About Incident Report
Coordination due to resolution of incidents is under jurisdiction of National CERT, where at least one party (attacker or attacked side) is under .hr domain or in Croatian IP address space.
Typically, major incidents are being reported to National CERT which weren’t resolved by abuse service of appropriate ISP.
Submission of incident
In order to help in successful resolution of the incident, a report must contain all needed information required by National CERT.
Incidents can be submitted by e-mail at the address email@example.com, and report must contain:
- original log files (from server or network devices) where can be seen unwanted network activities and what is the type of incident
- your description of an incident
- date, exact time (possibly by minute and second) and time zone
- IP address and/or computer name of attack target
- IP address and/or computer name of attack source
- Additional files connected to the incident like e-mail with its header, malicious web URL and other
Acknowledging report is sent informing that incident report has been received.