[3990] in bugtraq
Announcing the NTBugTraq mailing list
daemon@ATHENA.MIT.EDU (Russ)
Sat Feb 1 11:50:15 1997
Date: Sat, 1 Feb 1997 02:34:22 -0500
Reply-To: Russ <Russ.Cooper@RC.ON.CA>
From: Russ <Russ.Cooper@RC.ON.CA>
To: BUGTRAQ@NETSPACE.ORG
> Windows NT BugTraq Mailing List
>
> In the tradition of Aleph One's BugTraq mailing list, this list
> has been created to invite the free and open discussion of
> Windows NT Security Exploits/Bugs or *SEBs* as I call them. This
> list is not intended to be a forum to discuss "how to" issues, but
> instead should be used to report reproducible SEBs which you have
> personally encountered with Windows NT or its related BackOffice
> products.
>
> Q:What is a SEB?
> A:Anything that can be done to a Windows NT installation via a
> remote connection (network or RAS) or through the local
> installation of commercial software which causes Windows NT to
> react in anything but an expected fashion. So telnet to TCP port
> 135 and typing 15 characters thereby causing the Windows NT CPU
> to go to 100% utilization would be an acceptable topic. Sitting
> at a console logged in as Administrator and removing the
> Administrator's file permissions on the %systemroot%\system32
> would not be considered an acceptable topic.
>
> Do's:
> - Discuss SEB resolution or workaround.
> - Discuss SEBs in third-party Windows NT products, providing that
> the product is designed for BackOffice.
> - Discuss Macintosh, Netware, or Samba/Unix-related SEBs assuming
> that the SEB is related to Windows NT involvement.
>
> Don'ts:
> - Discuss Windows '95, unless, and only if, the Windows NT SEB
> can only be reproduced with a Windows '95 client.
> - Discuss Windows for Workgroups or Windows 3.x, for any reason.
> - Discuss products to enhance security, unless they have been
> proven to resolve an outstanding SEB.
> - Discuss Unix SEBs, these should be addressed to
> BUGTRAQ@NETSPACE.ORG (subscribe through LISTSERV@NETSPACE.ORG)
> - Discuss general Windows NT Security, how to, what to, why to,
> type questions. The NTSecurity@ISS.net list (subscribe through
> MAJORDOMO@ISS.NET) would be a better forum to discuss these
> issues.
>
> Vendor involvement in the list is not discouraged, but I would
> ask that you not use this forum as a method of advertising the
> value of your products. If a SEB shows a weakness in Windows NT
> design, and your product can resolve that weakness, a short note
> indicating TECHNICALLY how your product addresses the issue would
> be consider appropriate. If you don't address the issue in a
> technical fashion your subscription will be revoked.
>
> Now after reading all of this you'll probably wonder why I'm
> being so restrictive. For one, I want to keep the volume low, as
> low as possible. I want to keep the content as pertinent as I
> possibly can so that the list becomes a useful tool for everyone
> using Windows NT. If the list can remain on topic, people will
> post SEBs here first, and we will all have an opportunity to
> address the issues in a way best suited to our environments.
>
> I would also make a couple of recommendations to you prior to you
> posting a security exploit/bug.
>
> 1. Don't post SEBs unless you have been able to reproduce it. If
> the subscriber base grows as I expect it will, posting such
> messages may cause many people to waste valuable time trying
> to reproduce something which is not there.
>
> 2. When posting a SEB, make sure you include enough relevant
> information about your configuration to make it possible to
> reproduce your scenario. Versions of the relevant software,
> service pack levels of your system, platform, and any
> configuration information which might affect the issue. By
> doing this you will prevent a lot of messages asking you the
> basic questions and make resolution or workaround that much
> quicker.
>
> 3. When posting a resolution or workaround, if you have received
> a Microsoft Knowledgebase Article number (a Q#####), please
> post it with your message so everyone can read it if they want.
>
> 4. Remember your Non-Disclosure Agreements. Issues pertaining to
> products covered under NDA should not be discussed here, use
> the appropriate Microsoft Newsgroup for these issues.
> Typically, once a product has been released to public beta
> testing your NDA changes to one limiting you from discussing
> performance characteristics of the product. Please check with
> your Microsoft representative or Beta Administration if you
> are at all unsure of your NDA status prior to posting.
>
> This list operates on a confirmation basis. Your subscription,
> and every message you post to this list will generate a
> confirmation message from LISTSERV@RC.ON.CA. This is there for
> your protection to ensure that subscription requests really are
> from the actual individual email address. It is also there to let
> you think about your message prior to it being posted. This is
> not a configurable option.
>
> I hope that the list proves useful to you and your organization.
With the REview option turned off, I hope that it will attract
> individuals in organizations who have the ability to address the
> issues which get raised on this list. I know from personal
> experience that having to pay Microsoft US$195 in order to report
> a bug (despite the fact you get a refund 3 or 4 days later) can
> often mean the difference between reporting a bug and not. This
> list should provide an alternative to that process, and at the
> same time, should allow the rest of the Windows NT community the
> opportunity both to take up the issue with their own Microsoft
> representatives, and protect themselves from the possible
> exploits which a SEB might expose them to.
>
> The objective is to get SEB resolution done faster, better, and
> with less risk to the Windows NT customer than currently exists.
>
> To subscribe to this Listserv, send a message to
> Listserv@rc.on.ca with
>
> SUB NTBUGTRAQ Your Name
> SUB NTBUGTRAQ Russ Cooper (for example)
>
> Cheers,
> Russ
R.C. Consulting, Inc. - NT/Internet Security Consulting
