-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 RFC 2350 of CSIRT.UEVORA The RFC 2350 is a standardized good practice to present CSIRTs. Here we make available the RFC 2350 of CSIRT.UEVORA (also in txt signed with PGP). 1 About this document 1.1 Date of last update Version 1.2 published 2024-01-09. 1.2 Distribution list for notifications There is no distribution list to notify changes of this document. 1.3 Locations where this document may be found The current version of this document can be found in its web version at: https://www.csirt.uevora.pt/en/rfc and in the txt version signed with PGP at: https://www.csirt.uevora.pt/images/files/csirtuevora_rfc2350_en.txt As versões correspondentes em português estão igualmente disponíveis em: https://www.csirt.uevora.pt/pt/rfc https://www.csirt.uevora.pt/images/files/csirtuevora_rfc2350_pt.txt 1.4 Authenticating this document This document in its txt version is signed with the PGP key of CSIRT.UEVORA: https://www.csirt.uevora.pt/images/files/csirtuevora_rfc2350_en.txt 2 Contact information 2.1 Name of the Team CSIRT.UEVORA 2.2 Address Universidade de Évora CSIRT.UEVORA - Serviços de Informática Edifício da Antiga Cadeia Largo Senhora da Natividade 7000-810 Évora 2.3 Time zone Portugal (mainland): WET (UTC+00 and UTC+01 in summer time) 2.4 Telephone number +351 266760955 2.5 Fax None available. 2.6 Other communication None available. 2.7 E-mail address Incident reports: csirt@uevora.pt Other requests: apoio@si.uevora.pt 2.8 Public keys and other encryption information The public PGP key can be obtained at: https://www.csirt.uevora.pt/images/files/csirtuevora_pgp_pub.txt You can also verify keyID 0x454C4DA9 at the major PGP key servers. The fingerprint is 4032 08D5 523E 5132 BBA2 7D79 48DF E624 454C 4DA9. 2.9 Team members Coordinator: Rui Paz Members: Carlos Limpinho, João Taleço, Filipe Sousa, Mário Filipe, Joaquim Godinho, Tiago Sousa 2.10 Other information For more information please visit the website at https://www.csirt.uevora.pt/ 2.11 Points of customer contact E-mail for incident reports: csirt@uevora.pt E-mail for other requests: apoio@si.uevora.pt External phone: +351 266760955 Internal phone: 42127 3 Charter 3.1 Mission statement It is the responsibility of CSIRT.UEVORA to give a first and swift response to cybersecurity incidents at the University of Évora, focusing on the safeguard of information contained in its computer systems, as well as helping to fix eventually identified flaws. It also proactively seeks to minimize risks and vulnerabilities in the computer systems of the University of Évora and instill good information security practices in its academic community. 3.2 Constituency CSIRT.UEVORA answers for computer security incidents related to the academic community of the University of Évora. This covers the domain uevora.pt and the following IP ranges: IPv4 192.92.152.0/24 193.136.216.0/22 193.137.120.0/23 193.137.176.0/21 193.137.216.0/22 194.210.98.0/24 IPv6 2001:0690:2006::/48 3.3 Affiliation CSIRT.UEVORA is integrated in the Serviços de Informática of the University of Évora. It is a member of the portuguese Academic CSIRT Network (RAC) since 2018-11-20 and of the portuguese National CSIRT Network (RNCSIRT) since 2019-06-27. 3.4 Authority CSIRT.UEVORA operates within the authority delegated by the Serviços de Informática of the University of Évora as permitted by existing Regulation. Its existence has been approved by higher determination of the Rectory and the Administrator of the University of Évora, from which stems its legitimacy. 4 Policies 4.1 Types of incidents and level of support CSIRT.UEVORA responds to all types of computer security incidents, such as vulnerability exploitation, denial of service, abusive content and others, classified according to the common taxonomy of the portuguese CSIRT National Network. The level of support will depend upon the severity of the incident, with particular emphasis on the protection of information consdered critical, and in proportion to the number of affected users. In all cases, the incidents will be handled as quickly as possible. 4.2 Co-operation, interaction and disclosure of information Sensitive information can only be transmitted to third parties solely and exclusively in the case of actual need and with prior express authorization of the individual or entity to whom the information may concern. 4.3 Communication and authentication Of the available means of communication offered by CSIRT.UEVORA, non-encrypted email and telephone are considered sufficient to transmit non-sensitive information. To transmit sensitive information it is required to use PGP encryption. 5 Services 5.1 Incident response CSIRT.UEVORA gives assistance to everyone in response to security incidents, from systems administrators to end users. It colaborates in all stages of the response, starting with the initial triage, to coordination between different entities when relevant, and actively seeks to participate in its resolution. We focus on our academic community, that is, incidents whose origin or destiny is the University of Évora. 5.2 Proactive activities CSIRT.UEVORA informs its constituency of the security alerts considered relevant that are prepared by CERT.PT, NIST.GOV and other respected entities. It also creates its own information campaigns regarding information security, particularly about phishing, fraud and software vulnerabilities. Within its capabilities, it monitors the infrastructure at the cybersecurity level, looking out for possible threats to the University of Évora. 6 Incident reporting forms No form available at the moment. Inciding reports should include all information considerent relevant to the event. 7 Disclaimers While every precaution will be taken in the preparation of this information, CSIRT.UEVORA assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within. -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEEQDII1VI+UTK7on15SN/mJEVMTakFAmWdXWwQHGNzaXJ0QHVl dm9yYS5wdAAKCRBI3+YkRUxNqf7tD/0QWAEPckCGydmTZIldtje4NpAQVDvKl25/ kktxw/CtE6qEyMpMZpKgaQ3GZsy/sCZM+3vM60FWsXTsp64mPmN1dFwiKiDsHUEz F9MBewieR4kTBYb8PdhxvNNLdVXCjrBC4f1b9BUaLcEVXiDAJ/o0o4sETUVwZf0G R/Ed3vSp34dlA+NOd5vbsFl4zCW2juYZ9ZfQxnRuk9tj7XAlli4/HiIbcNXN4ZsQ D2biAGh/6YTIvkkasr0ukz8YlZ2H8SpIGxEMSPwGKs5eUHa+/3NeENFTfrb60VBa P99zeB3De6Y6VOV1Tl+Hyxnm9wLbna/tHpT+fLsIgmVKza9ikqZwaCRUTij4AsIk rE2JLOm7eGGVYI35dHAlNb8RxCYpU+VcarNXBBRSkMtZeclO2XkFBUSv2XZzky+L 6aOIR60Wc2nxXe20NxY9KW94Xn8GyYGTF8OjMFW9gM3mVU4IH/846mUAxsWUbTZh JQvv2nc2ioGy+eLYR4xk8EHBl+1IMcz+BIzpc1sRGGTuAoowLwC2ty/MII4z1a/H rP2WaXewyxneXT4PKD5R4zaQU4M1j/9lUGC9p2LUoGbT64jHlZSg4tr/AkL9tZ8x 3pLyp1OOCVsVfM69iIxL8tGtit/hx7VHtX1VgTJbvyJrpJr9oOC1Q17BcYYMm2Oz rg1vYawMcw== =FGRO -----END PGP SIGNATURE-----