Vulnerability Scanning

National CERT offers Vulnerability Scanning of computers and other devices connected to the Internet to CARNET full member institutions. The result of this scanning contains a list of security issues found and troubleshooting instructions that can help users to maintain their networks more effectively. This service is available free of charge to institutions that are full members of CARNET. Users can check whether this service is also available at their institution in the list of full members of CARNET network.

• Institutions can become users of Vulnerability Scanning if they meet the following preconditions:
  • the institutions are connected to CARNET network via a permanent connection
  • computer-based communication devices scanned with this service must be available through CARNET network to the National CERT computers from which the scanning is performed
  • the institution has an appointed CARNET system engineer, i.e. resource administrator with whom they are negotiating technical details about the service and who is authorized to receive the Vulnerability Scanning results
  • the public part of the PGP key of the authorized person is published on the public key server
  • if the legal representative of the institution (Dean or Principal) wants to appoint another person as the authorized contact for service agreement details and the download of the results, it is necessary to provide the National CERT with a certified declaration of appointment, for which the form can be found Here.
  • if the previously appointed authorized person changes the PGP key through which secure communication with the National CERT takes place, a certified declaration of the change of key should be provided, for which the form can be found Here.

CARNET full member institution can apply for a Vulnerability Scanning via the forms available Here and Here.The form is signed by the legal representative of the institution (Dean or Principal), and is certified by the stamp of the institution. Filled and certified forms are sent by mail to:

CARNET (for Vulnerability Scanning)

Josipa Marohnića 5

10000 Zagreb

ABOUT

National CERT Department

Josipa Marohnića 5

10000 Zagreb

Croatia

Phone: +385 1 6661 650

Fax: +385 1 6661 767

Vulnerability scanning-related inquiries are sent to provjera.ranjivosti@cert.hr.

Computer security incidents are reported to incident@cert.hr.

Other inquiries are sent to e-mail address ncert@cert.hr.

Technical characteristics of the service

• the Nessus tool is used for vulnerability scanning
• scanning is always performed only with certain computers with the same IP addresses
• scanning can be performed once or periodically and only at the request of the member institution
• there is no network vulnerability scanning on DoS attacks (Denial of Service) in order to minimize the impact of scanning on normal network and computer operation.

Document – Vulnerability scanning methodology

Distribution of service results

• the scanning results shall only be available to authorized persons of CARNET member institution and authorized persons of the National CERT
• distribution of vulnerability scanning results is done exclusively via e-mail using PGP for encrypting results. More information about PGP can be found Here
• the scanning results shall be stored and delivered to the authorized person via e-mail, encrypted with its public PGP key, the public PGP key of the vulnerability scanning and signed with the private PGP key for service of vulnerability scanning
• the public PGP key for service of vulnerability scanning is available Here.

Document –  Guidelines for interpreting a Vulnerability Scanning Report (Nessus v5.2.7)