Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Eircom Business Broadband, what details are logged and available to client?

  • 01-05-2016 1:36pm
    #1
    Banned (with Prison Access) Posts: 1,012 ✭✭✭


    Hello

    I need to understand more about what level of detail is recorded and retained by Eircom Business Broadband on internet usage by end users. I presume that they log all URL details for 2 or 3 years and can make these available to the Gardai under a Court order. In my case, there wouldn't be a court order as we are dealing with a case of misuse of corporate facilities and possible collusion with a supplier. To make things a bit more complicated, the person under investigation is the main contact with Eircom for the broadband service at the moment, so I don't want to approach them until I understand exactly what they can do.

    I have access to the router control panel (Asus router) and I don't see any logging or reporting facilities there. Does anyone know what level of history Eircom could provide (if any) where a company director makes a formal request for this? Would it be fair to say that at best, this will show URL history, but wouldn't show anything about the content - such as the gmail account involved or the content of emails sent or received?

    Thanking you in advance.


Comments

  • Registered Users, Registered Users 2 Posts: 1,477 ✭✭✭azzeretti


    The Data Retention Directive states they must retain data for a minimum of 6 months and a maximum of 24. Access to the information can only be granted by an EU Court of Justice. It seems a little vague but the ISP will need to provide IP information as well as other application information. There is mention of emails but I find this difficult to believe, especially with the SSL aspect to popular webmail accounts. Bear in mind, an ISP could, technically, peek inside your encrypted traffic but it would take a lot of resources and would get them in a bit of trouble if exposed.

    In your case though, you'll need to bare in mind that all your internet traffic will (might, depending on your setup) appear to originate from the one public IP address, with all your work PCs and devices , NATing out of your router. Even if the ISP did have some evidence it would be tricky to prove which PC/user on your network accessed which external site (unless you've any internal logs and/or proxy to cross reference times and resolve to internal IP/MAC).

    So, I would say, while it might be possible (with a fair bit of cost to yourself) the chances of being able to prove, without doubt, the person you suspect did what you suspect, are very low given your current setup (I'm making some assumptions about your setup!)


  • Registered Users, Registered Users 2 Posts: 5,741 ✭✭✭jd


    presume that they log all URL details for 2 or 3 years and can make these available to the Gardai under a Court order
    Pretty sure they don't! They do archive logfiles (authentication and eir's own email servers)


  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    RADIUS knows what IP was leased to who when. That's it.

    If you hack the pentagon say, the pentagons logs show the IP not eircoms. Then DoD gets a court order to find out from eir who was using that IP at the indicated time.

    If you want the kind of audit trail you seem to suggest you need to install a transparent proxy in your premises.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Would it be fair to say that at best, this will show URL history, but wouldn't show anything about the content - such as the gmail account involved or the content of emails sent or received?

    At best? Have you any idea how much storage would be required to store all that information? As another poster said, if you wanted that kind of paper trail you should have implemented the system yourself.

    If the individual was using your business broadband to access these URLs, surely they were using company IT devices, e.g. phones, laptops and tablets. You could cease these and look at their histories - unless the individual has already wiped them. Then check with your IT department for any backups, emails sent etc.


  • Closed Accounts Posts: 1,198 ✭✭✭testicles


    This post has been deleted.


  • Advertisement
  • Banned (with Prison Access) Posts: 1,012 ✭✭✭2RockMountain


    Thanks folks, this has been very helpful. I had forgotten the fairly obvious point (in hindsight) that Eircom wouldn't have details of the particular device used to access any URL, which obviously creates a particular problem in deducing who did what.
    testicles wrote: »
    This post has been deleted.
    Wasn't aware of that - thanks for the update.
    syklops wrote: »
    If the individual was using your business broadband to access these URLs, surely they were using company IT devices, e.g. phones, laptops and tablets. You could cease these and look at their histories - unless the individual has already wiped them. Then check with your IT department for any backups, emails sent etc.

    The target of the investigation IS the IT department! So if they have half a brain, they will be wiping history regularly, though you never know, I guess.


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie



    The target of the investigation IS the IT department! So if they have half a brain, they will be wiping history regularly, though you never know, I guess.

    Worth trying.

    You might be able to use the freedom of information act with Eir - in that way you will find out if they are retaining URL's (not as massive a data store as you might think, but still pretty massive and they probably had the infrastructure in place before the removal of the data retention directive). That will force them to release any information related to the company, to the company. They may charge you for it though.

    edit: As others have pointed out though, it wont show you the device that made the request. Only that it came from your network.


  • Registered Users, Registered Users 2 Posts: 5,741 ✭✭✭jd


    Eir are not a state body so Freedom of Information act does not apply.
    You may be thinking of Data Protection Act? That only applies to individuals - data about a person (yourself)!


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    I was thinking the data protection act. A company is a legal person though, right?


  • Closed Accounts Posts: 2,948 ✭✭✭gizmo555


    testicles wrote: »
    This post has been deleted.

    Not exactly so. The directive was struck down by the Court of Justice of the European Union in April 2014, as a result of a case taken by Digital Rights Ireland.

    However, the Communications (Retention of Data) Act 2011 remains in force in Ireland. It remains to be seen what the final outcome of the Digital Rights Ireland case will be in the Irish courts in respect of this legislation.

    The Act requires telecoms and internet service providers to retain metadata about phone usage for two years and internet usage for one year. Data must be provided on foot of a valid request to the Gardaí, Defence Forces or Revenue.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 5,741 ✭✭✭jd


    Khannie wrote: »
    I was thinking the data protection act. A company is a legal person though, right?

    But not living!
    https://www.dataprotection.ie/viewdoc.asp?m=&fn=/documents/FAQ2012/1.1.htm
    The definition in the Act reads:
    "personal data" means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller."
    It covers any information that relates to an identifiable, living individual


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    Interesting stuff. Thank you. I wonder how that would work if I put in a request for data for my home connection. If it's just metadata retained it's basically impossible to tell if the request was myself, my wife or even our kids.


  • Closed Accounts Posts: 2,948 ✭✭✭gizmo555


    Khannie wrote: »
    Interesting stuff. Thank you. I wonder how that would work if I put in a request for data for my home connection. If it's just metadata retained it's basically impossible to tell if the request was myself, my wife or even our kids.

    The data would be provided to the person(s) in whose name the account is.


Advertisement