Xref: utzoo comp.protocols.tcp-ip:5411 comp.unix.questions:10272 comp.unix.wizards:12576 news.admin:4020 news.sysadmin:1566 news.groups:6253 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!gatech!galbp!wittsend.LBP.HARRIS.COM!mhw From: mhw@wittsend.LBP.HARRIS.COM (Michael H. Warfield (Mike)) Newsgroups: comp.protocols.tcp-ip,comp.unix.questions,comp.unix.wizards,news.admin,news.sysadmin,news.groups Subject: Re: comp.security - LET'S DO IT! CALL FOR VOTES Message-ID: <6520@galbp.LBP.HARRIS.COM> Date: 18 Nov 88 15:52:42 GMT References: <6514@galbp.LBP.HARRIS.COM> <5493@saturn.ucsc.edu> <32417@bbn.COM> Sender: news@galbp.LBP.HARRIS.COM Reply-To: mhw@wittsend.UUCP (Michael H. Warfield (Mike)) Followup-To: news.groups Distribution: na Organization: Harris/Lanier Network Knitting Circle Lines: 90 In article <32417@bbn.COM> cosell@BBN.COM (Bernie Cosell) writes: >Just so -- the call for comp.security is pretty much misguided. The problem >with misc.security is that the moderator moved machines and, apparently, has >not yet been able to reestablish connection to the news world, and so the >list has been moderator-blocked for something like eight months now. Well maybe slightly misguided? I may have jumped the gun a bit on calling for votes but apparently the "misc.security" group is not well known. Judging from the response I have gotten in over less than two days, there is considerable support for an unmoderated group devoted to "computer" security. The charter on misc.security (yes, NOW I'm finally doing my homework!) states that it is "security in general, not just computers". There is also the question of whether the moderator wants to deal with all this goo we have oozing through about a dozen other groups. The seems to be a demand for a place to go and bullsh*t about security (along the lines of who's likely to take out a contract on rtm) as well as a quiet place for serious discussions on real security issues (although these should probably be in the mailing lists when they real get going!). Lets face it folks. Not having a group does not mean the discussions and the bullsh*t won't take place. It just means it will probably take place in a group you're not reading or be in an article you skip because your interested in the other topics in the group (Subject lines arn't all that clear and I don't read everything). Arguements along the lines "well we really shouldn't be discussing this in the open" are (VOID)&NULL . The discussions are taking place RIGHT NOW and in most cases out of your sight! There is no way to stop them (even if all of us wanted to) or even control it. There are books in the bookstores RIGHT NOW with serious security issues covered. These are far more accessible to Joe Blow Hacker than our discussion groups! >Instead of rushing off to start a new newsgroup, why don't we just unmoderate >misc.security and see how it works moving all of the security stuff OUT of >the random newsgroups for a while. I agree completely. We need something rolling as quickly as possible. It seems like the most lasting damage rtm may have done is raising the noise levels in a dozen or so groups to astronomical levels (there are better ways to do this as a few past individuals have show us, but....). One way or another, let's get it all in one spot. Unmoderating misc.security may well be the answer, whose cage do we rattle? I'm out on UUCP so I've not had to deal with "the WORM" but I have had to deal with a few practical jokers getting into "galbp" (much worse for me, these clowns kept coming back for more). I have had to find out about a lot of this nonsense the hard way following serious security breaches. I have not lost a day and a half dealing with a slow down in my system, I have lost weeks in some cases preventing "ghost messages" appearing out of nowhere on my printers and in our mail. These guys even got on our system and were posting forgery USNET articles from galbp! I don't know if I plugged all their holes or if they finally got bored. I will never know and I have to assume that there is something I have missed or that I don't know about! I need to know what everybody else has had to deal with so I can prevent it on my system. You won't find me posting what they did to insert their more devious holes into my system or the stupid mistakes they made which let me I don't need "cookbook" cracking techniques but I haven't seen anyone discussing anything of that sort to date anyways. BTW) It has been pointed out to me by one individual that I should have had a "Followup-To: news.groups" specified in my original call for votes. Largely true and an oversight in my haste, my apologies to everyone. Please carry on the discussion ABOUT THE GROUP in news.groups. Part of my objective was to make some of the discussions aware of each other. That would not have involved a followup (till we get our own working group). Sorry if I tried to cover too much ground in one article (guilty here too I guess). As I said in my original posting, I am processing the votes by "hand". I have received some software for automating this to some extent. Please, if and when you vote, include the following in the "Subject:" line: "yes" If you want the group unconditionally. "no" If you don't want it under any circumstances. "moderated" If you only want it if it is moderated. "unmoderated" If you only want it if it is unmoderated. I will attempt to send out acknowledgements as soon as I can. Summaries will be mailed as well as posted. If you've already sent me a vote, don't worry, your counted. No need to send another. If I am failing to follow some guidlines that I haven't found yet or some unwritten rules please EMAIL them to me! I just run this show over here, I don't pretend to really understand it! Thanks --- Michael H. Warfield (The Mad Wizard) | gatech.edu!galbp!wittsend!mhw (404) 270-2123 / 270-2098 | mhw@wittsend.LBP.HARRIS.COM An optimist believes we live in the best of all possible worlds. A pessimist is sure of it!