Re: SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120)

[Melissa Guenther <mguenther () COX NET>]

Thanks to everyone that responded for the virtual education .    It is so
true - we never stop learning!

Melissa
----- Original Message -----
From: "Bill Hilger" <whilger () andromeda rutgers edu>
To: "'The EDUCAUSE Security Discussion Group Listserv'"
<SECURITY () LISTSERV EDUCAUSE EDU>
Cc: "'Melissa Guenther'" <mguenther () COX NET>
Sent: Monday, June 14, 2004 6:24 AM
Subject: RE: SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120)


Melissa,

I already do subscribe using the digest format.
(I left it attached to the bottom of this return mail, so you can see what
it looks like here. )

There are (at least) two ways to do this:

1:  Go to the Educause website and go to the list management / security list
management page:
http://listserv.educause.edu/cgi-bin/wa.exe?SUBED1=security&A=1

2: If you want to do it "oldschool" - and manually set all your options,
send an email to:
  listserv () listserv educause edu   Make sure that EVERYTHING is blank - no
subject, no signature -
only put the words:  " info reflist "       [no quotes]
in the body of the message.   You will get a return email with all of the
valid commands for this listserv machine.   You can then
send similar emails with commands from the reference card.
( again, no subject, no signature, - just the command in thre message body).

Have a great day!
___________________________________________
William Hilger,
Unit Computing Specialist,
Rutgers University Law Library, Newark
(973) 353-1290 / (973) 353-3156
whilger () rutgers edu



> -----Original Message-----
> From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On
> Behalf Of Automatic digest processor
> Sent: Monday, June 14, 2004 12:00 AM
> To: Recipients of SECURITY digests
> Subject: SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120)
>
> There are 2 messages totalling 118 lines in this issue.
>
> Topics of the day:
>
>  1. Message Delivery Options
>  2. Correction: XP SP2 ports open to local subnet
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
> found at http://www.educause.edu/cg/.
>
> ----------------------------------------------------------------------
>
> Date:    Sun, 13 Jun 2004 15:50:33 -0700
> From:    Melissa Guenther <mguenther () COX NET>
> Subject: Message Delivery Options
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0004_01C4515E.296D6F70
> Content-Type: text/plain;
>        charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> I have recently been added to a listserve and have an option to control =
> multiple messages from the group on a daily basis.  Summarized:
>
> Message Delivery options -- some ideas: =20
>
>  a.. the usual way people get messages is by "Individual emails" -- one =
> E-mail comes to your address for each message posted to this group.=20
>   =20
>  b.. if you'd rather receive only one E-mail per day, then select =
> "Daily Digest".=20
>   =20
>  c.. if you'd rather read the messages on the Web, we recommend =
> selecting "Only special announcements"=20
>
> Does EDCAUSE offer this as an option also?
>
> Thanks=20
> Melissa
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
> found at http://www.educause.edu/cg/.
> ------=_NextPart_000_0004_01C4515E.296D6F70
> Content-Type: text/html;
>        charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=3DContent-Type content=3D"text/html; =
> charset=3Diso-8859-1">
> <META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=3D#ffffff><FONT face=3DArial size=3D2>
> <P>I have recently been added to a listserve and have an option to =
> control=20
> multiple messages from the group on a daily basis.&nbsp; Summarized:</P>
> <P>Message Delivery options -- some ideas:&nbsp; </P>
> <UL>
>  <LI>the usual way people get messages is by "Individual emails" -- one =
> E-mail=20
>  comes to your address for each message posted to this group. =
> <BR>&nbsp;=20
>  <LI>if you'd rather receive only one E-mail per day, then select =
> "Daily=20
>  Digest". <BR>&nbsp;=20
>  <LI>if you'd rather read the messages on the Web, we recommend =
> selecting "Only=20
>  special announcements" <BR></LI></UL>
> <DIV>Does EDCAUSE offer this as an option also?</DIV>
> <DIV>&nbsp;</DIV>
> <DIV>Thanks </DIV>
> <DIV>Melissa</DIV></FONT></BODY></HTML>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
> found at http://www.educause.edu/cg/.
>
> ------=_NextPart_000_0004_01C4515E.296D6F70--
>
> ------------------------------
>
> Date:    Sun, 13 Jun 2004 22:01:50 -0400
> From:    Jeff Bollinger <jeff01 () EMAIL UNC EDU>
> Subject: Re: Correction: XP SP2 ports open to local subnet
>
> On Fri, 11 Jun 2004, John Kristoff wrote:
>
> > If a XP SP2 host becomes compromised, will the default firewall config
> > also block packets on egress from the compromised host to hosts not on
> > the local subnet or are the filters only applied on ingress to itself?
> >
> > John
>
> No.  The XP SP2 Firewall is stateful, so as long as the connection (SYN or
> otherwise) originates from the compromised host, the connection should
> remain open.  From
> http://www.microsoft.com/technet/community/columns/cableguy/cg0104.mspx
>
> "Windows XP Service Pack 2 (SP2) includes the new Windows Firewall,
> previously known as the Internet Connection Firewall (ICF). Windows
> Firewall is a stateful firewall that drops all unsolicited incoming
> traffic that does not correspond to either traffic sent in response to a
> request of the computer (solicited traffic) or unsolicited traffic that
> has been specified as allowed (excepted traffic). Windows Firewall
> provides a level of protection from malicious users and programs that rely
> on unsolicited incoming traffic to attack computers."
>
> It doesn't really mention anything subnet specific, but for proper
> functionality for most programs that the user intends to run, it would
> likely allow all outbound connections.
>
> Jeff
> --
> Jeff Bollinger, CISSP
> University of North Carolina
> IT Security Analyst
> 105 Abernethy Hall
> mailto: jeff@unc dot edu
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
> found at http://www.educause.edu/cg/.
>
> ------------------------------
>
> End of SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120)
> ***************************************************************

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.