Bugtraq mailing list archives
Announcing the NTBugTraq mailing list
From: Russ.Cooper () RC ON CA (Russ)
Date: Sat, 1 Feb 1997 02:34:22 -0500
Windows NT BugTraq Mailing List In the tradition of Aleph One's BugTraq mailing list, this list has been created to invite the free and open discussion of Windows NT Security Exploits/Bugs or *SEBs* as I call them. This list is not intended to be a forum to discuss "how to" issues, but instead should be used to report reproducible SEBs which you have personally encountered with Windows NT or its related BackOffice products. Q:What is a SEB? A:Anything that can be done to a Windows NT installation via a remote connection (network or RAS) or through the local installation of commercial software which causes Windows NT to react in anything but an expected fashion. So telnet to TCP port 135 and typing 15 characters thereby causing the Windows NT CPU to go to 100% utilization would be an acceptable topic. Sitting at a console logged in as Administrator and removing the Administrator's file permissions on the %systemroot%\system32 would not be considered an acceptable topic. Do's: - Discuss SEB resolution or workaround. - Discuss SEBs in third-party Windows NT products, providing that the product is designed for BackOffice. - Discuss Macintosh, Netware, or Samba/Unix-related SEBs assuming that the SEB is related to Windows NT involvement. Don'ts: - Discuss Windows '95, unless, and only if, the Windows NT SEB can only be reproduced with a Windows '95 client. - Discuss Windows for Workgroups or Windows 3.x, for any reason. - Discuss products to enhance security, unless they have been proven to resolve an outstanding SEB. - Discuss Unix SEBs, these should be addressed to BUGTRAQ () NETSPACE ORG (subscribe through LISTSERV () NETSPACE ORG) - Discuss general Windows NT Security, how to, what to, why to, type questions. The NTSecurity () ISS net list (subscribe through MAJORDOMO () ISS NET) would be a better forum to discuss these issues. Vendor involvement in the list is not discouraged, but I would ask that you not use this forum as a method of advertising the value of your products. If a SEB shows a weakness in Windows NT design, and your product can resolve that weakness, a short note indicating TECHNICALLY how your product addresses the issue would be consider appropriate. If you don't address the issue in a technical fashion your subscription will be revoked. Now after reading all of this you'll probably wonder why I'm being so restrictive. For one, I want to keep the volume low, as low as possible. I want to keep the content as pertinent as I possibly can so that the list becomes a useful tool for everyone using Windows NT. If the list can remain on topic, people will post SEBs here first, and we will all have an opportunity to address the issues in a way best suited to our environments. I would also make a couple of recommendations to you prior to you posting a security exploit/bug. 1. Don't post SEBs unless you have been able to reproduce it. If the subscriber base grows as I expect it will, posting such messages may cause many people to waste valuable time trying to reproduce something which is not there. 2. When posting a SEB, make sure you include enough relevant information about your configuration to make it possible to reproduce your scenario. Versions of the relevant software, service pack levels of your system, platform, and any configuration information which might affect the issue. By doing this you will prevent a lot of messages asking you the basic questions and make resolution or workaround that much quicker. 3. When posting a resolution or workaround, if you have received a Microsoft Knowledgebase Article number (a Q#####), please post it with your message so everyone can read it if they want. 4. Remember your Non-Disclosure Agreements. Issues pertaining to products covered under NDA should not be discussed here, use the appropriate Microsoft Newsgroup for these issues. Typically, once a product has been released to public beta testing your NDA changes to one limiting you from discussing performance characteristics of the product. Please check with your Microsoft representative or Beta Administration if you are at all unsure of your NDA status prior to posting. This list operates on a confirmation basis. Your subscription, and every message you post to this list will generate a confirmation message from LISTSERV () RC ON CA. This is there for your protection to ensure that subscription requests really are from the actual individual email address. It is also there to let you think about your message prior to it being posted. This is not a configurable option. I hope that the list proves useful to you and your organization.
With the REview option turned off, I hope that it will attract
individuals in organizations who have the ability to address the issues which get raised on this list. I know from personal experience that having to pay Microsoft US$195 in order to report a bug (despite the fact you get a refund 3 or 4 days later) can often mean the difference between reporting a bug and not. This list should provide an alternative to that process, and at the same time, should allow the rest of the Windows NT community the opportunity both to take up the issue with their own Microsoft representatives, and protect themselves from the possible exploits which a SEB might expose them to. The objective is to get SEB resolution done faster, better, and with less risk to the Windows NT customer than currently exists. To subscribe to this Listserv, send a message to Listserv () rc on ca with SUB NTBUGTRAQ Your Name SUB NTBUGTRAQ Russ Cooper (for example) Cheers, Russ
R.C. Consulting, Inc. - NT/Internet Security Consulting
Current thread:
- Announcing the NTBugTraq mailing list Russ (Jan 31)