Letter from Eircom

Bebs

Hello all,

I've done a search and didn't find anything on the topic so I've made up a new thread. Sorry if I've missed an existing one.

I've received a charming letter from eircom claiming that I've downloaded an album which I've never even heard of with a torrent client that I've never used. Have I any way of seeing what proof they claim to have and is there any method of appeal?

Bebs

Kensington

Do you have wireless?
Is it password protected?
Or is there anyone else using your connection (knowingly or otherwise)?

Bebs

Yes we have wireless and yes it's password protected. I've had a browse through all the computers in the building and we've nothing like that on any of them.

I've honestly no idea if there's anyone else using the connection. There are plenty of people with the password.

jor el

All the detail of evidence will be in the letter you received.

If you share the Internet connection, then it's probably one of the other users. If you have an eircom router, with the default WEP encryption, then you've got no security at all, and it's probably one of your neighbours.

Bebs

I've the wireless for a business premises. Does this mean I'll have to be policing the internet for the activities of my clients or members of the public as they come in?

Kensington

Bebs wrote: »

I've the wireless for a business premises. Does this mean I'll have to be policing the internet for the activities of my clients or members of the public as they come in?

You will. Anything that comes in or goes out through your internet connection is entirely your responsibility.

FoxT

I have had bad experience with Eircom over the years...

Bebs

Kensington wrote: »

You will. Anything that comes in or goes out through your internet connection is entirely your responsibility, particularly illegal activity.

That's going to be terribly invasive on my part. Are there any alternatives to me looking over people's shoulders?

Kensington

Bebs wrote: »

That's going to be terribly invasive on my part. Are there any alternatives to me looking over people's shoulders?

By only permitting what you are happy permitting through the connection. You can get a cheap Linksys router with free, open source firmware that will let you block stuff like P2P, Bit Torrent and only let through what you want.

M.J.M.C

I would be extremely interested in seeing this letter (obviously without any private info showing)

You are the first person I've heard of that has received a letter from Eircom

ttm

Bebs wrote: »

That's going to be terribly invasive on my part. Are there any alternatives to me looking over people's shoulders?

If you are providing public access then you need a fairly good standalone firewall, probably much easier to stop access for anyone that doesn't need it and lock your connection down to the bare essentials, HTTP, HTTPS, SMTP and POP3 that will stop a lot of abuse for very little effort. If that sounds toooooo techie then you need some help

Sponge Bob

You cannot leave an organisation open to massive damages from the activities of **** knows who...likely a colleague.

Turn wireless OFF and bring this letter to the CEO of your organisation as a matter of urgency.

Bebs

The buck stops with me and I'm not running an internet cafe or the likes, just an office. I've never had problems with user activity in the past either legal or illegal. I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary. I'd read about the relevant court ruling at the time and had expressed a concern about such activity to which I was informed not to worry about it as Eircom would only be dealing with serious offenders. Does that mean that I'm a serious offender?

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

Kensington

Bebs wrote: »

The buck stops with me and I'm not running an internet cafe or the likes, just an office. I've never had problems with user activity in the past either legal or illegal. I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary. I'd read about the relevant court ruling at the time and had expressed a concern about such activity to which I was informed not to worry about it as Eircom would only be dealing with serious offenders. Does that mean that I'm a serious offender?

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

If you receive a second one of these letters, you will have one further warning opportunity before the internet service will be terminated. You may not have had a problem in the past but clearly one has arisen now.

Personally, it's not something I'd be happy to let carry on as is at all. Whatever about downloading copyright material, if someone were to be be involved in serious criminal activity (child pornography, phishing etc.) and it was done through your internet connection, as you say the buck stops with you. You will be held accountable. Extreme as those two examples may be, they do happen...

M.J.M.C

Bebs wrote: »

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

Thank you so much - i'd really appreciate that.

I wouldn't loose sleep about it, but it is serious enough if nothing is done, as advised this is what I would do.

Disable the wireless for the time / completely lock down access as best you can - bring the letter to whomever is YOUR boss, advise that you can face legal issues if your company does not invest in a proper firewall. Until then you can not run the risk of receiving more legal warnings.

There should be an option to only grand a set group of IP addresses internet access, do that for the time being if you can.

Bottom line - if eircom keep sending you these letters you will be cut off and have to move to another isp (no bad thing if you ask me but thats a whole other thread)

jor el

Bebs wrote: »

I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary.

Sales people never have a clue, especially about technical things.

Bebs wrote: »

I'd read about the relevant court ruling at the time and had expressed a concern about such activity to which I was informed not to worry about it as Eircom would only be dealing with serious offenders. Does that mean that I'm a serious offender?

Any offender is an offender. You are simply one of them. Serious comes at your third warning, when you will be cut off.

Bebs wrote: »

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

Others have posted the letters already, and there's not much to them. They have full detail of the album, time, client and IP address.

If you're opening your wireless network to customers/visitors, then you need something more than you currently have, like Kensington's suggestion above. In fact, you probably shouldn't be doing that at all.

If people in the office are downloading via P2P while at work, you should probably have a professional install a firewall of some sort, one that can monitor and block users activities. If an employee did this, it could be a sackable offence depending on the company rules. Certainly a formal warning would be in order. Doing something illegal on the companies network, and time, should be treated as a very serious offence.

Bebs

I am the boss! How would moving to another ISP help me? As I've said, apart from this I've been perfectly happy with the current setup which works well for all concerned.

aidanodr

Bebs wrote: »

.... The buck stops with me and I'm not running an internet cafe or the likes, just an office .... I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary.

Yes the buck stops with the company who owns the router. It is up to them to have the appropriate security in place, not the user. You said earlier about the password / encryption key "There are plenty of people with the password." - Theirs your problem. Who said someone else did not pass the key to someone not in the company who connected outside in there car with their laptop?

What clown in EIRCOM told you it would not be necessary to have the Firewall on? Thats the worse advice ever. Have you a firewall elsewhere or something, between the net and your router?

As already stated you need some sort of Content Filtering / Intrusion Prevention System box. It sits between you and the router. It filters via online database categories and generally stops P2P and torrenting. Example would be the Sonicwall TZ Series products:

http://www.sonicwall.com/us/products/TZ_Series.html

Aidan

Bebs

It's not feasible for me to be stingy with the password as the nature of my business requires everyone in the office to have ready access to the internet. It cannot be an employee and I'm 100% sure on that. Is it possible that they may have made a mistake?

The clown in question told me an anecdote about Eastern Europeans downloading music and movies by the computer load and not having so much as a peak from Eircom.

aidanodr

Bebs wrote: »

It's not feasible for me to be stingy with the password as the nature of my business requires everyone in the office to have ready access to the internet. It cannot be an employee and I'm 100% sure on that. Is it possible that they may have made a mistake?

Well you can give them I/Net access but get the appropriate security installed. The latter comes into play in such situations you are in. If you can show you made all reasonable efforts, one has a better case.

Along with alot of other stuff, its up to you as the boss / owner to have stuff like this in place ( not my rules ).

As the story goes - ignorance is not accepted as an excuse!

Thats the way our world has gone Im afraid!

If you have the Firewall turned off and no other firewalls on the PC's their is a good chance that machines are now infected and are zombies for some hackers. This may be part of your problem too ...

A good firewall hides your systems from the internet!

Another thought - who OWNS the computers? Are they all Laptops? Do the staff take them home? If so they could have torrent software on their Laptops. Disconnected at home before coming into work. Hooked up when in work. The torrent app will just start off where it left off earlier BUT This time downloading using your BBand!

Aidan

Bebs

If that sales rep was telling the truth then I'm not sure that I understand how people who download significantly can escape unscathed while I'm being sent letters. I'm starting to wish I had downloaded it as at least that way I'd have the album!

aidanodr

A short list of net etiquette and do's and dont's more like for staff and people who come onto your premises using your BBand - done up by lawyer, maybe.

PLUS a rock solid Firewall / Content filtering system IN your office which LOGS all activity and from where.

OK, may cost a few bucks, but could work out cheaper than a few days in court and all that!

Aidan

jor el

This thread will not be about how to hide anyone's nefarious activities.

Bebs, if you allow visitors to use your Internet connection, then you need to get an IT professional to install a system by which you can control that. Same goes for your employees. You may not want to believe it was one of them, but chances are it was.

Bebs

I'm a sole trader.

BigBenRoeth

Fcuk me,i'm with eircom and i never stop downloading shíte :eek:

jor el

Bebs wrote: »

I'm a sole trader.

As in, you have no employees at all? That's not what makes you a sloe trader. But you do have people using your Internet connection, which you need to put a leash on regardless of who they are.

pwd

jor el wrote: »

All the detail of evidence will be in the letter you received.

If you share the Internet connection, then it's probably one of the other users. If you have an eircom router, with the default WEP encryption, then you've got no security at all, and it's probably one of your neighbours.

I think this is quite likely.

Just to explain further: There is a huge security flaw with eircom routers. Anyone can find out the default WEP password just typing your phone number (which is displayed as part of the router's id) into a web page or downloaded application. It is very easy for anyone to use your wireless connection if you have the default WEP password. It is very widely known that this is the case and plenty of people do it.

I would think this would be more likely to be the case than someone downloading torrents from someone's office.

M.J.M.C

jor el wrote: »

Others have posted the letters already, and there's not much to them. They have full detail of the album, time, client and IP address.

Not being smart or anything but can you post a link to one of them, ive spent the last good while looking for one. Sorry to go o/t

dub45

pwd wrote: »

I think this is quite likely.

Just to explain further: There is a huge security flaw with eircom routers. Anyone can find out the default WEP password just typing your phone number (which is displayed as part of the router's id) into a web page or downloaded application. It is very easy for anyone to use your wireless connection if you have the default WEP password. It is very widely known that this is the case and plenty of people do it.

I would think this would be more likely to be the case than someone downloading torrents from someone's office.

This is no longer true - Eircom now use wpa as the default setting.

dub45

Bebs wrote: »

I'm a sole trader.

It strikes me that you are in total denial of the situation you have allowed yourself to get into. You say that your set up has worked fine so far but as the letter from Eircom demonstrates you haven't got the foggiest notion about what is going on with your network.

Whatever people may think of Eircom's policy in relation to downloading copyright material in reality they have done you a favour by writing to you but you do not appear to want to even consider the dangers of your set up and the good advice that you are being given here by various posters.

For all you know the most extreme porn could be getting downloaded on a daily basis courtesy of your set up. You have been lucky enough to receive a wake up call do something about it and stop naively trusting people.

I've been perfectly happy with the current setup which works well for all concerned.

If someone is downloading free music (which you dont know about) then it is obviously working very well indeed for some! (at your expense too:rolleyes:)

Bebs

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?