The best way to report a problem is to send an e-mail to certs@cesnet.cz and include a complete description of the problem. CESNET-CERTS members will deal with the reported incident as soon as possible and will inform you that the problem, if any, has been solved and removed. You will receive a reply from certs@cesnet.cz and the e-mail will be signed by our PGP Key.

• The report should be a simple text-based e-mail, with an attachment if necessary.
• Only one IP address or address block per report, please.
• The Subject should contain the IP address or address block and incident type (spam, virus, scanning, DDOS, hacking, phishing, pharming, alleged misuse of copyrighted work, …).
• A report about scanning must contain a small extract from a log showing the problem, e.g.,
  • timestamp, time zone and time accuracy
  • source and destination IP addresses
  • source and destination ports
  • protocol used (TCP/UDP/ICMP).
• A report about spam or virus must contain a copy of the mail header from the alleged infected or spamming e-mail. The header should not be changed in any way.
• A report about spam (unsolicited commercial email) should contain both the full mail header and the original body text.
• A report about an alleged misuse of copyrighted work must contain the following details:
  • timestamp, time zone and time accuracy
  • IP address where the copyrighted work is stored
  • services used to publish or share the copyrighted work (BitTorrent, FTP, …)
  • type (name…) of copyrighted work
• A report about phishing or pharming should contain the URL and source of the web page if possible.
• Every report must contain your name and organization name. For urgent matters please include your phone number.
• A report must be sent from a valid e-mail address.
• Indicate whether the message is informative only or expect an answer.

Any offence against the Czech law, e.g.,

• threats to physical safety of human beings,
• compromise of restricted confidential service accounts or software installations, in particular those with authorised access to confidential data,
• denial of service attacks,
• large-scale attacks of any kind, e.g. phishing attacks, password cracking attacks, virus and spam dissemination,
• compromise of individual user accounts, i.e. unauthorised access to a user or service account,
• alleged misuse of copyrighted work.