INFN CSIRT
RFC 2350
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
1. About this document
1.1 Date of Last Update
Version 2.0, published 29 Jan 2024.
1.2 Distribution List for Notifications
Notifications of updates are submitted to the mailing list (in
Italian):
resp_sec@lists.infn.it
1.3 Locations where this Document May Be Found
The current version of this document is available from the INFN CSIRT
WWW site:
https://www.csirt.infn.it/rfc2350.html
1.4 Authentication of this document
This document has been signed with the INFN CSIRT PGP Key.
2. Contact Information
2.1 Name of the Team
INFN CSIRT: INFN Computer Security Incident Response Team
2.2 Address
INFN CSIRT c/o
INFN CNAF
Viale Berti Pichat 6/2
40127 Bologna (IT)
2.3 Time Zone
Central European (GMT+0100 and GMT+0200 from the last Sunday of
March to the last Sunday of October).
2.4 Telephone Number
+39 051 2095459
2.5 Facsimile Number
None available.
2.6 Other Telecommunication
None available.
2.7 Electronic Mail Address
csirt@infn.it
This is a mail alias that relays mail to the human(s) on duty for INFN CSIRT
2.8 Public Keys and Encryption Information
INFN CSIRT has a PGP Master Key:
pub 4096R/ECEC6AEE 2019-10-29 INFN CSIRT
Key fingerprint = EEB3 957D CF51 44E4 57B5 3011 969B 8161 ECEC 6AEE
2.9 Team Members
Luca Giovanni Carbone of INFN is the INFN CSIRT coordinator.
Other team members are listed in the INFN CSIRT web pages at:
https://www.csirt.infn.it/cs.html
2.10 Other Information
General information (in Italian) about INFN CSIRT can be found at:
https://www.csirt.infn.it
2.11 Points of Customer Contact
INFN CSIRT can be contacted:
- via e-mail as a preferred method at: csirt@infn.it;
- by telephone;
- by web using the form mentioned in Section 6.
3. Charter
3.1 Mission Statement
The purposes of INFN CSIRT are:
- to assist the INFN users to implement proactive
measures to reduce the risk of computer security
incidents;
- to assist the INFN users in responding to such
incidents when they occur.
3.2 Constituency
The INFN CSIRT constituency is the community of the users of the INFN,
the Italian National Institute for Nuclear Physics:
https://www.infn.it
3.3 Sponsorship
INFN CSIRT is an operative service of the INFN Computing and Network Committee (CCR).
3.4 Authority
The INFN CSIRT operates under the auspices of, and with authority
delegated by the INFN CCR.
4. Policies
4.1 Types of Incidents and Level of Support
INFN CSIRT is authorized to address all types of computer security
incidents which occur, or threaten to occur, at any of the INFN sites.
Every effort will be done to give some response within two working
days.
No direct support will be given to end-users, as they are expected
to contact their system administrators at the local INFN site.
INFN CSIRT expects that the local INFN sites involved in the security
incidents will cooperate in the resolution of the problem.
The incident handling procedure (in Italian) can be found at the following
URL:
https://www.csirt.infn.it/p.html
INFN CSIRT will keep its constituency informed of potential vulnerabilities,
possibly before they are actively exploited.
4.2 Co-operation, Interaction and Disclosure of Information
ALL incoming information is handled confidentially by INFN CSIRT
and stored in a secure environment using encryption technologies.
INFN CSIRT, unless explicitly authorized or required by law enforcement,
will not divulge the identity of nodes victims of computer security incidents.
4.3 Communication and Authentication
Telephone and unencrypted e-mail are considered sufficient for the
transmission of low-sensitivity data. In all cases all incoming e-mail
to csirt@infn.it are encrypted by default and kept on an encrypted storage.
If it is necessary to send high sensitivity data by e-mail, PGP will
be used.
5. Services
5.1 Incident Response
INFN CSIRT is responsible for the coordination of security incidents
involving their constituency (as defined in 3.2). INFN CSIRT therefore handles
both the triage and coordination aspects. Incident resolution is left to the
INFN local administrators within the constituency.
However INFN CSIRT will offer support and advice on request
In particular:
- investigating the nature and extent of the incident;
- determining the initial cause (e.g. vulnerability exploited);
- keeping contacts with other sites involved;
- reporting to other CSIRTs and in particular to GARR-CERT.
To make use of INFN-CSIRT's incident response services, please use
the methods listed in Section 2.11.
5.2 Proactive Activities
INFN CSIRT coordinates and maintains the following services to the
extent possible depending on its resources:
- auditing services;
- dissemination of information about vulnerabilities and
recommended security measures;
6. Incident Reporting Forms
If possible, use the following form to report a security incident:
https://www.csirt.infn.it/si.html
7. Disclaimers
While every precaution will be taken in the preparation of
information, notifications and alerts, INFN CSIRT assumes no
responsibility for errors or omissions, or for damages
resulting from the use of the information contained within.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJlwkaDAAoJEJabgWHs7GruLWUP+wZku7kT2+19WFrjmPtdOZEa
6HmrxsnUi3k16EBs9JMgZBh5nGh1mtKd/t1Jx5wQH9gJkrdd2sQsQGvaTbi0MjGm
3E7AsHK4noBn3X9Y77psyVa+svKE4K+4aKkKh6kF1ARaEo6ot72ed+n8MDWrPolM
gvsJxl/v1gKRqdOJXvb6rQhPUjkEcbaR41jcuakjK90glml942Ri7dircjsxUuEM
U8YzFjm4NOk97N1Z4idxGeYMFVSJaWVLqAC8G6gP1rj+SeBtLmGiIQnKRqMmE766
K89zz+xvBvfiJQ9zNm7e6OYzb0jJbljIWEFm35cHuHi9q+czVepGn/6uOR179cqq
jiPmIWDL1NGxT1FSq6y5N+T1GGQMPg6u+rcmxJLy4ngjNy/VNTl73xpiUjvx//9I
4X7S+AY5dgJ600nVazpTgAp0JbBAYsr4zoUdJNMCIRGzS5cwSLzk3D7Ej1Qa6oBT
cnyCEeY9HAS8M/YH5yjqTj/x1LpBs0uqVrzYZG2j1YSYxbFfZSNPYTWCPsqxmDgz
0QCV9TCHP1Eu16ZGWbOa+v3af1DzZFcEf43hWEMVa9Cg54+MJ0gjn9oZcONCRY7i
CiCvyhs1xplbGhS5rpgJCoVkw8jFi4AP/C3KAAe1QRUKbCviv48A3zwmxlxT9qUd
W5zyXrSFetcFQm85qv8n
=QPCg
-----END PGP SIGNATURE-----
Modified version from templated.co
©Creative Commons