LAN Security Survey--Emergency, Help Needed

LAN Security Survey--Emergency, Help Needed

Post by Li_H_.. » Wed, 01 Jun 1994 09:18:15



          SURVEY OF SECURITY IN LOCAL AREA NETWORK 1994

     I'm an international student currently studying in Hawaii
Pacific University under the program of MSIS ( Master of Science in
Information Systems). In order to complete my study and obtain my
master degree, the final task is to complete my professional paper.
     The survey I posted on May 23 ended with two responses. I do
not intend to irritate all the readers here, but this is so urgent
that I do really need your help to finish this task. Please take
time to complete this survey.
     As all indications point to a continual growth of LAN, my
study focuses on security problems. The purpose of this study is to
advance a set of remedies attached with cost-benefit analysis to
help the LAN administrator to allocate the limited resources to
effectively and efficiently safeguard the IS resources in a LAN
environment.
     The population which participates in this survey focuses on
the LAN administrators that are currently in charge of the
management of LANs in the university. Participants from other
organizations are also welcome. I'll post the final analysis and
recommendation here as a return favor.
     The classifications of the information in the following
questionnaires are correspondent to the literature review. The
information to be collected is divided into general information,
penetration causes and security process three categories.

I. General Information

1. What is the nature of the business? (use X to mark the answer)

____  A  Government
____  B  Public Utilities
____  C  Education
____  D  Others

2. How many nodes are working in your LAN? (Please fill the number)

3. How many years of work experience do you have in computing area?

4. How many years of work experience do you have in LAN management?

II. Penetration Causes

5. What is the total number of penetrations or incidents happening
last year?

6. What is the average system downtime?

7.a. What is the percentage of the penetrations or incidents
resulted from the human threats?

7.b. Under human threats, what is the percentage of intentional
penetration?

8. What is the percentage of the penetrations or incidents resulted
from a natural disaster? ( Nature disasters include all the
unexpected incidents that occur to disturb or even destroy the data
processing in an LAN environment, such as fire disaster, power
disturbance, lightning, hurricane, flood, or bombing.)

9. What is the percentage of the penetrations or incidents resulted
from the failure of hardware and software? (The failure of hardware
and software means an unexpected occurrence resulted from the
generic failure of the hardware or software instead of the
intentional destruction, such as a virus attack or Trojan Horse.)

10. Except the three penetration routes listed above, what could be
other penetration causes that endanger your LAN security? (Please
specify)

III. Security Processes  

11. What is the percentage of resources allocated to physical
controls? (Physical controls include prevention from theft, the
wiring, electrical power supply, fire protection and control, and
computer room layouts.)

12. What is the percentage of penetrations resulted from the
inadequate physical controls?

13. What is the percentage of resources allocated in access
controls? (The access controls include restricting unauthorized
access to data sets, object code programs, source code programs,
and network and communication facilities. The processes in this
category contain log-on controls, remote access control, multi
level security, encryption and decryption, distributing and
limiting the access.)

14. What is the percentage of penetrations resulted from inadequate
access controls?

15. What is the percentage of resources allocated in application
controls? (Application Controls include those controls imbedded in
the software of a specific application system. Usually, they are
implemented during the development of the application, such as
check point restart, maintaining log files, Validating input data,
Testing the proper execution of programs, and DOS shell system.)

16. What is the percentage of penetrations resulting from the
inadequate application controls?

17. What is the percentage of resources allocated in responding
virus attacks?

18. What is the percentage of penetrations resulting from the
attack of viruses?

19. What is the percentage of resources allocated in performing a
backup plan?

20. What is the percentage of penetrations resulted from an
inadequate backup planning?

     Please take time to fill these questionnaires, and send it to
my E-mail address before June 6, 1994. Any comments or suggestion
is appreciated.

Thanks for your help.

Li-Hong Lin


---------------------------------------------

 
 
 

1. LAN SECURITY SURVEY-EMERGENCY, Help Needed

          SURVEY OF SECURITY IN LOCAL AREA NETWORK 1994

     I'm an international student currently studying in Hawaii
Pacific University under the program of MSIS ( Master of Science in
Information Systems). In order to complete my study and obtain my
master degree, the final task is to complete my professional paper.
     The survey I posted on May 23 ended with two responses. I do
not intend to irritate all the readers here, but this is so urgent
that I do really need your help to finish this task. Please take
time to complete this survey.
     As all indications point to a continual growth of LAN, my
study focuses on security problems. The purpose of this study is to
advance a set of remedies attached with cost-benefit analysis to
help the LAN administrator to allocate the limited resources to
effectively and efficiently safeguard the IS resources in a LAN
environment.
     The population which participates in this survey focuses on
the LAN administrators that are currently in charge of the
management of LANs in the university. Participants from other
organizations are also welcome. I'll post the final analysis and
recommendation here as a return favor.
     The classifications of the information in the following
questionnaires are correspondent to the literature review. The
information to be collected is divided into general information,
penetration causes and security process three categories.

I. General Information

1. What is the nature of the business? (use X to mark the answer)

____  A  Government
____  B  Public Utilities
____  C  Education
____  D  Others

2. How many nodes are working in your LAN? (Please fill the number)

3. How many years of work experience do you have in computing area?

4. How many years of work experience do you have in LAN management?

II. Penetration Causes

5. What is the total number of penetrations or incidents happening
last year?

6. What is the average system downtime?

7.a. What is the percentage of the p

2. Enabling Module support in RedHat

3. LAN SECURITY SURVEY

4. COLA Stats 11 May 2003

5. Emergency Help Needed!: Need bootdiskette for rs6000 320H

6. What is VM worth?

7. Need help on Linux setup LAN within LAN

8. Netscape Enterprise: can it be installed remotely?

9. Survey for school about net security- all help appreciated

10. EMERGENCY! Need help with fsck.

11. Need help with Emergency Floppies (and who is PAM anyways?)

12. what happened to linux-security website: Linux Emergency Response Team

13. LAN Security Help