From e8df83c83b3961afa7d9f7a8fe1b293d54e13169 Mon Sep 17 00:00:00 2001 From: Curt Hash Date: Tue, 9 Feb 2010 12:41:26 -0700 Subject: [PATCH] survey files --- survey.css | 125 +++++++++++++++++++ survey.html | 344 ++++++++++++++++++++++++++++++++++++++++++++++++++++ survey.py | 95 +++++++++++++++ 3 files changed, 564 insertions(+) create mode 100644 survey.css create mode 100644 survey.html create mode 100755 survey.py diff --git a/survey.css b/survey.css new file mode 100644 index 0000000..f2b8413 --- /dev/null +++ b/survey.css @@ -0,0 +1,125 @@ +html { + background: #454545; +} + +body { + margin: 0; + padding: 0; + border: 0; + border-right: 1px solid #000; + border-bottom: 1px solid #000; + width: 100%; + height: 100%; + background: #fff; + max-width: 800px; + color: #000; + font-size: 0.7em; + font-family: Tahoma, Arial, sans-serif; +} + +#wrapper { + padding: 5em; +} + +#header { + border-bottom: 1px solid #373737; +} + +#content { + padding: 1em 0; +} + +p { + margin: 0; + padding: 2px 0 2px 0; +} + +a { color: #369; } +a:hover { + color: #fff; + background: #369; + text-decoration: none; +} + +img { + padding: 0; + margin: 0; + border: none; + vertical-align: top; +} + +table { + margin: 0.5em; + padding: 0; + border: 1px solid #373737; + border-collapse: collapse; +} +thead { + font-weight: bold; + background: #fff; + border-bottom-style: double; +} +tr { + padding: 0; + margin: 0; + border: 1px solid #373737; +} +td { + margin: 0; + padding: 2px 5px 2px 5px; + border: 1px dotted #c0c0c0; +} + +h1, h2, h3, h4 { margin: .5em 0 .2em 0; } +h1 { font-size: 150%; } +h2 { font-size: 120%; } +h3 { font-size: 110%; } +h4 { font-size: 100%; } + +fieldset { margin-top: 1em; } +input { + font-size: 100%; + margin: .25em .25em 0 .5em; +} + +textarea { + width: 97%; + margin: .25em .25em 0 .5em; +} + +.sep { + height:1px; + margin: 1em 0 1em 0; + border-bottom: 1px dashed #c0c0c0; +} + +.question { + font-weight: bold; + margin-bottom: .5em; +} + +ul { + margin: .25em .25em 0 .5em; + padding: 0 1.25em; +} + +li { + margin-bottom: 1em; +} + +.submit { + text-align: right; + margin-top: 1em; + border-top: 1px solid #373737; + padding-top: 1em; +} + +.error { + margin: 1em 0; + padding: 1em; + border: 1px solid red; + background: #ffaaaa; + color: #000; + font-weight: bold; +} + diff --git a/survey.html b/survey.html new file mode 100644 index 0000000..a2a96e7 --- /dev/null +++ b/survey.html @@ -0,0 +1,344 @@ + + + + CyberTracer Collaboration Survey + + + + + + + +
+ + + +
+ +

Please take a few minutes to fill out and submit this survey. One of + the primary goals of the Cyber Tracer Team, the people behind Tracer FIRE, + is to improve the existing collaboration environment between NNSA sites + and other stakeholders. The information you provide in this survey will help + us to accomplish that goal.

+ +
+ +
+ +
+ +

1. What is your affiliation?

+ NNSA
+ DOE
+ DOD
+ Other Federal government
+ State government
+ Private sector
+ Other + +
+ +

2. For each skill area listed, select the option that best describes the situation + at your site or within your organization.

+
    +
  • Host forensics
    + have an advanced capability in this area
    + don't have an advanced capability in this area, but + can obtain help from other sites
    + don't have an advanced + capability in this area, and cannot + obtain help from other sites +
    • +
  • Network forensics
    + have an advanced capability in this area
    + don't have an advanced capability in this area, but + can obtain help from other sites
    + don't have an advanced + capability in this area, and cannot + obtain help from other sites +
    • +
  • Reverse engineering
    + have an advanced capability in this area
    + don't have an advanced capability in this area, but + can obtain help from other sites
    + don't have an advanced + capability in this area, and cannot + obtain help from other sites +
    • +
+ +
+ +

3. How many other sites or organizations do you + regularly collaborate with? "Regular" collaboration + is defined as collaboration that is frequent or part of standard operation procedure.

+ 0 + 1 + 2 + 3 + 4 + 5+ + +
+ +

4. How many other sites or organizations did you collaborate + with in all of FY09?

+ 0 + 1 + 2 + 3 + 4 + 5+ + +
+ +

5. If there were a serious cyber security incident at your site, + how many organizations would you feel comfortable calling for help?

+ 0 + 1 + 2 + 3 + 4 + 5+ + +
+ +

6. Would you prefer to use official channels (e.g., make a request to a team dedicated to + vetting and fielding incident responders from around the complex) or unofficial channels (e.g., pick up the + phone and call the reverse engineering expert you exchanged business cards with at Tracer FIRE) to request + help with an incident?

+ Official channels + Unofficial channels + +
+ +

7. Rank the items listed below from least to most helpful (1 = least helpful, + 5 = most helpful) for establishing trust relationships and fostering collaboration between sites.

+ + + + + + + + + + + + + + + + + + + + + +
Tracer FIRE + 1 + 2 + 3 + 4 + 5 +
Cyber security conferences + 1 + 2 + 3 + 4 + 5 +
Video teleconferencing + 1 + 2 + 3 + 4 + 5 +
Teleconferencing + 1 + 2 + 3 + 4 + 5 +
SILC or IRC + 1 + 2 + 3 + 4 + 5 +
+ +
+ +

8. How effective is the toolset (hardware and software) that is available to you + for cyber collaboration?

+ Not effective at all + Somewhat effective + Sufficient + Very effective + Couldn't be better + +
+ +

9. How effective is the existing collaboration environment between NNSA sites + and other stakeholders?

+ Not effective at all + Somewhat effective + Sufficient + Very effective + Couldn't be better + +
+

10. Do you have any suggestions or ideas for improving the cyber collaboration + environment between NNSA sites and other stakeholders? Please be brief.

+ + +
+ +
+ +
+
+
+ + + diff --git a/survey.py b/survey.py new file mode 100755 index 0000000..a80cdc5 --- /dev/null +++ b/survey.py @@ -0,0 +1,95 @@ +#!/usr/bin/env python + +import cgi +import cgitb +import os +import time + +cgitb.enable() + +form = cgi.FieldStorage() +client = os.environ["REMOTE_ADDR"] + +fields = { + 'affiliation' : ['nnsa', 'doe', 'dod', 'otherfed', 'state', 'private', 'other'], + 'hostforensics' : ['has', 'doesnt_have_can_get', 'doesnt_have_cant_get'], + 'netforensics' : ['has', 'doesnt_have_can_get', 'doesnt_have_cant_get'], + 'reversing' : ['has', 'doesnt_have_can_get', 'doesnt_have_cant_get'], + 'regularcollab' : ['0', '1', '2', '3', '4', '5+'], + 'collab' : ['0', '1', '2', '3', '4', '5+'], + 'incident' : ['0', '1', '2', '3', '4', '5+'], + 'channels' : ['official', 'unofficial'], + 'helpfulone' : ['tracer', 'cons', 'vtc', 'tc', 'irc'], + 'helpfultwo' : ['tracer', 'cons', 'vtc', 'tc', 'irc'], + 'helpfulthree' : ['tracer', 'cons', 'vtc', 'tc', 'irc'], + 'helpfulfour' : ['tracer', 'cons', 'vtc', 'tc', 'irc'], + 'helpfulfive' : ['tracer', 'cons', 'vtc', 'tc', 'irc'], + 'toolset' : ['0', '1', '2', '3', '4'], + 'overall' : ['0', '1', '2', '3', '4'], + 'comments' : [] + } + +def validate(form): + + for k,v in fields.items(): + if len(v) and form.getfirst(k) not in v: + return False + + vals = [] + for k in ['helpfulone', 'helpfultwo', 'helpfulthree', 'helpfulfour', 'helpfulfive']: + if form.getfirst(k) in vals: + return False + vals.append(form.getfirst(k)) + + return True + +print 'Content-Type: text/html' +print '' + +print ''' + + + + CyberTracer Collaboration Survey + + + + +
+ + + +
+''' + +if validate(form): + results = [client, str(time.time())] + + for k in fields.keys(): + val = form.getfirst(k) + if k == 'comments': + val = val.replace(',', ' ') + val = val.replace(':', ' ') + val = val.replace('\n', ' ') + val = val.replace('\r', ' ') + results.append('%s:%s' % (k, val)) + + f = open('/var/results', 'a') + f.write(','.join(results) + '\n') + f.close() + + print '

SUCCESS! Your survey submission has been accepted. Please do not retake the survey. Thanks!

' +else: + print ''' +

FAIL! It looks like you bypassed the client-side validation of the survey! That's too easy and the contest + hasn't even begun yet! Would you please go back and just take the survey? It is very important!

+ ''' + +print ''' +
+
+ + +'''