[unisog] cornell.edu blog being used for spam - and now virginia.edu as well

[John Kristoff]

On Tue, 27 Nov 2007 18:49:28 -0600
"Frank Bulk" <frnkblk at iname.com> wrote:

> Is posting the school's name in unisog now fair game? ;)

I'm not sure what the point of that is.

If it's to show the world, or perhaps change the world, through the
one of potentially gazillion bad packets that may have come from an
institution, then I think one should find a blog, another list or
another hobby.

The archives are fully available. Searching for the institution's
name and the lists.sans.org/pipermail/unisog as a starting index may
hopefully turn up a name you can try directly.  List subscribers can,
can also try to find a contact through the list interface's subscriber
list.  That's part of the reason why it is recommended people disclose
their affiliation in their posts.

Lastly, and perhaps most importantly REN-ISAC.  This is their job and
they get paid to do it.  If you need help getting to someone, I highly
recommend talking to them.  They will respond and they will help you
as best they can.  They are also well known, whereas some random unisog
participant may as well be a nobody to the institution.  REN-ISAC is
trusted and already has more relationships built up in their short time
than most of us have after many years alone.

If you have something of a critical nature and absolutely need to
speak to someone from an institution directly, I suppose calling
out for help here, in those hopefully rare circumstances, is warranted.

Otherwise, this list "is intended for university and other academic
institution system operators to discuss security issues specific to
the academic environment".  Note, it doesn't say for "discussion
about the security of specific academic institutions".

John