Informal Security Survey

Friday, August 13, 1999

Number of schools responding: 11

Dedicated security group:

Team Makeup (of those universities with security groups) Each number represents a school's response:

Avg group size overall = 28/5 = 5.60

Notably, only one school utilizes students.

When you discover a compromised machine on your campus, do you:

Look over the machine to trace the source of the attack? Contact authorities Format the machine Disable the drop

When you discover vulnerability scans of your campus, do you:

Ignore the scan Contact the source of scan Filter out the source (if possible) Do you use: Dedicated firewalls? SecureID or token cards Filtering on your router Filtering to prevent spoofed IP source addresses from your campus

Do you mandate any special security rules (e.g., no email attachments, no web servers, no linux boxes)?

Do you offer something equivalent to encrypted telnet to your users?

Do you forbid the use of unencrypted telnet?

Do you use PGP or another secure mechanism for email?

Do you have a case tracking tool (e.g., trouble tickets)?

How many breakins do you encounter a week? (of those who claimed >0 breakins/week)

.3 +2.5 +3 +3 +.25 -> 9.05/5 = 1.81 average

How much is budgeted for your network security (approx)?

Responses varied drastically from $0 to $20,000

Optional Comments:

We now have ISS in house and are starting to develop a policy to configure the software. We have some issues regarding unplugging machines that are both political and economic. We are actively pursuing carrots because they are more effective.

Security by obscurity has been our philosophy. We are fortunate to have a campus with a well-behaved student body.

Multiple groups at Tufts handle security; central IT, IT at various colleges of the university, and the central network group. actions taken depend on type of attack, who owns the box, and so on. some groups have trouble ticketing systems. we're in the process of shutting down all non-local mail relaying. secureid system for the administrative firewall is onsite but not in use.

Fun Facts out of 11 responding universities: