HomeAbuse

How do I report a computer abuse incident?

Thu, 02/26/2009 - 16:50 — binde

The computer staff in your department can assist you in reviewing and reporting computer abuse incidents, as well as the Help Desks in the Campus Computing Divisions.

Please contact your local Help Desk if you need assistance in putting together a computer abuse incident report.

 
 
If an incident is caused by a host at Rutgers, or a member of the Rutgers community, send email to:
abuse@rutgers.edu
 
 
Computing abuse incidents take different forms. Please include as much of the following information as possible in an incident report. Additional details that explain what is happening will be welcome.
 

  • date of event
  • time of event
    • outside of the eastern United States, please include the world time zone where the event took place
  • information about the Rutgers host that is causing problems or source network address
  • information about the victim host or destination network address
  • a description of your concerns
  • state whether sensitive information (Social Security Numbers, credit card numbers, or other confidential data) was stored on the host and if so, provide a description of the data
  • provide supporting evidence such as

Be as specific as possible. The RU CIRT may be unable to identify or address the problem without sufficient information.
When the attacking host is outside of Rutgers, contact those network administrators directly to report a problem or issue. Other sites will need the same information that we request in order to follow up on a trouble report.
The following web sites can be used to identify the appropriate contact.
 

Alternatively, if you are comfortable using Unix command line, type:
whois -h whois.geektools.com IP_address
where the IP_address corresponds to the host of interest. The output will provide information on the Internet registration for the IP address.