Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re:questionnaire

  • From: CERT(R) Coordination Center
  • Date: Mon Sep 30 10:30:50 2002

-----BEGIN PGP SIGNED MESSAGE-----

***************************************************************************

                [NOTE -- THIS IS AN AUTOMATED RESPONSE]

Thank you for contacting the CERT(R) Coordination Center. We
appreciate your contacting us and consider your communications with us
to be very important. Because we focus our response efforts to have
the greatest impact on the Internet community, we may be unable to
provide you with a personal response to your message.

Please review the pointers contained in this message for information
which may be of immediate use to you.


  Section A - CERT/CC Current Activity

  Section B - Incident Reporting Information

  Section C - Vulnerability Reporting Information


If you need additional information from the CERT/CC, we encourage you
to begin by looking at our list of CERT/CC Frequently Asked Questions:

  http://www.cert.org/faq/cert_faq.html

======================================================================

Section A - CERT/CC Current Activity


  The CERT/CC Current Activity web page provides a summary list of the
  most frequent types of incident and vulnerability activity currently
  being reported to the CERT/CC.

  Please refer to this regularly updated page to obtain immediate
  assistance in response to frequently reported activity:

    http://www.cert.org/current/current_activity.html

  In addition, the latest CERT/CC documents can be found at:

    * CERT Advisories          - http://www.cert.org/advisories/
    * CERT Incident Notes      - http://www.cert.org/incident_notes/
    * CERT Vulnerability Notes - http://www.kb.cert.org/vuls/
    * CERT Summaries           - http://www.cert.org/summaries/
    * CERT Tech Tips           - http://www.cert.org/tech_tips/

    * What's New               - http://www.cert.org/nav/whatsnew.html
    * CERT/CC Web Site         - http://www.cert.org/

  For pointers to information about computer viruses and hoaxes,
  please see:

    * http://www.cert.org/other_sources/viruses.html

======================================================================

Section B - Incident Reporting Information


  We appreciate receiving incident reports because it helps us to
  gain a better understanding of ongoing intruder activities and
  attack profiles. From the information we receive, we are able to 
  identify and address critical security issues within the Internet
  community. Because we prioritize our response efforts to have the 
  greatest impact on the Internet community, we are not be able to 
  provide everyone with a personal response.

  For general information about reporting incidents to the CERT/CC, 
  please see our Incident Reporting Guidelines at:

    http://www.cert.org/tech_tips/incident_reporting.html

  To report incidents to the CERT/CC, please send information about
  the incident in plain text format to cert@cert.org. You may wish to
  use our Incident Reporting Form, located at:

    http://www.cert.org/reporting/incident_form.txt

  The CERT/CC considers the following types of incidents to be
  emergencies:

  * possible life-threatening activity
  * attacks on the Internet infrastructure, such as:
    - root name servers
    - domain name servers
    - major archive sites
    - network access points (NAPs)
  * widespread automated attacks against Internet sites
  * new types of attacks or new vulnerabilities

  If you are reporting such an emergency outside our operational
  hours - business days between

    08:00-17:00 EST/EDT (GMT-5/GMT-4)

  and require immediate assistance, then please call the CERT
  hotline:

    +1 412 268 7090

  If you believe the intruder activity is a threat to people's
  lives or to the Internet infrastructure, please contact us
  immediately.
  
======================================================================

Section C - Vulnerability Reporting Information


  If you would like to report a new type of vulnerability or
  tool being used by the intruder community, we would be
  interested in any details that you may have. If you are able,
  please include any or all of source code, log files of
  execution, and descriptions of operating dependencies. Please
  feel free to submit these details in ASCII format files (where
  possible) of your own design, or if you prefer to use a form,
  please see the file:

    http://www.cert.org/reporting/vulnerability_form.txt

  Please also encrypt the report using PGP if you are able to do
  so. Instructions are given at the top of the reporting form.


======================================================================

CERT(R) Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA  USA  15213-3890

Internet e-mail:  cert@cert.org (monitored during business hours)

Telephone: +1-412-268-7090 24-hour hotline
        CERT Coordination Center personnel answer business days
        08:00-17:00 EST/EDT (GMT-5)/(GMT-4), on call for emergencies
        during other hours.

Fax: +1-412-268-6989

CERT and CERT Coordination Center are registered in U.S. Patent and
Trademark Office.

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQCVAwUBPDNbnaCVPMXQI2HJAQHvcwQAljLIFBVtoFPoATWgbU/n5PSuz3cTT6Mw
2BEemoZN7xpQczGMDXgBapzFmTRiq3oVM1aSbpKZ6W8CGjoCQOdxGGQ22kTpFaHK
e4j+b2Juym8aOWYuEmXxaw9MVPh79Bh8eIOC3npuYEXbEvlQPRyuDyNCZq5Vwe6b
Y2ubokmJD3M=
=q5NW
-----END PGP SIGNATURE-----




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.