Eircom Netopia Routers Are Wide Open

BobTheBeat

I would imagine that the privacy option is to allow the name of your network (or your SSID) to be broadcast. If you set it to off, then when someone wants to join your network they will have to know the network name and have to type it manually.

TelePaul

Lads, thanks a million for that. You guys are really on the ball, have ya ever thought about working for Eircom? Cheers for the advice, I'm a bit of a technophobe. And when something big like this happens, kinda makes us techophobes want to run to our caves in the hills!

BobTheBeat

Best of luck TelePaul! I think theres alot of scare mongering going on with this issue. TBH the problem with WEP has been well publicised for a long time, it was only a matter of time before somebody picked it up and ran with it. I suppose moreso with the fact that Eircom recommended WEP as a good security solution. People dont exactly have to go very far these days to find wireless access, so I wouldnt expect hacks0rz in shady cars going around stealing pplz int3rn3tz.

standbyme

bobmeaney wrote:

I would imagine that the privacy option is to allow the name of your network (or your SSID) to be broadcast. If you set it to off, then when someone wants to join your network they will have to know the network name and have to type it manually.

Thanks i'll try to find out a bit more on that

Zoney

The Irish Times article read as if the routers were the problem, not how Eircom set up the routers; the story made it look like Eircom just got some dodgy kit off Motorola. Usual Irish tech journalism standard I suppose.

TelePaul

bobmeaney wrote:

People dont exactly have to go very far these days to find wireless access, so I wouldnt expect hacks0rz in shady cars going around stealing pplz int3rn3tz.

That's a good point, like...why bother! It'd let them piggyback though I guess....I know I have a download allowance or some such, guess they could use that up. So should I change SSID as well as changing to WPA?

bartificer

standbyme wrote:

That's ok, as i thought you had to do that as well to enable WAP on your Netopia router, so no need to do that.

On the link given, what privacy should the WAP be set up for when i have to use the wireless, as i dont think i'll be able to get thru CustSupt if theyre busy.

Thanks.

On the Netopia router you should set the "Privacy" drop down to "WPA-PSK" (PSK stands for Pre-Shared Key in case you're curious).

bartificer

TelePaul wrote:

That's a good point, like...why bother! It'd let them piggyback though I guess....I know I have a download allowance or some such, guess they could use that up. So should I change SSID as well as changing to WPA?

If you change to WPA with a strong (i.e. long) random password you'll be grand. No need to change the SSID though it won't do any harm.

Bart.

BobTheBeat

TelePaul wrote:

That's a good point, like...why bother! It'd let them piggyback though I guess....I know I have a download allowance or some such, guess they could use that up. So should I change SSID as well as changing to WPA?

Well bartificer just pointed out that the privacy option sets the encryption to be used on your network, so disregard the comment about the SSID hiding.

You'll be safe enough with WPA though. Its tough to crack and its easy to implement.

The speeds achievable through conventional wireless solutions are small enough that it would be useless for bandwidth stealing. If I was a cracker or war driver or whatever looking for bandwidth,Id be travelling around with a microwave receiver trying steal from all the point to point links around the cities. Thats where the big bandwidth is available.

I suppose the real fear with wireless access in peoples houses is that you might have unsavouries sniffing about, and potentially harvesting credit card/online banking credentials should they manage to compromise your network.

standbyme

bartificer wrote:

On the Netopia router you should set the "Privacy" drop down to "WPA-PSK" (PSK stands for Pre-Shared Key in case you're curious).

Thanks, & then when you're setting up the p/word you could use generator at GRC as well.

zugvogel

Not sure if this is relevant or covered already?
This link http://www.wifinetnews.com/archives/002926.html mentions a free WPA client for pre XP Microsoft OSs.

zug

standbyme

This is probably off-topic, but got a lot of Database errors in the past 20m & my DSL kept going down & then broadband disconnected as well & then page refreshes & its ok?

As well as that i'd imagine there's more people on the site today cos of the Eircom routers story as well.

syklops

Does anyone have an email address for the guy who wrote the PoC code? I tried the one in his source code but I keep getting bounce backs.

PM me if you have it.

Cloud

Yep, the coverage meant we had to restart our database server. Should be settling down again now...

watty

Features Boards.ie on El Reg version of story... Though strangely they insist 250,000 routers involved.

thefinalstage

Cloud wrote:

Yep, the coverage meant we had to restart our database server. Should be settling down again now...

*Kirching* Thats the sound of money being made.

thefinalstage

Sorry for double post but its on bloody tv3 news!

BloodSugarSex

whats the range on the netopia routers?

kleefarr

thelastangryman wrote:

Sorry for double post but its on bloody tv3 news!

Just saw that.

thefinalstage

BloodSugarSex wrote:

whats the range on the netopia routers?

About 50 feet with any good connection. Less the more obstacles are in the way.
Eircom are advising people to change their WEP keys. What the hell! I'll even write the article on how to change your wireless network to using WPA, its not that hard!

They could use this as MAJOR P.R. stunt and supply their customers with WPA compatible wireless dongles.

piskins72

just want to ask, on the rte site it mentions 2 specific models of the netopia routers, is it just those that are effected or would the other models be effected also?

paul666

is there a way to find out if anyone was leeching of our bb

Sponge Bob

IN SILICON REPUBLIC

http://www.siliconrepublic.com/news/news.nv?storyid=single9332

Would have gone on another 6 months easy. Thast guy should name and shame the eircom heads. Of course now no paedophile with a Netopia can be convicted based on net traffic since March 2007 ...or is that 2005

Eircom knew about security flaw, says engineer
02.10.2007 - Since early March, Eircom has been aware of a security flaw which allows hackers to piggyback the broadband of over 200,000 of its customers who use Netopia wireless modems, according to Peter McShane, the software engineer who first alerted the telecoms company to the problem. “I contacted them at the beginning of March this year and give them the full details of the issue, which was the first time they were made aware of this,” he said.

McShane told siliconrepublic.com that over the subsequent five or six months he was in contact with the company but saw “very little movement” leading him to contact the Commissions for Communications Regulation (ComReg) at the beginning of September.

“When I went to ComReg they shared my misgivings about the fact that there was no intention from Eircom at that stage to proactively inform people that there was something amiss ,” said McShane.

Comreg did not give a **** and did nothing as ever ya mean

watty

If a WiFi is upstairs near window, then it can be picked up over 100m away. Or 1km across a field if the leech has an MMDS dish.

With an MMDS dish I can see the SSID of an outdoor Omni WiFi 9km away (nothing in between).

is there a way to find out if anyone was leeching of our bb

No.
Which is why proper commercial firewalls have logging. Then you know IP of user, web sites, email servers used, ftp, time, date & duration.

If you know you hardly used it and the ISP traffic monitor shows huge amount?

pid()

watty wrote:

If a WiFi is upstairs near window, then it can be picked up over 100m away. Or 1km across a field if the leech has an MMDS dish.

With an MMDS dish I can see the SSID of an outdoor Omni WiFi 9km away (nothing in between).

No.
Which is why proper commercial firewalls have logging. Then you know IP of user, web sites, email servers used, ftp, time, date & duration.

If you know you hardly used it and the ISP traffic monitor shows huge amount?

Wrong, you can check logs on the routers. Put them into expert mode, Then go to Statistics -> Logs. You can then select connection logs and you'll see mac address and ip assigned to clients connecting. Of course, anyone connecting was able to clear these logs if you didn't have a password on your router.

tck

syklops wrote:

Does anyone have an email address for the guy who wrote the PoC code? I tried the one in his source code but I keep getting bounce backs.

PM me if you have it.

you can find them lurking on the nologin silc servers

Keano

I couldn't wait to get home from work to change my settings! Silly old me didn't even think when setting it up! Thanks to those of you have posted help. Cheers

standbyme

I turned off the wireless a while ago, when all this happened today, as i only had it on when my brother was visiting used it, but do i still have to change the password?

I tried to ask this question a while back today, but still kept on getting database errors & had 3 tabs still refreshing 5m later,
although Cloud said it should settle down or is it a result of the wireless being shut down-that may sound silly but i dont know anything bout it

Thanks, as my head is done in with all this today

AlmightyCushion

standbyme wrote:

I turned off the wireless a while ago, when all this happened today, as i only had it on when my brother was visiting used it, but do i still have to change the password?

I tried to ask this question a while back today, but still kept on getting database errors & had 3 tabs still refreshing 5m later,
although Cloud said it should settle down or is it a result of the wireless being shut down-that may sound silly but i dont know anything bout it

Thanks, as my head is done in with all this today

As long as you don't turn on the wireless then there us no need to change the password. The reason the site was slow and you kept getting database errors was due to the traffic the site was getting from all of this. It has nothing to do with your wireless being off.

standbyme

Thanks, as i was going to email the gmail address boards has, but ended up replying to emails i had there, as i spend most of my time here

I think i might go to bed early for once

PS. I rang eircom cust supt about the dsl going down & back, yer man had no idea why, jeez-why do i bother
had told him i turned off the wireless & in future asked him bout enabling it told me to go to http://wirelesssecurity.eircom.net, i thought that was diff than what was shown on the site?

I suppose it is?