University of Wisconsin–Milwaukee
Information Security
Search
Info. Security
All UWM
People
Departments
Tools & Downloads
Illegal File Sharing
Resources
Policies & Guidelines
Training
Contact Us
Privacy Matters
Tools & Downloads
Resources
Guidelines, Policies & Standards
News & Alerts
Computer Security Incident Report
All fields marked with
bold
are required.
Status of Incident (Check One):
Site Under Attack
Incident Open
Investigation in Process
Past Incident
Repeat Incident
Incident Closed
Name & Contact of Reporting Party
First Name:
Last Name:
Title:
Campus/Department/College:
Phone & Area:
(xxx-xxx-xxxx format)
Alternate Phone & Area:
(xxx-xxx-xxxx format)
Email:
Name & Contact of User (Student, faculty, staff, etc. if different from above)
First Name:
Last Name:
Title:
Campus/Department/College:
Phone & Area:
(xxx-xxx-xxxx format)
Alternate Phone & Area:
(xxx-xxx-xxxx format)
Email:
Incident Details
Date:
mm/dd/yy
Time:
(hh:mm AM/PM format)
Time zone in which incident occurred:
--Select--
Pacific
Mountain
Central
Eastern
Offending IP address::
Source port of attacking machine:
Destination IP address (machine being attacked):
Destination port of machine being attacked:
Type of attack (Check all that apply):
Type of attack (Check all that apply):
Denial of Service/Distributed Denial of Service
Misuse of Systems (internal or external)
Malicious Code (virus/trojan/worm)
Website Defacement
Unauthorized Intrusion
Probe/Scam
Unauthorized Electronic Monitoring (sniffing)
Other
If 'Other' was checked, please describe:
Other relevant details of attack and its detection:
Available Logs
Audit:
Yes
No
If YES: Cut-n-paste entries to show activity:
(If possible burn all logs to a CD or best offline storage to be kept for further review if needed)
Event:
Yes
No
If YES: Cut-n-paste entries to show activity:
(If possible burn all logs to a CD or best offline storage to be kept for further review if needed)
Connection:
Yes
No
If YES: Cut-n-paste entries to show activity:
(If possible burn all logs to a CD or best offline storage to be kept for further review if needed)
Impact of Attack to User, Network or Department
Impact of Attack to User, Network, or Department:
Loss/Compromise of Data
System Downtime
Damage to Systems
Organization Systems Affected
Other
If 'Other' was checked, please describe:
Dollar Amount of Loss Due To Damage
Cost of Repairs (Man-hours X pay/hr):
(amount in US dollars)
Number of users, networks or departments affected:
Dollar Amount (Check one):
Unknown
None
Less than $10K
$10K-$50K
More than $50K
Source of Incident (if known)
Computer Name:
User ID:
Internet Domain Name (Please Attach Registration):
IP Address:
MAC Address:
Location of Compromised Machine
Building:
Room:
Description of Compromised Machine
Operating System:
Make/Model:
Serial Number:
Computer Name:
IP Address:
MAC Address:
DNS Entry:
Domain/Workgroup:
Ports Used:
Modem Used:
Telephone # Used: