Worms and Questionnaires

SA Security Bloggers

SensePost

Haroon Meer
link

Matt Erasmus
link

Andrew Mohawk

Junaid Loonat
link

Barry Irwin
link

Tom Wells

Allen Baranov
link

Jock Forrester
link

IT Security Pubcast
link

Telspace

ISGAfrica

Ralfe Poisson

How-To's
link Linux SSH Jail with pam_chroot
link Firefox Privacy & Security Extensions

Papers
link Managing Patching, my MSc Thesis
link Risk Analysis of Monthly Patch Schedules

Tools
link Automated Vodacom SMS (VodaSMS)
link RSS 2 SMS
link DShield Hack Detection

Neologisms
link Encryption principles
link Zoolander's Law

Syndicate This Blog

SSL

Certificate fingerprints:

SHA1: 61 13 45 4B 4C F9 89 9B B7 87 C8 78 F7 38 12 CB 07 E2 60 BF
MD5 : DA 53 7B 50 E4 3A 2C 6C A1 17 53 C1 A0 5E CB 89

HTTPS version.
You can find an explanation here.

License

Original content in this work is licensed under a Creative Commons License

Disclaimer

This blog and its contents are in no way affiliated with, or endorsed by my employer.

Random Entry: There is no conspiracy, there is no conspiracy ...
< Vim | The 'this is me' phenomenon >

Thursday, May 13. 2004

Worms and Questionnaires

I am busy writing a questionnaire to send to secuirty professionals around the world to see how they deal with vulnerabilities and patching.

My first version was quite bad. I need to ask the questions in a consistent manner, re-phrase the language and get all necessary aspects (for example I had not asked what industry the person works in). I am looking around for web based questionaaire software, of which there are mainly commercial solutions. I did find the Socrates Questionnaire Engine but it is Java and unpleasant. I am going to ask the department if I can use their Perceptions software.
UPDATE 12:14PM - Socrates and Perceptions are too complicated. PHP keep things nice and simple. Keep checking back at http://singe.rucus.net/quest/ to see my progress.

I then stumbled across an interesting article on how to deal with worms. It had some usefull methadology descriptions. I felt the most interesting paragraph to be:

"

There are six steps involved in a worm mitigation methodology, in order: preparation, identification, classification, trace back, reaction, and post-mortem. The reaction phase can broken down into containment, inoculation, quarantine, and treatment. Worm mitigation requires coordination between system administration, network engineering, and security operations personnel. This is critical in responding effectively to a worm incident. The containment phase involves the limiting of the spread of a worm infection to those areas of the network already affected. With the worm infection contained, or at the least, significantly slowed down, the inoculation process further deprives the worm of any available targets.

Posted by Dominic White in Masters at 09:20 | Comments (3) | Trackbacks (0)

Last modified on 2004-09-09 11:41

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Name
Email
Homepage
In reply to
Comment	E-Mail addresses will not be displayed and will only be used for E-Mail notifications. To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above:
	Remember Information? Subscribe to this entry