How To Contact Us

We do get a lot of mail. For issues that aren't sensitive our community forums may be more suitable. For example, if you want to learn about a particular security related topic, or you would like some input regarding a packet trace you collected (and you don't mind sharing it in public), post it to the community forums.

Submit Logs

If you would like to add logs you've collected to our database, submit them to us!

Contact Us

You may want to use this form to:

Share your ideas about the site, or today's diary
Submit logs which you would rather submit in private
Notify us of any security event that should be covered

Contact Form

We are not able to respond to you unless you provide an e-mail address!

Email Address Name Subject

Note about attached files: Please attach any files "as found". If necessary, zip or tar multiple files into one. But try not to encrypt or obfuscate the files, as this may hinder analysis.

To anybody scanning this site for vulnerabilities: We enourage our readers to use this form to submit malicious code, viruses, spyware and all kinds of evil files. Us not filtering uploads for extensions like ".exe" is not a vulnerability, it is a feature. Submitting a vulnerability stating so shows that you have not actually read this notice and just used a lazy automated tool.

Attach a File:

Your message:

Is it ok to forward your submission to our malware analysis group? Yes No May we mention your observation in our diary? Yes No May we mention your first name in our diary? Yes No

Accept Terms:

I understand that all information submitted via this form will be sent to all ISC handlers. The information will be kept confidential within that group. They will only publish my information with my consent. If I entered an e-mail address, then an account may be created for me if I do not already have one to track this correspondence. My IP address will be recorded as well as other data submitted by my browser, such as the user-agent header. For more details, please review our privacy policy.

Other Contact Information

PGP keys: https://secure.dshield.org/PGPKEYS.txt

Currently valid PGP Keys:

Use this key to send us encrypted messages

pub   rsa3072/0x74B924071A59D0E4 2022-12-03 [SC] [expires: 2024-12-02]
      Key fingerprint = E262 02C4 1C9B A9B4 C9D4  8BDA 74B9 2407 1A59 D0E4
uid                   [ultimate] SANS Internet Storm Center (shared encryption key - do not use to sign) 
uid                   [ultimate] SANS Internet Storm Center (shared encryption key - do not use to sign) 
uid                   [ultimate] SANS Internet Storm Center (shared encryption key - do not use to sign) 
uid                   [ultimate] SANS Internet Storm Center (shared encryption key - do not use to sign) 
sub   rsa3072/0x4FB556A941EB3EFA 2022-12-03 [E] [expires: 2024-12-02]

This key is used to sign our messages

        pub   rsa4096 2020-01-08 [SC] [expires: 2023-01-07]
              8C5C AA3D 75A9 D7DE DCB5  D983 C32F 659E 81FB 912B
        uid           [ultimate] SANS Internet Storm Center / DShield (Only Used to Sign Automatically Generated E-Mails) <bounces@dshield.org>
        uid           [ultimate] SANS Internet Storm Center / DShield (Key only used to sign automatically generated email) <handlers@isc.sans.edu>
        uid           [ultimate] SANS Internet Storm Center / DShield (Only Used to Sign Automatically Generated E-Mails) <info@dshield.org>
        uid           [ultimate] SANS Internet Storm Center / DShield (Only Used to Sign Automatically Generated E-Mails) <handlers@sans.org>
        uid           [ultimate] SANS Internet Storm Center / DShield (Only Used to Sign Automatically Generated E-Mails) <bounces@isc.sans.edu>
        uid           [ultimate] SANS Internet Storm Center / DShield (Only Used to Sign Automatically Generated E-Mails) <handlers@isc.sans.org>
        sub   rsa4096 2020-01-08 [E] [expires: 2023-01-07]