[unisog] cornell.edu blog being used for spam - and now virginia.edu as well

Frank Bulk frnkblk at iname.com
Wed Nov 28 22:04:26 GMT 2007 

Fair enough.  

As someone else already said, just that they didn't respond to my email
doesn't mean that they didn't receive and address it.

Frank

-----Original Message-----
From: unisog-bounces at lists.dshield.org
[mailto:unisog-bounces at lists.dshield.org] On Behalf Of John Kristoff
Sent: Wednesday, November 28, 2007 3:44 PM
To: UNIversity Security Operations Group
Subject: Re: [unisog] cornell.edu blog being used for spam - and now
virginia.edu as well

On Tue, 27 Nov 2007 18:49:28 -0600
"Frank Bulk" <frnkblk at iname.com> wrote:

> Is posting the school's name in unisog now fair game? ;)

I'm not sure what the point of that is.

If it's to show the world, or perhaps change the world, through the
one of potentially gazillion bad packets that may have come from an
institution, then I think one should find a blog, another list or
another hobby.

The archives are fully available. Searching for the institution's
name and the lists.sans.org/pipermail/unisog as a starting index may
hopefully turn up a name you can try directly.  List subscribers can,
can also try to find a contact through the list interface's subscriber
list.  That's part of the reason why it is recommended people disclose
their affiliation in their posts.

Lastly, and perhaps most importantly REN-ISAC.  This is their job and
they get paid to do it.  If you need help getting to someone, I highly
recommend talking to them.  They will respond and they will help you
as best they can.  They are also well known, whereas some random unisog
participant may as well be a nobody to the institution.  REN-ISAC is
trusted and already has more relationships built up in their short time
than most of us have after many years alone.

If you have something of a critical nature and absolutely need to
speak to someone from an institution directly, I suppose calling
out for help here, in those hopefully rare circumstances, is warranted.

Otherwise, this list "is intended for university and other academic
institution system operators to discuss security issues specific to
the academic environment".  Note, it doesn't say for "discussion
about the security of specific academic institutions".

John
_______________________________________________
unisog mailing list
unisog at lists.dshield.org
https://lists.sans.org/mailman/listinfo/unisog

More information about the unisog mailing list