RFC 2350

RFC 2350

Version: 1.9

Date: December, 13 2023 11:00:00 +0000

1. Information about this document

This document describes the computer security incident response service of the Polytechnic Institute of Bragança, in accordance with RFC2350, located in the cities of Bragança, Mirandela and Chaves, Portugal.

1.1 Date of last update

Version 1.9 published in 2023/12/13.

1.2 Distribution list for notifications

There are no distribution lists for notifications of changes.

1.3 Access to the present document

An updated version of this document can be found at https://csirt.ipb.pt/rfc2350.

An updated Portuguese version of this document can be found at https://csirt.ipb.pt/pt/rfc2350.

1.4 Authenticity of this document

For validation purposes, an ASCII version signed with PGP is available at https://csirt.ipb.pt/rfc2350-en.txt. The PGP key used for signing is from CSIRT@IPB and is available at [2.8].

2. Contact information

2.1 Team name

CSIRT@IPB - Computer Security Incident Response Team of Polytechnic Institute of Bragança.

2.2 Address

CSIRT@IPB Polytechnic Institute of Bragança Campus de Santa Apolónia - 5300-253 Bragança Portugal

2.3 Time zone

Portugal/WEST (GMT+0, GMT+1 in Summer Time)

2.4 Phone number

+351 273 303 060

2.5 Fax

Nonexistent.

2.6 Other means of communication

Nonexistent.

2.7 Electronic mail address

Email for reporting cybersecurity incidents: report.csirt@ipb.pt

Email for other matters related to the CSIRT@IPB services: csirt@ipb.pt

2.8 Public keys and encryption information

User ID: CSIRT@IPB - CSIRT Polytechnic Institute of Bragança csirt@ipb.pt

Key ID: 0D367A3B Key type: RSA

Key size: 4096 Expires: never

Fingerprint: EBBA 3870 C79F 83BD 94EA  F33C E386 9A79 0D36 7A3B

2.9 Team members

Coordination: Tiago Pedrosa

Members: Diogo Patrício Alves, Eduardo Manuel Mendes Costa, Jorge Taborda Loureiro, Nuno Gonçalves Rodrigues, Sérgio Paulo Perdigão do Vale.

2.10 Other information

More information about CSIRT@IPB can be found at https://csirt.ipb.pt/.

2.11 Points of Customer Contact

CSIRT@IPB has the following means of contact:

Email address: csirt@ipb.pt

Phone number: +351 273 303 060

3. Charter

3.1 Mission statement

CSIRT@IPB’s mission is to provide a computer security incident response service, namely handling and coordinating incident response, carrying out audits, producing security alerts and recommendations and promoting a computer security culture at the Polytechnic Institute of Bragança.

3.2 Community served

CSIRT@IPB responds to computer security incidents in the context of the Polytechnic Institute of Bragança community. The IP address ranges covered by CSIRT@IPB are:

  • IPV4:

    • 193.136.194.0/23
    • 193.136.231.0/24
    • 193.136.252.144/29
    • 193.137.62.0/23
    • 193.137.101.0/24
    • 193.137.106.0/23
    • 193.137.108.0/23
    • 193.137.132.0/23
    • 194.210.88.0/21
    • 194.210.104.0/22
    • 194.210.108.0/23
    • 194.210.110.0/24
    • 194.210.181.0/24
    • 194.210.182.0/23
  • IPV6:

    • 2001:690:22c0::/48

3.3 Sponsorship and/or Affiliation

CSIRT@IPB is a cybersecurity team at the Polytechnic Institute of Bragança.

Member of the Academic CSIRT Network:

Member of CSIRT National Network:

3.4 Authority

CSIRT@IPB is a cybersecurity core team of the Polytechnic Institute of Bragança whose authority is defined in an internal order.

4. Policies

4.1 Types of Incidents and Level of Support

CSIRT@IPB responds to all types of cybersecurity incident, particularly those that result in a security breach of the following types:

  1. Malicious Code
  2. Availability
  3. Information Gathering
  4. Intrusion attempt
  5. Intrusion
  6. Information Security
  7. Fraud
  8. Abusive content
  9. Vulnerable

4.2 Cooperation, interaction and privacy policy

CSIRT@IPB’s privacy and data protection policy provides that sensitive information may be passed on to third parties, solely and exclusively in case of need and with the express prior authorization of the individual or entity to whom that information relates.

4.3 Communication and authentication

The means of communication provided by CSIRT@IPB are telephone and unencrypted email, which are considered sufficient for the transmission of non-sensitive information. The use of PGP encryption is mandatory for the transmission of sensitive information.

5. Services

5.1 Incident Response

CSIRT@IPB plans to support system administrators in managing the technical and organizational aspects of incidents. In particular, it can provide assistance and advice on the following aspects of incident management:

5.1.1 Incident triage
  • Determine the authenticity of an incident
  • Assessing and prioritizing an incident
5.1.2 Incident Coordination
  • Determine the organizations involved
  • Contact the organizations involved to investigate the incident and take appropriate action
  • Facilitate contact with other parties who can help resolve the incident
  • Sending reports to other CSIRTs or CERTs
  • Knowledge of the institution enables information to be passed on and incidents to be routed in such a way as to help and facilitate their resolution.
5.1.3 Incident Resolution
  • Advising local system administration teams on the appropriate actions to take
  • Monitor the progress of the system administration teams with regard to security issues
  • Request reports
  • Respond to requests

CSIRT@IPB may collect statistics on incidents in the context of its operation.

5.2 Proactive activities

CSIRT@IPB coordinates and maintains the following services to expand its resources:

  • Alerts
  • Configuration and maintenance of security tools, applications and infrastructures
  • Development of security solutions
  • Intrusion detection services
  • Security audits or assessments
  • Dissemination of security-related information
  • Monitoring technological developments
  • Monitoring trends and neighborhoods

6. Incident reporting forms

There are no forms available for this purpose.

7. Disclaimers

Although every precaution is taken in the preparation of the information disseminated either on the Internet portal or through the distribution lists, CSIRT@IPB assumes no responsibility for errors or omissions, or for damages resulting from the use of this information.