[vip_students] Re: eircom security
- From: "Joan Ann Brosnan" <kerrygirl18@xxxxxxxxx>
- To: <vip_students@xxxxxxxxxxxxx>
- Date: Thu, 4 Oct 2007 21:36:12 +0100
Hi Jackie
I too am with Eircom and am a little concerned with the flaw in their security
system. The below message was posted on another list and I thought I would
post it here as it may help you and others
Security flaw leaves Eircom customers open to hackers
John Collins
Up to a quarter of a million Eircom customers could be inadvertently sharing
their broadband connections with strangers due to a security flaw in
products supplied by the telecoms company.
The security problem could allow hackers to access wireless connections in
buildings up to 30m (100 feet) away, without the knowledge of the Eircom
account-holder.
As well as allowing free access to the internet, the flaw could in theory
permit a hacker to engage in illegal activity that could then be traced back
to the Eircom customer.
The problem relates to broadband routers, supplied to Eircom by Motorola
subsidiary Netopia, which can connect computers to the internet via Wi-Fi, a
wireless technology commonly available on the average PC.
Due to the way security has been implemented on these products, hackers and
anybody with a reasonable computer knowledge can freely use them to access
the internet.
The wireless routers use a security protocol called Wired Equivalent Privacy
(WEP). This protocol requires anybody accessing the wireless network to
enter a 16-digit password.
This code is generated from the serial number of the router as well as some
text which is converted to numerical values.
The text used includes eight snippets of lyrics from guitar legend Jimi
Hendrix.
The security problem occurs because the unique eight digit number that is
broadcast as the name of the network is also derived from the serial number.
As a result hackers simply have to look at the name of the Eircom network to
get access to it. Both downloadable tools and websites have emerged which
automatically create the 16-digit key when the network name is keyed in.
Eircom issued a statement yesterday saying it is aware of the issue and is
contacting all affected broadband customers.
The Netopia routers in question are the 3300 and 2247 series.
Users who have changed the default set up are unaffected by the problem.
All new modems sold by Eircom will have instructions on how to change the
default WEP key while existing customers are advised to visit
www.broadbandsupport.eircom.net
for instructions.
Eircom pointed out that accessing wireless networks without permission is a
criminal offence under the Criminal Damage Act 1991 and the Criminal Justice
(Theft and Fraud Offences) Act 2001.
The problem was first revealed on a post to the popular Boards.ie discussion
website over the weekend.
"This raises a number of issues, not least that my neighbour could use my
broadband connection," said Brian Honan, a director of security specialists
BH Consulting.
Mr Honan said unauthorised users could use a wireless network to download
illegal content or even to access other computers in the premises or home.
Motorola, whose subsidiary supplies the routers, declined to comment on the
matter.
C 2007 The Irish Times
-------------------------
Tim Culhane,
Critical Path Ireland,
42-47 Lower Mount Street,
Dublin 2.
Direct line: 353-1-2415107
phone: 353-1-2415000
Tim.culhane@xxxxxxxxxxxxxxxx
http://www.criticalpath.net
Critical Path
a global leader in digital communications
------------------------
----- Original Message -----
From: Jackie McBrearty
To: vip_students@xxxxxxxxxxxxx
Sent: Thursday, October 04, 2007 8:26 PM
Subject: [vip_students] eircom security
Hey all
watching the news yesterday and heard the stuff about the eircom brodband
security alert, as I have eircom brodband i'm a tad concerned, i'm working off
wireless using a wireless card, how would I know if my connection is safe from
the unscrupulous people outside. I looked on the eircom site but cant make head
nor tail of what it means.
thanks in advance
Yours Jackie
Other related posts:
