RFC 2350 of CSIRT.UEVORA

The RFC 2350 is a standardized best practice to present CSIRTs. Here we make available the RFC 2350 of CSIRT.UEVORA (also in txt signed with PGP).

1 About this document

1.1 Date of last update

Version 1.2 published 2024-01-09.

1.2 Distribution list for notifications

There is no distribution list to notify changes of this document.

1.3 Locations where this document may be found

The current version of this document can be found in its web version at:
https://www.csirt.uevora.pt/en/rfc

and in the txt version signed with PGP at:
https://www.csirt.uevora.pt/images/files/csirtuevora_rfc2350_en.txt

As versões correspondentes em português estão igualmente disponíveis em:
https://www.csirt.uevora.pt/pt/rfc
https://www.csirt.uevora.pt/images/files/csirtuevora_rfc2350_pt.txt

1.4 Authenticating this document

This document in its txt version is signed with the PGP key of CSIRT.UEVORA:
https://www.csirt.uevora.pt/images/files/csirtuevora_rfc2350_en.txt

2 Contact information

2.1 Name of the Team

CSIRT.UEVORA

2.2 Address

Universidade de Évora
CSIRT.UEVORA - Serviços de Informática
Edifício da Antiga Cadeia
Largo Senhora da Natividade
7000-810 Évora

2.3 Time zone

Portugal (mainland): WET (UTC+00 and UTC+01 in summer time)

2.4 Telephone number

+351 266760955

2.5 Fax

None available.

2.6 Other communication

None available.

2.7 E-mail address

Incident reports: csirt@uevora.pt
Other requests: apoio@si.uevora.pt

2.8 Public keys and other encryption information

The public PGP key can be obtained at:
https://www.csirt.uevora.pt/images/files/csirtuevora_pgp_pub.txt

You can also verify keyID 0x454C4DA9 at the major PGP key servers. The fingerprint is 4032 08D5 523E 5132 BBA2 7D79 48DF E624 454C 4DA9.

2.9 Team members

Coordinator: Rui Paz
Members: Carlos Limpinho, João Taleço, Filipe Sousa, Mário Filipe, Joaquim Godinho, Tiago Sousa

2.10 Other information

For more information please visit the website at https://www.csirt.uevora.pt/

2.11 Points of customer contact

E-mail for incident reports: csirt@uevora.pt
E-mail for other requests: apoio@si.uevora.pt
External phone: +351 266760955
Internal phone: 42127

3 Charter

3.1 Mission statement

It is the responsibility of CSIRT.UEVORA to give a first and swift response to cybersecurity incidents at the University of Évora, focusing on the safeguard of information contained in its computer systems, as well as helping to fix eventually identified flaws.

It also proactively seeks to minimize risks and vulnerabilities in the computer systems of the University of Évora and instill good information security practices in its academic community.

3.2 Constituency

CSIRT.UEVORA answers for computer security incidents related to the academic community of the University of Évora. This covers the domain uevora.pt and the following IP ranges:

3.3 Affiliation

CSIRT.UEVORA is integrated in the Serviços de Informática of the University of Évora.

It is a member of the portuguese Academic CSIRT Network (RAC) since 2018-11-20 and of the portuguese National CSIRT Network (RNCSIRT) since 2019-06-27.

3.4 Authority

CSIRT.UEVORA operates within the authority delegated by the Serviços de Informática of the University of the Évora as permitted by existing Regulation. Its existence has been approved by higher determination of the Rectory and the Administrator of the University of Évora, from which stems its legitimacy.

4 Policies

4.1 Types of incidents and level of support

CSIRT.UEVORA responds to all types of computer security incidents, such as vulnerability exploitation, denial of service, abusive content and others, classified according to the common taxonomy of the portuguese CSIRT National Network.

The level of support will depend upon the severity of the incident, with particular emphasis on the protection of information consdered critical, and in proportion to the number of affected users. In all cases, the incidents will be handled as quickly as possible.

4.2 Co-operation, interaction and disclosure of information

Sensitive information can only be transmitted to third parties solely and exclusively in the case of actual need and with prior express authorization of the individual or entity to whom the information may concern.

4.3 Communication and authentication

Of the available means of communication offered by CSIRT.UEVORA, non-encrypted email and telephone are considered sufficient to transmit non-sensitive information. To transmit sensitive information it is required to use PGP encryption.

5 Services

5.1 Incident response

CSIRT.UEVORA gives assistance to everyone in response to security incidents, from systems administrators to end users. It colaborates in all stages of the response, starting with the initial triage, to coordination between different entities when relevant, and actively seeks to participate in its resolution. We focus on our academic community, that is, incidents whose origin or destiny is the University of Évora.

5.2 Proactive activities

CSIRT.UEVORA informs its constituency of the security alerts considered relevant that are prepared by CERT.PT, NIST.GOV and other respected entities. It also creates its own information campaigns regarding information security, particularly about phishing, fraud and software vulnerabilities.

Within its capabilities, it monitors the infrastructure at the cybersecurity level, looking out for possible threats to the University of Évora.

6 Incident reporting forms

No form available at the moment. Inciding reports should include all information considerent relevant to the event.

7 Disclaimers

While every precaution will be taken in the preparation of this information, CSIRT.UEVORA assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.