Letter from Eircom

Bebs

Hello all,

I've done a search and didn't find anything on the topic so I've made up a new thread. Sorry if I've missed an existing one.

I've received a charming letter from eircom claiming that I've downloaded an album which I've never even heard of with a torrent client that I've never used. Have I any way of seeing what proof they claim to have and is there any method of appeal?

Bebs

Kensington

Do you have wireless?
Is it password protected?
Or is there anyone else using your connection (knowingly or otherwise)?

Bebs

Yes we have wireless and yes it's password protected. I've had a browse through all the computers in the building and we've nothing like that on any of them.

I've honestly no idea if there's anyone else using the connection. There are plenty of people with the password.

jor el

All the detail of evidence will be in the letter you received.

If you share the Internet connection, then it's probably one of the other users. If you have an eircom router, with the default WEP encryption, then you've got no security at all, and it's probably one of your neighbours.

Bebs

I've the wireless for a business premises. Does this mean I'll have to be policing the internet for the activities of my clients or members of the public as they come in?

Kensington

Bebs wrote: »

I've the wireless for a business premises. Does this mean I'll have to be policing the internet for the activities of my clients or members of the public as they come in?

You will. Anything that comes in or goes out through your internet connection is entirely your responsibility.

FoxT

I have had bad experience with Eircom over the years...

Bebs

Kensington wrote: »

You will. Anything that comes in or goes out through your internet connection is entirely your responsibility, particularly illegal activity.

That's going to be terribly invasive on my part. Are there any alternatives to me looking over people's shoulders?

Kensington

Bebs wrote: »

That's going to be terribly invasive on my part. Are there any alternatives to me looking over people's shoulders?

By only permitting what you are happy permitting through the connection. You can get a cheap Linksys router with free, open source firmware that will let you block stuff like P2P, Bit Torrent and only let through what you want.

M.J.M.C

I would be extremely interested in seeing this letter (obviously without any private info showing)

You are the first person I've heard of that has received a letter from Eircom

ttm

Bebs wrote: »

That's going to be terribly invasive on my part. Are there any alternatives to me looking over people's shoulders?

If you are providing public access then you need a fairly good standalone firewall, probably much easier to stop access for anyone that doesn't need it and lock your connection down to the bare essentials, HTTP, HTTPS, SMTP and POP3 that will stop a lot of abuse for very little effort. If that sounds toooooo techie then you need some help

Sponge Bob

You cannot leave an organisation open to massive damages from the activities of **** knows who...likely a colleague.

Turn wireless OFF and bring this letter to the CEO of your organisation as a matter of urgency.

Bebs

The buck stops with me and I'm not running an internet cafe or the likes, just an office. I've never had problems with user activity in the past either legal or illegal. I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary. I'd read about the relevant court ruling at the time and had expressed a concern about such activity to which I was informed not to worry about it as Eircom would only be dealing with serious offenders. Does that mean that I'm a serious offender?

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

Kensington

Bebs wrote: »

The buck stops with me and I'm not running an internet cafe or the likes, just an office. I've never had problems with user activity in the past either legal or illegal. I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary. I'd read about the relevant court ruling at the time and had expressed a concern about such activity to which I was informed not to worry about it as Eircom would only be dealing with serious offenders. Does that mean that I'm a serious offender?

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

If you receive a second one of these letters, you will have one further warning opportunity before the internet service will be terminated. You may not have had a problem in the past but clearly one has arisen now.

Personally, it's not something I'd be happy to let carry on as is at all. Whatever about downloading copyright material, if someone were to be be involved in serious criminal activity (child pornography, phishing etc.) and it was done through your internet connection, as you say the buck stops with you. You will be held accountable. Extreme as those two examples may be, they do happen...

M.J.M.C

Bebs wrote: »

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

Thank you so much - i'd really appreciate that.

I wouldn't loose sleep about it, but it is serious enough if nothing is done, as advised this is what I would do.

Disable the wireless for the time / completely lock down access as best you can - bring the letter to whomever is YOUR boss, advise that you can face legal issues if your company does not invest in a proper firewall. Until then you can not run the risk of receiving more legal warnings.

There should be an option to only grand a set group of IP addresses internet access, do that for the time being if you can.

Bottom line - if eircom keep sending you these letters you will be cut off and have to move to another isp (no bad thing if you ask me but thats a whole other thread)

jor el

Bebs wrote: »

I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary.

Sales people never have a clue, especially about technical things.

Bebs wrote: »

I'd read about the relevant court ruling at the time and had expressed a concern about such activity to which I was informed not to worry about it as Eircom would only be dealing with serious offenders. Does that mean that I'm a serious offender?

Any offender is an offender. You are simply one of them. Serious comes at your third warning, when you will be cut off.

Bebs wrote: »

I'll scan the letter and redact the personal bits. I'm frankly annoyed to receive it and the last thing I want on my plate at the moment is the expense that an outside consultant will cost me.

Others have posted the letters already, and there's not much to them. They have full detail of the album, time, client and IP address.

If you're opening your wireless network to customers/visitors, then you need something more than you currently have, like Kensington's suggestion above. In fact, you probably shouldn't be doing that at all.

If people in the office are downloading via P2P while at work, you should probably have a professional install a firewall of some sort, one that can monitor and block users activities. If an employee did this, it could be a sackable offence depending on the company rules. Certainly a formal warning would be in order. Doing something illegal on the companies network, and time, should be treated as a very serious offence.

Bebs

I am the boss! How would moving to another ISP help me? As I've said, apart from this I've been perfectly happy with the current setup which works well for all concerned.

aidanodr

Bebs wrote: »

.... The buck stops with me and I'm not running an internet cafe or the likes, just an office .... I've had a firewall setup in the past but the Eircom sales rep assured me that it wouldn't be necessary.

Yes the buck stops with the company who owns the router. It is up to them to have the appropriate security in place, not the user. You said earlier about the password / encryption key "There are plenty of people with the password." - Theirs your problem. Who said someone else did not pass the key to someone not in the company who connected outside in there car with their laptop?

What clown in EIRCOM told you it would not be necessary to have the Firewall on? Thats the worse advice ever. Have you a firewall elsewhere or something, between the net and your router?

As already stated you need some sort of Content Filtering / Intrusion Prevention System box. It sits between you and the router. It filters via online database categories and generally stops P2P and torrenting. Example would be the Sonicwall TZ Series products:

http://www.sonicwall.com/us/products/TZ_Series.html

Aidan

Bebs

It's not feasible for me to be stingy with the password as the nature of my business requires everyone in the office to have ready access to the internet. It cannot be an employee and I'm 100% sure on that. Is it possible that they may have made a mistake?

The clown in question told me an anecdote about Eastern Europeans downloading music and movies by the computer load and not having so much as a peak from Eircom.

aidanodr

Bebs wrote: »

It's not feasible for me to be stingy with the password as the nature of my business requires everyone in the office to have ready access to the internet. It cannot be an employee and I'm 100% sure on that. Is it possible that they may have made a mistake?

Well you can give them I/Net access but get the appropriate security installed. The latter comes into play in such situations you are in. If you can show you made all reasonable efforts, one has a better case.

Along with alot of other stuff, its up to you as the boss / owner to have stuff like this in place ( not my rules ).

As the story goes - ignorance is not accepted as an excuse!

Thats the way our world has gone Im afraid!

If you have the Firewall turned off and no other firewalls on the PC's their is a good chance that machines are now infected and are zombies for some hackers. This may be part of your problem too ...

A good firewall hides your systems from the internet!

Another thought - who OWNS the computers? Are they all Laptops? Do the staff take them home? If so they could have torrent software on their Laptops. Disconnected at home before coming into work. Hooked up when in work. The torrent app will just start off where it left off earlier BUT This time downloading using your BBand!

Aidan

Bebs

If that sales rep was telling the truth then I'm not sure that I understand how people who download significantly can escape unscathed while I'm being sent letters. I'm starting to wish I had downloaded it as at least that way I'd have the album!

aidanodr

A short list of net etiquette and do's and dont's more like for staff and people who come onto your premises using your BBand - done up by lawyer, maybe.

PLUS a rock solid Firewall / Content filtering system IN your office which LOGS all activity and from where.

OK, may cost a few bucks, but could work out cheaper than a few days in court and all that!

Aidan

jor el

This thread will not be about how to hide anyone's nefarious activities.

Bebs, if you allow visitors to use your Internet connection, then you need to get an IT professional to install a system by which you can control that. Same goes for your employees. You may not want to believe it was one of them, but chances are it was.

Bebs

I'm a sole trader.

BigBenRoeth

Fcuk me,i'm with eircom and i never stop downloading shíte :eek:

jor el

Bebs wrote: »

I'm a sole trader.

As in, you have no employees at all? That's not what makes you a sloe trader. But you do have people using your Internet connection, which you need to put a leash on regardless of who they are.

pwd

jor el wrote: »

All the detail of evidence will be in the letter you received.

If you share the Internet connection, then it's probably one of the other users. If you have an eircom router, with the default WEP encryption, then you've got no security at all, and it's probably one of your neighbours.

I think this is quite likely.

Just to explain further: There is a huge security flaw with eircom routers. Anyone can find out the default WEP password just typing your phone number (which is displayed as part of the router's id) into a web page or downloaded application. It is very easy for anyone to use your wireless connection if you have the default WEP password. It is very widely known that this is the case and plenty of people do it.

I would think this would be more likely to be the case than someone downloading torrents from someone's office.

M.J.M.C

jor el wrote: »

Others have posted the letters already, and there's not much to them. They have full detail of the album, time, client and IP address.

Not being smart or anything but can you post a link to one of them, ive spent the last good while looking for one. Sorry to go o/t

dub45

pwd wrote: »

I think this is quite likely.

Just to explain further: There is a huge security flaw with eircom routers. Anyone can find out the default WEP password just typing your phone number (which is displayed as part of the router's id) into a web page or downloaded application. It is very easy for anyone to use your wireless connection if you have the default WEP password. It is very widely known that this is the case and plenty of people do it.

I would think this would be more likely to be the case than someone downloading torrents from someone's office.

This is no longer true - Eircom now use wpa as the default setting.

dub45

Bebs wrote: »

I'm a sole trader.

It strikes me that you are in total denial of the situation you have allowed yourself to get into. You say that your set up has worked fine so far but as the letter from Eircom demonstrates you haven't got the foggiest notion about what is going on with your network.

Whatever people may think of Eircom's policy in relation to downloading copyright material in reality they have done you a favour by writing to you but you do not appear to want to even consider the dangers of your set up and the good advice that you are being given here by various posters.

For all you know the most extreme porn could be getting downloaded on a daily basis courtesy of your set up. You have been lucky enough to receive a wake up call do something about it and stop naively trusting people.

I've been perfectly happy with the current setup which works well for all concerned.

If someone is downloading free music (which you dont know about) then it is obviously working very well indeed for some! (at your expense too:rolleyes:)

Bebs

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

Kensington

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

It's just as possible as someone downloading copyright material tbh...

lucernarian

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

With respect, you aren't taking on board a lot of info that's being offered here by various experienced posters. If you came here looking for advice on how to deal with the problem, you should be a bit more open-minded about solutions.

If you want to stop letters like that or worse, passwords, firewalls etc. for your network are going to be necessary and that's before you actually discuss the matter with employees and warn them about any illegitimate use of office internet and the likes.

Anyone looking to secure their internet connection from illegal uses can find a lot of info on the net if they want it, and most of the suggestions will be at little or no cost anyway except for the time to set it up. (if any!)

dub45

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

Can you tell us why you bothered posting at all? What do you want people here to post? "Bad Bad Eircom leave nice innocent sole trader, who trusts everyone implicitly, alone to get on with business?"

There are none so blind!

Here's a random google search for you to ponder.

http://www.google.ie/search?q=employees+download+porn&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

Have you ever checked to see if your wireless network can be picked up outside your office?

center15

Bebs wrote: »

I've the wireless for a business premises. Does this mean I'll have to be policing the internet for the activities of my clients or members of the public as they come in?

I thought Eircom said this new policy would only effect households and they would not be going after business connections? Are you on business broadband or using it as a residential connection?

jor el

center15 wrote: »

I thought Eircom said this new policy would only effect households and they would not be going after business connections?

Never heard that before, and why would they? The music industry are not going to know what kind of customer it is, and eircom have agreed to contact all those that are illegally sharing music.

Bebs wrote:

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

Given the fact that you've already received a warning letter about downloading something that you yourself didn't actually download, I think you're being extremely naive and foolish with regard to your broadband connection. Someone is doing illegal things with it, and you have no idea who it is. You need to accept that it has happened, and will likely continue to happen, until you put a stop to it.

Solair

Well, if you're a sole trader, you might want to re-think the idea of letting everyone have access to *your* internet connection. Most business people have mobile broadband these days anyway.

You've no idea what people might be running on their laptops. They could quite easily have a bit torrent client on there which just kicks in whenever it's online.

Not only is this possibly downloading material that's protected by copyright, but it's also quite likely to clog your network connection too.

I'd just make sure that your router has WPA enabled and change the password.

If you do need to allow other people to access your internet connection, you should invest in a second router that blocks everything except web access.

People don't need full access to every port and protocol via your network.

Extreme porn wouldn't be the major worry, but viruses and bot nets distributing spam can be a major issue.

watty

Bebs wrote: »

I think the dangers of someone downloading extreme porn in my office are a little bit overblown don't you think?

no.

I installed a network with logging of all connections about 6 years ago. A month or so was called to their office to explain what all the activity on the log on Saturday Morning was, was it a "virus"?

Everyone had unique secret password and user name was a variation of their name. The "book keeper" was claiming overtime and coming in on his own on Saturday morning, they knew that. They asked him if anyone else in the office with him.

"no".

Anyhow the detail server logs showed his logon. times, his workstation and 3 to 4 hrs of browsing porn sites (the URLs and time / date).

The problem was not a Virus. No WiFi. Just ethernet cables and ISDN dialup.

I think they were more upset that he was getting paid to amuse himself rather than work, than what he was actually looking at.

center15

jor el wrote: »

Never heard that before, and why would they? The music industry are not going to know what kind of customer it is, and eircom have agreed to contact all those that are illegally sharing music.

I don't know why they would it's Eircom said it not me. From their FAQ's

Will eircom disconnect business customers?

eircom will advise business customers of any detection and notify them if a repeat infringement is identified. However, business customers will not be disconnected

http://www.eircom.net/notification/legalmusic/faqs

the_monkey

Jesus! , are eircom doing this ?

a bit big brother'ish yeah ?

Do they scan this via p2p traffic ?

Bebs

I'm sorry if it comes across as me being childish about it, I was just a bit upset. I've made the arrangements to have an outside expert take a look at the security setup and I've changed the password on the wireless for the time being.

Does this mean that Eircom are monitoring my traffic? I have client confidentiality to think about and I know that some of the work I we do isn't on secured sites.

Kensington

Bebs wrote:

I'm sorry if it comes across as me being childish about it, I was just a bit upset. I've made the arrangements to have an outside expert take a look at the security setup and I've changed the password on the wireless for the time being.

That's good, it's a start. You've a right to be upset of course! There are obscene amounts of money made in cybercrime every year as a result of people being unaware of network security (or lack thereof).

Bebs wrote: »

Does this mean that Eircom are monitoring my traffic? I have client confidentiality to think about and I know that some of the work I we do isn't on secured sites.

Nope.

The record companies (or third parties on their behalf) basically sit in busy torrent trackers. They then monitor everyone who connects to that tracker's swarm, filter out IP addresses that belong to eircom and forward these on to eircom, along with details of the file and the date and time. And it's very easy to do, practically all torrent clients allow you to view the IP address of each and every person connected at a given time.

Eircom then take the IP addresses, look up their records to find out who was assigned the IP address in question at the time and then forward a letter to the account holder.

Bebs

Why don't Eircom do that themselves? I assume that the terrible deed happened when someone had the program running on their laptop unknown to themselves (or to me!)

DeepBlue

Bebs wrote: »

Why don't Eircom do that themselves? I assume that the terrible deed happened when someone had the program running on their laptop unknown to themselves (or to me!)

I guess it's similar to the case when a car goes through a speed camera and gets clocked.
There's no way of knowing who was driving the car so the speed ticket goes to whoever is the registered owner.
Similarly with eircom they have no way of knowing exactly who is downloading what on a particular connection at any one time. They just know who is the registered account holder on that connection so they get the blame when anything untoward happens on the connection.

jor el

Bebs wrote: »

Why don't Eircom do that themselves? I assume that the terrible deed happened when someone had the program running on their laptop unknown to themselves (or to me!)

eircom neither need nor want to monitor people as it's not their copyright. The person that did this will have known exactly what they were downloading on your connection. You don't accidentally download an album, you do it deliberately.

Bebs

jor el wrote: »

eircom neither need nor want to monitor people as it's not their copyright. The person that did this will have known exactly what they were downloading on your connection. You don't accidentally download an album, you do it deliberately.

I'm sure they know well what they're doing at home but I'm sure they didn't mean to do it at my premises.

How do people running internet cafes cope?

jor el

Bebs wrote: »

How do people running internet cafes cope?

By blocking everything except web.

watty

Smarter Internet Cafés even running the Browser in a "sandbox" so you can't save anything (Download) or infect their PC.

slimjimmc

I'm quite amazed you're giving all and sundry full access to your internet service. Many places use WiFi hotspot software to control who can use their internet service then use firewalls and web content filtering to control what those users can do. With hotspot software you control who uses your service, at the moment it sounds like anybody within range of your WiFi can connect, do what they like and get you in trouble, hence the Eircom letter.

Kensington

Bebs wrote: »

I'm sure they know well what they're doing at home but I'm sure they didn't mean to do it at my premises.

How do people running internet cafes cope?

By locking access down to basic web browsing only. Net cafes or anywhere which have corporate machines running off an internet connection will generally have expensive, robust security in place but if you are using the connection purely only for customers to casually browse, then it's not that difficult to set up basic filtering by yourself, with a little time and less than €100.

One of these wireless routers flashed with a completely free, open source firmware such as DD-WRT and you have yourself a basic, but effective method of restricting access. (Since you are a commercial premises though, you probably should make a donation)

You simply connect the new router into the eircom modem, and let everyone connect to the net via the new router instead of the eircom modem (you "bridge" the modem which disables the wireless and router part - the eircom modem literally only handles the DSL connection. The new router handles all the routing, connectivity and wireless). That way all traffic is run through the router's filter parameters set by you and traffic blocked as appropriate.

.

You can filter out individual PCs, configure days/times to restrict access (you could switch wireless access off completely outside of business hours, for example) and most importantly block all P2P services from accessing the internet. It also has a tool for filtering websites by either the URL or a keyword, so you could filter websites with words such as torrent, porn etc. from being accessed.

aidanodr

Bebs wrote: »

I'm sure they know well what they're doing at home but I'm sure they didn't mean to do it at my premises.

How do people running internet cafes cope?

Sorry to be blunt - but are you actually reading the replies people are giving you?

Back on page two I told you how this might be happening to you. I actually asked WHO OWNS THE LAPTOPS in your office? No reply. I therefore am assuming from what I have read - each employee is using their own laptop?

So, they have a program called a Torrent Application or P2P application ( eg Limewire ) installed on THERE laptop. This is a deliberate act - to install such an application. They do not just appear on a PC. All it takes is ONE OF your employees laptops to have such a thing installed.

Before they come to work OR the night before they decide they want a copy of the latest "whatever" album. They search for this in the P2P / Torrent app and set the download process in action.

These applications are persistent. Once a "download job" is initiated it will keep on trying to get the download you are looking for.

Your employee turns off their laptop, goes to sleep. Next morning comes to work, turns on the laptop which wirelessly connects to YOUR broadband. In the back ground the Torrent / P2P app restarts its persistent download.

In both software app cases not only does a download occur BUT whatever has been downloaded of this album is now reshared on your employees laptop, over YOUR Wireless Broadband account, for others ON THE INTERNET ANYWHERE ( using these P2P / Torrent programs ) to download from them.

NOW DO YOU GET IT??

To prevent this kind of behaviour a Firewall ENABLED is a start. As I said earlier YOU NEED a good Content filtering box which consults an online database of offending sites. These are categorized. So when you are setting up such a box you DO NOT have to type in 1000's of sites you would like to ban, you just select a Category like Pornography, Violence and so on AND ban the category which includes 1000's of known "dodgy" sites.

IPS or INTRUSION PREVENTION SYSTEM helps stop these P2P and TORRENT applications. Plus can block heavy bandwidth usage like video streaming and the like.

Such a box thats relatively cheap is the Sonicwall TZ series:

http://www.sonicwall.com/us/products/TZ_100.html

"Comprehensive Security - including Comprehensive Anti-Spam Service, Gateway Anti-Virus, Anti-Spyware, Intrusion and Prevention Service, Enforced Client Anti-Virus and Content Filtering Service (Premium Business Edition)."

http://www.amazon.com/Tz-100-Network-Security-Appliance/dp/B002E3AIG2

$194 on Amazon. Their are others.

I think you still like to believe / are in denial it is one of your employees with the above quoted statement. Having a P2P / Torrent app on a laptop IS A DELIBERATE INSTALL, as is initiating a music album download. See what your expert says ...

Cheers
Aidan