Letter from Eircom

Kensington

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

It's just as possible as someone downloading copyright material tbh...

lucernarian

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

With respect, you aren't taking on board a lot of info that's being offered here by various experienced posters. If you came here looking for advice on how to deal with the problem, you should be a bit more open-minded about solutions.

If you want to stop letters like that or worse, passwords, firewalls etc. for your network are going to be necessary and that's before you actually discuss the matter with employees and warn them about any illegitimate use of office internet and the likes.

Anyone looking to secure their internet connection from illegal uses can find a lot of info on the net if they want it, and most of the suggestions will be at little or no cost anyway except for the time to set it up. (if any!)

dub45

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

Can you tell us why you bothered posting at all? What do you want people here to post? "Bad Bad Eircom leave nice innocent sole trader, who trusts everyone implicitly, alone to get on with business?"

There are none so blind!

Here's a random google search for you to ponder.

http://www.google.ie/search?q=employees+download+porn&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

Have you ever checked to see if your wireless network can be picked up outside your office?

center15

Bebs wrote: »

I've the wireless for a business premises. Does this mean I'll have to be policing the internet for the activities of my clients or members of the public as they come in?

I thought Eircom said this new policy would only effect households and they would not be going after business connections? Are you on business broadband or using it as a residential connection?

jor el

center15 wrote: »

I thought Eircom said this new policy would only effect households and they would not be going after business connections?

Never heard that before, and why would they? The music industry are not going to know what kind of customer it is, and eircom have agreed to contact all those that are illegally sharing music.

Bebs wrote:

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

Given the fact that you've already received a warning letter about downloading something that you yourself didn't actually download, I think you're being extremely naive and foolish with regard to your broadband connection. Someone is doing illegal things with it, and you have no idea who it is. You need to accept that it has happened, and will likely continue to happen, until you put a stop to it.

Solair

Well, if you're a sole trader, you might want to re-think the idea of letting everyone have access to *your* internet connection. Most business people have mobile broadband these days anyway.

You've no idea what people might be running on their laptops. They could quite easily have a bit torrent client on there which just kicks in whenever it's online.

Not only is this possibly downloading material that's protected by copyright, but it's also quite likely to clog your network connection too.

I'd just make sure that your router has WPA enabled and change the password.

If you do need to allow other people to access your internet connection, you should invest in a second router that blocks everything except web access.

People don't need full access to every port and protocol via your network.

Extreme porn wouldn't be the major worry, but viruses and bot nets distributing spam can be a major issue.

watty

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

no.

I installed a network with logging of all connections about 6 years ago. A month or so was called to their office to explain what all the activity on the log on Saturday Morning was, was it a "virus"?

Everyone had unique secret password and user name was a variation of their name. The "book keeper" was claiming overtime and coming in on his own on Saturday morning, they knew that. They asked him if anyone else in the office with him.

"no".

Anyhow the detail server logs showed his logon. times, his workstation and 3 to 4 hrs of browsing porn sites (the URLs and time / date).

The problem was not a Virus. No WiFi. Just ethernet cables and ISDN dialup.

I think they were more upset that he was getting paid to amuse himself rather than work, than what he was actually looking at.

center15

jor el wrote: »

Never heard that before, and why would they? The music industry are not going to know what kind of customer it is, and eircom have agreed to contact all those that are illegally sharing music.

I don't know why they would it's Eircom said it not me. From their FAQ's

Will eircom disconnect business customers?

eircom will advise business customers of any detection and notify them if a repeat infringement is identified. However, business customers will not be disconnected

http://www.eircom.net/notification/legalmusic/faqs

the_monkey

Jesus! , are eircom doing this ?

a bit big brother'ish yeah ?

Do they scan this via p2p traffic ?

Bebs

I'm sorry if it comes across as me being childish about it, I was just a bit upset. I've made the arrangements to have an outside expert take a look at the security setup and I've changed the password on the wireless for the time being.

Does this mean that Eircom are monitoring my traffic? I have client confidentiality to think about and I know that some of the work I we do isn't on secured sites.

Kensington

Bebs wrote:

I'm sorry if it comes across as me being childish about it, I was just a bit upset. I've made the arrangements to have an outside expert take a look at the security setup and I've changed the password on the wireless for the time being.

That's good, it's a start. You've a right to be upset of course! There are obscene amounts of money made in cybercrime every year as a result of people being unaware of network security (or lack thereof).

Bebs wrote: »

Does this mean that Eircom are monitoring my traffic? I have client confidentiality to think about and I know that some of the work I we do isn't on secured sites.

Nope.

The record companies (or third parties on their behalf) basically sit in busy torrent trackers. They then monitor everyone who connects to that tracker's swarm, filter out IP addresses that belong to eircom and forward these on to eircom, along with details of the file and the date and time. And it's very easy to do, practically all torrent clients allow you to view the IP address of each and every person connected at a given time.

Eircom then take the IP addresses, look up their records to find out who was assigned the IP address in question at the time and then forward a letter to the account holder.

Bebs

Why don't Eircom do that themselves? I assume that the terrible deed happened when someone had the program running on their laptop unknown to themselves (or to me!)

DeepBlue

Bebs wrote: »

Why don't Eircom do that themselves? I assume that the terrible deed happened when someone had the program running on their laptop unknown to themselves (or to me!)

I guess it's similar to the case when a car goes through a speed camera and gets clocked.
There's no way of knowing who was driving the car so the speed ticket goes to whoever is the registered owner.
Similarly with eircom they have no way of knowing exactly who is downloading what on a particular connection at any one time. They just know who is the registered account holder on that connection so they get the blame when anything untoward happens on the connection.

jor el

Bebs wrote: »

Why don't Eircom do that themselves? I assume that the terrible deed happened when someone had the program running on their laptop unknown to themselves (or to me!)

eircom neither need nor want to monitor people as it's not their copyright. The person that did this will have known exactly what they were downloading on your connection. You don't accidentally download an album, you do it deliberately.

Bebs

jor el wrote: »

eircom neither need nor want to monitor people as it's not their copyright. The person that did this will have known exactly what they were downloading on your connection. You don't accidentally download an album, you do it deliberately.

I'm sure they know well what they're doing at home but I'm sure they didn't mean to do it at my premises.

How do people running internet cafes cope?

jor el

Bebs wrote: »

How do people running internet cafes cope?

By blocking everything except web.

watty

Smarter Internet Cafés even running the Browser in a "sandbox" so you can't save anything (Download) or infect their PC.

slimjimmc

I'm quite amazed you're giving all and sundry full access to your internet service. Many places use WiFi hotspot software to control who can use their internet service then use firewalls and web content filtering to control what those users can do. With hotspot software you control who uses your service, at the moment it sounds like anybody within range of your WiFi can connect, do what they like and get you in trouble, hence the Eircom letter.

Kensington

Bebs wrote: »

I'm sure they know well what they're doing at home but I'm sure they didn't mean to do it at my premises.

How do people running internet cafes cope?

By locking access down to basic web browsing only. Net cafes or anywhere which have corporate machines running off an internet connection will generally have expensive, robust security in place but if you are using the connection purely only for customers to casually browse, then it's not that difficult to set up basic filtering by yourself, with a little time and less than €100.

One of these wireless routers flashed with a completely free, open source firmware such as DD-WRT and you have yourself a basic, but effective method of restricting access. (Since you are a commercial premises though, you probably should make a donation)

You simply connect the new router into the eircom modem, and let everyone connect to the net via the new router instead of the eircom modem (you "bridge" the modem which disables the wireless and router part - the eircom modem literally only handles the DSL connection. The new router handles all the routing, connectivity and wireless). That way all traffic is run through the router's filter parameters set by you and traffic blocked as appropriate.

.

You can filter out individual PCs, configure days/times to restrict access (you could switch wireless access off completely outside of business hours, for example) and most importantly block all P2P services from accessing the internet. It also has a tool for filtering websites by either the URL or a keyword, so you could filter websites with words such as torrent, porn etc. from being accessed.

aidanodr

Bebs wrote: »

I'm sure they know well what they're doing at home but I'm sure they didn't mean to do it at my premises.

How do people running internet cafes cope?

Sorry to be blunt - but are you actually reading the replies people are giving you?

Back on page two I told you how this might be happening to you. I actually asked WHO OWNS THE LAPTOPS in your office? No reply. I therefore am assuming from what I have read - each employee is using their own laptop?

So, they have a program called a Torrent Application or P2P application ( eg Limewire ) installed on THERE laptop. This is a deliberate act - to install such an application. They do not just appear on a PC. All it takes is ONE OF your employees laptops to have such a thing installed.

Before they come to work OR the night before they decide they want a copy of the latest "whatever" album. They search for this in the P2P / Torrent app and set the download process in action.

These applications are persistent. Once a "download job" is initiated it will keep on trying to get the download you are looking for.

Your employee turns off their laptop, goes to sleep. Next morning comes to work, turns on the laptop which wirelessly connects to YOUR broadband. In the back ground the Torrent / P2P app restarts its persistent download.

In both software app cases not only does a download occur BUT whatever has been downloaded of this album is now reshared on your employees laptop, over YOUR Wireless Broadband account, for others ON THE INTERNET ANYWHERE ( using these P2P / Torrent programs ) to download from them.

NOW DO YOU GET IT??

To prevent this kind of behaviour a Firewall ENABLED is a start. As I said earlier YOU NEED a good Content filtering box which consults an online database of offending sites. These are categorized. So when you are setting up such a box you DO NOT have to type in 1000's of sites you would like to ban, you just select a Category like Pornography, Violence and so on AND ban the category which includes 1000's of known "dodgy" sites.

IPS or INTRUSION PREVENTION SYSTEM helps stop these P2P and TORRENT applications. Plus can block heavy bandwidth usage like video streaming and the like.

Such a box thats relatively cheap is the Sonicwall TZ series:

http://www.sonicwall.com/us/products/TZ_100.html

"Comprehensive Security - including Comprehensive Anti-Spam Service, Gateway Anti-Virus, Anti-Spyware, Intrusion and Prevention Service, Enforced Client Anti-Virus and Content Filtering Service (Premium Business Edition)."

http://www.amazon.com/Tz-100-Network-Security-Appliance/dp/B002E3AIG2

$194 on Amazon. Their are others.

I think you still like to believe / are in denial it is one of your employees with the above quoted statement. Having a P2P / Torrent app on a laptop IS A DELIBERATE INSTALL, as is initiating a music album download. See what your expert says ...

Cheers
Aidan

azzeretti

Pretty much what everyone else said, except you could get a really good content filtering solution for free without having to buy a specific module within a branded router. If you get on to Eircom and purchase a static IP address (cost about 50 euro or there abouts) you can avail of the free content filtering service from OpenDNS. It is a super, free, service that allows you to create an account and select denied catergories and sites. The blacklists are taken care of by OpenDNS and you can block porn, hate, Proxy bypass sites and many more. A lot of sites I know of are using this for content filtering. There are some downsides, like no audit trail (logging) for the free service and it is only a content filter, it won't stop specific traffic (like P2P) but it is a good cheap start.

Everything else said you need to take note of. Stop everything except HTTP, DNS (to your DNS servers only), HTTPS and maybe POP3. There isn't really much need for anything else for standard internet browsing.

There are higher end solutions that will check laptops virus updates and windows updates are within certain data before allowing them onto your network, and even then drop them into their own VLAN. It might be worth it though it you have clients coming do alsorts. I usually recommend, and configure, a transparent upstream proxy for logging. I configure this to trap MAC address, IP address, date, time, traffic and site visited. With the OpenDNS solution you can leave the proxy is logging mode just to observe and log and let OpenDNS do the filtering.

It might be a bit technical but they are suggestions you should be bringing to whoever you have coming in to look at your site. I wouldn't overlook anything anyone has said here, and try not to be so naive, I mean that in a nice way!

dub45

Have you taken precautions to protect your own laptop/pc if it is on the wireless network?

Xennon

Just as an observation on this, we all know Eircom fooked up with their WEP keys......so...how can they actually say that it was the customer who downloaded the files?

dub45

Xennon wrote: »

Just as an observation on this, we all know Eircom fooked up with their WEP keys......so...how can they actually say that it was the customer who downloaded the files?

That's not what they say and in any way if someone other than yourself is downloading copyrighted material using your connection then Eircom are doing you a "favour" by bringing it to your attention as most definitely is the case in this instance.