Announcing the NTBugTraq mailing list

[Russ.Cooper () RC ON CA (Russ)]

> Windows NT BugTraq Mailing List
>
> In the tradition of Aleph One's BugTraq mailing list, this list
> has been created to invite the free and open discussion of
> Windows NT Security Exploits/Bugs or *SEBs* as I call them. This
> list is not intended to be a forum to discuss "how to" issues, but
> instead should be used to report reproducible SEBs which you have
> personally encountered with Windows NT or its related BackOffice
> products.
>
> Q:What is a SEB?
> A:Anything that can be done to a Windows NT installation via a
>   remote connection (network or RAS) or through the local
>   installation of commercial software which causes Windows NT to
>   react in anything but an expected fashion. So telnet to TCP port
>   135 and typing 15 characters thereby causing the Windows NT CPU
>   to go to 100% utilization would be an acceptable topic. Sitting
>   at a console logged in as Administrator and removing the
>   Administrator's file permissions on the %systemroot%\system32
>   would not be considered an acceptable topic.
>
> Do's:
> - Discuss SEB resolution or workaround.
> - Discuss SEBs in third-party Windows NT products, providing that
>   the product is designed for BackOffice.
> - Discuss Macintosh, Netware, or Samba/Unix-related SEBs assuming
>   that the SEB is related to Windows NT involvement.
>
> Don'ts:
> - Discuss Windows '95, unless, and only if, the Windows NT SEB
>   can only be reproduced with a Windows '95 client.
> - Discuss Windows for Workgroups or Windows 3.x, for any reason.
> - Discuss products to enhance security, unless they have been
>   proven to resolve an outstanding SEB.
> - Discuss Unix SEBs, these should be addressed to
>   BUGTRAQ () NETSPACE ORG (subscribe through LISTSERV () NETSPACE ORG)
> - Discuss general Windows NT Security, how to, what to, why to,
>   type questions. The NTSecurity () ISS net list (subscribe through
>   MAJORDOMO () ISS NET) would be a better forum to discuss these
>   issues.
>
> Vendor involvement in the list is not discouraged, but I would
> ask that you not use this forum as a method of advertising the
> value of your products. If a SEB shows a weakness in Windows NT
> design, and your product can resolve that weakness, a short note
> indicating TECHNICALLY how your product addresses the issue would
> be consider appropriate. If you don't address the issue in a
> technical fashion your subscription will be revoked.
>
> Now after reading all of this you'll probably wonder why I'm
> being so restrictive. For one, I want to keep the volume low, as
> low as possible. I want to keep the content as pertinent as I
> possibly can so that the list becomes a useful tool for everyone
> using Windows NT. If the list can remain on topic, people will
> post SEBs here first, and we will all have an opportunity to
> address the issues in a way best suited to our environments.
>
> I would also make a couple of recommendations to you prior to you
> posting a security exploit/bug.
>
> 1. Don't post SEBs unless you have been able to reproduce it. If
>    the subscriber base grows as I expect it will, posting such
>    messages may cause many people to waste valuable time trying
>    to reproduce something which is not there.
>
> 2. When posting a SEB, make sure you include enough relevant
>    information about your configuration to make it possible to
>    reproduce your scenario. Versions of the relevant software,
>    service pack levels of your system, platform, and any
>    configuration information which might affect the issue. By
>    doing this you will prevent a lot of messages asking you the
>    basic questions and make resolution or workaround that much
>    quicker.
>
> 3. When posting a resolution or workaround, if you have received
>    a Microsoft Knowledgebase Article number (a Q#####), please
>    post it with your message so everyone can read it if they want.
>
> 4. Remember your Non-Disclosure Agreements. Issues pertaining to
>    products covered under NDA should not be discussed here, use
>    the appropriate Microsoft Newsgroup for these issues.
>    Typically, once a product has been released to public beta
>    testing your NDA changes to one limiting you from discussing
>    performance characteristics of the product. Please check with
>    your Microsoft representative or Beta Administration if you
>    are at all unsure of your NDA status prior to posting.
>
> This list operates on a confirmation basis. Your subscription,
> and every message you post to this list will generate a
> confirmation message from LISTSERV () RC ON CA. This is there for
> your protection to ensure that subscription requests really are
> from the actual individual email address. It is also there to let
> you think about your message prior to it being posted. This is
> not a configurable option.
>
> I hope that the list proves useful to you and your organization.
 With the REview option turned off, I hope that it will attract
> individuals in organizations who have the ability to address the
> issues which get raised on this list. I know from personal
> experience that having to pay Microsoft US$195 in order to report
> a bug (despite the fact you get a refund 3 or 4 days later) can
> often mean the difference between reporting a bug and not. This
> list should provide an alternative to that process, and at the
> same time, should allow the rest of the Windows NT community the
> opportunity both to take up the issue with their own Microsoft
> representatives, and protect themselves from the possible
> exploits which a SEB might expose them to.
>
> The objective is to get SEB resolution done faster, better, and
> with less risk to the Windows NT customer than currently exists.
>
> To subscribe to this Listserv, send a message to
> Listserv () rc on ca with
>
> SUB NTBUGTRAQ Your Name
> SUB NTBUGTRAQ Russ Cooper (for example)
>
> Cheers,
> Russ
 R.C. Consulting, Inc. - NT/Internet Security Consulting