Eircom

{^Syntax^}

What happened yesterday? Anyone have any good links on it? :cool:

dublinbusdude

eircom Broadband was suspected hacked last night by hackers.

No wonder I couldn't log on to the Internet in work.

eircom says 'It's the second time the service that it's been hacked'

Question: Does eircom have any member of staff stop this as most of the country uses eircom for Broadband.

Thank God my Broadband at home is with BT Ireland.

Barrypr

Looks like the attack was directed at there dns servers

Martyr

my guess is someone who worked there before.

Riordan123

I was actually considering moving from Perlico to Eircom for broadband, wat do ye think??

Martyr

i've been told smart are good.

mehmeh12

Im thinking of moving to Perlico. Are Perlico good?

maynooth_rules

No doubt they will knock a small percentage off this montly's bill for this annoyance :rolleyes:

Riordan123

mehmeh12 wrote: »

Im thinking of moving to Perlico. Are Perlico good?

I wouldn't recommend them, they are very slow at times and then the router does not give off a very strong wireless signal

Barrypr

Well south america has been hit bad with dns attacks from 50,000 bots or so I heard, its the second attack on eircom.

IMO smart are very good, was with them for a long time, the only downside to them is the awful customer service, very easy and quick response via email if you want to upgrade your speed but it you have any questions they just ignore you, I was on hold for 32 minutes while paying my last bill with them before I cancelled, I was told alot of the staff are "sick" which was the same thing I was told the previous month.

Riordan123

Yeah, Might consider Smart so!!!

BoB_BoT

this is the second time this week the DNS servers have suffered. In fact we've been having constant problems with eircoms DNS for a long time now so I had looked into alternatives before, it was just a case of switching to openDNS, it's easy to do too.

As regards to if it was hacked and by who, that's hard to say. They're not forthcoming with details, so I'd say it was a hack or an attempt to overwhelm / breach their vulnerable dns servers. It sounds like a bot/zombie attack but why? Disgruntled previous eircom customer/employee? :P

On a side note, probably better for the conspiracy theory forum, maybe it was someone trying to show the government that the new laws regarding keeping records of isps customers isn't as safe as they like to think it is, by showing that they can bring down the network, all they need to do is look for a hole in the system that stores details etc.... ye get the idea :P

Mits

My Eircom was down as well last night. It was a DNS problem.

holmyster

2 10 year olds hacked the system

Barrypr

I heard they were 8 1/2

Barrypr

A spokesman for the company said it was a denial of service attack on its domain name servers. He said: "We normally get about four million requests every five minutes - during attacks this went up to eight million."
He said there had been a few attacks in recent weeks, and the company did not where they were coming from or why they were being singled out for attack.

Lisheo

That was just damn annoying; I had to pass everything through Tor. Anyone think it's ridiculous eircom don't have defences against the likes of this?

Barrypr

It can be difficult to defend against, im sure they have something in place but it most not have worked with the method of ddos used.

Lisheo

True; I suppose it's probably not the run-of-the-mill TCP/HTTP crapflood, but you'd think that a major ISP would be prepared for all outcomes.

paddy978

Is that why last week we were removed to a dodgy site ads.bebo or something cant remember the exact url?

RoadKillTs

I wonder was this anything to do with the DNS flaw exposed by Dan Kaminsky?

Barrypr

Update: http://www.belfasttelegraph.co.uk/business/business-news/eircom-tracking-down-hackers-after-newwork-chaos-14406952.html

Lisheo

Hmmm, honestly, if they can't defend against it, I doubt they'll ever be able to hunt down the source of it. Not if it's done by professionals with a serious botnet.

probe

RoadKillTs wrote: »

I wonder was this anything to do with the DNS flaw exposed by Dan Kaminsky?

I wouldn't be surprized if it was. Eircom dozy lot didn't bother patching or protecting? The media info from eircom over the past week or so demonstrated total cluelessness.

Only eircom customers need to have access to eircom's DNS servers. Block the rest of the net. If some eircom customers have malware that is causing this issue, send them a disconnection notice - with "helpful info" on how to re-install their operating system, and keep it up to date and avoid problems in the future.

We are living in the age of the internet. If you park a car in a no parking zone, you are likely to get a ticket. While the eircom DNS servers can handle a few thousand or hundred thousand manky customer PCs, the company in its current financial mess is unlikely to be in a position to afford to install serious capacity to deal with a DDOS attack.

Time to clamp down on poor computer security everywhere, be it banks using low grade "ssl" or idiot broadband customers browsing websites with flash that hasn't been updated for six months and/or other multiple vulnerabilities.

Windowsupdate does nothing to update non-microsoft software on windows pcs for known security vulnerabilities.

There should be a one stop shop infrastructure for software security patches in Windows - in the same way as a good Linux distribution updates your Firefox browser, and zillions of other applications for security issues.

Microsoft is behaving in a negligent manner in not having this in place in my opinion....

BoB_BoT

probe wrote: »

Windowsupdate does nothing to update non-microsoft software on windows pcs for known security vulnerabilities.

There should be a one stop shop infrastructure for software security patches in Windows - in the same way as a good Linux distribution updates your Firefox browser, and zillions of other applications for security issues.

Microsoft is behaving in a negligent manner in not having this in place in my opinion....

I'm gonna have to defend Microsoft here, there's enough bs with them having to leave their systems open to competitors software and you want them now to be forced to support others software with regards vulnerabilities? If this was the case, it would cost Microsoft a lot, why should they have to offer support for every piece of software written for Windows? Should it not be up to the person who writes the software to implement an update system?

I see what you're saying regarding Linux, but Windows isn't Linux, it's not a one for all OS, they're there to make money. If you want someone to maintain your pcs and ensure they're up to date, you take out a contract. If you want the homeuser to be safe, you'll need to take away their control of the PC, lock it down further. If their machine gets infected and this is detected, who looks after it? Is it up to Microsoft to lock down the computer, send out a technician to fix the problem and clean up the machine?

I know I'm off on a tangent here, but my point is, you buy a Microsoft OS, you get a contract of support with Microsoft for that OS. It's not in that contract for them to look after flash players, anti-virus, 3rd part browsers. Hell, lets say Chrome or Firefox breaks down. It's a free browser, would you expect a free number to call to get support?

I agree, a package manager that keeps applications up to date would be useful, but if Microsoft make it, something goes wrong they have to take the heat for it.

Java, adobe et al, pop up and tell you when there's an update. Maybe these updates should be mandatory, but if they were, I'm sure there's all sorts of EULA violations with different software etc...

There are so many laws and requirements binding Microsoft, they can't sneeze without having a team of lawyers telling them if they're allowed to use a tissue.

probe

BoB_BoT wrote: »

I'm gonna have to defend Microsoft here, there's enough bs with them having to leave their systems open to competitors software and you want them now to be forced to support others software with regards vulnerabilities? If this was the case, it would cost Microsoft a lot, why should they have to offer support for every piece of software written for Windows? Should it not be up to the person who writes the software to implement an update system?

I see what you're saying regarding Linux, but Windows isn't Linux, it's not a one for all OS, they're there to make money. If you want someone to maintain your pcs and ensure they're up to date, you take out a contract. If you want the homeuser to be safe, you'll need to take away their control of the PC, lock it down further. If their machine gets infected and this is detected, who looks after it? Is it up to Microsoft to lock down the computer, send out a technician to fix the problem and clean up the machine?

I know I'm off on a tangent here, but my point is, you buy a Microsoft OS, you get a contract of support with Microsoft for that OS. It's not in that contract for them to look after flash players, anti-virus, 3rd part browsers. Hell, lets say Chrome or Firefox breaks down. It's a free browser, would you expect a free number to call to get support?

I agree, a package manager that keeps applications up to date would be useful, but if Microsoft make it, something goes wrong they have to take the heat for it.

Java, adobe et al, pop up and tell you when there's an update. Maybe these updates should be mandatory, but if they were, I'm sure there's all sorts of EULA violations with different software etc...

There are so many laws and requirements binding Microsoft, they can't sneeze without having a team of lawyers telling them if they're allowed to use a tissue.

All Microsoft has to do is something similar to www.secunia.dk - scan the pc for out of date software versions, and provide a link to the patch supplied by the software developer. MS doesn't have to cover 100% of the application software on the planet - the 80:20 rule works in their favour. Virtually all vulnerability exploits are designed to use popular software. Microsoft can word its EULA to protect it from the legal ramifications of providing an applications patch advisory service, as part of Microsoft update.

(Java and Adobe are very slow to advise of software updates - Secunia is far more on the ball. Adobe's flash player is one of the biggest vectors for malicious websites to exploit - however it doesn't tell you about updates. Java's update doesn't remove the old version of Java, one has to uninstall the old version manually. Very sloppy).

Chrome updates itself whether you like it or not - the user has no control. I'm not asking for telephone support for free software. I am asking for Microsoft as operating system vendor to do its job properly. There is no point in just patching Microsoft's vulnerabilities - the computer is a system.

In any event one is straying from the topic - which is that Eircom should keep its network secure as part of the national infrastructure. The simplest way to do that is to block non-eircom attackers from their DNS servers, and disconnect customers whose PCs are participating in DDoS attacks on the internet infrastructure (after giving them notice and time to fix the problem).

The faster internet connections get, and the more dependent everyday life and commercial activity becomes on the IP infrastructure the more critical this issue will become.

Tim M-U

it slowed down the internet, and then wouldnt let me on the net...to boards.ie!

eircom say: Last night eircom.net customers experienced significant congestion while browsing the web.
While it is too early to confirm, eircom believes that it is related to an unprecedented volume of traffic deliberately directed at our network, which has caused difficulties for customers over recent days.
Service has been restored to our customers since late last night. Our technical specialists have been and will continue to work around the clock to determine the source of the problem.
eircom has been in contact with other operators in the Irish market to collaborate and pool technical expertise in this area.
We will keep our customers advised with regular updates.

--

or as others said it could have something to do with hacking DNS stuff...

Gavin

probe wrote: »

Only eircom customers need to have access to eircom's DNS servers.

I thought this too but was reminded that the servers are authoritative for the eircom.net domain, not to mention any client domains they handle. Don't know why they don't split up the servers though.

eddhorse

This was on Silicon Republic as well

http://www.siliconrepublic.com/news/article/13448/cio/eircom-reveals-cache-poisoning-attack-by-hacker-led-to-outages

I think this was a seperate attack. Looks like the script kiddies went to bed after a few hours, Eircom still dont know what happened

BaconZombie

If only Eircom customs have access then all Eircom owned domains would fail to resolve causing anybody using a different ISP to not be able to access any of services hosted by Eircom.
This includes not been able to view www_Eircom_ie or even send emails to @eircom address.

Gavin wrote: »

I thought this too but was reminded that the servers are authoritative for the eircom.net domain, not to mention any client domains they handle. Don't know why they don't split up the servers though.

Gavin

BOFH_139 wrote: »

If only Eircom customs have access then all Eircom owned domains would fail to resolve causing anybody using a different ISP to not be able to access any of services hosted by Eircom.
This includes not been able to view www_Eircom_ie or even send emails to @eircom address.

Yes. That was my point. And why I inquired why they don't have an external DNS server which handles authoritative requests and an internal, caching, DNS server for subscribers. This would at least have meant that eircom subscribers would be able to make DNS requests for non-eircom domains during a DDOS on the external DNS machine.

Martyr

was this not a zero day exploit against bind?

read about it last week

BIND Dynamic Update DoS