduction; but because best often equates with"vital" and the moderator doesn't have an MDA habit it is important thatmaterial sent to this list be delivered to its subscribers' in as minimal period of timeas is (in)humanly possible.
If you find *any* information from *any* source (including other mailinglists,newsgroups, conference notes, papers, etc) that fits into one of the acceptable categoriesdescribed at the end of this document then you should *immediately* send it to"best-of-security@suburbia.net". Do not try and predict whether or not someoneelse will send the item in question to the list in the immediate future. Unless your on atime-delayed mail vector such as polled uucp or the item has already appeared onbest-of-security, mail the info to the list! Even if it is a widely deployed peice ofinformation such as a CERT advisory the proceeding argument still applies. If theinformation hasn't appeared on this list yet, then SEND IT. It is far better to run therisk of minor duplication in exchange for having the information out where it is neededthan act conservatively about occasional doubling up on content.
To join, send e-mail to LISTSERV@NETSPACE.ORG and, in the text of your message (not thesubject line), write:
SUBSCRIBE BUGTRAQ
This list is for *detailed* discussion of UNIX security holes: what they are, how toexploit, and what to do to fix them.
This list is not intended to be about cracking systems or exploiting theirvunerabilities. It is about defining, recognizing, and preventing use of security holesand risks.
Please refrain from posting one-line messages or messages that do not contain anysubstance that can relate to this list`s charter.
Please follow the below guidelines on what kind of information should be posted to theBugtraq list:
- Information on Unix related security holes/backdoors (past and present)
- Exploit programs, scripts or detailed processes about the above
- Patches, workarounds, fixes
- Announcements, advisories or warnings
- Ideas, future plans or current works dealing with Unix security
- Information material regarding vendor contacts and procedures
- Individual experiences in dealing with above vendors or security organizations
- Incident advisories or informational reporting
To join, send e-mail to coast-request@cs.purdue.edu and, in the text of your message(not the subject line), write:
SUBSCRIBE coast
About Purdue's COAST Security Archive
To join, send e-mail to comp-privacy-request@uwm.edu and, in the text of your message(not the subject line), write:
subscribe cpd
The Computer PRIVACY Digest (CPD) (formerly the Telecom Privacy digest) is run byLeonard P. Levine. It is gatewayed to the USENET newsgroup comp.society.privacy. It is arelatively open (i.e., less tightly moderated) forum, and was established to provide aforum for discussion on the effect of technology on privacy. All too often technology isway ahead of the law and society as it presents us with new devices and applications.Technology can enhance and detract from privacy.
To join, send e-mail to LISTSERV@VMD.CSO.UIUC.EDU and, in the text of your message (notthe subject line), write:
SUB CUDIGEST
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Covers many issues of the computer underground.
To join, send e-mail to majordomo@toad.com and, in the text of your message (not thesubject line), write:
SUBSCRIBE cypherpunks
The cypherpunks list is a forum for discussing personal defenses for privacy in thedigital domain. It is a high volume mailing list.
To join, send e-mail to majordomo@toad.com and, in the text of your message (not thesubject line), write:
SUBSCRIBE cypherpunks-announce
There is an announcements list which is moderated and has low volume. Announcements forphysical cypherpunks meetings, new software and important developments will be postedthere.
To join, send e-mail to majordomo@gbnet.net and, in the text of your message (not thesubject line), write:
SUBSCRIBE firewalls-uk email-addr
Euro flavour firewall list.
To join, send e-mail to majordomo@greatcircle.com and, in the text of your message (notthe subject line), write:
SUBSCRIBE firewalls
Useful information regarding firewalls and how to implement them for security.
This list is for discussions of Internet "firewall" security systems andrelated issues. It is an outgrowth of the Firewalls BOF session at the Third UNIX SecuritySymposium in Baltimore on September 15, 1992.
INFSEC-LInformation Systems Security Forum
To join, send e-mail to listserv@etsuadmn.etsu.edu and, in the text of your message(not the subject line), write:
SUB infsec-l your-name
INFSEC-L is for discussions of information systems security and relatedissues. Discussions are not moderated. Thus, all messages sent to the list are immediatelydistributed to members of the list. The discussion list is an outgrowth of the"Technology for the Information Security '94: Managing Risk" at Galveston, TX(December 5-8, 1994). The main objective of the list is to foster open and constructivecommunication among information systems security and auditing professionals in government,industry, and academic institutions. Initial subscriptions are screened by the listownerto ensure that only appropriate professionals are subscribed.
To join, send e-mail to majordomo@uow.edu.au with the following in the body of themessage:
subscribe ids
The list is a forum for discussions on topics related to development of intrusiondetection systems.
Possible topics include:
- techniques used to detect intruders in computer systems and computer networks
- audit collection/filtering
- subject profiling
- knowledge based expert systems
- fuzzy logic systems
- neural networks
- methods used by intruders (known intrusion scenarios)
- cert advisories
- scripts and tools used by hackers
- computer system policies
- universal intrusion detection system
To join, send e-mail to phrack@well.com and, in the text of your message (not thesubject line), write:
SUBSCRIBE Phrack
Phrack is a Hacker Magazine which deals with phreaking and hacking.
To join, send e-mail to privacy-request@vortex.com and, in the text of your message(not the subject line), write:
information privacy
The PRIVACY Forum is run by Lauren Weinstein. He manages it as a rather selectivelymoderated digest, somewhat akin to RISKS; it spans the full range of both technologicaland non-technological privacy-related issues (with an emphasis on the former).
To join, send e-mail to risks-request@csl.sri.com and, in the text of your message (notthe subject line), write:
SUBSCRIBE
Risks is a digest that describes many of the technological risks that happen in today'senvironment.
SAS(French Speaking Firewalls)
To join, send e-mail to majordomo@edelweb.fr and, in the text of your message (not thesubject line), write:
SUBSCRIBE sas
Cette liste est destinee a la discussion sur la securisation des acces Internet,principalement a propos des solutions de type "Firewall" (sas de securite,coupe-feu ou garde-barriere).
To join, send e-mail to shttp-talk-request@OpenMarket.com and, in the text of yourmessage (not the subject line), write:
SUBSCRIBE
Secure NCSA httpd is a World-Wide Web (WWW) server supporting transaction privacy andauthentication for Secure WWW clients over the Internet using the Secure HyperTextTransfer Protocol (S-HTTP). Secure NCSA httpd was developed by Enterprise IntegrationTechnologies in cooperation with RSA Data Security and the National Center forSupercomputing Applications at the University of Illinois, Urbana-Champaign.
The purpose of this mailing list(shttp-talk) is to allow people who are interested inpotentially using SHTTP to ask questions, air issues, express concerns and discuss thespecification and reference implementation. Information about Secure HTTP can be found onthe CommerceNet WWW server. Here is the URL to take you directly to the pertinent info:
http://www.commerce.net/software/Shttpd/Docs/manual.html
To join, send e-mail to majordomo@CS.YALE.EDU and, in the text of your message (not thesubject line), write:
SUBSCRIBE Sneakers
The Sneakers mailing list is for discussion of LEGAL evaluations and experiments intesting various Internet "firewalls" and other TCP/IP network security products.
Vendors are welcome to post challenges to the Internet network security community Internetusers are welcome to post anecdotal experiences regarding (legally) testing the defensesof firewall and security products. "Above board" organized and/or looselyorganized wide area tiger teams (WATTs) can share information, report on their progress oreventual success here.
There is a WWW page with instructions on un/subscribing as well asposting, and where notices and pointers to resources (especially if I set up an archive ofthis list) may be put up from time to time:
http://www.cs.yale.edu/HTML/YALE/CS/HyPlans/long-morrow/sneakers.html
To join, send e-mail to ssl-talk-request@netscape.com and, in the text of your message(not the subject line), write:
SUBSCRIBE
Mailing list to discuss secure sockets layer - Netscape's (and, increasingly, others')approach to providing encryption and authentication for IP-based services (primarily http,but expanding to address telnet and ftp as well).
UNINFSEC- University Information Security Forum
To join, send e-mail to listserv@cuvmc.ais.columbia.edu and, in the text of yourmessage (not the subject line), write:
subscribe uninfsec
This is a closed, unmoderated discussion list for people that have information securityresponsibilities in their jobs and who work for educational institutions or have a closerelation with education. Discussions range from policy discussions, awareness programs,virus protection, change control, privileges, monitoring, risk assessments, auditing,business resumption, etc.
To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message (not thesubject line), write:
SUBSCRIBE virus-l your-name
It is an electronic mail discussion forum for sharing information and ideas aboutcomputer viruses, which is also distributed via the Usenet Netnews as comp.virus.Discussions should include (but not necessarily be limited to): current events (virussightings), virus prevention (practical and theoretical), and virus relatedquestions/answers. The list is moderated and digested. That means that any message comingin gets sent to me, the editor. I read through the messages and make sure that they adhereto the guidelines of the list (see below) and add them to the next digest. Weekly logs ofdigests are kept by the LISTSERV (see below for details on how to get them). For thoseinterested in statistics, VIRUS-L is now up to about 2400 direct subscribers. Of those,approximately 10% are local redistribution accounts with an unknown number of readers. Inaddition, approximately 30,000-40,000 readers read comp.virus on the USENET.
To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message (not thesubject line), write:
SUBSCRIBE valert-l your-name
What is VALERT-L?
It is an electronic mail discussion forum for sharing urgent virus warnings among othercomputer users. Postings to VALERT-L are strictly limited to warnings about viruses (e.g.,"We here at University/Company X just got hit by virus Y - what should we do?").Followups to messages on VALERT-L should be done either by private e-mail or to VIRUS-L, amoderated, digested, virus discussion forum also available on this LISTSERV,LISTSERV@LEHIGH.EDU. Note that any message sent to VALERT-L will be cross-posted in thenext VIRUS-L digest. To preserve the timely nature of such warnings and announcements, thelist is moderated on demand (see posting instructions below for more information).
What VALERT-L is *not*?
A place to to anything other than announce virus infections or warn people aboutparticular computer viruses (symptoms, type of machine which is vulnerable, etc.).
To join, send e-mail to www-security-request@nsmx.rutgers.edu and, in the text of yourmessage (not the subject line), write:
SUBSCRIBE www-security your_email_address
The list is maintained by the www-security team of Network Services, Rutgers UniversityTelecommunications Division.
www-security is the official mailing list of the IETF Web Transaction Security WorkingGroup. While there are many approaches to providing security services in the Web, most ofthe current work is concerned with securing the HyperText Transport Protocol. Because of(1) the great need for quick implementation of Web security services, (2) HTTP-levelsolutions cover a wide range of WWW applications, and (3) the IETF is a proven forum forpromoting standards to vendors and the international networking community, we suggest thatthe list focus and development of Internet standards and related documents for secureservices within HTTP.
Security Products
cfs-users is for the discussion of topics of interest to CFS of users and developers.
To subscribe send an email message to cfs-users-request@research.att.com with a messagebody of:
subscribe cfs-users
To join, send e-mail to majordomo@applicom.co.il and, in the text of your message (notthe subject line), write:
SUBSCRIBE firewall-1
This list is for discussions of "FireWall-1" issues: problems and (hopefully)their solution(s), requests for information, and ideas one wishes to share. The FireWall-1list is open to the worldwide Unix community, which consists of commercial, educational,and private users.
To join, send e-mail to majordomo@linux.nrao.edu and, in the text of your message (notthe subject line), write:
SUBSCRIBE linux-security your-name
What we offer to do is set up a mechanism for Linux that is able to distributesecurity-relevant information to Linux users or administrators that run a networked Linuxbox. This would allow them to plug any holes early on, without having to scan all Linuxnewsgroups and mailing lists all of the time.
To join, send e-mail to majordomo@linux.nrao.edu and, in the text of your message (notthe subject line), write:
SUBSCRIBE linux-alert your-name
This is the announcement list. It is mainly for postings about security holes, and howto plug them.
To join, send e-mail to majordomo@majordomo.soscorp.com and, in the text of yourmessage (not the subject line), write:
SUBSCRIBE freestone
The list is dedicated to the users and administrators of the free SOS firewall package,Freestone.
For more information, see http://www.soscorp.com .
To join, send e-mail to ciac-listproc@llnl.gov and, in the text of yourmessage (not the subject line), write any of the following examples:
subscribe spi-announce LastName, FirstName PhoneNumber
You will receive an acknowledgment containing address, initial PIN, andinformation on how to change either of them, cancel your subscription, or get help.
To join, send e-mail to ciac-listproc@llnl.gov and, in the text of yourmessage (not the subject line), write any of the following examples:
subscribe spi-notes LastName, FirstName PhoneNumber
You will receive an acknowledgment containing address, initial PIN, andinformation on how to change either of them, cancel your subscription, or get help.
ssl-users is for discussion of Eric Young implementation of SSL and the SSL appliationsof Tim Hudson.
To subcribe send a message to factotum@mincom.oz.au with a message body of:
subscribe ssl-users
To join, send e-mail to majordomo@net.tamu.edu and, in the text of your message (notthe subject line), write:
SUBSCRIBE tiger
Discussion list for the UNIX security audit tool TIGER
This is the TIGER users mailling list. It is for:
- Update announcements
- Reporting bugs in TIGER.
- Discussing new features for TIGER.
- Discussing use of TIGER.
- Discussing anything else about TIGER.
What is TIGER?
TIGER is a set of shell scripts, C code and configuration files which are used toperform a security audit on UNIX systems. The goals for TIGER are to make it very robustand easy to use. TIGER was originally developed for checking hosts at Texas A&MUniversity following a break in in the Fall of 1992.
The latest version of TIGER is always available from the directorynet.tamu.edu:/pub/security/TAMU. In addition, updated digital signature files for newplatforms and new security patches will be maintained in the directory:
net.tamu.edu:/pub/security/TAMU/tiger-sigs.
To join, send e-mail to fwtk-users-request@tis.com and, in the text of your message(not the subject line), write:
SUBSCRIBE
Discussion list for the TIS firewall toolkit
Vendors and Organizations
CERT(Computer Emergency Response Team) Advisory mailing list.
The CERT Coordination Center maintains a mailing list for members of our constituencywho would like to have advisories, billetins, and the CERT Summary mailed directly to themor to a mail exploder at their site.
To join, send e-mail to cert-advisory-request@cert.org and. You will receiveconfirmation mail when you have been placed on the list.
Past advisories and other information related to computer security are available foranonymous FTP from cert.org (192.88.209.5).
The purpose of this moderated mailing list is to encourage the exchange of informationon security tools and techniques. The list should not be used for security problemreports.
Membership is restricted to system programmers, system administrator, and others with alegitimate, interest in the development of computer security tools. If you would like tobe considered for inclusion, please send mail to:
cert-tools-request@cert.org
You will receive confirmation mail when you have been placed on the list.