Educause Security Discussion mailing list archives
Re: SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120)
From: Melissa Guenther <mguenther () COX NET>
Date: Mon, 14 Jun 2004 06:39:13 -0700
Thanks to everyone that responded for the virtual education . It is so true - we never stop learning! Melissa ----- Original Message ----- From: "Bill Hilger" <whilger () andromeda rutgers edu> To: "'The EDUCAUSE Security Discussion Group Listserv'" <SECURITY () LISTSERV EDUCAUSE EDU> Cc: "'Melissa Guenther'" <mguenther () COX NET> Sent: Monday, June 14, 2004 6:24 AM Subject: RE: SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120) Melissa, I already do subscribe using the digest format. (I left it attached to the bottom of this return mail, so you can see what it looks like here. ) There are (at least) two ways to do this: 1: Go to the Educause website and go to the list management / security list management page: http://listserv.educause.edu/cgi-bin/wa.exe?SUBED1=security&A=1 2: If you want to do it "oldschool" - and manually set all your options, send an email to: listserv () listserv educause edu Make sure that EVERYTHING is blank - no subject, no signature - only put the words: " info reflist " [no quotes] in the body of the message. You will get a return email with all of the valid commands for this listserv machine. You can then send similar emails with commands from the reference card. ( again, no subject, no signature, - just the command in thre message body). Have a great day! ___________________________________________ William Hilger, Unit Computing Specialist, Rutgers University Law Library, Newark (973) 353-1290 / (973) 353-3156 whilger () rutgers edu
-----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On
Behalf Of Automatic digest processor Sent: Monday, June 14, 2004 12:00 AM To: Recipients of SECURITY digests Subject: SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120) There are 2 messages totalling 118 lines in this issue. Topics of the day: 1. Message Delivery Options 2. Correction: XP SP2 ports open to local subnet ********** Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
found at http://www.educause.edu/cg/. ---------------------------------------------------------------------- Date: Sun, 13 Jun 2004 15:50:33 -0700 From: Melissa Guenther <mguenther () COX NET> Subject: Message Delivery Options This is a multi-part message in MIME format. ------=_NextPart_000_0004_01C4515E.296D6F70 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I have recently been added to a listserve and have an option to control = multiple messages from the group on a daily basis. Summarized: Message Delivery options -- some ideas: =20 a.. the usual way people get messages is by "Individual emails" -- one = E-mail comes to your address for each message posted to this group.=20 =20 b.. if you'd rather receive only one E-mail per day, then select = "Daily Digest".=20 =20 c.. if you'd rather read the messages on the Web, we recommend = selecting "Only special announcements"=20 Does EDCAUSE offer this as an option also? Thanks=20 Melissa ********** Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
found at http://www.educause.edu/cg/. ------=_NextPart_000_0004_01C4515E.296D6F70 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff><FONT face=3DArial size=3D2> <P>I have recently been added to a listserve and have an option to = control=20 multiple messages from the group on a daily basis. Summarized:</P> <P>Message Delivery options -- some ideas: </P> <UL> <LI>the usual way people get messages is by "Individual emails" -- one = E-mail=20 comes to your address for each message posted to this group. = <BR> =20 <LI>if you'd rather receive only one E-mail per day, then select = "Daily=20 Digest". <BR> =20 <LI>if you'd rather read the messages on the Web, we recommend = selecting "Only=20 special announcements" <BR></LI></UL> <DIV>Does EDCAUSE offer this as an option also?</DIV> <DIV> </DIV> <DIV>Thanks </DIV> <DIV>Melissa</DIV></FONT></BODY></HTML> ********** Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
found at http://www.educause.edu/cg/. ------=_NextPart_000_0004_01C4515E.296D6F70-- ------------------------------ Date: Sun, 13 Jun 2004 22:01:50 -0400 From: Jeff Bollinger <jeff01 () EMAIL UNC EDU> Subject: Re: Correction: XP SP2 ports open to local subnet On Fri, 11 Jun 2004, John Kristoff wrote:If a XP SP2 host becomes compromised, will the default firewall config also block packets on egress from the compromised host to hosts not on the local subnet or are the filters only applied on ingress to itself? JohnNo. The XP SP2 Firewall is stateful, so as long as the connection (SYN or otherwise) originates from the compromised host, the connection should remain open. From http://www.microsoft.com/technet/community/columns/cableguy/cg0104.mspx "Windows XP Service Pack 2 (SP2) includes the new Windows Firewall, previously known as the Internet Connection Firewall (ICF). Windows Firewall is a stateful firewall that drops all unsolicited incoming traffic that does not correspond to either traffic sent in response to a request of the computer (solicited traffic) or unsolicited traffic that has been specified as allowed (excepted traffic). Windows Firewall provides a level of protection from malicious users and programs that rely on unsolicited incoming traffic to attack computers." It doesn't really mention anything subnet specific, but for proper functionality for most programs that the user intends to run, it would likely allow all outbound connections. Jeff -- Jeff Bollinger, CISSP University of North Carolina IT Security Analyst 105 Abernethy Hall mailto: jeff@unc dot edu ********** Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be
found at http://www.educause.edu/cg/. ------------------------------ End of SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120) ***************************************************************
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: SECURITY Digest - 11 Jun 2004 to 13 Jun 2004 (#2004-120) Melissa Guenther (Jun 14)