French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

FrSIRT - Report a computer security incident

The purpose of the FrSIRT Incident Reporting Scheme is to provide a mechanism :

- To collect and analyse reports about computer security incidents affecting French computer and information networks.
- To enable us to better inform the French public about computer network attack activity, threats and trends, and protection strategies.
- To make reports to Internet Service Providers, administrators, and other CSIRTs.
- To isolate the machines from which the attack originated.

Types of incidents

FrSIRT handles these types of computer security incidents :

  • Any kind of attacks, which may lead to root or system level compromise on public services
  • Any kind of attacks, resulted in phishing, backdoor or rootkit programs installation
  • Denial of service attacks
  • Purposeful virus distribution

Who can report an incident

We will accept reports from anyone around the globe about computer security incidents emanating from or directed against french networks.
 
 How to report an incident

 The following form has been developed to ease gathering incident information. If you believe you have been involved in an incident, please complete - as much as possible - the following form, and send it to : incidents@frsirt.com

This form is an adaptation of CERT/CC's incident reporting form version 5.2.

 ----- FrSIRT Incident Reporting Form version 1.0 <incidents@frsirt.com> -----

### Contact ###


1. Contact Name :
........................................................................................................

2. Organisation name :
........................................................................................................

3. Sector type :
........................................................................................................

4. Email address :
........................................................................................................

5. Mail address :
........................................................................................................

6. City :
........................................................................................................

7. Country :
........................................................................................................

8. Telephone number :
........................................................................................................

9. Other :
........................................................................................................


### Affected Machine(s) (duplicate for each host) ###


10. Hostname and IP :
........................................................................................................

11. City and coutry where the machine is hosted :
........................................................................................................

12. Operating system :
........................................................................................................

13. Attacked port(s) :
........................................................................................................

14. Purpose or function of the host (web server, workstation...) :
........................................................................................................


### Source(s) of the Attack (duplicate for each host) ###


15. Hostname and IP :
........................................................................................................

16. City and coutry where the machine is hosted :
........................................................................................................

17. Source port(s) :
........................................................................................................


### Description of the incident (duplicate in case of multiple incidents) ###


18. date, time and timezone :
........................................................................................................

19. methods of attack :
........................................................................................................

20. Vulnerabilities exploited :
........................................................................................................

21. Consequences (root or system level compromise, defacement, Denial of Service...) :
........................................................................................................

22. Installed tools (rootkits, bots, trojans, warez...) :
........................................................................................................

23. Other relevant information :
........................................................................................................

........................................................................................................

........................................................................................................
 
 

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy