version 0.4
May 2008


                     CERT.at Incident Reporting Form


Note that our policy is to keep any information specific to your site
confidential unless we receive your permission to release that
information.

We would appreciate any feedback or comments you have on this Incident
Reporting Form. Please send your comments to:

   team@cert.at


Submit this form to: reports@cert.at
If you are unable to send email, fax this form to: +43 1 5056416 79


Your contact and organizational information
1. name......................:
2. organization name.........:
3. sector type (such as banking, education, energy or
    public safety)...........:
4. email address.............:
5. telephone number..........:
6. other.....................:

Affected Machine(s)
(duplicate for each host)
7. hostname and IP...........:
8. timezone..................:
9. purpose or function of the host (please be as specific
    as possible).............:

Source(s) of the Attack
(duplicate for each host)
10. hostname or IP...........:
11. timezone.................:
12. been in contact?.........:

13. Estimated cost of handling
     incident (if known).....:

14. Description of the incident (include dates, methods of
     intrusion, intruder tools involved, software versions
     and patch levels, intruder tool output, details of
     vulnerabilities exploited, source of attack, or any
     other relevant information):


15. Estimated severity
    (please try to rate it as "normal", "escalation" or "emergency")

     - Normal -- a normal event does not affect critical components 
       or require change controls prior to the implementation of a resolution 
     - Escalation  -- an escalated event affects critical production systems or 
       requires that implementation of a resolution that must follow a change control process
     - Emergency --  impacts the life, well-being of human beings OR breaches 
       primary controls of critical systems or similar severe cases