Nmap Development mailing list archives

Introducing the new SecLists.Org

From: Fyodor <fyodor () insecure org>
Date: Tue, 13 Oct 2009 13:58:09 -0700

Hi Folks.  David and I spent the last few weeks on a complete overhaul
of SecLists.Org.  It is the official archive of the Nmap project lists
and also archives the most valuable external security lists.  The
results are now live at http://seclists.org, and we hope you find the
new site useful!  Here are the most important changes:

o Each list has its own page providing easy access to the archives.
  It includes a historical postings calendar, the latest posts, RSS
  feeds, a list description, searching capability, and more.  For an
  example, see http://seclists.org/nmap-dev/.  Previously you only got
  an Apache directory listing there.

o Better RSS feeds: The feeds at http://seclists.org/rss/ used to
  simply excerpt the beginning of each message.  For a large fraction
  of messages, this only showed some quoted text and not the unique
  content. The system is now much smarter about finding the useful
  content, and even when it fails you can follow the link to the full
  archived message.  The excerpts are now 50% longer and embedded URLs
  are clickable.

o You can now browse the latest posts from the http://seclists.org
  home page itself.  Each list has a "show latest posts" link below it
  which expands to show the latest 15 posts (with message excerpts)
  inline.

o We have switched the base web archiving program from Hypermail to
  MHonArc, which produces nicer output.  We then made significant code
  improvements to add new features and to maintain compatibility with
  the old Hypermail URLs.  We were even able to resurrect some
  messages which were never previously archived because of blank or
  absent Message-IDs.

o URLs are now shorter and more friendly to paste into Twitter or
  email.  We kept the important components (date period, mailing list
  name, etc.) but removed cruft like the .html extension and the zero
  padding in message numbers. Old links still work--they just redirect
  to the new shorter URLs.  For example, Moxie's null-prefix SSL
  certificate for spoofing Paypal.com has moved from
  http://seclists.org/fulldisclosure/2009/Oct/0087.html to
  http://seclists.org/fulldisclosure/2009/Oct/87.

o Cross-period navigation.  Suppose that for nostalgic reasons you're
  reading the November 1993 Bugtraq archives at
  http://seclists.org/bugtraq/1993/Nov/. After reading all of those,
  you can now click "next period" at the top of the index page to view
  December.  This sounds like an obvious feature to have, but
  previously the easiest way to do this was manually editing the URL
  bar :).

o Thread slices: at the bottom of each message page, under "current
  thread", there is a "slice" of the current thread showing up to five
  preceding and following messages in context for easier navigation.
  This makes it easier to track where you are in a discussion.  See
  the bottom of http://seclists.org/fulldisclosure/2009/Sep/107 for an
  example.

o Each active list has a special icon for easier identification.  See
  them all at http://seclists.org/.  My initial icon for Full
  Disclosure involved poo-flinging monkeys
  (http://seclists.org/images/fulldisclosure-monkeys.png), but I
  eventually decided on a more professional one.

o The heart of any mailing lists archive is the set of lists it
  carries. We've expanded SecLists.Org to include 8 new lists:
  o Funsec, for light hearted community discussion
  o NANOG, the North American Network Operators' Group
  o Interesting People (IP), a list by David Farber which often covers
    security-relevant Internet governance and technological
    developments.
  o OSS-Security, an list started by Solar Designer for coordinating
    open source security vulnerability information.
  o Developer lists for the Metasploit Framework, Snort IDS,
    TCPDump/Libpcap, and the Wireshark sniffer.
  If we missed any of your favorite security lists, please let me
  know!

I hope you enjoy the new system!  I want SecLists.Org to be the best
security mailing list archive on the Internet, so please send me your
questions, comments, and suggestions.  An additional goal is to include
the full history of all lists that we archive.  So let me know if you
have mbox files for any of the lists which go back further than
SecLists.Org does.

Cheers,
Fyodor

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Introducing the new SecLists.Org Fyodor (Oct 13)
- Re: Introducing the new SecLists.Org Michael Pattrick (Oct 13)
  - Re: Introducing the new SecLists.Org David Fifield (Oct 13)
- Re: Introducing the new SecLists.Org Kris Katterjohn (Oct 13)
  - Re: Introducing the new SecLists.Org Fyodor (Oct 13)
- Re: Introducing the new SecLists.Org Tom Sellers (Oct 14)
  - Re: Introducing the new SecLists.Org David Fifield (Oct 15)