|
Reporting a Computer Security Incident
If you become aware of a Computer Security Incident affecting the GRID
then you should immediately report this to your LOCAL SITE SECURITY
TEAM. If you do not know who your local site contact is or
they cannot be contacted then email -  .
Please give as full a description of the incident as possible:
- Your Name
- Your Phone number(s)
- Your E-mail address
- Time incident was discovered
- plus an estimate of when you think it might have started if known
- Where incident was discovered (site(s), machine(s)):
- give the full DNS names (e.g. lx1234.cern.ch)
- and/or IP addresses if known (e.g 192.168.123.456)
- Grid Virtual Organization (VO) affected
- Have any grid identities (certificates) been compromised?
- include a copy of the certificates or certificate DNs if possible
- Description
The procedure to be followed by Site Security Contacts is described
in the LCG Agreement on Incident
Response (latest on .pdf)
This policy is managed by the Joint Security Policy Group and queries
and comments on any policy document should be sent to  .
|
