Skip to main content

CERT | Computer Emergency Response Team della comunità dell'istruzione e della ricerca

CERT | Computer Emergency Response Team della comunità dell'istruzione e della ricerca
GARR CERT

GARR-CERT Description (RFC 2350) 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256




1. Document Information
1.1 Date of Last Update
    Version 1.2, published 26 June 2003.
    Version 1.3, published 25 May 2022.
1.2 Distribution List for Notifications
    Notifications of updates are submitted to the mailing list (in
    Italian):

            This email address is being protected from spambots. You need JavaScript enabled to view it.

1.3 Locations where this Document May Be Found
    The current version of this document is available from the GARR-CERT
    WWW site:

        https://www.cert.garr.it/en/about/rfc-2350

1.4 Authentication of this document
    This document has been signed with the GARR-CERT PGP Master Key.
1.5 Revision History
    1.0 - First release.
    1.1 - New address and phone number.
    1.2 - New phone numbers.
    1.3 - New links, drop of fax number, new phone numbers.
2. Contact Information
2.1 Name of the Team
    GARR-CERT: the GARR Network Computer Emergency Response Team.
2.2 Address
    GARR-CERT c/o
    INFN, Sezione di Firenze
    Servizio Calcolo e Reti
    Via G. Sansone 1
    I 50019 Sesto Fiorentino (FI)
    ITALY
2.3 Time Zone
    Central European (GMT+0100 and GMT+0200 from the last Sunday of
    March to the last Sunday of October).
2.4 Telephone Number
    +39 055 4572053
    +39 055 4572723
    +39 055 4572724
2.5 Other Telecommunication
    None available.
2.6 Electronic Mail Address
        This email address is being protected from spambots. You need JavaScript enabled to view it.
    Messages sent to this address are received by all GARR-CERT members.
2.7 Public Keys and Encryption Information
    GARR-CERT has a PGP Master Key, used to sign GARR-CERT's official
    documents (including this one):
    pub 1024/65126042 2009/07/03 GARR-CERT Master Key <This email address is being protected from spambots. You need JavaScript enabled to view it.>
    Fingerprint: C6A5 D891 E4CA ACB5 A701 1876 C19C 4C93 6512 6042
    It can be found at the GARR-CERT PGP page or at the PGP Public Key
    Servers.
    Details on the PGP keys of GARR-CERT members can be found at:

        https://www.cert.garr.it/en/pgp-en/pgp-keys-info
2.8 Team Members
    Leonardo Lanzi, of University of Florence, is the GARR-CERT
    coordinator. The other team members are listed at:

    https://www.cert.garr.it/en/about/team
2.9 Other Information
    General information (in Italian) about GARR-CERT can be found at:

    https://www.cert.garr.it/
2.10 Points of Customer Contact
    GARR-CERT can be contacted:
        - via e-mail at: This email address is being protected from spambots. You need JavaScript enabled to view it.
        - by telephone (Mon-Fri, 8.00-17:00);
        - by web using the form mentioned in Section 6.
3. Charter
3.1 Mission Statement
    The purposes of GARR-CERT are:
        - to assist the users of the GARR Networkin implementing
          proactive measures to reduce the risk of computer security
          incidents;
        - to assist the users of the GARR network in responding to such
          incidents when they occur.
3.2 Constituency
    The GARR-CERT constituency is the community of the users of the GARR
    Network, the Italian Academic and Research Network.
3.3 Sponsorship
    GARR-CERT is an operative service of the GARR Consortium.
3.4 Authority
    GARR-CERT operates under the auspices of the GARR members and the
    supervision of the GARR Consortium management.
    In case of missing support from the local APM, it has authority to
    obtain from GARR NOC the filtering of the involved node(s) on the
    GARR network border routers.
4. Policies
4.1 Types of Incidents and Level of Support
    GARR-CERT is authorized to address all types of computer security
    incidents that occur at nodes connected to the GARR network.
    The level of support given by GARR-CERT will vary according to the
    severity of the incident and the GARR-CERT's resources at the time.

    Every effort will be done to give some response within one working
    day.
    No direct support will be given to end-users, as they are expected
    to contact their system administrators.
    GARR-CERT expects that the APM of the sites involved in security
    incidents will cooperate in the resolution of the problem.
    The incident handling procedure, which, in extreme cases, will lead
    to filtering the compromised node(s) on the GARR network border
    routers can be found at:

        https://www.cert.garr.it/en/incidents-management/management-procedure
    GARR-CERT is committed to keeping its constituency informed of
    potential vulnerabilities, possibly before they are actively
    exploited.
4.2 Co-operation, Interaction and Disclosure of Information
    GARR-CERT, unless explicitly authorized, will not divulge the
    identity of nodes victims of computer security incidents.
4.3 Communication and Authentication
    Telephone and unencrypted e-mail are considered sufficient for the
    transmission of low-sensitivity data.

    If it is necessary to send high sensitivity data by e-mail, PGP will
    be used.

    Network file transfers will be considered similar to e-mail for
    these purposes.
5. Services
5.1 Incident Response
    GARR-CERT will help system administrators of nodes connected to the
    GARR network in handling computer security incidents.

    In particular:
        - investigating the nature and extent of the incident;
        - determining the initial cause (e.g. vulnerability exploited);
        - keeping contacts with other sites involved;
        - reporting to other CSIRTs;
        - helping in removing the vulnerability.
    To make use of GARR-CERT's incident response services, please use
    the methods listed in Section 2.10.
5.2 Proactive Activities
    GARR-CERT coordinates and maintains the following services to the
    extent possible depending on its resources:
        - mailing lists.
        - auditing services;
        - dissemination of information about vulnerabilities and
          recommended security measures;
        - testing and developing security tools.
6. Incident Reporting Forms
    If possible, use the following form to report a security incident:
        https://www.cert.garr.it/en/incidents-management/reports-accidents
7. Disclaimers
    While every precaution will be taken in the preparation of
    information, notification and alerts, GARR-CERT assumes no
    responsibility for errors or omissions, or for damages resulting
    fron the use of the information contained within.




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEAREIAAYFAmKPQlsACgkQwZxMk2USYEK3kgCgxucqtRXqpcVPSU8/NzDmf8Sm
w+AAn0t1I5pi8dR6N1alXBFxx0uv/ViS
=8rjs
-----END PGP SIGNATURE-----