Hey all,
This turned up in my inbox this morning. Have a read of the "Note to
Participants", and the list of ppl it was sent to. To me, this looks pretty
suspicious. Questions such as
"3. Please select the top five vulnerabilities to your organization with
1
being the most severe to 5 being the least severe."
smack of social engineering to me. Maybe I'm being overly paranoid, but as
I'm definately not a member of the Computer Security Institute, some warning
bells are going off over here. Theres a few well known email addresses in
that list (ie @securityfocus.com), so no doubt a few people on this list
will have received this too. What's your thoughts? If I'm wrong and this is
a legit enquiry, then fair enough. But any way you look at it, I'm not going
to reveal the "security countermeasures your organisation has implemented"
in the last year. I'm also interested to know why the from is a .mil
address, but the reply-to is hawaii.rr.com.
Have a good day...
Ian Kayne
Technical Specialist - IT Solutions
Softlab Ltd - A BMW Company
-----Message Headers------
Received: from *censored* ([x.x.x.x]) by *censored* with SMTP
id ZGRQWX59; Thu, 14 Feb 2002 06:31:12 -0000
Received: FROM pescado.nosc.mil BY *censored* ; Thu Feb 14 06:31:11 2002
0000
Received: from j65204u1lhm7lf (a66b8n138client66.hawaii.rr.com
[66.8.138.66]) by pescado.nosc.mil (Netscape Messaging Server
4.15) with ESMTP id GRIFFA00.RAL; Wed, 13 Feb 2002 22:30:46 -0800
From: "Edward L. Jones" <eljonesat_private>
To: <snipped>
Subject: Graduate Student Survey
Date: Wed, 13 Feb 2002 20:26:45 -0800
Message-ID: <NDENLMGFNMNADOLLBAIGGEAACDAA.eljonesat_private>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 1 (Highest)
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: High
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
-----Original Message-----
From: Edward L. Jones [mailto:eljonesat_private]
Sent: 14 February 2002 04:27
To: a.heinlein@systemtechnik-schreurs.de; ABlevinsat_private;
adrian.fruehwirthat_private; altaassociates1at_private;
Anders.Amandussonat_private; andrei.pascalat_private;
argvat_private; AUsewicz@best-international.com;
bfilmerat_private; bhodi_jabirat_private; bjoshiat_private;
BlueBoarat_private; BOBrienat_private; BStraussat_private;
btwat_private; bviat_private; bzdrnjaat_private; carstenat_private;
chandlerchriscat_private; commorancyat_private;
coreat_private; craigat_private;
debraat_private; devdasat_private; dingerat_private;
ditmar.den.engelsenat_private; donovanat_private;
dpuryearat_private; dwardat_private; eballen1at_private;
estanolnat_private; etat_private; evgenyat_private;
faial@rio-de-janeiro.sns.slb.com; fernando.cardosoat_private;
fhat_private-dresden.de; francisat_private;
franklin_tech_bulletinsat_private; freem100at_private;
gary.porterat_private; giuseppe.daniat_private; Glenn Forbes Fleming
Larratt; grochaat_private; gryphonnat_private;
hamlet_avat_private; Ian.Kayneat_private; isommerat_private;
izikat_private; Jacques@telemar-ba.com.br; jasonat_private;
javapro13at_private; jdysonat_private; jeffat_private;
jeremiahat_private; jfasselinat_private;
jkruserat_private; joe_brown@senet-int.com; johannesat_private;
johnat_private; jonat_private; jonathasat_private;
Joshua_Hillerat_private; jpuckettat_private; jullrichat_private;
KEVIN.A.ESTISat_private; keydet89at_private; leonat_private;
listsat_private; lokiat_private; lucian.vangheleat_private; E.
L. Jones (E-mail); lyeohat_private; mailinglistat_private;
markat_private; marlonat_private;
marshal@marshal-soft.com; martinat_private; maxime.rapailleat_private;
maydayat_private; mdresserat_private; medgiat_private;
meinbugtraqat_private; meritt_jamesat_private; mike.gillesat_private;
mikeat_private; mkennedyat_private; mlabelleat_private;
mnvat_private; moonpupat_private;
narancsat_private; neil.long@computing-services.oxford.ac.uk;
nick@virus-l.demon.co.uk; nknat_private;
open_your_eyesat_private; pedroat_private; Peggyat_private;
petranceat_private; phehat_private; philpat_private;
phoskingat_private; pradeep.kumarat_private;
psydiiat_private; quentynat_private; r.fultonat_private;
rabbiat_private; ragentat_private;
rasat_private; rbontuyanat_private;
rclarkat_private; reelerat_private; rescobarat_private;
rhysat_private; robat_private; ryanat_private;
sa7oriat_private; scottperkinsat_private;
security.alertat_private; Security_Technologyat_private;
securityprofneedsjobat_private; shfat_private;
sirsykoat_private; SLordat_private; srithat_private;
stauphat_private; steveat_private; sysadminat_private;
tcoboat_private; tdat_private; teoat_private;
Thomas.Krulat_private; Thorat_private; timslighterat_private;
tinbergat_private; Todd.Millerat_private; TripleDESat_private;
tseekerat_private; twhiteat_private;
uQ3TdHe0rat_private; utkinat_private; Valdis.Kletnieksat_private;
vernat_private; walterat_private; wichertat_private;
woodsat_private; wparkat_private; zanemcauleyat_private;
zen@kill-9.it; zen-parseat_private; zesnarkat_private;
zorchat_private
Subject: Graduate Student Survey
Importance: High
A Survey for Exploring the Cost of Correcting Security Vulnerabilities
before they are Exploited.
By
Edward L. Jones
Hawaii Pacific University
11 Dec 2001
Note to Participants:
You have been selected randomly to provide information concerning
the cost
of correcting network security vulnerabilities before they are exploited.
All information given will be used to complete an exploratory research
project by the author and for these purposes only. Please answer the
questions to the best of your ability hence you were selected because of
your membership to the Computer Security Institute, and the knowledge you
posses as a member of that professional organization.
1. How confident are you that your organization's network is protected
from
attack?
a. Extremely Confident
b. Very Confident
c. Somewhat Confident
d. Not very Confident
2. How would you rate the importance of network security to your
organization?
a. Extremely Important
b. Very Important
c. Somewhat Important
d. Not Important
3. Please select the top five vulnerabilities to your organization with
1
being the most severe to 5 being the least severe.
1.
2.
3.
4.
5.
4. In the past year, what type of security countermeasures has your
organization implemented? (Circle all that apply)
a. System security tools
b. Security policy
c. Physical security tools
d. Risk analysis
e. Security awareness and training
f. Vulnerability assessments
g. Incident handling and recovery plans
5. What is the size of your organization?
a. 1 thru 14,999
b. 15,000 thru 24,999
c. 25,000
6. What is your organization's estimated annual security budget?
a. Less than 100k
b. Between 100-300k
c. Between 301-600k
d. Greater than 600k
7. What security technologies is your organization using? (Circle all
that
apply)
a. Firewalls
b. Vulnerability assessment software
c. Intrusion detection systems
d. Network monitoring tools
8. How large is your security section?
a. 1-5 personnel
b. 5-10 personnel
c. 10> personnel
9. How much does your company spend on personnel training annually?
a. 10-25k
b. 25-40k
c. 40-55k
d. 55 or greater
10. What is your organizations primary industry?
a. Aerospace/Engineering
b. Agriculture
c. Banking
d. Education
e. Energy/Utilities
f. Financial
g. Government
h. Health care
i. High Tech
j. Insurance
k. Manufacturing
l. Oil/Petroleum
m. Professional Services
n. Real Estate/Construction
o. Retail
p. Transportation
q. Telecommunications
r. Other
11. Please rank the following according to how your organization spends
it's
security budget? Personnel training, Hardware, Software.
12. What are you annual losses due to internet based security threats
such
as exploits against vulnerabilities, virus, and other threats? ( You can
take into account man hours and etc..)
a. 100-500k
b. 500-1million
c. Greater than 1 million (Please Specify)
13. How would you categorize the approach that your organization takes
in
correcting network security vulnerabilities.
a. Proactive
b. Reactive
14. What is the greatest threat to your organization security?
a. Exploitation of vulnerabilities
b. Lack of skilled security personnel
c. Lack of organizational support of security issues
d. Insider security breaches
e. Outsider security threats
15. One financial institution has said it will "Use every means at our
disposal to protect our assets." They have built strike-back offensive
capabilities. Does your company use such techniques? Would you be willing
to? What event would send you over the edge to adapt this position?
16. How effective is information security in your organization?
a. Poor
b. Sub-Par
c. Adequate
d. Good
e. Excellent
17. Of the following what constraints does your company face?
a. Budgetary
b. Security personnel Skills
c. Inadequate end user awareness
d. Commitment from management
e. Inadequate internal security policy
f. Lack of security products
g. Unclear security responsibilities
18. Of the following please rank the threats to your organization.
___ Virus
___ Worms
___ Default Installation security concerns
___ Buffer Overflows
___ Weak Passwords
___ Trojans
___ Net Bios
___ DDoS
___ Insider Threat
___ Competitors
___ Foreign Countries
Please Send Responses to mailto:Lydale07at_private or simply reply
E.L. Jones
********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed.
If you are not the intended recipient or the person responsible for
delivering to the intended recipient, be advised that you have received
this email in error and that any use of the information contained within
this email or attachments is strictly prohibited.
Internet communications are not secure and Softlab does not accept
any legal responsibility for the content of this message. Any opinions
expressed in the email are those of the individual and not necessarily
those of the Company.
If you have received this email in error, or if you are concerned with
the content of this email please notify the IT helpdesk by telephone
on +44 (0)121 788 5480.
********************************************************************
This archive was generated by hypermail 2b30 : Thu Feb 14 2002 - 08:34:27 PST