Home > Articles > Security > General Security and Privacy

📄 Contents

  1. 1 Countermeasures
  2. 2 Keeping Current
  • Print
  • + Share This
This chapter is from the book

22.2 Keeping Current

Security tools and vulnerabilities change every day. Each day new exploits are published and new tools and scripts posted or updated. Since the field changes so quickly, you need to develop ways to keep current. Here we describe some of the methods we use. We monitor key Web sites that provide security and vulnerability information, subscribe to security-related mailing lists, and read trade magazines and white papers. These sources provide information on new developments and exploits. By constantly monitoring these sources of information, we can incorporate new findings into our testing procedures. Organizations can use the information to safeguard their systems against the latest vulnerabilities, obtain new testing tools, and develop new procedures for security testing. Below we list some of the sites and mailing lists we have found useful.

22.2.1 Web Sites

One of the keys to keeping current is to find the sites and lists where the best players in the industry discuss and publish the latest tools and techniques. There are many security sites on the Internet. Listed below are some of the sites we have found helpful.

22.2.2 Mailing Lists

In addition to Web sites, mailing lists can provide useful information. Many of these lists provide insight into the latest trends and developments in the security arena. There are many excellent mailing lists available today. Below we highlight some of the lists we have found helpful.

8lgm (Eight Little Green Men)—majordomo@8lgm.org

This list contains information on UNIX exploits.

To join, send an e-mail to majordomo@8lgm.org, and in the text of your message (not the subject line) write:

subscribe 8lgm-list
Academic Firewalls—majordomo@net.tamu.edu

Texas A&M maintains this list for discussing firewalls and other security tools in the academic environment. Sometimes hackers are more open with their exploit information in an academic setting than a commercial one. This lists complements the commercial Firewalls list (see below).

To join, send an e-mail to majordomo@net.tamu.edu, and in the text of your message (not the subject line) write:

SUBSCRIBE Academic-Firewalls
Alert—request-alert@iss.net

ISS moderates this list for the discussion of security products, vulnerabilities, and IDSs.

To join, send an e-mail to request-alert@iss.net, and in the text of your message (not the subject line) write:

subscribe alert
Best of Security—best-of-security-request@suburbia.net

Best of Security is a collection site intended to gather the best security information from other sites. Users of the list are instructed to send to the list the best information they come across from other sites (if the information has not already been sent).

To join, send an e-mail to best-of-security-request@suburbia.net with the following text in the body of the message:

subscribe best-of-security
Bugtraq—listserv@netspace.org

This is the mailing list that compliments the famous Bugtraq Web site. The list is primarily intended as a detailed discussion of UNIX security vulnerabilities. In addition, the list also provides information concerning security advisories, patches, and general UNIX security information.

To join, send an e-mail to listserv@netspace.org, and in the text of your message (not the subject line) write:

SUBSCRIBE BUGTRAQ
Computer Emergency Response Team—cert@cert.org

CERT provides security-related advisories. The CERT mailing list provides the latest CERT advisories in e-mail format.

To join, send an e-mail to cert@cert.org, and in the text of your message (not the subject line) write:

I want to be on your mailing list.
Computer Incident Advisory Capability—ciac-listproc@llnl.gov

The Computer Incident Advisory Capability (CIAC) of the Department of Energy provides information on security awareness, training, and education. It also provides data on security trends and vulnerabilities. CIAC has several mailing lists, including the following:

  • CIAC-BULLETIN, which provides advisory information and time-critical security information

  • CIAC-NOTES for Notes, which provides information about computer security articles

To join, send an e-mail to ciac-listproc@llnl.gov, and in the text of your message (not the subject line) write either of the following, depending on which list you want to join:

subscribe ciac-bulletin last_name, first_name phone_number
subscribe ciac-notes last_name, first_name phone_number

You should receive an acknowledgment containing an address, initial PIN, and information on how to change either of them, cancel your subscription, or get help.

Computer Underground Digest—cu-digest-request@weber.ucsd.edu

Computer Underground Digest is a list intended to discuss issues in the hacker community. It can give you insight into what is going on in the hacker community to help you understand new developments and threats.

To join, send an e-mail to cu-digest-request@weber.ucsd.edu, and in the text of your message (not the subject line) write:

SUB CUDIGEST
Cypherpunks—majordomo@toad.com

This list discusses privacy issues on the Internet. This list normally has a lot of activity.

To join, send an e-mail to majordomo@toad.com, and in the text of your message (not the subject line) write:

SUBSCRIBE cypherpunks
Firewalls—majordomo@greatcircle.com

As the name suggests, this is a list for firewall issues and discussions. It is similar to the Academic Firewalls list except this list is intended for the commercial industry.

To join, send an e-mail to majordomo@greatcircle.com, and in the text of your message (not the subject line) write:

SUBSCRIBE firewalls
Information Systems Security Forum—listserv@etsuadmn.etsu.edu

Information Systems Security Forum (INFSEC-L) is a forum for information systems security professionals to discuss security-related issues. The list is unmoderated so e-mail immediately goes to the entire list. The list owner reviews all initial list requests in an effort to ensure only security professionals subscribe.

To join, send an e-mail to listserv@etsuadmn.etsu.edu, and in the text of your message (not the subject line) write:

SUB infsec-l your_name
Intrusion Detection Systems—majordomo@uow.edu.au

This list primarily discusses IDS-related issues. The list deals with information on IDSs, methods, tools, and advisories.

To join, send an e-mail to majordomo@uow.edu.au with the following text in the body of the message:

subscribe ids
Microsoft Security—microsoft_security-subscribe-request@announce.microsoft.com

This list provides information on the latest security news from Microsoft.

To subscribe, send an e-mail to microsoft_security-subscribe-request@announce.microsoft.com.

NT Bugtraq—listserv@listserv.ntbugtraq.com

This list is similar to the Bugtraq mailing list above except it is primarily intended as a detailed discussion of NT security vulnerabilities. In addition, the list also provides information concerning security advisories, patches, and general NT security information.

To join, send an e-mail to listserv@listserv.ntbugtraq.com, and in the text of your message (not the subject line) write:

SUBSCRIBE NTBUGTRAQ first_name last_name
NT Security—request-ntsecurity@iss.net

This list maintained by ISS is intended for discussing Windows-related security issues. The list is unmoderated so e-mail immediately goes to all subscribers.

To join, send an e-mail to request-ntsecurity@iss.net, and in the text of your message (not the subject line) write:

subscribe ntsecurity your_e-mail_address
Phrack—phrack@well.com

This list is associated with Phrack magazine, which is a magazine that discusses hacker and underground news and events. The list discusses issues similar to those found in the magazine.

To join, send an e-mail to phrack@well.com, and in the text of your message (not the subject line) write:

SUBSCRIBE Phrack
Privacy Forum—privacy-request@vortex.com

Privacy Forum discusses both technical and nontechnical privacy issues.

To join, send an e-mail to privacy-request@vortex.com, and in the text of your message (not the subject line) write:

information privacy
Risks—risks-request@csl.sri.com

This list discusses technology-related risks associated with computing environments.

To join, send an e-mail to risks-request@csl.sri.com, and in the text of your message (not the subject line) write:

SUBSCRIBE
SANS Institute—digest@sans.org

The SANS Institute provides several mailing lists. The first is the Network Security Digest that discusses security-related information. NewsBites provides information about the latest new stories in the information security community. Finally, NT Digest is intended to discuss Windows NT–related information.

To join, send an e-mail to digest@sans.org and in the subject line add:

subscribe Network Security Digest or
NewsBites subscription or
NT Digest
Sneakers—majordomo@cs.yale.edu

The Sneakers list is intended as a forum for discussing penetration testing and evaluations of firewalls and other security products. All discussions are intended to be about legal testing performed by security professionals.

To join, send an e-mail to majordomo@cs.yale.edu, and in the text of your message (not the subject line) write:

SUBSCRIBE Sneakers
Virus—listserv@lehigh.edu

The Virus list discusses issues related to virus events, prevention, and questions and answers.

To join, send an e-mail to listserv@lehigh.edu, and in the text of your message (not the subject line) write:

SUBSCRIBE virus-l your_name
Virus Alert—listserv@lehigh.edu

The Virus Alert list is intended to provide virus warnings and alerts.

To join, send an e-mail to listserv@lehigh.edu, and in the text of your message (not the subject line) write:

SUBSCRIBE valert-l your_name
WWW Security—www-security-request@nsmx.rutgers.edu

WWW-Security is the official list of the Internet Engineering Task Force (IETF) Web Transaction Security Working Group. The list discusses development of Internet security standards and information related to securing Web services.

To join, send an e-mail to www-security-request@nsmx.rutgers.edu, and in the text of your message (not the subject line) write:

SUBSCRIBE www-security your_e-mail_address
  • + Share This
  • 🔖 Save To Your Account