Security Basics mailing list archives
RE: Moderator Policy re: Out-of-office responses
From: LordInfidel () directionweb com
Date: Wed, 24 Mar 2004 10:39:59 -0500
I just wanted to throw my 2-cents in on out of office replies, since this is a security basics list. Assuming your on this list because you either A) Want to learn about security B) Work in security or IT related admin role If your in the B category, then Turning on your out-of-office reply is actually a bad thing. Why? (besides the whole spam the world thing) Once you turn it on, you are essentially alerting anyone who sends e-mail to you that you are not there. And since the typical out-of-office reply gives juicy info like where you are, who to contact, and when you will be back. This gives the malicious attacker a great deal of knowledge that they previously would not of have had. Plus they will know that the person responsible for the network is not there to look at "unusual activity". Giving them free reign to attack your systems without you monitoring logs/e-mail. This is one of the cases where security thru obscurity is actually a good thing. Never give your opponent information freely, Make them work for it. JMO LordInfidel -----Original Message----- From: Kelly Martin [mailto:kel () securityfocus com] Sent: Tuesday, March 23, 2004 1:15 PM To: security-basics () securityfocus com Subject: Moderator Policy re: Out-of-office responses Well, it's that time of the year again when people are starting to go on vacation. Good for you! However, you don't need to tell me, and everyone else on this list, about it. This is a gentle reminder to PLEASE remove yourself from Security-Basics when you go on vacation, or else set your automatic "out of office" reply *properly*, so it does not respond to every post on the list. Today I received a dozen out-of-office replies to my latest SecurityFocus article announcement. Everyone who posts messages receives these OoOR's as well. As there are about 13,000 people on this list, it is certainly a form of spam to send your vacation message to everyone who posts here. Therefore, if I receive an out-of-office response from you, you will be removed from the list without warning. Deleted. Zapped. #mv user>null Kind Regards, Moderator. --8<--cut here---8<--- Kelly Martin kel () securityfocus com http://www.SecurityFocus.com SecurityFocus Infocus - content editor ph+001 (403) 261-5468 --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Moderator Policy re: Out-of-office responses Kelly Martin (Mar 23)
- <Possible follow-ups>
- RE: Moderator Policy re: Out-of-office responses LordInfidel (Mar 24)
- RE: Moderator Policy re: Out-of-office responses Shawn Jackson (Mar 25)