skip to primary navigationskip to content

Reporting security incidents originating from within the domain if you are not a member of Cambridge University

The Cambridge Computer Emergency Response Team (CamCERT) co-ordinates security matters in the University of Cambridge. If you receive an unwelcome intrusion from a machine in the domain you should email as soon as you notice the intrusion including the following information:

  • the IP address (number) of your machine
  • the IP address of the Cambridge machine
  • the port probed for - please ensure that this is a genuine security threat and not simply normal Internet traffic such as ident (port 113) or packets used by peer-to-peer file-sharing programs especially when your IP address is a dynamic one. In the latter case, the traffic is likely to be legitimate traffic to the machine that was using the address before you.
  • the extract from your logs in a plain text format (note that we cannot read proprietary log formats)
  • the time zone of your logs
  • an indication of whether your logs are NTP synchronised and if not, how far off true time your machine is