-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # RFC 2350 Version: 1.10 Date: July, 04 2024 12:00:00 +0000 ## 1. Information about this document This document describes the computer security incident response service of the Polytechnic Institute of Bragança, in accordance with RFC2350, located in the cities of Bragança, Mirandela and Chaves, Portugal. ### 1.1 Date of last update Version 1.10 published in 2024/07/04. ### 1.2 Distribution list for notifications There are no distribution lists for notifications of changes. ### 1.3 Access to the present document An updated version of this document can be found at https://csirt.ipb.pt/en/rfc2350/ . An updated Portuguese version of this document can be found at https://csirt.ipb.pt/rfc2350/ . ### 1.4 Authenticity of this document For validation purposes, an ASCII version signed with PGP is available at https://csirt.ipb.pt/en/rfc2350.txt . The PGP key used for signing is from CSIRT@IPB and is available at [2.8](#28-public-keys-and-encryption-information). ## 2. Contact information ### 2.1 Team name CSIRT@IPB - Computer Security Incident Response Team of Polytechnic Institute of Bragança. ### 2.2 Address CSIRT@IPB Polytechnic Institute of Bragança Campus de Santa Apolónia - 5300-253 Bragança Portugal ### 2.3 Time zone Portugal/WEST (GMT+0, GMT+1 in Summer Time) ### 2.4 Phone number +351 273 303 060 ### 2.5 Fax Nonexistent. ### 2.6 Other means of communication Nonexistent. ### 2.7 Electronic mail address Email for reporting cybersecurity incidents: report.csirt@ipb.pt Email for other matters related to the CSIRT@IPB services: csirt@ipb.pt ### 2.8 Public keys and encryption information User ID: CSIRT@IPB - CSIRT Polytechnic Institute of Bragança Key ID: 0D367A3B Key type: RSA Key size: 4096 Expires: never Fingerprint: EBBA 3870 C79F 83BD 94EA  F33C E386 9A79 0D36 7A3B Sub-keys: report-csirt@ipb.pt ; irt-csirt@ipb.pt ### 2.9 Team members Coordination: Tiago Pedrosa Members: Diogo Patrício Alves, Eduardo Manuel Mendes Costa, Jorge Taborda Loureiro, Nuno Gonçalves Rodrigues, Sérgio Paulo Perdigão do Vale. Legal advice: Cláudia Afonso ### 2.10 Other information More information about CSIRT@IPB can be found at https://csirt.ipb.pt/ . ### 2.11 Points of Customer Contact CSIRT@IPB has the following means of contact: Email address: csirt@ipb.pt Phone number: +351 273 303 060 ## 3. Charter ### 3.1 Mission statement CSIRT@IPB's mission is to provide a computer security incident response service, namely handling and coordinating incident response, carrying out audits, producing security alerts and recommendations and promoting a computer security culture at the Polytechnic Institute of Bragança. ### 3.2 Community served CSIRT@IPB responds to computer security incidents in the Polytechnic Institute of Bragança community context. The IP address ranges covered by CSIRT@IPB are: + IPV4: + 193.136.194.0/23 + 193.136.231.0/24 + 193.136.252.144/29 + 193.137.62.0/23 + 193.137.101.0/24 + 193.137.106.0/23 + 193.137.108.0/23 + 193.137.132.0/23 + 194.210.88.0/21 + 194.210.104.0/22 + 194.210.108.0/23 + 194.210.110.0/24 + 194.210.181.0/24 + 194.210.182.0/23 + IPV6: + 2001:690:22c0::/48; ### 3.3 Sponsorship and/or Affiliation CSIRT@IPB is a cybersecurity team at the Polytechnic Institute of Bragança. Member of the Academic CSIRT Network: - - https://www.cert.rcts.pt/pt/rede-academica-de-csirts/ Member of CSIRT National Network: - - https://www.redecsirt.pt/ ### 3.4 Authority CSIRT@IPB is a cybersecurity core team of the Polytechnic Institute of Bragança whose authority is defined in an internal order. ## 4. Policies ### 4.1 Types of Incidents and Level of Support CSIRT@IPB responds to all types of cybersecurity incidents, particularly those that result in a security breach of the following types: 1. Malicious Code 2. Availability 3. Information Gathering 4. Intrusion attempt 5. Intrusion 6. Information Security 7. Fraud 8. Abusive content 9. Vulnerable ### 4.2 Cooperation, interaction and privacy policy CSIRT@IPB's privacy and data protection policy provides that sensitive information may be passed on to third parties, solely and exclusively, in case of need and with the express prior authorization of the individual or entity to whom that information relates. ### 4.3 Communication and authentication The means of communication provided by CSIRT@IPB are telephone and unencrypted email, which are considered sufficient for transmitting non-sensitive information. The use of PGP encryption is mandatory for the transmission of sensitive information. ## 5. Services ### 5.1 Incident Response CSIRT@IPB plans to support system administrators in managing the technical and organizational aspects of incidents. In particular, it can provide assistance and advice on the following aspects of incident management: #### 5.1.1 Incident triage * Determine the authenticity of an incident * Assessing and prioritizing an incident #### 5.1.2 Incident Coordination * Determine the organizations involved * Contact the organizations involved to investigate the incident and take appropriate action * Facilitate contact with other parties who can help resolve the incident * Sending reports to other CSIRTs or CERTs * Knowledge of the institution enables information to be passed on and incidents to be routed in such a way as to help and facilitate their resolution. #### 5.1.3 Incident Resolution * Advising local system administration teams on the appropriate actions to take * Monitor the progress of the system administration teams concerning security issues * Request reports * Respond to requests CSIRT@IPB may collect statistics on incidents in the context of its operation. ### 5.2 Proactive activities CSIRT@IPB coordinates and maintains the following services to expand its resources: * Alerts * Configuration and maintenance of security tools, applications and infrastructures * Development of security solutions * Intrusion detection services * Security audits or assessments * Dissemination of security-related information * Monitoring technological developments * Monitoring trends and neighbourhoods ## 6. Incident reporting forms There are no forms available for this purpose. ## 7. Disclaimers Although every precaution is taken in preparing the information disseminated on the Internet portal or through the distribution lists, CSIRT@IPB assumes no responsibility for errors or omissions or damages resulting from the use of this information. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE67o4cMefg72U6vM844aaeQ02ejsFAmaGgX8ACgkQ44aaeQ02 ejvDNQ/9GcYyEN8fL12pIs49mj6CBSXSxRhyskn/08R2birjlD/m3HarJKFGCF25 XsXsPbtcYToJxUoPgz/D5atIMZ7TR0wxy4OFUGmsKBhMbXxHNuFIGm7MVH7cpa/3 wF11+HyPVP4PPi9qICi2RKqkKrWC/08iLcHJhKIoqL0zEoWZ5/4Duqnvw0y8Z3rQ 3XkANYc+wgHyr7rQ0l0KydY87U2flOdOCob9sHPHH0wTdzoUTBcys7d5hCa1byYP Sb2JcU9YJY4nro1FTB3NTHoh49a2k1FFypCPBxHR7MRDACj753NnEKh4vI0wtZiW o7P4k9wQICTWmKkTZszEPhPVWe1+Koe82tNbYg92JNQGv6hgdztzQ1476cpVKPgR 0Srd0WsaAgZ5u2T0V95U7tr7uYq8CxGpLq8ZCV4JaE0SS5lRBx6U9eBzk87DeeHE HjgaRZ3W+JSvUQssIv+17F7ywrbEDyjywaWWYeqcCXZR9ccb7fmMkO2Qc1xsWq2M gO36gfSG6KIq55SJNdQIfjw8q1+yQq+0IesPUtsP/DGEv3E61M9vjDCFwCPvuuI8 HF2+c562lqmvZPH7pLzEnYrSQVDM97f4YHGQ8e0imUi/whAW3juES6HJ2SKHTHa/ 5xIymDUfYusnLnUiqVhQby95eZxDHNREY4U/We3ztNEmWjTnX4w= =yeRV -----END PGP SIGNATURE-----