{"id":75,"date":"2024-01-19T13:55:47","date_gmt":"2024-01-19T13:55:47","guid":{"rendered":"http:\/\/localhost:9000\/?page_id=75"},"modified":"2024-05-14T12:01:58","modified_gmt":"2024-05-14T12:01:58","slug":"pravidla-pre-hlasenie-incidentu-a-zranitelnosti","status":"publish","type":"page","link":"http:\/\/localhost:9000\/pravidla-pre-hlasenie-incidentu-a-zranitelnosti","title":{"rendered":"Pravidl\u00e1 pre hl\u00e1senie incidentu a zranite\u013enosti"},"content":{"rendered":"\n

Bezpe\u010dnostn\u00fd incident<\/h2>\n\n\n\n

je \u00famyseln\u00e9 vyu\u017eitie zranite\u013enosti k sp\u00f4sobeniu \u0161kody alebo straty na akt\u00edvach informa\u010dn\u00e9ho syst\u00e9mu alebo ne\u00famyseln\u00e9 vykonanie akcie, ktorej v\u00fdsledkom je \u0161koda na akt\u00edvach. \u010ealej je to ak\u00e9ko\u013evek naru\u0161enie bezpe\u010dnosti informa\u010dn\u00fdch syst\u00e9mov a siet\u00ed subjektu, ako aj ak\u00e9ko\u013evek poru\u0161enie bezpe\u010dnostnej politiky a s\u00favisiacich pravidiel. <\/p>\n\n\n\n

Zranite\u013enos\u0165<\/h2>\n\n\n\n

je vlastnos\u0165 akt\u00edva v n\u00e1vrhu, vyhotoven\u00ed alebo prev\u00e1dzke infra\u0161trukt\u00fary, ktor\u00e1 ju \u010din\u00ed citlivou na zni\u010denie alebo uvedenie do stavu nesp\u00f4sobilosti prostredn\u00edctvom ohrozenia.<\/p>\n\n\n\n


Bezpe\u010dnostn\u00fd incident je mo\u017en\u00e9 zada\u0165 dvomi sp\u00f4sobmi:<\/h3>\n\n\n\n
    \n
  1. Zaslan\u00edm e-mailu na adresu\u00a0incident (at) csirt.sk<\/strong>. K e-mailu je mo\u017en\u00e9 prilo\u017ei\u0165 pr\u00edlohy a v pr\u00edpade potreby vyu\u017ei\u0165 aj\u00a0\u00a0PGP k\u013e\u00fa\u010d (43,9 kB)<\/a>\u00a0na ich za\u0161ifrovanie.\u00a0(V pr\u00edpade potreby je mo\u017en\u00e9 pou\u017ei\u0165 vo\u013ene dostupn\u00fd n\u00e1stroj\u00a0GNU GPG<\/a>).<\/li>\n\n\n\n
  2. Telefonicky na \u010d\u00edsle 02 \/ 59278 514<\/li>\n<\/ol>\n\n\n\n

    Pri hl\u00e1sen\u00ed incidentu (zaslan\u00edm e-mailu) platia nasleduj\u00face pravidl\u00e1:<\/p>\n\n\n\n

      \n
    • Je nutn\u00e9 uv\u00e1dza\u0165 korektn\u00fa e-mailov\u00fa adresu, ktor\u00e1 je prim\u00e1rnym kontaktom.<\/li>\n\n\n\n
    • Je nutn\u00e9 uvies\u0165 jednozna\u010dn\u00fd popis incidentu.<\/li>\n\n\n\n
    • Pri popise incidentu uve\u010fte \u010do najviac inform\u00e1ci\u00ed, ktor\u00e9 by mohli pom\u00f4c\u0165 pri jeho anal\u00fdze a n\u00e1slednom spracovan\u00ed. Ka\u017ed\u00e1, aj zdanlivo na prv\u00fd poh\u013ead neu\u017eito\u010dn\u00e1 inform\u00e1cia, m\u00f4\u017ee by\u0165 ve\u013emi u\u017eito\u010dn\u00e1.<\/li>\n<\/ul>\n\n\n\n

      Popis incidentu by mal obsahova\u0165 tieto \u00fadaje:<\/p>\n\n\n\n

        \n
      • Inform\u00e1cie o osobe  organiz\u00e1cii, ktor\u00e1 hl\u00e1si incident\n
          \n
        • funkcia\/pracovn\u00e9 zaradenie<\/li>\n\n\n\n
        • n\u00e1zov organiz\u00e1cie, typ organiz\u00e1cie (\u0161t\u00e1tna, s\u00fakromn\u00e1, \u0161kola, …)<\/li>\n\n\n\n
        • \u010fal\u0161ie dotknut\u00e9 organiz\u00e1cie<\/li>\n<\/ul>\n<\/li>\n\n\n\n
        • Inform\u00e1cie o incidente\n
            \n
          • \u010das za\u010diatku incidentu (ak je zn\u00e1my)<\/li>\n\n\n\n
          • \u010das a sp\u00f4sob zistenia<\/li>\n\n\n\n
          • ide o prebiehaj\u00faci incident? (\u00e1no\/nie\/neviem)<\/li>\n\n\n\n
          • boli  zneu\u017eit\u00e9 nejak\u00e9 zn\u00e1me zranite\u013enosti? (\u00e1no\/nie\/neviem)<\/li>\n\n\n\n
          • ak\u00e9 protiopatrenia boli vykonan\u00e9<\/li>\n\n\n\n
          • detailn\u00fd popis \u2013 popis priebehu incidentu, ak\u00e9 typy \u00fatokov boli pou\u017eit\u00e9, odkia\u013e \u00fatok smeroval, ak\u00e9 boli bezpe\u010dnostn\u00e9 opatrenia (firewall, antivirus, …),\u010di boli prekonan\u00e9 apod.<\/li>\n\n\n\n
          • ak ide o spam alebo v\u00edrus, pripojte \u00fapln\u00fa hlavi\u010dku a telo e-mailovej spr\u00e1vy alebo  dotknut\u00fd s\u00fabor zabalen\u00fd vo form\u00e1te ZIP zabezpe\u010den\u00fd heslom: \u201eincident\u201c<\/li>\n\n\n\n
          • ak ide o phising alebo pharming, pripojte pros\u00edm aj \u00fapln\u00fa adresu URL.<\/li>\n\n\n\n
          • ak ide o sie\u0165ov\u00e9 skenovanie alebo \u00fatok typu odopretia slu\u017eieb (DoS), pripojte pros\u00edm \u010dasov\u00e9 zn\u00e1mky, \u010dasov\u00fa z\u00f3nu, zdrojov\u00e9 a cie\u013eov\u00e9 IP (pr\u00edpadne MAC)  adresy a porty, typ protokolu (TCP, UDP, ICMP,\u2026) \u2013 ak je mo\u017en\u00e9 vzorku zachyten\u00fdch paketov  (napr. pomocou programu WireShark)<\/li>\n<\/ul>\n<\/li>\n\n\n\n
          • Inform\u00e1cie o zasiahnut\u00fdch zariadeniach  a dopadoch\n
              \n
            • typ a funkcia zariadenia<\/li>\n\n\n\n
            • IP adresa, hostname,<\/li>\n\n\n\n
            • protokol a porty na ktor\u00e9 \u00fatok smeroval,<\/li>\n\n\n\n
            • popis hardwaru zariadenia,<\/li>\n\n\n\n
            • opera\u010dn\u00fd syst\u00e9m (typ, verzia)<\/li>\n\n\n\n
            • zasiahnut\u00fd software alebo s\u00fabory<\/li>\n\n\n\n
            • ide o kritick\u00e9 zariadenie z poh\u013eadu pokra\u010dovania v \u010dinnosti?<\/li>\n\n\n\n
            • je zariadenie v prev\u00e1dzke?<\/li>\n\n\n\n
            • kontaktn\u00e1 osoba pre z\u00edskanie pr\u00edstupu k zariadeniu<\/li>\n\n\n\n
            • obsahuje neverejn\u00e9 inform\u00e1cie?<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n

              Zranite\u013enos\u0165 je mo\u017en\u00e9 nahl\u00e1si\u0165 nasledovne:<\/h3>\n\n\n\n

               Pri hl\u00e1sen\u00ed zranite\u013enosti je potrebn\u00e9 uvies\u0165 \u010do najviac inform\u00e1ci\u00ed, ktor\u00e9 by mohli pom\u00f4c\u0165 pri jej anal\u00fdze, overen\u00ed a odstr\u00e1nen\u00ed. Popis zranite\u013enosti by mal obsahova\u0165 tieto \u00fadaje:<\/p>\n\n\n\n

                \n
              • \u010das a sp\u00f4sob zistenia<\/li>\n\n\n\n
              • bola u\u017e zranite\u013enos\u0165 niekde publikovan\u00e1?<\/li>\n\n\n\n
              • typ zariadenia, softv\u00e9ru, ktor\u00e9ho sa zranite\u013enos\u0165 t\u00fdka, presn\u00e1 verzia<\/li>\n\n\n\n
              • pokia\u013e je to mo\u017en\u00e9, inform\u00e1cie o nain\u0161talovan\u00fdch z\u00e1plat\u00e1ch (patch) a aktualiz\u00e1ci\u00e1ch (update)<\/li>\n\n\n\n
              • detailn\u00fd popis \u2013 o ak\u00fd typ zranite\u013enosti ide (buffer overflow, XSS, nedostato\u010dn\u00e1 autentifik\u00e1cia,…), ako je mo\u017en\u00e9 zneu\u017ei\u0165 ju (lok\u00e1lne , po sieti,  je potrebn\u00e1 autentifik\u00e1cia?), ak\u00e9 akcie\/\u00fatoky umo\u017e\u0148uje, \u010do m\u00f4\u017ee sp\u00f4sobi\u0165 jej zneu\u017eitie (d\u00f4vernos\u0165, integrita, dostupnos\u0165)<\/li>\n\n\n\n
              • odhad z\u00e1va\u017enosti zranite\u013enosti<\/li>\n<\/ul>\n\n\n\n

                Ak je to mo\u017en\u00e9, pripojte pros\u00edm konkr\u00e9tny s\u00fabor (spustite\u013en\u00fd, zdrojov\u00fd k\u00f3d), ktor\u00fd obsahuje zranite\u013enos\u0165 zabalen\u00fd vo form\u00e1te ZIP zabezpe\u010den\u00fd heslom: \u201ezranitelnost<\/strong>\u201c.<\/p>\n","protected":false},"excerpt":{"rendered":"

                Bezpe\u010dnostn\u00fd incident je \u00famyseln\u00e9 vyu\u017eitie zranite\u013enosti k sp\u00f4sobeniu \u0161kody alebo straty na akt\u00edvach informa\u010dn\u00e9ho syst\u00e9mu alebo ne\u00famyseln\u00e9 vykonanie akcie, ktorej…<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages\/75"}],"collection":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/comments?post=75"}],"version-history":[{"count":2,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages\/75\/revisions"}],"predecessor-version":[{"id":895,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages\/75\/revisions\/895"}],"wp:attachment":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/media?parent=75"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}