sert.ann
03b801b15fecc5ded8fb58a770236a8e42f9a3ad87e8277bab0f618b810d8e86
SERT - Australian Security Emergency Response Team
As from 8 March 1993 the Australian Security Emergency
Response Team is in operation. SERT is an initiative of the
South East Queensland Universities. Cooperative
arrangements are in place between SERT and AARNet, CERT and
the Australian Federal Police.
The Australian SERT aims to provide a community response to
computer security incidents within AARNet. The method of
operation will be very similar to CERT.
HOW SERT HAS BEEN FORMED
SERT is a cooperative initiative of the Computer Centres of
The University of Queensland, Queensland University of
Technology and Griffith University. Cooperative and/or
working arrangements have been established between SERT and
the AARNet Management Team, The Internet Computer Emergency
Response Team (CERT) in the USA, the Australian Federal
Police and the Information Security Research Centre at QUT.
SERT has been funded for the first six months by the three
initiating Universities. A review of the success of the
operation and alternate sources of funds will determine
whether SERT will exist and how it will operate after that
time.
WHY SERT
The need for SERT has stemmed from the increase in
unauthorised attempts to access computers in Australian
tertiary institutes and research organisations. Some of
these attacks have been successful causing the destruction
of information and endangering expensive research
equipment. Computers in Australian institutions have been
used to gain unauthorised access to critical research
computers in the USA. The detection of unauthorised access
and the subsequent clean-up operation is very costly in
both computer and human resources. There is an increasing
need to protect commercial and government sensitive data in
the research environment.
To date, CERT has undertaken responsibility for the whole
Internet. Australia needs to take a far more active role in
providing for its own protection and security.
WHAT SERT WILL DO
SERT will be a centre of expertise on network and computer
security matters. Operationally it will be modelled on
CERT. SERT will provide a singe point of contact in
Australia for AARNet security matters.
SERT will log, collate and analyse all reported security
incidents. It will work closely with AARNet Management and
CERT and provide liaison with the Australian Federal Police
and other law enforcement agencies as appropriate. SERT
will facilitate communications among site managers and
experts to work on solving problems.
SERT will provide for the collation and dissemination of
security information including system vulnerabilities,
defense strategies and mechanisms and early warning of
likely attacks.
SERT will preserve the confidentiality of information
passed to it unless specifically given permission to pass
such information on. Otherwise information passed to other
authorities and constituents will include enough
information to enable them to identify that an incident has
occurred or a vulnerability exists. SERT will comply with
Australian State and Federal law.
WHAT SERT CAN'T DO
Initially, SERT will not be able to provide 24 hour 7 day
service; it will be business hours only.
SERT will not be able to dive into your systems and solve
your problems. Rather SERT will provide advice and pointers
to the information and experts who can solve problems.
SERT'S CONSTITUENCY
The SERT constituency is the AARNet community, including
it's affiliates (under the AARNet Affiliate program).
AARNet is predominantly Internet. However, it should be
noted that some regions of AARNet are significant users of
X.25. As well we need to be cognisant of the many protocols
used internally by the constituency, including, AppleTalk,
Novel, DECnet and others.
WHAT SERT NEEDS FROM IT'S CONSTITUENCY
For SERT to be effective, it needs information on all
security incidents to be reported to SERT so that an
appreciation can be gained of the nature and extent of the
security problems within the .au domain. This does not
preclude the exchange of information between sites on a
one-to-one basis, but the SERT team would appreciate a copy
of any information relating to security incidents so that
other sites may benefit from the experience, and effective
counter-measures can be developed on a pro-active basis.
SERT is developing a register of trusted persons at each
site and effective methods of communication with that
person. Contact SERT for details about participation in the
SERT program.
HOW TO CONTACT SERT
Enquiries: sert@sert.edu.au
Incident Reporting: sert@sert.edu.au
Telephone: +61 7 365 4417
Fax: +61 7 365 4477