From: Clay Kossmeyer
To: nanog@nanog.org
Cc: Clay Seaman-Kossmeyer (ckossmey)
Sent: Tuesday, April 1, 2014 11:44 AM
Subject: Re: Cisco Security Advisory: Cisco IOS Software SSL VPN Denial of
Service Vulnerability
Hi All -
The Cisco PSIRT has been sending IOS Security Advisories to the
On 04/01/2014 11:44 AM, Clay Kossmeyer wrote:
Hi All -
The Cisco PSIRT has been sending IOS Security Advisories to the NANOG mailing
list for well over a decade. We started this process a long time ago at the
request of the list’s then-membership and haven’t been asked to change since.
Admit
On Tue, 1 Apr 2014, Brandon Butterworth wrote:
The Cisco PSIRT has been sending IOS Security Advisories to
the NANOG mailing list for well over a decade
Thank you, much appreciated
Given that there are a number of forums that more directly
address either Cisco-specific issues or are specific
> The Cisco PSIRT has been sending IOS Security Advisories to
> the NANOG mailing list for well over a decade
Thank you, much appreciated
> Given that there are a number of forums that more directly
> address either Cisco-specific issues or are specific to
> vulnerability announcements, were hap
--- ckoss...@cisco.com wrote:
From: Clay Kossmeyer
[...] we’re happy to discontinue sending to the NANOG list directly.
--
Instead of discontinuing them how about one email that contains
all the details, rather than one email per detail. Simi
On Tue, 01 Apr 2014 15:24:32 -0400, "Chuck Church" said:
> Given that probably 80+% (a guess, but I'd be really surprised at a lower
> figure) of all internet traffic crosses at least one Cisco device somewhere,
> I think it would be a huge disservice to discontinue sending these emails.
Actually,
seemingly
never-discussions on mandatory email legal signatures and other fluff.
Chuck
-Original Message-
From: Clay Kossmeyer [mailto:ckoss...@cisco.com]
Sent: Tuesday, April 01, 2014 2:44 PM
To: nanog@nanog.org
Cc: Clay Seaman-Kossmeyer (ckossmey)
Subject: Re: Cisco Security Advisory:
Hi All -
The Cisco PSIRT has been sending IOS Security Advisories to the NANOG mailing
list for well over a decade. We started this process a long time ago at the
request of the list’s then-membership and haven’t been asked to change since.
Admittedly, vulnerability disclosure/discussion/repo
> But clearly, this is one of those issues where you have a
> good amount of folk on either side of the fence.
and the discussion is about the size of five years of cisco notices and
just as hard to delete
welcome to nanog
randy
On 3/29/2014 12:43 AM, Mark Tinka wrote:
But clearly, this is one of those issues where you have a
good amount of folk on either side of the fence.
I wonder what the ratio of "I don't want that info here" (for various
values of "here") to "Geez! WHY didn't somebody tell me" is.
--
Requ
On Saturday, March 29, 2014 02:34:13 AM Scott Weeks wrote:
> You got 5 (actually 6 this time) perhaps because you're
> only on NANOG. I got over 30 this time and once when
> there were 9 vulnerabilities I got almost 50 emails from
> cisco.
I've always known that Cisco will submit their notices to
--- rdr...@direcpath.com wrote:
From: Robert Drake
because seeing 5 advisories at once is like a giant line break in NANOG
discussions, so it's harder to tune it out and skip the emails :)
They could Bcc: all the lists they are sending to in one set of emails
so the message-id is the same, t
On 3/28/2014 4:11 PM, Scott Weeks wrote:
If a person is on multiple of *NOG mailing lists a lot of these're
received. For example, I got well over 30 of them this round. It'd be
nice to get something brief like this:
--
The Semiannual Cisco IOS Sof
On 3/27/2014 7:44 PM, Alexander Neilson wrote:
> I wonder if they should be invited to only post a single message with
> the titles and links to the alerts so that people can follow it up.
--
If a person is on multiple of *NOG mailing list
On Friday, March 28, 2014 05:48:29 AM Shrdlu wrote:
> Why? Personally, I think it's fine. It only happens (at
> most) every six months (and sometimes more like a year).
I think it's fine too.
As I'm sure you know, if you're a Cisco customer, you can
subscribe to their internal notification serv
On 3/28/2014 12:57 AM, Randy Bush wrote:
Alexander Neilson wrote:
I wonder if they should be invited to only post a single message with
the titles and links to the alerts so that people can follow it up.
i would prefer that the header be in blue, the titles in green, and the
urls in magenta, i
On 3/27/2014 11:57 PM, Randy Bush wrote:
Alexander Neilson wrote:
I wonder if they should be invited to only post a single message with
the titles and links to the alerts so that people can follow it up.
i would prefer that the header be in blue, the titles in green, and the
urls in magenta,
Alexander Neilson wrote:
> I wonder if they should be invited to only post a single message with
> the titles and links to the alerts so that people can follow it up.
i would prefer that the header be in blue, the titles in green, and the
urls in magenta, in comic sans, of course
randy
On 3/27/2014 7:44 PM, Alexander Neilson wrote:
I wonder if they should be invited to only post a single message with
the titles and links to the alerts so that people can follow it up.
Why? Personally, I think it's fine. It only happens (at most) every six
months (and sometimes more like a year
I wonder if they should be invited to only post a single message with the
titles and links to the alerts so that people can follow it up.
They should also include a link to their own list that they send the full
alerts to.
That way there could be some headline alerting to people that there is
On 3/27/2014 4:07 PM, Matt Palmer wrote:
On Wed, Mar 26, 2014 at 10:52:42AM -0600, kendrick eastes wrote:
The Full-disclosure mailing list was recently... retired, I guess cisco
thought NANOG was the next best place.
Nope, they've been sending these things here for as long as I can remember.
I
On Wed, Mar 26, 2014 at 10:52:42AM -0600, kendrick eastes wrote:
> The Full-disclosure mailing list was recently... retired, I guess cisco
> thought NANOG was the next best place.
Nope, they've been sending these things here for as long as I can remember.
I have NFI why -- probably hubris, thinki
For anyone who was subscribed to the old full-disclosure list ... Fydor of nmap
has brought it back to life.
Infolink @ http://insecure.org/news/fulldisclosure/
Subscribe @ http://nmap.org/mailman/listinfo/fulldisclosure
On Mar 26, 2014, at 10:52 AM, kendrick eastes wrote:
> The Full-disclos
The Full-disclosure mailing list was recently... retired, I guess cisco
thought NANOG was the next best place.
On Wed, Mar 26, 2014 at 10:45 AM, rw...@ropeguru.com wrote:
>
> Is this normal for the list to diretly get Cisco security advisories or
> something new. First time I have seen these.
>
These also get posted to other mailing lists, such as cisco-nsp.
jms
On Wed, 26 Mar 2014, rw...@ropeguru.com wrote:
Thanks everyone for the replies. I guess since they are done so infrequently,
I was not a list member the last go around.
Robert
On Wed, 26 Mar 2014 12:58:44 -0400
Andrew L
Thanks everyone for the replies. I guess since they are done so
infrequently, I was not a list member the last go around.
Robert
On Wed, 26 Mar 2014 12:58:44 -0400
Andrew Latham wrote:
Robert
Perfectly normal, almost an announce list for issues like this.
On Wed, Mar 26, 2014 at 12:45 PM
Robert
Perfectly normal, almost an announce list for issues like this.
On Wed, Mar 26, 2014 at 12:45 PM, rw...@ropeguru.com wrote:
>
> Is this normal for the list to diretly get Cisco security advisories or
> something new. First time I have seen these.
>
> Robert
>
>
> On Wed, 26 Mar 2014 12:10
On Wed, 26 Mar 2014, rw...@ropeguru.com wrote:
Is this normal for the list to diretly get Cisco security advisories or
something new. First time I have seen these.
They do this twice a year, all their advisories were sent here about half
a year ago as well.
--
Mikael Abrahamssonemail: s
They don't come out often but it happens. Looks like there were 5 or 6 of them.
James
-Original Message-
From: "rw...@ropeguru.com"
Date: Wed, 26 Mar 2014 12:45:18
To: ;
Reply-To: Robert Webb
Subject: Re: Cisco Security Advisory: Cisco IOS Software SSL VPN Den
Is this normal for the list to diretly get Cisco security advisories
or something new. First time I have seen these.
Robert
On Wed, 26 Mar 2014 12:10:00 -0400
Cisco Systems Product Security Incident Response Team
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco IOS Software SSL
30 matches
Mail list logo
