-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CSIRT Description for Funet CERT (RFC2350) 1. About this document 1.1 Date of Last Update Last update: 2014-10-01. 1.2. Distribution List for Notifications Security contacts of Funet member organizations will be notified of updates by email. 1.3 Locations where this Document May Be Found This document is located at https://info.funet.fi/wiki/display/CERTWWW/RFC+2350+EN. 1.4 Authenticating this Document This document has been signed with Funet CERT's PGP-key. 2. Contact Information 2.1 Name of the Team Funet CERT: Finnish University and Research Network Computer Emergency Response Team. 2.2 Address Funet CERT CSC - IT Center for Science Ltd. P.O.BOX 405 FI-02101 Espoo Finland 2.3 Time Zone EET: UTC+0200; UTC+0300DST 2.4 Telephone Number +358 9 457 2038 2.5 Facsimile Number +358 9 457 2302 (shared; not recommended for confidential communications) 2.6 Other Telecommunications Video conferencing or other instant messaging is available on request. 2.7 Electronic Mail Address cert@cert.funet.fi 2.8 Public Keys and Other Encryption Information Funet CERT has a PGP key: UserID: cert@cert.funet.fi KeyID: 4096R/0D78DAFC 2012-05-08 Fingerprint: 5034 A843 62A3 B710 6BF1 1E29 1D1F AFA6 0D78 DAFC The key and its signatures are available at Funet CERT web pages and public keyservers. 2.9 Team Members Team consists of specifically assigned dedicated personnel. It is supported as needed by CSC's other specialists. 2.10 Other Information More information is available at the web pages https://info.funet.fi/wiki/display/CERTWWW. 2.11 Points of Customer Contact The preferred means of contact is email. Funet CERT's hours of operation are 08:30-16:00 Monday through Friday, except public holidays. If email cannot be used due to urgency, security or other reasons, Funet CERT can also be contacted via phone. During out of office hours it is also possible to leave a voice mail with Funet NOC (+358 9 457 2704). 3. Charter 3.1 Mission Statement Funet CERT coordinates security incidents and offers support and help with minimization of the security exposures. 3.2 Constituency Funet CERT serves Funet member organizations. 3.3 Sponsorship and/or Affiliation Funet CERT is part of Funet service provided by CSC - IT Center for Science Ltd, which is administered by the Ministry of Education and Culture and primarily funded by government. 3.4 Authority Funet CERT coordinates security incidents for its constituency. It is operating in an advisory capacity, having no authority over its constituency. 4. Policies 4.1 Types of Incidents and Level of Support Funet CERT handles all kinds of computer security related incidents that relate to Funet network and its users. Main activity is identifying the affected parties, notifying them and coordinating information flow. Activities are prioritized according to their severity. 4.2 Co-operation, Interaction and Disclosure of Information All incoming information is treated as confidential and is typically acknowledged. However, it is assumed that relevant information on incident reports may be propagated to other affected parties and/or trusted partners. Information is released to third parties and public authorities as provided by law. Statistics generated of reported incidents. Due care is taken in order to ensure cases are not identifiable. 4.3 Communication and Authentication In most cases, email and phone communication is assumed to be sufficiently secure. Security contacts of member organizations are recognized using a contact registry. PGP encryption or other mechanisms may be used for secrecy as needed. 5. Services 5.1 Incident Response Funet CERT assists the security contacts of member organizations and other personnel authorized by them in reacting to incidents as follows: 1. triage: investigating whether an incident has occurred; does it affect our constituency; what is its extent? 2. coordination: analyzing available information; contacting affected organization and other parties; facilitating communication between parties; providing the affected organization with information in resolving the incident; on request and as needed specialized tasks (for example, malware analysis, traffic filtering) 3. resolution: providing support to member organization when it is resolving the incident. 5.2 Proactive Activities Funet CERT monitors Funet backbone traffic patterns for unusual activity. Funet CERT follows various security related mailing lists, and most urgent issues will be notified as appropriate. Funet CERT produces security training and other services for its members (e.g., security scanning). Member organizations may share their experiences in internal closed forums and mailing lists. 6. Incident Reporting Forms Funet CERT does not have a form for reporting incidents. 7. Disclaimer While every precaution has been taken in the preparation of this document, CSC assumes no responsibility for errors, omissions or variations, or for damages resulting from the use of the information contained within. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUKquaAAoJEB0fr6YNeNr8A2sP/1H2Ok5R1Cjs/+R1vVk0e/7j 8Z44ANK+LcM8SyAV6egkiRZlWWTlJff5j8NVBKGbCk5VL71E6DJUkexWEwEWdGVR kdApdjbJwo6FzbZiwx5Ea92cnh5FmD4STbHAWIMVkqCrc+3+hR+kZWFR7r5gMKur YYbSpH2/GWg1SgxXSQPjeHEAmq029qi80w6paON+r7HO/kxOWA3D2GSGUsV0XiBZ NX+0BvZVJdzom/SM7B/hxct7+uRcjVgv78ZK1+LZhvc5o4pUmT1GHkTkl7CYfKHU uSCHqAJFmfAki7R/RTqnNda3QyYkMlJxtZfL3QIdD4xirreElIjsVus7ZNmX2Gq7 RCVKOCqv3Up2LKfVJKswqXUSc1Qg0AdGroM9K3IPSqiTc+bj7j2Pt5O6FNGYUOTd bQzr7xBWDQy70m5ITXFRoziXz+APWB2nt6YQmpCna0uJUvo+ScSZxzWK/Fyo9lbl pzOtWYVkq6hnd+iD6qE32GAqHEiiJygZDc65bbfJ2mWhmfyqjWNv6h2MCvzEA9KV U1vqBlLFymyBsACRU+ZuvZtRj0dADSw5LLajpYTadGT8VzLk4Bi78/soW5Wtsh4y UBx2XGzvI9fQh/wYk2qCEXeg7NtMcJrJrCfbkD0j8TkJB4Pz8+T8KkyRY7ifmHTt 5BJqEZLpSO16hmwOz8yS =yvsD -----END PGP SIGNATURE-----