Incidents/Report an Incident
The following form has been developed to ease gathering incident
information. If you believe you have been involved in an incident,
please complete - as much as possible - the following form,
and send it to
our support team here.
For the time being our form is under constraction. If you
have anything you need to report then please contact us through
email, fax, or phone.
The information you submit will be treated confidentially,
as stated in our Information Disclosure Policy .
This form is an adaptation of CERT/CC's incident reporting
form, version 5.2.
Your contact and organizational information
2. Organisation name
3. Size of the organisation
4 . Location/Site of incident
5 . Are you a FORTH CERT member?
6 . If no:
sector type (such as banking, education, energy or public
7 . Email address
8 . Telephone number
9 . Other (fax)
Affected Machine(s) (duplicate for each host)
10 . Hostname and IP
11 . Timezone
12 . Purpose or function of the host (please be as specific
Source(s) of the Attack (duplicate for each host)
13. Hostname or IP
15. Been in contact?
Description of the incident (duplicate in case of
16. Date and time of incident
17. Type of incident (i.e. DoS, Unauthorised access, Website
degacement, Malicious code, Misuse of system, Electronic theft,
Computer facilitated fraud, Interception of telecommunication
Other (Please specify):
18. How did you detect this?
19. Methods of intrusion
20. Tools involved
21. Software versions
22. Operating system/version
23. Intruder tool output
24. Vulnerabilities exploited
25. Impact (i.e. Loss/compromise of data, damage to systems,
damage to intergrity
of services/information. financila loss, unavailability of
26. Severity of attack (high, medium, low, unknown)
27. Sensitivity of data (high, medium, low, unknown)
28. Has the incident been resolved? Details
29. Steps taken to resolve the incident (i.e. No action taken,
system(s) disconnected from network, restored data from backup,
physically secured computer, log files examined)
Other (please specify)
30. Other relevant information