From owner-freebsd-security Fri Sep 3 23: 7:45 1999 Delivered-To: freebsd-security@freebsd.org Received: from mail.cybcon.com (mail.cybcon.com [216.190.188.5]) by hub.freebsd.org (Postfix) with ESMTP id EBB3F151D0 for ; Fri, 3 Sep 1999 23:07:42 -0700 (PDT) (envelope-from wwoods@cybcon.com) Received: from freebsd.cybcon.com (william@pm3b-11.cybcon.com [205.147.75.76]) by mail.cybcon.com (8.9.0/8.9.0) with ESMTP id XAA23885; Fri, 3 Sep 1999 23:06:42 -0700 (PDT) Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <67508.936401799@localhost> Date: Fri, 03 Sep 1999 23:06:42 -0700 (PDT) Reply-To: wwoods@cybcon.com From: William Woods To: "Jordan K. Hubbard" Subject: Re: Security Alerts Cc: freebsd-security@FreeBSD.ORG, spork Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Jordan, I don't know C programming very well at all, I am starting a C class in a week, but is there something I could do to help with this situation? William On 03-Sep-99 Jordan K. Hubbard wrote: >> So what I'm wondering is whether the project is in need of someone to >> digest, discuss, and regurgitate some of these things into security >> advisories. I personally can appreciate the fact that an ordinary user or >> admin might not be able to follow every bug that comes up on bugtraq or on > > More than actually generating advisories, something which our security > officers do a pretty reasonable job on, what we *really* need is > someone to test the existing advisories/random reports/etc and figure > out which exploits or DoS attacks are actually genuine. Quite a bit > of stuff gets sent to the security list and quite a bit of it often > has no applicability whatsoever to FreeBSD, leading to a situation > where security officers put it on the "test this at some point" pile > and that pile can get pretty deep. When faced with a "this has been > tested and the following releases of FreeBSD are vulnerable" sort of > message, however, they know that it's clearly a matter for immediate > attention and it gets "escallated" quite a bit. > > - Jordan > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message ---------------------------------- E-Mail: William Woods Date: 03-Sep-99 Time: 22:48:29 This message was sent by XFMail ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message