Hide menu

IT security at LiU

This is IRT

IT security issues at Linköping University are handled by LiU's Incident Response Team, IRT. IRT is a centrally located function for IT security handing, information and cooperation, and preventative IT security efforts.

Any form of incident, such as intrusions, intrusion attempts, spam, network abuse, and so forth that is associated in any way to Linköping University, regardless of whether the university is affected, or the cause of, the incident. IRT does not handle issues that have no connection to Linköping University.

Detection and investigation of IT security incidents

  • Receive and handle incident reports that are sent to IRT from internal as well as external sources, and provide feedback to the extent that is appropriate.
  • Monitoring network traffic to discover port scans, intrusion attempts, and so forth.
  • Evaluate reports and other information to determine the correct course of action, and document this work.
  • Investigate IT security incidents and abuse of IT resources (secure evidence, analyze logs, reconstruct events, draw conclusions for preventative measures, etc) in collaboration with the affected organization.
  • Inform relevant external contact (other IRTs etc) when external attacks occur.
  • Disconnect systems or networks from LiU's core network when an organization is unable to handle an emergency that threatens the reliability or security of the rest of LiU's network and computing infrastructure.

Information and collaboration

  • Monitor mailing lists, websites and other information sources in the area.
  • Forward important IT security related information to organizations within the university.
  • Upon request, give advice in IT security related issues to organizations within the university.
  • Participate in the coordination of IT security concerns nationwide, primarily through SUNET-CERT and SUSEC.
  • Compile IRT reports with statistics of IT security incidents.


  • Search for vulnerabilities in network-connected systems, to discover these before they are abused.
  • Provide technical support to the CTO's office for policy development, regulation, procurement, etc.
  • Manage filters in the central e-mail servers to reduce spam, viruses and so forth.
  • Maintain central servers that for the university's central antivirus solutions.
  • Operate firewalls within the core network.


View contact information for IRT

Contact LiU IRT


spam@liu.se (to report spam)
nonspam@liu.se (to report e-mail incorrectly marked as spam)

abuse@liu.se (all other issues)

Email to these addresses are forwarded to a request tracking system.

Telephone: +46 (0)13 281744

LiU IRT is normally available 0900-1700 Mondays through Fridays. LiU is located in timzeone GMT+1 (GMT+2 during daylight savings time).

LiU IRT is certified by Trusted Introducer and a member of FIRST.


[TI: logo for TI certified teams]

FIRST Forum of Incident Response and Security Teams

Page manager: david.byers@liu.se
Last updated: 2020-09-29