Eircom internet services hit by new cyber attack

Galen

Eircom internet services were seriously disrupted again last night due to another suspected cyber attack.

Many of the company's 500,000 subscribers suffered internet outages or delays after what the firm says was an "unusual and irregular volume of traffic".

The situation reoccurred yesterday, but services were restored last night and technical experts are now working to determine the source of the problem.

The outages are likely to have been caused by a deliberate attack on the eircom network by computer hackers.

http://news.eircom.net/breakingnews/16075883/?view=Standard

MagicMarker

What a ****ing joke, they must get cyber attacks on a daily basis with the ''service'' they're offering.

PogMoThoin

Is that their excuse for having a crappy DNS? I'm using OpenDNS and having zero problems. See the big thread here,

DNS is something that needs to be done right, nothing will disgruntle customers quicker than a DNS server that doesn't work or works intermittently. Eircoms DNS has always been flaky, which is why I've been using OpenDNS for over a year.

Red Alert

Maybe IRMA were trying to see what people were downloading?

cian1500ww

I was called out to look at a computer last night with this problem, I knew straight away that it was more than likely DNS releated so I switched it over to the openDNS servers. It was perfect then. I also noticed while checking how web pages were loading was that the eircom site was taking significantly longer to load than any other site. I'd say there DNS was attacked. As said above just switch to openDNS and you're sorted

Cabaal

I see its covered on www.eircomsucks.com to, I hate the way the news throws around the term hackers when in all likelyness its script kiddies

Galen

It was probably bunch of disgruntled customers that did the damage :-)

My name is URL

Why won't they disclose details though? I mean if their main DNS servers are being poisoned then what other parts of their network have vulnerabilities?

Pretty poor for them to say "The outages are likely to have been caused by a deliberate attack on the eircom network by computer hackers."

This has been happening intermittently for a month and they only acknowledge it now!!

Typical of Eircon tbh

Cheeble

Dear Eircom,

I regret to report that my letterbox has seen an "unusual and irregular volume" of bills and other demands for payment. The bill paying service may be prone to unscheduled outages and could continue to be disrupted for an indeterminate period. I'm looking into it, please be patient.

Kind regards,
Cheeble-eers

ronkmonster

OpenDNS settings are
208.67.222.222
208.67.220.220

I heard months ago that the eircom dns server still wasn't patched against the dns exploit that was published and fixed last year

Cheeble

I tried switching to OpenDNS last night and it made a difference early on in the evening, but then I lost the PPPoA connection altogether and couldn't get it back. It's something more than "just" a DNS problem :mad:

thanatos

Has there been any mention of how serious a security issue this could potentially be by anyone from eircom or otherwise.

e.g. people get directed to an aib site clone instead of the real one and their banking details captured etc etc etc

Flukey

A frustrating night of getting in and out of the net. I've registered on OpenDnS and will try it next time this happens.

shamwari

ronkmonster wrote: »

OpenDNS settings are
208.67.222.222
208.67.220.220

I heard months ago that the eircom dns server still wasn't patched against the dns exploit that was published and fixed last year

That's a pretty fundamental no-no in IT Terms. If it is true, whoever is responsible for managing AND auditing their IT systems should have had their asses kicked over last week. The fact that it has reoccured means the gallows should be prepared. It's very hard to excuse this if both incidents are related to improperly patched servers.

ronkmonster

shamwari wrote: »

That's a pretty fundamental no-no in IT Terms. If it is true, whoever is responsible for managing AND auditing their IT systems should have had their asses kicked over last week. The fact that it has reoccured means the gallows should be prepared. It's very hard to excuse this if both incidents are related to improperly patched servers.

I heard last year that some server were slower than others to update but its must be close to a year now.

The OpenDNS servers are supposed to faster anyway and seem to be updated more often

PogMoThoin

Has Eircom actually taken on or retrained any IT staff, isn't the last time Eircom took on staff in the very early 90's? Do they actually know what they're at?

cian1500ww

PogMoThoin wrote: »

Has Eircom actually taken on or retrained any IT staff, isn't the last time Eircom took on staff in the very early 90's? Do they actually know what they're at?

I bet they're busy plugging the servers in and out and giving them an odd tap to get them going :rolleyes:

DominoDub

Red Alert wrote: »

Maybe IRMA were trying to see what people were downloading?

The IRMA issue is why they are now a Target for these attacks !:D

vibe666

lol, it's even made the news on the register.

http://www.theregister.co.uk/2009/07/14/eirocm_downtime_again/

mike65

According to many txting (but not e-mailing) rte news its still ongoing. Bunch of amateurs.

Are they being targeted due to a known weakness or just cos its eircom which is reason enough in my book.

podgeandrodge

Is this why my parents UTV broadband is down since last night - is it connected?

mike65

According to the PR hack on rte this morning ISPs that piggy-back are not effected.

podgeandrodge

mike65 wrote: »

According to the PR hack on rte this morning ISPs that piggy-back are not effected.

Ok thanks. I've just seen another thread saying UTV has been down all over the place so they must be having other problems...

PogMoThoin

cian1500ww wrote: »

I bet they're busy plugging the servers in and out and giving them an odd tap to get them going :rolleyes:

Ah, Yeah, the old "Have You tried turning it off and back on again", trick, works every time

netwhizkid

Eircom have launched a new eSecurity product in response to these attacks. A quick example of how their Security works is attached.

Fnergg

I know absolutely nothing about any of this stuff but a telecomms guy at my work told me that scores of Eircom staff are leaving on early retirement much earlier than anticipated in order to beat the probable taxing of their lump sums in the next budget.

They are leaving with valuable knowledge not being passed on to younger staff with the result that the view in Eircom is that customers across all Eircom services can expect longer delays in fixing problems for the immediate future.

Is this true and did it contribute to the recent broadband problems? I have no idea but it sounds plausible.

Regards,

Fnergg

shamwari

ronkmonster wrote: »

I heard last year that some server were slower than others to update but its must be close to a year now.

The OpenDNS servers are supposed to faster anyway and seem to be updated more often

Well some servers might be slower than others when it comes to applying patches, however it shouldn't take a year (!!) and certainly not doing it at all is not an excuse. My comments presuppose that patching or the lack thereof is the issue here BUT in the absence of the facts, we are only speculating.....

Anyhow, I talked an number of my friends through changing their DNS to OPENDNS. Many commented that OPENDNS is faster than Eircom's DNS is. How bizarre...:D

Such an excuse for crappy DNS Servers

netwhizkid

Fnergg wrote: »

I know absolutely nothing about any of this stuff but a telecomms guy at my work told me that scores of Eircom staff are leaving on early retirement much earlier than anticipated in order to beat the probable taxing of their lump sums in the next budget.

They are leaving with valuable knowledge not being passed on to younger staff with the result that the view in Eircom is that customers across all Eircom services can expect longer delays in fixing problems for the immediate future.

Is this true and did it contribute to the recent broadband problems? I have no idea but it sounds plausible.

Regards,

Fnergg

Yes this is true but it has nothing at all to do with the current broadband problems which are the responsibility of the younger IT guys. Telecom Eireann/Eircom have hired no new technical staff since privatisation and most of the younger staff have never been near the wiring or up on a telephone pole.

The vast majority of Eircom networks staff are now in their fifties and sixties with a few in their forties also, most have no IT skills but are good at what was their technology PSTN Telephone networks. My first PC came in 1998 as a special staff offer within Telecom as part of a plan for employees to self educate themselves and it resulted in most staff becoming computer knowledgeable but still most are pretty bad at IT, writing a letter for example won't help you with DNS errors!

All broadband exchange enablement and IT stuff in the exchanges is handled by centralised teams travelling from Dublin to location. Eircoms staff are dwindling down and I eventually presume that in 10 or 12 years time the network will be managed by outside teams of contractors most likely Foreign or ex-BT as they migrate to 21CN as the skills for maintaining and implementing POTS are being lost due to not having any new staff hired at all.

Firetrap

DominoDub wrote: »

The IRMA issue is why they are now a Target for these attacks !:D

That's a conspiracy theory, surely. Though for that alone they deserve to be attacked :mad:

WillieCocker