RFC 2350

Version: 1.6

Date: March, 15 2023 17:30:00 +0000

1. Information about this document

This document describes the incident response service from Polytechnic Institute of Bragança (IPB), which is a portuguese polytechnic institute located in the cities of Bragança, Mirandela and Chaves, according to the RFC2350.

1.1 Date of last update

Version 1.6 published in 2023/03/15.

1.2 Distribution list for notifications

There is no existing distribution channel for notifications of updates.

1.3 Access to the present document

An updated version of this document can be found at https://csirt.ipb.pt/rfc2350.

An updated Portuguese version of this document can be found at https://csirt.ipb.pt/pt/rfc2350.

1.4 Authenticity of this document

For validation purposes, a PGP signed ASCII version of this document is located at https://csirt.ipb.pt/rfc2350-en.txt. The key used for signing is the CSIRT@IPB and is available at 2.8.

2. Contact information

2.1 Team name

CSIRT@IPB - Computer Security Incident Response Team of Polytechnic Institute of Bragança.

2.2 Address

CSIRT@IPB Polytechnic Institute of Bragança Campus de Santa Apolónia - 5300-253 Bragança Portugal

2.3 Time zone

Portugal/WEST (GMT+0, GMT+1 in Summer Time)

2.4 Phone number

+351 273 303 060

2.5 Fax


2.6 Other means of communication


2.7 Electronic mail address

Email address for notification of cybersecurity incidents: report.csirt@ipb.pt

Email address for other CSIRT@IPB service-related matters: csirt@ipb.pt

2.8 Public keys and encryption information

User ID: CSIRT@IPB - CSIRT Polytechnic Institute of Bragança csirt@ipb.pt

Key ID: 0D367A3B Key type: RSA

Key size: 4096 Expires: never

Fingerprint: EBBA 3870 C79F 83BD 94EA  F33C E386 9A79 0D36 7A3B

2.9 Team members

Coordination: Tiago Pedrosa

Members: Eduardo Manuel Mendes Costa, Nuno Gonçalves Rodrigues, Sérgio Paulo Perdigão do Vale

Collaborators: Diogo Alves, Jorge Loureiro

2.10 Other information

More information about CSIRT@IPB can be found at https://csirt.ipb.pt/.

2.11 Points of Customer Contact

The CSIRT@IPB has the following means of communication

Email address: csirt@ipb.pt

Phone number: +351 273 303 060

3. Charter

3.1 Mission statement

The CSIRT@IPB has as a mission, to provide incident response services in informatics security, namely, handling and coordinating response incidents, audit tasks, provisioning with alerts and security recommendations and in promoting a culture of informatics security in IPB.

3.2 Community served

The CSIRT@IPB responds to informatics security incidents in the Polytechnic Institute of Bragança context. The IP address set that are in the handling scope of the CSIRT@IPB are:

  • IPV4:

  • IPV6:

    • 2001:690:22c0::/48

3.3 Sponsorship and/or Affiliation

CSIRT@IPB is an integrated center in Computer Services of Polytechnic Institute of Bragança.

Member of the Academic CSIRT Network:

Member of CSIRT National Network:

3.4 Authority

CSIRT@IPB is a Polytechnic Institute of Bragança service, whose authority competence is defined in the internal dispatch.

4. Policies

4.1 Types of Incidents and Level of Support

O CSIRT@IPB handles every type of cybersecurity incident, namely, those that result in a security violation of the following types:

  1. Malicious Code
  2. Availability
  3. Information Gathering
  4. Intrusion attempt
  5. Intrusion
  6. Information Security
  7. Fraud
  8. Abusive content
  9. Vulnerable

4.2 Cooperation, interaction and privacy policy

The privacy and data protection policy of CSIRT@IPB predicts that sensitive information may be passed to third parties, solely and exclusively in a case of necessity and with the express prior authorization of the individual or entity to whom such information belongs.

4.3 Communication and authentication

From the means of communication provided by CSIRT@IPB, the phone number and unencrypted electronic mail are considered sufficient for the transmission of non-sensitive information. For the transmission of sensitive information the use of PGP ciphers is mandatory.

5. Services

5.1 Incident Response

CSIRT@IPB plans to support the systems administrators in managing the technical and organizational aspects of security incidents. In particular, provisioning assistance and advice on the following aspects of incident management:

5.1.1 Incident Screening
  1. Determine when an incident is authentic.

  2. Evaluate and prioritize and incident.

5.1.2 Incident Coordination
  1. Determine the organizations involved.
  2. Contact the organizations involved to investigate the incident and take appropriate action.
  3. Facilitate the contact with other parties that can be of help in resolving incidents.
  4. Send reports to other CERTs.
  5. We classify ourselves as a hub of information that knows the institute and that can route information related to computer security incidents to other parties therefore facilitate its resolution.
5.1.3 Incident Resolution
  • Advise local system administration teams of the appropriate actions and measures to be taken.
  • Monitor the progress of system administration teams in relation to security issues.
  • Request reports.
  • Respond to requests.
  • The CSIRT@IPB collects incident statistics in the context of its institution.

5.2 Proactive activities

CSIRT@IPB coordinates and maintains the following services to expand its capabilities:

  • Alerts.
  • Configuration and maintenance of security tools, applications and infrastructures.
  • Development of security solutions.
  • Intrusion detection services.
  • Security audits or evaluations.
  • Dissemination of information related to security.
  • Monitor technological evolution.
  • Monitor tendencies.

6. Incident reporting forms

There are no local forms available.

7. Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, CSIRT@IPB assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.