Version: 1.10
Date: July, 04 2024 12:00:00 +0000
1. Information about this document
This document describes the computer security incident response service of the Polytechnic Institute of Bragança, in accordance with RFC2350, located in the cities of Bragança, Mirandela and Chaves, Portugal.
1.1 Date of last update
Version 1.10 published in 2024/07/04.
1.2 Distribution list for notifications
There are no distribution lists for notifications of changes.
1.3 Access to the present document
An updated version of this document can be found at https://csirt.ipb.pt/en/rfc2350/ .
An updated Portuguese version of this document can be found at https://csirt.ipb.pt/rfc2350/ .
1.4 Authenticity of this document
For validation purposes, an ASCII version signed with PGP is available at https://csirt.ipb.pt/en/rfc2350.txt . The PGP key used for signing is from CSIRT@IPB and is available at 2.8.
2. Contact information
2.1 Team name
CSIRT@IPB - Computer Security Incident Response Team of Polytechnic Institute of Bragança.
2.2 Address
CSIRT@IPB Polytechnic Institute of Bragança Campus de Santa Apolónia - 5300-253 Bragança Portugal
2.3 Time zone
Portugal/WEST (GMT+0, GMT+1 in Summer Time)
2.4 Phone number
+351 273 303 060
2.5 Fax
Nonexistent.
2.6 Other means of communication
Nonexistent.
2.7 Electronic mail address
Email for reporting cybersecurity incidents: report.csirt@ipb.pt
Email for other matters related to the CSIRT@IPB services: csirt@ipb.pt
2.8 Public keys and encryption information
User ID: CSIRT@IPB - CSIRT Polytechnic Institute of Bragança csirt@ipb.pt
Key ID: 0D367A3B Key type: RSA
Key size: 4096 Expires: never
Fingerprint: EBBA 3870 C79F 83BD 94EA F33C E386 9A79 0D36 7A3B
Sub-keys: report-csirt@ipb.pt ; irt-csirt@ipb.pt
2.9 Team members
Coordination: Tiago Pedrosa
Members: Diogo Patrício Alves, Eduardo Manuel Mendes Costa, Jorge Taborda Loureiro, Nuno Gonçalves Rodrigues, Sérgio Paulo Perdigão do Vale.
Legal advice: Cláudia Afonso
2.10 Other information
More information about CSIRT@IPB can be found at https://csirt.ipb.pt/ .
2.11 Points of Customer Contact
CSIRT@IPB has the following means of contact:
Email address: csirt@ipb.pt
Phone number: +351 273 303 060
3. Charter
3.1 Mission statement
CSIRT@IPB’s mission is to provide a computer security incident response service, namely handling and coordinating incident response, carrying out audits, producing security alerts and recommendations and promoting a computer security culture at the Polytechnic Institute of Bragança.
3.2 Community served
CSIRT@IPB responds to computer security incidents in the Polytechnic Institute of Bragança community context. The IP address ranges covered by CSIRT@IPB are:
-
IPV4:
- 193.136.194.0/23
- 193.136.231.0/24
- 193.136.252.144/29
- 193.137.62.0/23
- 193.137.101.0/24
- 193.137.106.0/23
- 193.137.108.0/23
- 193.137.132.0/23
- 194.210.88.0/21
- 194.210.104.0/22
- 194.210.108.0/23
- 194.210.110.0/24
- 194.210.181.0/24
- 194.210.182.0/23
-
IPV6:
- 2001:690:22c0::/48;
3.3 Sponsorship and/or Affiliation
CSIRT@IPB is a cybersecurity team at the Polytechnic Institute of Bragança.
Member of the Academic CSIRT Network:
Member of CSIRT National Network:
3.4 Authority
CSIRT@IPB is a cybersecurity core team of the Polytechnic Institute of Bragança whose authority is defined in an internal order.
4. Policies
4.1 Types of Incidents and Level of Support
CSIRT@IPB responds to all types of cybersecurity incidents, particularly those that result in a security breach of the following types:
- Malicious Code
- Availability
- Information Gathering
- Intrusion attempt
- Intrusion
- Information Security
- Fraud
- Abusive content
- Vulnerable
4.2 Cooperation, interaction and privacy policy
CSIRT@IPB’s privacy and data protection policy provides that sensitive information may be passed on to third parties, solely and exclusively, in case of need and with the express prior authorization of the individual or entity to whom that information relates.
4.3 Communication and authentication
The means of communication provided by CSIRT@IPB are telephone and unencrypted email, which are considered sufficient for transmitting non-sensitive information. The use of PGP encryption is mandatory for the transmission of sensitive information.
5. Services
5.1 Incident Response
CSIRT@IPB plans to support system administrators in managing the technical and organizational aspects of incidents. In particular, it can provide assistance and advice on the following aspects of incident management:
5.1.1 Incident triage
- Determine the authenticity of an incident
- Assessing and prioritizing an incident
5.1.2 Incident Coordination
- Determine the organizations involved
- Contact the organizations involved to investigate the incident and take appropriate action
- Facilitate contact with other parties who can help resolve the incident
- Sending reports to other CSIRTs or CERTs
- Knowledge of the institution enables information to be passed on and incidents to be routed in such a way as to help and facilitate their resolution.
5.1.3 Incident Resolution
- Advising local system administration teams on the appropriate actions to take
- Monitor the progress of the system administration teams concerning security issues
- Request reports
- Respond to requests
CSIRT@IPB may collect statistics on incidents in the context of its operation.
5.2 Proactive activities
CSIRT@IPB coordinates and maintains the following services to expand its resources:
- Alerts
- Configuration and maintenance of security tools, applications and infrastructures
- Development of security solutions
- Intrusion detection services
- Security audits or assessments
- Dissemination of security-related information
- Monitoring technological developments
- Monitoring trends and neighbourhoods
6. Incident reporting forms
There are no forms available for this purpose.
7. Disclaimers
Although every precaution is taken in preparing the information disseminated on the Internet portal or through the distribution lists, CSIRT@IPB assumes no responsibility for errors or omissions or damages resulting from the use of this information.