Hey all, This turned up in my inbox this morning. Have a read of the "Note to Participants", and the list of ppl it was sent to. To me, this looks pretty suspicious. Questions such as "3. Please select the top five vulnerabilities to your organization with 1 being the most severe to 5 being the least severe." smack of social engineering to me. Maybe I'm being overly paranoid, but as I'm definately not a member of the Computer Security Institute, some warning bells are going off over here. Theres a few well known email addresses in that list (ie @securityfocus.com), so no doubt a few people on this list will have received this too. What's your thoughts? If I'm wrong and this is a legit enquiry, then fair enough. But any way you look at it, I'm not going to reveal the "security countermeasures your organisation has implemented" in the last year. I'm also interested to know why the from is a .mil address, but the reply-to is hawaii.rr.com. Have a good day... Ian Kayne Technical Specialist - IT Solutions Softlab Ltd - A BMW Company -----Message Headers------ Received: from *censored* ([x.x.x.x]) by *censored* with SMTP id ZGRQWX59; Thu, 14 Feb 2002 06:31:12 -0000 Received: FROM pescado.nosc.mil BY *censored* ; Thu Feb 14 06:31:11 2002 0000 Received: from j65204u1lhm7lf (a66b8n138client66.hawaii.rr.com [66.8.138.66]) by pescado.nosc.mil (Netscape Messaging Server 4.15) with ESMTP id GRIFFA00.RAL; Wed, 13 Feb 2002 22:30:46 -0800 From: "Edward L. Jones" <eljonesat_private> To: <snipped> Subject: Graduate Student Survey Date: Wed, 13 Feb 2002 20:26:45 -0800 Message-ID: <NDENLMGFNMNADOLLBAIGGEAACDAA.eljonesat_private> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: High X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 -----Original Message----- From: Edward L. Jones [mailto:eljonesat_private] Sent: 14 February 2002 04:27 To: a.heinlein@systemtechnik-schreurs.de; ABlevinsat_private; adrian.fruehwirthat_private; altaassociates1at_private; Anders.Amandussonat_private; andrei.pascalat_private; argvat_private; AUsewicz@best-international.com; bfilmerat_private; bhodi_jabirat_private; bjoshiat_private; BlueBoarat_private; BOBrienat_private; BStraussat_private; btwat_private; bviat_private; bzdrnjaat_private; carstenat_private; chandlerchriscat_private; commorancyat_private; coreat_private; craigat_private; debraat_private; devdasat_private; dingerat_private; ditmar.den.engelsenat_private; donovanat_private; dpuryearat_private; dwardat_private; eballen1at_private; estanolnat_private; etat_private; evgenyat_private; faial@rio-de-janeiro.sns.slb.com; fernando.cardosoat_private; fhat_private-dresden.de; francisat_private; franklin_tech_bulletinsat_private; freem100at_private; gary.porterat_private; giuseppe.daniat_private; Glenn Forbes Fleming Larratt; grochaat_private; gryphonnat_private; hamlet_avat_private; Ian.Kayneat_private; isommerat_private; izikat_private; Jacques@telemar-ba.com.br; jasonat_private; javapro13at_private; jdysonat_private; jeffat_private; jeremiahat_private; jfasselinat_private; jkruserat_private; joe_brown@senet-int.com; johannesat_private; johnat_private; jonat_private; jonathasat_private; Joshua_Hillerat_private; jpuckettat_private; jullrichat_private; KEVIN.A.ESTISat_private; keydet89at_private; leonat_private; listsat_private; lokiat_private; lucian.vangheleat_private; E. L. Jones (E-mail); lyeohat_private; mailinglistat_private; markat_private; marlonat_private; marshal@marshal-soft.com; martinat_private; maxime.rapailleat_private; maydayat_private; mdresserat_private; medgiat_private; meinbugtraqat_private; meritt_jamesat_private; mike.gillesat_private; mikeat_private; mkennedyat_private; mlabelleat_private; mnvat_private; moonpupat_private; narancsat_private; neil.long@computing-services.oxford.ac.uk; nick@virus-l.demon.co.uk; nknat_private; open_your_eyesat_private; pedroat_private; Peggyat_private; petranceat_private; phehat_private; philpat_private; phoskingat_private; pradeep.kumarat_private; psydiiat_private; quentynat_private; r.fultonat_private; rabbiat_private; ragentat_private; rasat_private; rbontuyanat_private; rclarkat_private; reelerat_private; rescobarat_private; rhysat_private; robat_private; ryanat_private; sa7oriat_private; scottperkinsat_private; security.alertat_private; Security_Technologyat_private; securityprofneedsjobat_private; shfat_private; sirsykoat_private; SLordat_private; srithat_private; stauphat_private; steveat_private; sysadminat_private; tcoboat_private; tdat_private; teoat_private; Thomas.Krulat_private; Thorat_private; timslighterat_private; tinbergat_private; Todd.Millerat_private; TripleDESat_private; tseekerat_private; twhiteat_private; uQ3TdHe0rat_private; utkinat_private; Valdis.Kletnieksat_private; vernat_private; walterat_private; wichertat_private; woodsat_private; wparkat_private; zanemcauleyat_private; zen@kill-9.it; zen-parseat_private; zesnarkat_private; zorchat_private Subject: Graduate Student Survey Importance: High A Survey for Exploring the Cost of Correcting Security Vulnerabilities before they are Exploited. By Edward L. Jones Hawaii Pacific University 11 Dec 2001 Note to Participants: You have been selected randomly to provide information concerning the cost of correcting network security vulnerabilities before they are exploited. All information given will be used to complete an exploratory research project by the author and for these purposes only. Please answer the questions to the best of your ability hence you were selected because of your membership to the Computer Security Institute, and the knowledge you posses as a member of that professional organization. 1. How confident are you that your organization's network is protected from attack? a. Extremely Confident b. Very Confident c. Somewhat Confident d. Not very Confident 2. How would you rate the importance of network security to your organization? a. Extremely Important b. Very Important c. Somewhat Important d. Not Important 3. Please select the top five vulnerabilities to your organization with 1 being the most severe to 5 being the least severe. 1. 2. 3. 4. 5. 4. In the past year, what type of security countermeasures has your organization implemented? (Circle all that apply) a. System security tools b. Security policy c. Physical security tools d. Risk analysis e. Security awareness and training f. Vulnerability assessments g. Incident handling and recovery plans 5. What is the size of your organization? a. 1 thru 14,999 b. 15,000 thru 24,999 c. 25,000 6. What is your organization's estimated annual security budget? a. Less than 100k b. Between 100-300k c. Between 301-600k d. Greater than 600k 7. What security technologies is your organization using? (Circle all that apply) a. Firewalls b. Vulnerability assessment software c. Intrusion detection systems d. Network monitoring tools 8. How large is your security section? a. 1-5 personnel b. 5-10 personnel c. 10> personnel 9. How much does your company spend on personnel training annually? a. 10-25k b. 25-40k c. 40-55k d. 55 or greater 10. What is your organizations primary industry? a. Aerospace/Engineering b. Agriculture c. Banking d. Education e. Energy/Utilities f. Financial g. Government h. Health care i. High Tech j. Insurance k. Manufacturing l. Oil/Petroleum m. Professional Services n. Real Estate/Construction o. Retail p. Transportation q. Telecommunications r. Other 11. Please rank the following according to how your organization spends it's security budget? Personnel training, Hardware, Software. 12. What are you annual losses due to internet based security threats such as exploits against vulnerabilities, virus, and other threats? ( You can take into account man hours and etc..) a. 100-500k b. 500-1million c. Greater than 1 million (Please Specify) 13. How would you categorize the approach that your organization takes in correcting network security vulnerabilities. a. Proactive b. Reactive 14. What is the greatest threat to your organization security? a. Exploitation of vulnerabilities b. Lack of skilled security personnel c. Lack of organizational support of security issues d. Insider security breaches e. Outsider security threats 15. One financial institution has said it will "Use every means at our disposal to protect our assets." They have built strike-back offensive capabilities. Does your company use such techniques? Would you be willing to? What event would send you over the edge to adapt this position? 16. How effective is information security in your organization? a. Poor b. Sub-Par c. Adequate d. Good e. Excellent 17. Of the following what constraints does your company face? a. Budgetary b. Security personnel Skills c. Inadequate end user awareness d. Commitment from management e. Inadequate internal security policy f. Lack of security products g. Unclear security responsibilities 18. Of the following please rank the threats to your organization. ___ Virus ___ Worms ___ Default Installation security concerns ___ Buffer Overflows ___ Weak Passwords ___ Trojans ___ Net Bios ___ DDoS ___ Insider Threat ___ Competitors ___ Foreign Countries Please Send Responses to mailto:Lydale07at_private or simply reply E.L. Jones ******************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and Softlab does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the IT helpdesk by telephone on +44 (0)121 788 5480. ********************************************************************
This archive was generated by hypermail 2b30 : Thu Feb 14 2002 - 08:34:27 PST