The ACOnet CERT
Founded in 2003, the ACOnet CERT is the Computer Security Incident Response Team of ACOnet. It is operated by the IT Security Team of the Vienna University Computer Center.
The CERT is a contact partner for security relevant problems and incidents in context of ACOnet. On top of that the CERT is available to all ACOnet participants in case of security questions.
The purpose of this infrastructure is the quick identification of security issues and their handling to ensure a high level of safety for systems and networks.
The main purpose of the ACOnet CERT is the handling of incidents. I.e., the ACOnet CERT receives, assesses, and summarizes problem reports and complaints. It informs the appropriate bodies and - if so desired and possible - offers assistance and solutions.
In the case of attacks against hosts within the ACOnet, the CERT coordinates counter-measures within ACOnet and informs the relevant providers and other CERTs, with the aim to mitigate the attacks.
The ACOnet CERT is involved with other CERTs and international CERT associations. Thus, should it prove necessary (such as in the case of distributed attacks), the ACOnet CERT can initiate internationally coordinated activities.
The ACOnet CERT co-operates closely with other CERTs and security teams. Constant exchange of information and of lessons learned enable the ACOnet CERT to forestall imminent dangers and to respond to incidents quickly and effectively.
Some additional services are available in our web portal (menu item "Network / CERT Online") for ACOnet participants' IT staffers:
- ACOnet CERT Wiki: more detailed information about security topics within ACOnet
- Passive DNS: database of anonymized DNS queries, operated jointly with CERT.at, helpful for research in the context of incident handling
- Vulnerability Assessment Scan (VAS): free scan to test systems for vulnerabilities that can be exploited from the network
- CSIRT Handbook.pdf(1.6 MB)
Documentation of the tasks of a CERT/CSIRT