[4] in Best-of-Security
INFO best-of-security@suburbia.net
daemon@ATHENA.MIT.EDU (best-of-security-request@suburbia.)
Tue Jan 28 01:30:51 1997
From: best-of-security-request@suburbia.net
Date: Tue, 28 Jan 1997 17:30:11 +1100 (EST)
To: best-of-security-mtg@menelaus.mit.edu
In-Reply-To: <9701280628.AA25221@MIT.EDU>
BOS(8) Security Guru's Manual BOS(8)
NAME
BOS - Best of all available security resources.
_/_/_/ _/_/ _/_/_/
_/ _/ _/ _/ _/
_/_/_/ _/ _/ _/_/
_/ _/ _/ _/ _/
_/_/_/ _/_/ _/_/_/
BEST OF SECURITY
DIGEST
SYNOPSIS
"echo subscribe|mail best-of-security-request@suburbia.net"
or
"echo subscribe|mail best-of-security-d-request@suburbia.net"
(weekly digest)
DESCRIPTION
In order to make the average security administrator, it was found
the compiler had to parse a foreboding number of exceptionally noisy
and semantically devoid data sets. This typically resulted in
dramatically high load averages and a frightening increase in core
entropy.
Further, the number, names and locations of required datum seemed to
change on an almost daily basis; requiring tedious version control
on the part of the mental maintainer.
OPERATION
Clever BOS subscribers scour their brains and the world for
interesting security material and send it to the clever moderator.
The clever moderator then attempts to decide if the clever
subscriber was quite as clever as the clever subcriber had hoped. If
the answer is in the affirmative, the clever moderator sends the
clever information to all the clever BOS subscribers who get a bit
cleverer.
We do, of course take many original posts. In the famous last words of
Marylin Munroe, CORE Digest and Joachim Kroll: "meat, we want meat".
OPTION NEGOTIATION
WILL WILL WILL WILL WONT WONT WONT WONT
DO DO DO DO DONT DONT DONT DONT
8lgm, cert, ciac, dod and other Any flames.
non-vendor advisories. Any questions.
Vendor advisories of security Any rumors.
weaknesses in own or other products. Sigs with >2 lines of
Vendor new security-product line commercial information.
release or MAJOR upgrade. Minor upgrade information.
Fully disclosed security weaknesses. Twag, frig or drofo.
Exploitation details. Advertising.
Exploitation code. Un/Subscription requests.
Patch code. Mailing list queries.
Patch announcements. Requests. Get it your self.
Hard to obtain or otherwise occulted Vague or incomprehensible
source code or uuencoded executables. statements from dysfuctional
Conference announcements. persons.
Security tools. Opinionated rantings such as
Blond jokes. those on the ethics of full
NEW or hard to obtain security disclosure or computer hackers.
documents (ascii), or pointers to Quotes from the Illiad.
the location of such documents/papers. Off meat. We like it fresh.
Announcements of new security archives Elite security trojans.
or mailinglists. Attempts at KOTM.
Translations of the above. Messages under 700 bytes.
SUBSCRIBING
Send mail to:
best-of-security-request@suburbia.net
or
best-of-security-d-request@suburbia.net (digest)
with the subject or body of:
subscribe
UN-SUBSCRIBING
Send mail to:
best-of-security-request@suburbia.net
or
best-of-security-d-request@suburbia.net (digest)
with the subject or body:
unsubscribe
POSTING
To send a message to the list, address it to:
best-of-security@suburbia.net
EXAMPLES
Subscribing:
mail best-of-security-request@suburbia.net
Subject: luv me foomaster
subscribe
Unsubscribing:
mail best-of-security-request@suburbia.net
Subject: foo you
unsubscribe
Posting:
mail best-of-security@suburbia.net
Subject: Backdoor in foosecure
ARCHIVES
Back issues of BOS are available from:
ftp://suburbia.net/pub/mailinglists/best-of-security
You can also instruct the mailing list processor to
automatically scan and retrive messages from the archive. It
understands the following commands:
get filename ...
ls directory ...
egrep case_insensitive_regular_expression filename ...
maxfiles nnn
version
Aliases for 'get': send, sendme, getme, gimme, retrieve, mail
Aliases for 'ls': dir, directory, list, show
Aliases for 'egrep': search, grep, fgrep, find
Lines starting with a '#' are ignored. Multiple
commands per mail are allowed. Setting maxfiles to zero
will remove the limit (to protect you against yourself
no more than maxfiles files will be returned per
request). Egrep supports most common flags.
Examples:
ls latest (the latest directory containes the archived messages)
get latest/12
egrep some.word latest/*
BUGS
You bet.
TECHNICAL
The list processor software is based on the excellent
Procmail/Smartlist by Stephen R. van den Berg
<berg@pool.informatik.rwth-aachen.de> with some minor extensions
by Julian Assange <proff@iq.org>.
DARPA grant N00015-95-J-4124
MODERATOR/EDITOR
proff@iq.org
SEE ALSO
lacc-request@suburbia.net.