Date: Mon, 28 Jun 1999 11:13:13 -0700
From: Aleph One <aleph1@UNDERGROUND.ORG>
To: BUGTRAQ@netspace.org
Subject: Administrivia: PLEASE READ

I am pleased to inform you of several changes that will be occurring
on June 5th. I hope you find them as exciting as I do.

BUGTRAQ moves to a new home
---------------------------

First, BUGTRAQ will be moving from its current home at NETSPACE.ORG
to SECURITYFOCUS.COM. What is Security Focus you ask? Wait and read
below. Other than the change of domains nothing of how the list
is run changes. I am still the moderator. We play by the same rules.

Security Focus will be providing mail archives for BUGTRAQ. The
archives go back longer than Netspace's and are more complete than
Geek-Girl's.

The move will occur one week from today. You will not need to
resubscribe. All your information, including subscription options
will be moved transparently.

Any of you using mail filters (e.g. procmail) to sort incoming
mail into mail folders by examining the From address will have to
update them to include the new address. The new address will be:

                      BUGTRAQ@SECURITYFOCUS.COM

Security Focus also be providing a free searchable vulnerability
database.

BUGTRAQ es muy bueno
--------------------

It has also become apparent that there is a need for forums
in the spirit of BUGTRAQ where non-English speaking people
or people that don't feel comfortable speaking English can
exchange information.

As such I've decided to give BUGTRAQ in other languages a try.
BUGTRAQ will continue to be the place to submit vulnerability
information, but if you feel more comfortable using some other
language you can give the other lists a try. All relevant information
from the other lists which have not already been covered here
will be translated and forwarded on by the list moderator.

In the next couple of weeks we will be introducing BUGTRAQ-JP
(Japanese) which will be moderated by Nobuo Miwa <n-miwa@lac.co.jp>
and BUGTRAQ-SP (Spanish) which will be moderated by CORE SDI S.A.
from Argentina <http://www.core-sdi.com/> (the folks that brought you
Secure Syslog and the SSH insertion attack).

What is Security Focus?
-----------------------

Security Focus is an exercise in creating a community and a security
resource. We hope to be able to provide a medium where useful and
successful resources such as BUGTRAQ can occur, while at the same
time providing a comprehensive source of security information. Aside
from moving just BUGTRAQ over, the Geek-Girl archives (and the Geek Girl
herself!) have moved over to Security Focus to help us with building
this new community. The other staff at Security Focus are largely derived
from long time supporters of Bugtraq and the community in general. If
you are interested in viewing the staff pages, please see the 'About'
section on www.securityfocus.com.

On the community creating front you will find a set of forums
and mailing lists we hope you will find useful. A number of them
are not scheduled to start for several weeks but starting today
the following list is available:

 * Incidents' Mailing List. BUGTRAQ has always been about the
   discussion of new vulnerabilities. As such I normally don't approve
   messages about break-ins, trojans, viruses, etc with the exception
   of wide spread cases (Melissa, ADM worm, etc). The other choice
   people are usually left with is email CERT but this fails to
   communicate this important information to other that may be
   potentially affected.

   The Incidents mailing list is a lightly moderated mailing list to
   facilitate the quick exchange of security incident information.
   Topical items include such things as information about rootkits
   new trojan horses and viruses, source of attacks and tell-tale
   signs of intrusions.

   To subscribe email LISTSERV@SECURITYFOCUS.COM with a message body
   of:

             SUBS INCIDENTS FirstName, LastName

Shortly we'll also be introducing an Information Warfare forum along
with ten other forums over the next two months. These forums will be
built and moderated by people in the community as well as vendors who
are willing to take part in the community building process.
*Note to the vendors here* We have several security vendors who have
agreed to run forums where they can participate in the online communities.
If you would like to take part as well, mail Alfred Huger,
ahuger@securityfocus.com.

On the information resource front you find a large database of
the following:

 * Vulnerabilities. We are making accessible a free vulnerability
   database. You can search it by vendor, product and keyword. You
   will find detailed information on the vulnerability and how to fix it,
   as well are links to reference information such as email messages,
   advisories and web pages. You can search by vendor, product and
   keywords. The database itself is the result of culling through 5
   years of BUGTRAQ plus countless other lists and news groups. It's
   a shining example of how thorough full disclosure has made a significant
   impact on the industry over the last half decade.

 * Products. An incredible number of categorized security products
   from over two hundred different vendors.

 * Services. A large and focused directory of security services offered by
   vendors.

 * Books, Papers and Articles. A vast number of categorized security
   related books, papers and articles. Available to download directly
   for our servers when possible.

 * Tools. A large array of free security tools. Categorized and
   available for download.

 * News: A vast number of security news articles going all the way
   back to 1995.

 * Security Resources: A directory to other security resources on
   the net.

As well as many other things such as an event calendar.

For your convenience the home-page can be personalized to display
only information you may be interested in. You can filter by
categories, keywords and operating systems, as well as configure
how much data to display.

I'd like to thank the fine folks at NETSPACE for hosting the
site for as long as they have. Their services have been invaluable.

I hope you find these changes for the best and the new services
useful. I invite you to visit http://www.securityfocus.com/ and
check it out for yourself. If you have any comments or suggestions
please feel free to contact me at this address or at
aleph1@securityfocus.com.

Cheers.

--
Aleph One / aleph1@underground.org
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01

------------------------------------------------------------------------------

Date: Mon, 28 Jun 1999 13:06:22 -0700
From: Aleph One <aleph1@UNDERGROUND.ORG>
To: BUGTRAQ@netspace.org
Subject: Re: Administrivia: PLEASE READ

You would think that after reading the message as many times
as I did before sending it I would have catch all the errors.

The corrections:

 o The switch over date is July 5, not June 5.

 o To subscribe to INCIDENTS, just like with any other
   LISTSERV mailing list use:

   SUBSCRIBE INCIDENTS Firstname Lastname

   or

   SUBSCRIBE INCIDENTS Lastname, Firstname

   but not

   SUBSCRIBE INCIDENTS Firstname, Lastname

I apologize for the confusions. To answer some quick questions:

a) Yes, INCIDENTS and all other mailing list and forums at
   SecurityFocus will be archived and searchable via the web.

b) The site will be accessible to browsers such a lynx. Limited
   time stopped us from archiving this goal today, but being
   a heavy lynx user myself its on our todo-list.

--
Aleph One / aleph1@underground.org
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01