Mail Archives: cygwin/2003/08/19/11:58:19
-----BEGIN PGP SIGNED MESSAGE-----
***************************************************************************
[NOTE -- THIS IS AN AUTOMATED RESPONSE]
Thank you for contacting the CERT(R) Coordination Center. We
appreciate your contacting us and consider your communications with us
to be very important. Because we focus our response efforts to have
the greatest impact on the Internet community, we may be unable to
provide you with a personal response to your message.
Please review the pointers contained in this message for information
which may be of immediate use to you.
Section A - CERT/CC Current Activity
Section B - Incident Reporting Information
Section C - Vulnerability Reporting Information
If you need additional information from the CERT/CC, we encourage you
to begin by looking at our list of CERT/CC Frequently Asked Questions:
http://www.cert.org/faq/cert_faq.html
======================================================================
Section A - CERT/CC Current Activity
The CERT/CC Current Activity web page provides a summary list of the
most frequent types of incident and vulnerability activity currently
being reported to the CERT/CC.
Please refer to this regularly updated page to obtain immediate
assistance in response to frequently reported activity:
http://www.cert.org/current/current_activity.html
In addition, the latest CERT/CC documents can be found at:
* CERT Advisories - http://www.cert.org/advisories/
* CERT Incident Notes - http://www.cert.org/incident_notes/
* CERT Vulnerability Notes - http://www.kb.cert.org/vuls/
* CERT Summaries - http://www.cert.org/summaries/
* CERT Tech Tips - http://www.cert.org/tech_tips/
* What's New - http://www.cert.org/nav/whatsnew.html
* CERT/CC Web Site - http://www.cert.org/
For pointers to information about computer viruses and hoaxes,
please see:
* http://www.cert.org/other_sources/viruses.html
======================================================================
Section B - Incident Reporting Information
We appreciate receiving incident reports because it helps us to
gain a better understanding of ongoing intruder activities and
attack profiles. From the information we receive, we are able to
identify and address critical security issues within the Internet
community. Because we prioritize our response efforts to have the
greatest impact on the Internet community, we are not be able to
provide everyone with a personal response.
For general information about reporting incidents to the CERT/CC,
please see our Incident Reporting Guidelines at:
http://www.cert.org/tech_tips/incident_reporting.html
To report incidents to the CERT/CC, please send information about
the incident in plain text format to cert AT cert DOT org. You may wish to
use our Incident Reporting Form, located at:
http://www.cert.org/reporting/incident_form.txt
The CERT/CC considers the following types of incidents to be
emergencies:
* possible life-threatening activity
* attacks on the Internet infrastructure, such as:
- root name servers
- domain name servers
- major archive sites
- network access points (NAPs)
* widespread automated attacks against Internet sites
* new types of attacks or new vulnerabilities
If you are reporting such an emergency outside our operational
hours - business days between
08:00-17:00 EST/EDT (GMT-5/GMT-4)
and require immediate assistance, then please call the CERT
hotline:
+1 412 268 7090
If you believe the intruder activity is a threat to people's
lives or to the Internet infrastructure, please contact us
immediately.
======================================================================
Section C - Vulnerability Reporting Information
If you would like to report a new type of vulnerability or
tool being used by the intruder community, we would be
interested in any details that you may have. If you are able,
please include any or all of source code, log files of
execution, and descriptions of operating dependencies. Please
feel free to submit these details in ASCII format files (where
possible) of your own design, or if you prefer to use a form,
please see the file:
http://www.cert.org/reporting/vulnerability_form.txt
Please also encrypt the report using PGP if you are able to do
so. Instructions are given at the top of the reporting form.
Our vulnerability disclosure policy is available at
http://www.kb.cert.org/vuls/html/disclosure
======================================================================
CERT(R) Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA USA 15213-3890
Internet e-mail: cert AT cert DOT org (monitored during business hours)
Telephone: +1-412-268-7090 24-hour hotline
CERT Coordination Center personnel answer business days
08:00-17:00 EST/EDT (GMT-5)/(GMT-4), on call for emergencies
during other hours.
Fax: +1-412-268-6989
CERT and CERT Coordination Center are registered in U.S. Patent and
Trademark Office.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQCVAwUBPj72n2jtSoHZUTs5AQH8ogQAnuO94fFwfsCRDZ3Ug5G9jB53pLcMW6GW
p0m1kgZfCvcKNze3De3d3VLPw9SwRdOkexg9mPuql7WRM78ySNYtqyN9G2vQjtmz
EoOhSrPFmKpFI5+wrf5NzQzGre3x7Tk68UVKI3SpCDf0yLlc71urQ0f5QNeRRRrM
ClWhCKv5uuA=
=8mpq
-----END PGP SIGNATURE-----
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -