Association
  About us
  Certification
  Officers
  Virtual Silk Highway Project
A Gap in the Global Web
Founders
Projects
  CAREN
  OCCASION
  CERT
Photo Gallery
Contacts
 
 
 
 

 

 

>>Projects /OCCASION        

Project "CERT"

Description for Kyrgyz CERT

1. About this document

1.1 Date of Last Update

This is version 1.0, published on 30th December 2006.

1.2 Distribution List for Notifications

Currently, Kyrgyz CERT team working on making distribution lists
to notify about changes in this document.

1.3 Locations where this Document May Be Found

The current version of this CSIRT description document is
available from the Kyrgyz CERT WWW site; its URL is
http://www.krena.kg

2. Contact Information

2.1 Name of the Team

"Kyrgyz CERT": Kyrgyz Computer Emergecy Response Team

2.2 Address

Kyrgyz CERT, KRENA
265A, prospect Chui
Kyrgyz National Research and Education Network Association
Bishkek, Kyrgyzstan, 720071

2.3 Time Zone

(GMT+06:00) Astana, Dhaka

2.4 Telephone Number

+996 (312) 243615

2.5 Facsimile Number

+996 (312) 243615

2.6 Other Telecommunication

None available.

2.7 Electronic Mail Address

cert @krena.kg This is a mail address of Kyrgyz CERT.

2.8 Public keys and Other Encryption Information

not available

2.9 Team Members

Azamat Mukanov - CERT team leader
Emil Kadyrberdiev - IT specialist

2.10 Other Information

General information about CERT can be found at
http://www.cert.org

2.11 Points of Customer Contact

The preferred method for contacting Kyrgyz CERT is via
e-mail at <cert (at) krena.kg>; e-mail sent to this address
will be handled by the responsible human.

Kyrgyz CERT hours of operation are generally restricted
to regular business hours (08:00 - 17:00 CET Monday to
Friday except holidays).

3. Charter

3.1 Mission Statement

The purpose of Kyrgyz CERT is to assist Kyrgyz National Research
and Education Network Association members in implementing proactive
measures to reduce the risks of computer security incidents and
to assist them in responding to such incidents when they occur.
Kyrgyz CERT also handles incidents that originate in
KRENA networks and are reported by any kyrgyz or
foreign CERT members or institutions.

3.2 Consituency

Kyrgyz CERT constituency is IP addresses ranges as 212.112.112.0/20

3.3 Sponsorship and/or Affiliation

Kyrgyz CERT is financially mantained by the Research
and Education Network in Kyrgyzstan (KRENA) which it is
formally a part of.

3.4 Authority

Kyrgyz CERT operates under the auspices of, and with
authority delegated by, Kyrgyz Research and Education
Network Association.

Kyrgyz CERT expects to work cooperatively with system
administrators and customers of KRENA. All members of
Kyrgyz CERT are employees of KRENA and thus have wide
possibilities of interacting with KRENA System
Administrators.

Kyrgyz CERT does its best to closely cooperate with all
large ISP's abuse teams, establish direct contacts and
exchange necessary data in order to prevent and recover
from security incidents that affect their networks.

4. Policies

4.1 Types of Incidents and Level of Support

Kyrgyz CERT is authorized to address all types of
computer security incidents which occur, or threaten to
occur, in KRENA networks.

The level of support given by Kyrygz CERT will vary
depending on the type and severity of the incident or
issue, the type of constituent, the size of the user
community affected, and the Kyrygz CERT's resources
at the time, though in all cases some response will be
made within two working days.

Incidents will be prioritized according to their
apparent severity and extent.

End users are expected to contact their systems
administrator, network administrator, or department head
for assistance. Kyrgyz CERT will give full support to the
KRENA members. Only limited support can be given to end
users.

4.2 Co-operation, Interaction and Disclosure of Information

Kyrgyz CERT exchanges all necessary information with
other CSIRTs as well as with affected parties'
administrators. No personal nor overhead data are
exchanged unless explicitly authorized.

4.3 Communication and Authentication

In view of the types of information that Kyrygz CERT
deals with, telephones will be considered sufficiently
secure to be used even unencrypted. Unencrypted e-mail
will not be considered particularly secure, but will be
sufficient for the transmission of low-sensitivity data.

5. Services

5.1 Incident Response

Kyrgyz CERT will assist system administrators in handling
the technical and organizational aspects of the incidents.
In particular, it will provide assistance or advice with
respect to the following aspects of incidents management:

5.1.1 Incident Triage

- Investigating whether indeed an incident occured.
- Determining the extent of the incident.

5.1.2 Incident Coordination

- Determining the initial cause of the incident
(vulnerability exploited)
- Facilitating contact with other sites which may be
involved.
- Facilitating contact with appropriate law enforcement
officials, if necessary.
- Making reports to other CSIRTs or CERTs
- Composing announcements to users, if applicable

5.1.3 Incident Resolution

Kyrgyz CERT will give advice but no physical support
whatsoever to customers from outside of KRENA internal
network with respect to the incident resolution.

- Removing the vulnerability.
- Securing the system from the effects of the
incident.
- Collecting the evidence of the incident.

In addition, Kyrygz CERT will collect statistics concerning
incidents processed, and will notify the community as
necessary to assist it in protecting against known attacks.

5.2 Proactive Services

Kyrgyz CERT coordinates and mantaines the following services
to extent possible depending in its resources:

- Information services such as: list of security contacts,
repository of security-related patches for various
operating systems, description of program bugs
- Training and educational services

Kyrgyz CERT organizes annual conference on Network Security
covering current important security issues which is open for
all interested parties.

Detailed information about obtaining these services is
available from Kyrgyz CERT website at: http://www.krena.kg

6. Incident Reporting Forms

Kyrgyz CERT can accept any report related to network incidents
from KRENA members and foreign CERT officers.

7. Disclaimers

While every preacution will be taken in the preparation of
information, notifications and alerts, Kyrgyz CERT assumes
no responsibility for errors or omissions, or for damages
resulting from the use of the information contained
within.