Vulnerability Development mailing list archives
OT, Is this suspicious to you too? (was FW: Graduate Student Surv ey)
From: "Kayne Ian (Softlab)" <Ian.Kayne () softlab co uk>
Date: Thu, 14 Feb 2002 08:34:39 -0000
Hey all, This turned up in my inbox this morning. Have a read of the "Note to Participants", and the list of ppl it was sent to. To me, this looks pretty suspicious. Questions such as "3. Please select the top five vulnerabilities to your organization with 1 being the most severe to 5 being the least severe." smack of social engineering to me. Maybe I'm being overly paranoid, but as I'm definately not a member of the Computer Security Institute, some warning bells are going off over here. Theres a few well known email addresses in that list (ie @securityfocus.com), so no doubt a few people on this list will have received this too. What's your thoughts? If I'm wrong and this is a legit enquiry, then fair enough. But any way you look at it, I'm not going to reveal the "security countermeasures your organisation has implemented" in the last year. I'm also interested to know why the from is a .mil address, but the reply-to is hawaii.rr.com. Have a good day... Ian Kayne Technical Specialist - IT Solutions Softlab Ltd - A BMW Company -----Message Headers------ Received: from *censored* ([x.x.x.x]) by *censored* with SMTP id ZGRQWX59; Thu, 14 Feb 2002 06:31:12 -0000 Received: FROM pescado.nosc.mil BY *censored* ; Thu Feb 14 06:31:11 2002 0000 Received: from j65204u1lhm7lf (a66b8n138client66.hawaii.rr.com [66.8.138.66]) by pescado.nosc.mil (Netscape Messaging Server 4.15) with ESMTP id GRIFFA00.RAL; Wed, 13 Feb 2002 22:30:46 -0800 From: "Edward L. Jones" <eljones () spawar navy mil> To: <snipped> Subject: Graduate Student Survey Date: Wed, 13 Feb 2002 20:26:45 -0800 Message-ID: <NDENLMGFNMNADOLLBAIGGEAACDAA.eljones () spawar navy mil> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: High X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 -----Original Message----- From: Edward L. Jones [mailto:eljones () spawar navy mil] Sent: 14 February 2002 04:27 To: a.heinlein () systemtechnik-schreurs de; ABlevins () arrowheadgrp com; adrian.fruehwirth () gmx net; altaassociates1 () erols com; Anders.Amandusson () sca com; andrei.pascal () fransmaas ro; argv () jaskinia eu org; AUsewicz () best-international com; bfilmer () ims telstra com au; bhodi_jabir () yahoo com; bjoshi () mos com np; BlueBoar () thievco com; BOBrien () columbia com; BStrauss () feliscatus org; btw () eniac mine nu; bvi () devco net; bzdrnja () zesoi fer hr; carsten () bang dk; chandlerchrisc () earthlink net; commorancy () yahoo com; core () euclid terraplex com; craig () ambrosa dns04 com; debra () webactive co uk; devdas () worldgatein net; dinger () gslis utexas edu; ditmar.den.engelsen () accenture com; donovan () paxemail com; dpuryear () usa net; dward () maidencreek com; eballen1 () qwest net; estanoln () spawar navy mil; et () c4i org; evgeny () abirnet co il; faial () rio-de-janeiro sns slb com; fernando.cardoso () whatevernet com; fh () rcs urz tu-dresden de; francis () gonzaga edu; franklin_tech_bulletins () yahoo com; freem100 () chapman edu; gary.porter () matcomcorp com; giuseppe.dani () tin it; Glenn Forbes Fleming Larratt; grocha () neutraldomain org; gryphonn () austarnet com au; hamlet_av () ciaoweb it; Ian.Kayne () softlab co uk; isommer () checkpoint com; izik () tty64 org; Jacques () telemar-ba com br; jason () brvenik com; javapro13 () hotmail com; jdyson () treachery net; jeff () securityfocus com; jeremiah () www whitehatsec com; jfasselin () micrologic ca; jkruser () adelphia net; joe_brown () senet-int com; johannes () verelst net; john () pmbbs demon co uk; jon () divisionbyzero com; jonathas () lia ufc br; Joshua_Hiller () aeanet org; jpuckett () ticom com; jullrich () euclidian com; KEVIN.A.ESTIS () saic com; keydet89 () yahoo com; leon () inyc com; lists () shortestpath org; loki () fatelabs com; lucian.vanghele () bisnet ro; E. L. Jones (E-mail); lyeoh () pop jaring my; mailinglist () lasamaria com; mark () pennies freeserve co uk; marlon () smartidea com; marshal () marshal-soft com; martin () more net; maxime.rapaille () nbb be; mayday () cad cj pcnet ro; mdresser () windsormachine com; medgi () evc net; meinbugtraq () gmx net; meritt_james () bah com; mike.gilles () itmtech com; mike () rockynet com; mkennedy () symantec com; mlabelle () city coquitlam bc ca; mnv () alumni princeton edu; moonpup () mediaone net; narancs () narancs tii matav hu; neil.long () computing-services oxford ac uk; nick () virus-l demon co uk; nkn () interpactinc com; open_your_eyes () mindspring com; pedro () ciphertech com br; Peggy () TSIT com; petrance () di uoa gr; pheh () the whole net; philp () csds uidaho edu; phosking () networkcountermeasures com; pradeep.kumar () nexsi com; psydii () yahoo com; quentyn () mx1 fotango com; r.fulton () auckland ac nz; rabbi () quickie net; ragent () gnuchina org; ras () slartibartfast magrathea com; rbontuyan () inq7 net; rclark () texascellular com; reeler () reeler org; rescobar () eglobalreach net; rhys () xpand com au; rob () robhughes com; ryan () securityfocus com; sa7ori () tasam com; scottperkins () earthlink net; security.alert () tataisp com; Security_Technology () bigfoot com; securityprofneedsjob () hushmail com; shf () equinox tx pl; sirsyko () mergioo ishiboo com; SLord () iss net; srith () spawar navy mil; stauph () hotmail com; steve () frij com au; sysadmin () acrilic net; tcobo () zoomtown com; td () salesint com; teo () gecadsoftware com; Thomas.Krul () ocipep gc ca; Thor () HammerofGod com; timslighter () home com; tinberg () securepipe com; Todd.Miller () courtesan com; TripleDES () eSlack org; tseeker () neptune fr; twhite () yossarian aniota net; uQ3TdHe0r () earthlink net; utkin () 123mail net; Valdis.Kletnieks () vt edu; vern () aciri org; walter () securityfocus com; wichert () wiggy net; woods () weird com; wpark () miller cs uwm edu; zanemcauley () yahoo com; zen () kill-9 it; zen-parse () gmx net; zesnark () yahoo com; zorch () totally righteous net Subject: Graduate Student Survey Importance: High A Survey for Exploring the Cost of Correcting Security Vulnerabilities before they are Exploited. By Edward L. Jones Hawaii Pacific University 11 Dec 2001 Note to Participants: You have been selected randomly to provide information concerning the cost of correcting network security vulnerabilities before they are exploited. All information given will be used to complete an exploratory research project by the author and for these purposes only. Please answer the questions to the best of your ability hence you were selected because of your membership to the Computer Security Institute, and the knowledge you posses as a member of that professional organization. 1. How confident are you that your organization's network is protected from attack? a. Extremely Confident b. Very Confident c. Somewhat Confident d. Not very Confident 2. How would you rate the importance of network security to your organization? a. Extremely Important b. Very Important c. Somewhat Important d. Not Important 3. Please select the top five vulnerabilities to your organization with 1 being the most severe to 5 being the least severe. 1. 2. 3. 4. 5. 4. In the past year, what type of security countermeasures has your organization implemented? (Circle all that apply) a. System security tools b. Security policy c. Physical security tools d. Risk analysis e. Security awareness and training f. Vulnerability assessments g. Incident handling and recovery plans 5. What is the size of your organization? a. 1 thru 14,999 b. 15,000 thru 24,999 c. 25,000 6. What is your organization's estimated annual security budget? a. Less than 100k b. Between 100-300k c. Between 301-600k d. Greater than 600k 7. What security technologies is your organization using? (Circle all that apply) a. Firewalls b. Vulnerability assessment software c. Intrusion detection systems d. Network monitoring tools 8. How large is your security section? a. 1-5 personnel b. 5-10 personnel c. 10> personnel 9. How much does your company spend on personnel training annually? a. 10-25k b. 25-40k c. 40-55k d. 55 or greater 10. What is your organizations primary industry? a. Aerospace/Engineering b. Agriculture c. Banking d. Education e. Energy/Utilities f. Financial g. Government h. Health care i. High Tech j. Insurance k. Manufacturing l. Oil/Petroleum m. Professional Services n. Real Estate/Construction o. Retail p. Transportation q. Telecommunications r. Other 11. Please rank the following according to how your organization spends it's security budget? Personnel training, Hardware, Software. 12. What are you annual losses due to internet based security threats such as exploits against vulnerabilities, virus, and other threats? ( You can take into account man hours and etc..) a. 100-500k b. 500-1million c. Greater than 1 million (Please Specify) 13. How would you categorize the approach that your organization takes in correcting network security vulnerabilities. a. Proactive b. Reactive 14. What is the greatest threat to your organization security? a. Exploitation of vulnerabilities b. Lack of skilled security personnel c. Lack of organizational support of security issues d. Insider security breaches e. Outsider security threats 15. One financial institution has said it will "Use every means at our disposal to protect our assets." They have built strike-back offensive capabilities. Does your company use such techniques? Would you be willing to? What event would send you over the edge to adapt this position? 16. How effective is information security in your organization? a. Poor b. Sub-Par c. Adequate d. Good e. Excellent 17. Of the following what constraints does your company face? a. Budgetary b. Security personnel Skills c. Inadequate end user awareness d. Commitment from management e. Inadequate internal security policy f. Lack of security products g. Unclear security responsibilities 18. Of the following please rank the threats to your organization. ___ Virus ___ Worms ___ Default Installation security concerns ___ Buffer Overflows ___ Weak Passwords ___ Trojans ___ Net Bios ___ DDoS ___ Insider Threat ___ Competitors ___ Foreign Countries Please Send Responses to mailto:Lydale07 () hawaii rr com or simply reply E.L. Jones ******************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and Softlab does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the IT helpdesk by telephone on +44 (0)121 788 5480. ********************************************************************
Current thread:
- OT, Is this suspicious to you too? (was FW: Graduate Student Surv ey) Kayne Ian (Softlab) (Feb 14)