1. References

2. External links

Bugtraq is an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them. It is a high-volume mailing list, and almost all new vulnerabilities are discussed there. The forum provides a vehicle for software and system manufacturers to communicate in a targeted fashion with their installed base to inform them of new vulnerabilities, so they can be rapidly addressed. From the perspective of the enterprise, it also provides a consolidated view of vulnerabilities, eliminating the need to try to track down announcements from individual vendors; as well as providing a forum to seek information from peers.

Bugtraq was created on November 5, 1993 by Scott Chasin^[1] in response to the perceived failings of the existing Internet security infrastructure of the time, particularly CERT. Bugtraq's policy was to publish vulnerabilities, regardless of vendor response, as part of the full disclosure movement of vulnerability disclosure.

Elias Levy, also known as Aleph One (alluding to the cardinal number aleph one), noted in an interview that "the environment at that time was such that vendors weren't making any patches. So the focus was on how to fix software that companies weren't fixing."

The mailing list was unmoderated originally, but the signal-to-noise ratio eventually became unacceptably bad. Moderation began on June 5, 1995. Elias Levy moderated the list from June 14, 1996 until he stepped down on October 15, 2001. David Mirza Ahmad, one of the many co-authors of Hack Proofing Your Network, Second Edition, took over from Levy and continued until he stepped down on February 23, 2006.^[2] David McKinney, a DeepSight threat analyst at Symantec, took over from Ahmad although moderation has now been passed over to another DeepSight analyst, Prasanna.^[3]

Bugtraq was originally hosted at Crimelab.com. It was moved to the Brown University NetSpace Project — which has since been reorganized as the NetSpace Foundation — on June 5, 1995, the same day that its moderation began. In July 1999 it became the property of SecurityFocus and was moved there. SecurityFocus was acquired in full by Symantec on August 6, 2002.^[4]

References

External links

• SecurityFocus - Mailing Lists (Bugtraq is the first mailing list under the Most Popular heading)
• BUGTRAQ - VULNERABLE SITES TRACKER (First Professional Vulnerable Sites Tracker)
• [https://web.archive.org/web/20050113154138/http://archive.salon.com/tech/feature/2001/08/29/west/index.html Salon - Technology & Business - How do you fix a leaky Net?] (includes mention of Bugtraq)
• [https://web.archive.org/web/20050419080357/http://www.spirit.com/Network/net0800.html Spirit - Network Defense - Full Disclosure, or Tales to embarrass Vendors ~ The Good Old Days] ([https://web.archive.org/web/20100102144837/http://spirit.com/Network/net0800.html archive copy]) (a history of the CERT Advisory CA-93:15 fiasco)

• History of Sheffield United F. C.
• History of Sheffield United F C
• History of Sheffield Wednesday F C
• History of Sheffield Wednesday FC
• History of Sheffield Wednesday F. C.
• History of Sherman County, Oregon
• History of Sherwood
• History of Sherwood College
• History of shia islam
• History of Shimer College
• History of Ship Transport
• History of shiraz
• History of Shit
• History of shogi
• History of short stories
• History of shreveport
• History of shrewsbury
• History of shropshire
• History of Sialkot
• History of Siam
• History of siberia
• History of sierra leone
• History of sikhism
• History of sikkim
• History of sindh