|
Appendix F Organizations |
|
F.3 Emergency Response Organizations
The Department of Justice, FBI , and U.S. Secret Service organizations listed below investigate violations of the federal laws described in Chapter 26, Computer Security and U.S. Law . The various response teams that comprise the Forum of Incident and Response Security Teams ( FIRST ) do not investigate computer crimes per se, but provide assistance when security incidents occur; they also provide research, information, and support that can often help those incidents from occurring or spreading.
F.3.1 Department of Justice (DOJ)
Criminal Division
General Litigation and Legal
Advice Section
Computer Crime Unit
Department of Justice
Washington, DC 20001
Voice: +1-202-514-1026
F.3.2 Federal Bureau of Investigation (FBI)
National Computer Crimes Squad
Federal Bureau of Investigation
7799 Leesburg Pike
South Tower, Suite 200
Falls Church, VA 22043
Voice: +1-202-324-9164
F.3.3 U.S. Secret Service (USSS)
Financial Crimes Division Electronic Crime
Branch U.S. Secret Service Washington, DC 20001 Voice:
+1-202-435-7700
F.3.4 Forum of Incident and Response Security Teams (FIRST)
The Forum of Incident and Response Security Teams ( FIRST ) was established in March 1993. FIRST is a coalition that brings together a variety of computer security incident-response teams from the public and private sectors, as well as from universities. FIRST 's constituents comprise many response teams throughout the world. FIRST 's goals are to:
-
Boost cooperation among information technology users in the effective prevention of, detection of, and recovery from computer security incidents
-
Provide a means to alert and advise clients on potential threats and emerging incident situations
-
Support and promote the actions and activities of participating incident response teams, including research and operational activities
-
Simplify and encourage the sharing of security-related information, tools, and techniques
FIRST sponsors an annual workshop on incident response that includes tutorials and presentations by members of response teams and law enforcement.
FIRST incorporated in mid-1995 as a nonprofit entity. One consequence of this is a migration of FIRST Secretariat duties away from NIST . However, as this book goes to press, the Secretariat can still be reached at:
FIRST Secretariat
Forum of Incident and Response Security Teams
National Institute of Standards and Technology
A-216 Technology Building
Gaithersburg, MD 20899-0001
Phone: +1-301-975-3359
Email: first-sec@first.org
At the time this book went to press, FIRST consisted of the organizations that are listed below (also provided is a description of the constituencies served by each of the organizations). Check online for the most up-to-date list of members.
If you have a security problem or need assistance, first attempt to determine which of these organizations most clearly covers your operations and needs. If you are unable to determine which (if any) FIRST group to approach, call any of them for a referral to the most appropriate team.
Most of these response teams have a PGP key with which they sign their advisories or enable constituents to report problems in confidence. A copy of the PGP keyring is kept as:
ftp://coast.cs.purdue.edu/pub/response-teams/first-contacts-keys.asc
Most teams have arrangements to monitor their phones 24 hours a day, 7 days a week.
F.3.4.1 All Internet sites
Organization: CERT Coordination Center
Email: cert@cert.org
Telephone: +1-412-268-7090
FAX : +1-412-268-6989 FTP:
ftp://info.cert.org
WWW: http://www.sei.cmu.edu/technology/trustworthy.html
Note: The CERT (sm) Coordination Center (CERT-CC)
is the organization that grew from the computer emergency response
team formed by the Advanced Research Projects Agency (ARPA) in November
1988 (in the wake of the Internet Worm and similar incidents). The
CERT charter is to work with the Internet community to facilitate
its response to computer security events involving Internet hosts,
to take proactive steps to raise the community's awareness
of computer security issues, and to conduct research into improving
the security of existing systems. Their WWW and FTP archive contain
an extensive collection of alerts about past (and current) security
F.3.4.2 ANS customers
Organization: Advanced Network & Services, Inc. (ANS)
Email: anscert@ans.net
Voice: +1-313-677-7333
FAX: +1-313-677-7310
F.3.4.3 Apple Computer worldwide R&D community
Organization: Apple COmputer REsponse Squad:Apple CORES
Email: lsefton@apple.com
Voice: +1-408-974-5594 FAX: +1-408-974-4754
F.3.4.4 Australia: Internet .au domain
Organization: Australian Computer Emergency Response Team (AUSCERT)
Email: auscert@auscert.org.au
Voice: +61-7-3365-4417
FAX: +61-7-3365-4477
WWW: http://www.auscert.org.au
F.3.4.5 Bellcore
Organization: Bellcore
Email: sb3@cc.bellcore.com
Voice: +1-908-758-5860
FAX: +1-908-758-4504
F.3.4.6 Boeing
Organization: Boeing CERT (BCERT)
Email: compsec@maple.al.boeing.com
Voice: +1-206-657-9405
After Hours: +1-206-655-2222
FAX: +1-206-657-9477
Note: All Boeing computing and communication assets for all
Boeing Divisions headquartered in Seattle, Washington, with major
out plant operations in Wichita, Kansas; Philadelphia, Pennsylvania;
Huntsville, Alabama; Houston, Texas; Winnipeg, Canada; and worldwide
customer interface offices.
F.3.4.7 Italy: Internet sites
Organization: CERT-IT
Email: cert-it@dsi.unimi.it
Telephone: +39-2-5500-391
Emergency Phone: +39-2-5500-392
FAX: +39-2-5500-394
F.3.4.8 CISCO Systems
Organization: Network Security Council
Email: karyn@cisco.com
Telephone: +1-408-526-5638
FAX: +1-408-526-5420
F.3.4.9 Digital Equipment Corporation and customers
Organization: SSRT (Software Security Response Team)
Email: rich.boren@cxo.mts.dec.com
Voice: +1-800-354-9000
Emergency Phone: +1-800-208-7940
FAX: +1-901-761-6792
F.3.4.10 DOW USA
Organization: DOW USA
Email: whstewart@dow.com
Voice: +1-517-636-8738
FAX: +1-517-638-7705
F.3.4.11 EDS and EDS customers worldwide
Organization: EDS
Email: jcutle01@novell.trts01.eds.com
Voice: +1-313-265-7514
FAX: +1-313-265-3432
F.3.4.12 France: universities, Ministry of Research and Education in France, CNRS, CEA, INRIA, CNES, INRA, IFREMER, and EDF
Organization: RENATER
Email: morel@urec.fr
Voice: +33-1-44-27-26-12
FAX: +33-1-44-27-26-13
F.3.4.13 General Electric
Organization: General Electric Company
Email: sandstrom@geis.geis.com
Voice: +1-301-340-4848
FAX: +1-301-340-4059
F.3.4.14 Germany: DFN-WiNet Internet sites
Organization: DFN-CERT (Deutsches Forschungsnetz)
Email: dfncert@cert.dfn.de
Telephone: +49-40-54715-262
FAX: +49-40-54715-241
FTP: ftp://ftp.cert.dfn.de/pub
WWW: http://www.cert.dfn.de
Note: The DFN-CERT maintains an extensive online archive of
tools, advisories, newsletters and information from other teams
and organizations. It also maintains a directory of European response
teams.
F.3.4.15 Germany: government institutions
Organization: BSI/GISA
Email: fwf@bsi.de
Telephone: +49-228-9582-444
FAX: +49-228-9852-400
F.3.4.16 Germany: Southern area
Organization: Micro-BIT Virus Center
Email: ry15@rz.uni-karlsruhe.de
Voice: +49-721-37-64-22
Emergency Phone: +49-171-52-51-685
FAX: +49-721-32-55-0
F.3.4.17 Hewlett-Packard customers
Organization: HP Security Response Team
Email: security-alert@hp.com
F.3.4.18 JP Morgan employees and customers
Organization: JP Morgan Incident Response Team
Telephone: +1-212-235-5010
F.3.4.19 MCI Corporation
Organization: Corporate System Security
Email: 6722867@mcimail.com
Telephone: +1-719-535-6932
FAX: +1-719-535-1220
F.3.4.20 MILNET
Response Team; DDN (Defense Data Network)
Email: scc@nic.ddn.mil
Voice: +1-800-365-3642
FAX: +1-703-692-5071
F.3.4.21 Motorola, Inc. and subsidiaries
Response Team Motorola Computer Emergency Response Team (MCERT)
Email: mcert@mot.com
Voice: +1-847-576-1616
Emergency Phone: +1-847-576-0669
FAX: +1-847-538-2153
F.3.4.22 NASA: Ames Research Center
Organization: NASA Ames
Email: hwalter@nas.nasa.gov
Telephone: +1-415-604-3402
FAX: +1-415-604-4377
F.3.4.23 NASA: Goddard Space Flight Center
Organization: Goddard Space Flight Center
Email: hmiddleton@gsfcmail.nasa.gov
Telephone: +1-301-286-7233
FAX: +1-301-286-2923
F.3.4.24 NASA: NASA-wide
Organization: NASA Automated Systems Incident Response Capability
Email: nasirc@nasirc.nasa.gov
Voice: +1-800-762-7472 (U.S.)
After Hours: +1-800-759-7243, pin 2023056
FAX: +1-301-441-1853
F.3.4.25 Netherlands: SURFnet-connected sites
Organization: CERT-NL
Email: cert-nl@surfnet.nl
Telephone: +31-302-305-305
FAX: +31-302-305-329
F.3.4.26 NIST (National Institute of Standards and Technology)
Organization: NIST/CSRC
Email: jwack@nist.gov
Telephone: +1-301-975-3359
FAX: +1-301-948-0279
F.3.4.27 NORDUNET: Denmark, Sweden, Norway, Finland, Iceland
Organization: Nordunet
Email: ber@sunet.se
Telephone: +46-8-790-6513
FAX: +46-8-24-11-79
F.3.4.28 Northwestern University
Organization: NU-CERT
Email: nu-cert@nwu.edu
Telephone: +1-847-491-4056
FAX: +1-847-491-3824
F.3.4.29 Pennsylvania State University
Organization: Penn State
Email: krk5@psuvm.psu.edu
Voice: +1-814-863-9533
After Hours: +1-814-863-4375
FAX: +1-814-865-3082
F.3.4.30 Purdue University
Organization: PCERT
Email: pcert@cs.purdue.edu
Voice: +1-317-494-7844
After Hours: +1-317-743-4333, pin 4179
FAX: +1-317-494-0739
F.3.4.31 Small Business Association (SBA): small business community nationwide
Organization: SBA CERT
Email: hfb@oirm.sba.gov
Voice: +1-202-205-6708
FAX: +1-202-205-7064
F.3.4.32 Sprint
Organization: Sprint DNSU
Email: steve.matthews@sprint./sprint.com
Voice: +1-703-904-2406
FAX: +1-703-904-2708
F.3.4.33 Stanford University
Response Team: SUNSet - Stanford University Network Security Team
Email: security@stanford.edu
Telephone: +1-415-723-2911
FAX: +1-415-725-1548
F.3.4.34 Sun Microsystems customers
Organization: Sun Microsystem's Customer Warning System (CWS)
Email: security-alert@sun.com
Voice: +1-415-688-9151
FAX: +1-415-688-8674
F.3.4.35 SWITCH-connected sites
Organization: SWITCH-CERT
Email: cert-staff@switch.ch
Telephone: +41-1-268-1518
FAX: +41-1-268-1568
WWW: http://www.switch.ch/switch/cert
Note: SWTCH
is The Swiss Academic and Research Network
F.3.4.36 TRW network area and system administrators
Computer Emergency Response Committee for Unclassified Systems
Email: zorn@gumby.sp.trw.com
Voice: +1-310-812-1839, 9-5PM, PST
FAX: +1-310-813-4621
F.3.4.37 UK: Defense Research Agency
Organization: Defense Research Agency, Malvern
Email: shore@ajax.dra.hmg.gb
Telephone: +44-1684-895425
FAX: +44-1684-896113
F.3.4.38 U.K. JANET network
Organization: JANET-CERT
Email: cert@cert.ja.net
Telephone: +44-01235-822-302
Fax: +44-01235-822-398
F.3.4.39 UK: other government departments and agencies
Organization: CCTA Email: cbaxter.esb.ccta@gnet.gov.uk
Voice: +44-0171-824-4101/2
FAX: +44-0171-305-3178
F.3.4.40 Unisys internal and external users
Organization: UCERT
Email: garb@po3.bb.unisys.com
Voice: +1-215-986-4038
FAX: +1-212-986-4409
F.3.4.41 U.S. Air Force
Organization: AFCERT
Email: afcert@afcert.csap.af.mil
Voice: +1-210-977-3157
FAX: +1-210-977-4567
F.3.4.42 U.S. Department of Defense
Organization: ASSIST
Email: assist@assist.mil
Voice: +1-800-357-4231 (DSN 327-4700)
FAX: +1-703-607-4735 (DSN 327-4735)
F.3.4.43 U.S. Department of Energy sites, Energy Sciences Network (ESnet), and DOE contractors
Organization: CIAC (Computer Incident Advisory Capability)
Email: ciac@llnl.gov
Voice: +1-510-422-8193
FAX: +1-510-423-8002
FTP: ftp://ciac.llnl.gov/pub/ciac
WWW: http://ciac.llnl.gov
Note: The CIAC maintains an extensive online archive of tools,
advisories, newsletters, and other information.
F.3.4.44 U.S. Department of the Navy
Organization: NAVCIRT (Naval Computer Incident Response Team)
Email: ldrich@fiwc.navy.mil
Voice: +1-804-464-8832
Pager: +1-800-SKYPAGE, pin # 5294117
F.3.4.45 U.S. Veteran's Health Administration
Organization: Veteran's Health Incident Response Security Team
Email: frank.marino@forum.va.gov
Telephone: +1-304-263-0811, ext 4062
FAX: +1-304-263-4748
F.3.4.46 Westinghouse Electric Corporation
Response Team (W)CERT
Email: Nicholson.M%wec@dialcom.tymnet.com
Voice: +1-412-642-3097
FAX: +1-412-642-3871
|
|
|
|
| F.2 U. S. Government Organizations |
|
G. Table of IP Services |