This is a follow-up article to my earlier article Eircom Exposes Its Broadband Customers to Serious Security Risks. If you’re following the comments on that article you’ll see that I’m trying to bring these problems to Eircom’s attention. I haven’t gotten very far yet but I’ll keep updating those comments with what ever progress I manage to make. However, there has been another development that I feel I need to bring to people’s attention. This afternoon I was anonymously sent some very interesting information regarding yet another alleged hole in Eircom’s security. I MUST STRESS THAT I HAVE NOT VERIFIED THESE CLAIMS as to do so would involve attempting to break in to someone’s network and that’s illegal. However, should this prove to be true Eircom has yet another problem to fix. In this article I’ll start by explaining the alleged problem, then propose a simple solution, and end with some simple advice for Eircom customers who wish to protect themselves from these security vulnerabilities.

Technorati Tags: ,

The Alleged Problem

Currently each Netopia router shipped by Eircom has two pre-programmed settings that distinguish it from every other Eircom Netopia router out there. These are the SSID (the ‘name’ for the wireless network) and the WEP key. Both are somehow pre-generated and added to the router’s configuration before shipping. If the information I have been sent is correct there is a fatal flaw in the way these two settings are generated. They are both apparently derived in a simple way from the router’s serial number and given JUST the SSID (which is BROADCAST by the router) you can apparently easily calculate the default WEP password. This means that if you follow Eircom’s instructions and leave it at that the name your wireless network is broadcasting contains all the information an informed attacker needs to access your supposedly private and protected network.

Update (02 Oct 2007): As has been pointed out in this thread on boards.ie the serial number which is used to generate the WEP key can be derived from the MAC address of the router so changing the SSID is not a protection. As long as WiFi is enabled the MAC address can be sniffed and hence the default WEP key generated.

Food For Thought For Eircom

The information I was given included a very short piece of computer code (in C++) that takes an Eircom default SSID as input and effectively instantly gives the default WEP key as output. The algorythm to do this is shockingly and frighteningly trivial. The author claims he was able to generate this code using some very basic reverse-engineering techniques on the Eircom install CD. My anonymous source assures me he has not released this code into the wild but points out that if he can generate it others can too and someone probably already has. Others who also reverse engineer the install CD may not be as morally upstanding as my source claims to be.

This appears to be a classic example of security by obscurity. This is a fundamentally flawed approach to security and simply doesn’t work.

Proposed Solution for Eircom

Now, you might well say that given the fact that WEP can be trivially broken anyhow this is not much of an issue. There is some logic to that, however, there is also a little more to it. Should Eircom fix their default setup and use WPA instead of WEP but keep this key generator then users will still be vulnerable. The effect of this is that there are now three things Eircom must fix if they want to provide actual security to their clients:

  1. They must start instructing users to set a password on their Netopia routers for the reasons outlined in my previous article.
  2. They must change their default encryption scheme from WEP to WPA, again, for the reasons outlined in my previous article.
  3. They must change the way they generate their SSIDs and their default encryption keys in such a way that knowing one does not make it possible to calculate the other.

Were Eircom to ask me how they could fix this I would propose the following:

  • SSIDs be generated from the serial number using a one-way cryptographic hashing function like SHA1 or MD5. It is VITAL that the algorithm used be one-way so as to make it impossible to get from the SSID back to serial number and hence back to the WEP key as it currently appears to be possible to do.
  • Either also generate a default router password from the router’s serial number or update the instructions for users instructing them to set a password on the router themselves.
  • Switch from WEP to WPA (with PSK)

You may note that I am still advocating generating the password for the wireless encryption from the router’s serial number. This is because the only way to get at the serial number is to physically have access to the router. If you have physical access you can re-set to factory defaults anyhow so you can always get in. The flaw with the current system is NOT that the WEP key is being generated from the Serial Number, it is that it appears to be possible to get from the SSID to the WEP key with some simple mathematics. SSIDs are broadcast by the router so anyone within range of your wireless network will see your SSID. Hence, all that is needed to solve this problem is to change the way the SSIDs are generated. One-way cryptographic hashing functions are absolutely perfect for this kind of thing. Their use as described above would make it trivially easy to go from serial number to SSID but almost impossible to go from SSID back to serial number and hence encryption key.

It should be noted that none of these changes are major, but I believe they would make the world of difference to the security, and hence safety, of Eircom’s many customers.

What Can Current Eircom Customers Do?

That’s all well and good but even if Eircom do the responsible thing and make these changes that won’t help current customers. So, if you already have wireless broadband from Eircom you need to take some action to protect yourself. The following three changes are all that is needed:

  1. You must set a password on your Netopia router to protect it from reconfiguration behind your back by malware on your network or JavaScript from websites you visit.
  2. You must switch from WEP encryption to WPA with a Pre-Shared Key (PSK).
  3. You must generate a new and very long pass-phrase for use with the WPA encryption. On no account should you use the default WEP key generated from your serial number by the Eircom install CD unless you also change your SSID. I would recommend getting a randomly generated 63 character HEX password from Steve Gibson’s Perfect Passwords page. You could obviously never remember such a password so my advice would be to save it in a text file and keep it on your computer or a USB thumb drive so you can easily give it to visitors you’d like to give access to your network.

I don’t have access to a Netopia router ATM so if an Eircom customer out there would be kind enough to take some screen shots for me and email them on I could add them in here to help people out.

Update (30 April 2008): More detailed instructions on securing Eircom wireless routers are now available here.

Comments

35 Responses to “Eircom Security – More Bad News and Some Suggested Solutions”

  1. Paul Mara on September 12th, 2007 4:55 pm

    This really sounds like eircom security is a joke. I have a colleague at work here who is going to find out her model number and I’m going to find a guide for her to change to WPA on the net if I can.

    I’ve already set up WPA on my parents one and know it’s not to difficult but I’d prefer to find some simple laymans instructions.

  2. Winston Smith on September 12th, 2007 6:56 pm

    The eircom.net support site has some screenshots from the modem interface page that might be of some use to you:

    http://broadbandsupport.eircom.net/SRVS/CGI-BIN/WEBCGI.EXE/&/WEBCGI.EXE/,/

  3. Cathal on September 19th, 2007 11:00 pm

    When I setup Eircom’s Netopia router in my parents home the first thing I did was change the SSID and WEP key. The documentation that comes with the router states NOT to change them, how insane is that! The only reason I can see why Eircom suggested this was for easy fixs ie: Eircom customer forgets their WEP so they ring tech support and asks for it, Eircom Tech support ask for SSID and then supply’s the WEP. I think Eircom still think there an ISP in the 90′s

  4. Bart B on September 19th, 2007 11:09 pm

    Hi Cathal,

    It does indeed seem to be an example of the balance between security and ease-of-maintenance being out-of-whack. Telling people not to change their SSID and WEP key is just insane and actually serves no real purpose. If you lock yourself out you simply reset your router to factory defaults and away you go! Surely that’s not too hard to tech-support to talk people through?

    Bart.

  5. Anonymous coward on September 20th, 2007 6:22 pm

    i have a written a program to demonstrate this vulnerability.
    it is a very poor algorithm.
    i’m still deciding whether to release information regarding the WEP key / SSID generation process, as it will probably only be abused.

  6. Evert Bopp on September 22nd, 2007 10:21 pm

    This is bad but nothing compared to other countries.
    In Belgium Belgacom is installing WiFi routers at the same rate as Eircom but these come with all securit settings disabled as default. This obviously creates all kinds of risks.
    By enabling WEP Eircom takes a small step in the right direction. While WEP is by default easy to crack it creates a small threshold for people wanting to gain access to a wifi network. Users won’t accidentally log onto their neighbours network etc.
    It all depends on how much security someone really needs. What are the risks of someone trying to gain access to the average users network compared to the “hassle” of using WPA (or “losing” the WPA key)?
    The situation is different for business networks but in that situation the onus should not be on the provider to handle the security. Users should be aware of the risks & benefits of equipment that they use and should have policies in place for network security. Expecting Eircom to handle the security is the same as expecting your local car-dealership to provide you with driving lessons…

    Saying all that I would love to see this piece of code at work! Bart?

    E.

  7. Bart B on September 22nd, 2007 10:39 pm

    Hi Evert,

    Thanks for your comment. Although Belgacom ship without any security do their instructions mention anything about security? Do they tell users about the dangers of open WiFi? Do Belgacom make any security instructions available?

    The way I see it there is only one thing worse than no security and that’s bad security sold as good security. Their Eircom instructions falsely tell people they are secure. Their website contains more instructions and FAQs and none that I could see mention WPA at all. All their instructions that I have been able to find falsely tell their customers they are secure when they are not. They also tell users not to change the SSID and the WEP key leaving them even more vulnerable because of these cracker programs (I now know of three successful techniques to get Eircom default WEP keys from Eircom default SSIDs).

    I know a lot of people would like to see the code but I’m afraid I can’t conscience releasing it at this stage. I’m trying to improve security for Eircom customers not reduce it even further :)

  8. Evert Bopp on September 23rd, 2007 12:36 am

    Bart,

    I will have to ask someone if Belgacom includes any references to security in their manuals. Will get back to you on that but my gut feeling is that they’re as good as Eircom in this area.
    I agree that: “there is only one thing worse than no security and that’s bad security sold as good security”.
    However I also am of the opinion that people should take more responsibility for the security of their network. Too much is just left to chance.

    As for your reasons for not showing the code: believe me, my interests are pure professional. Contact me via email if you want to know more. Anyway, i do NOT need this code to crack a WEP secured network. However it’s an interesting tool and while I do not doubt you I would like to confirm the validity of the claim with my own eyes…

    E.

  9. anon on September 23rd, 2007 7:17 pm

    its so easy, you could crack it with a pen and paper..maybe not the wep key generation though.

  10. knuth on September 28th, 2007 12:26 pm

    Pentesting these routers with earlier versions of aircrack required only 100-200k IVS MAX to crack the 128bit key. Compared with the average value of 700,000 IVS required for other routers, there was a significant chance of obtaining a few coffee breaks or two :)

    But WEP can be cracked now in under 3 minutes, ptw sliced the time dramatically. They should of never used wep in the first place.

    Perhaps a little over hyped :)

  11. » Eircom netopia wireless router hack » Tom Doyle :: TALK on October 1st, 2007 10:55 am

    [...] There’s a good discussion going on about this situation at http://www.boards.ie/vbulletin/showthread.php?t=2055153550 and Bart voices his opinion, including suggestions on how to avoid being hacked here. [...]

  12. Pilotsnipes on October 1st, 2007 6:20 pm

    To be honest guys, please don’t bother Eircom with this security problem if you’re not going to do it properly.

    There is no point in getting people to change the SSID or WEP key by a few digits. WEP is fundamentally flawed.

    It now takes less that 1min 30sec to break an eircom router using very freely available tools. I know this becuase I have done it with my own netopia router many times, and with my brother-in-law’s (netopia) one too. In fact I have a video released on this too…

    You MUST tell people to change to WPA. You are only doing yourselves a disservice by calling foul on this whilst proposing something just as bad.

  13. Bart B on October 1st, 2007 9:53 pm

    Hi Pilotsnipes,

    Thanks for your comment. However, it seems to be in relation to a different article. I completely agree with you that WEP is broken and that people need to switch to WPA. That’s why my above article suggests that Eircom make WPA their default and advises Eircom customers to switch from WEP to WPA.

    I’m totally at a loss to see where my article suggests anyone stick with WEP?

    Bart.

  14. Eircom’s Response to the Security Issues Recently Raised : Bart Busschots on October 2nd, 2007 2:10 am

    [...] from two previous articles (Eircom Exposes Its Broadband Customers to Serious Security Risks and Eircom Security – More Bad News and Some Suggested Solutions). The previous articles lay out the problems and some suggested solutions in detail. This article [...]

  15. BadWolf Zone » Eircom Quick Update on October 2nd, 2007 11:28 am
  16. Alan Courtney on October 2nd, 2007 5:02 pm

    Surely this is a storm in a tea-cup!
    Wifi crack software has been available for years that will crack WEP and WPA with PSK. This crack software is now used in technology colleges to highlight the weaknesses in wireles networking and how to build better defence mechanisms for network administrators.

  17. Bart B on October 2nd, 2007 5:13 pm

    Hi Alan,

    Not really no. There are now programs doing the rounds (even a web based one) where you simply enter the Eircom SSID and hey-presto you have the default key. The barrier to entry there is a lot lower than the barrier to entry into the WEP cracking business :)

    Anynow, a very important effect of all this is that Eircom now have instructions for enabling WPA on their site, they didn’t have this before. People are also being made away of security for once. Some coverage for security from time to time is a good thing IMO.

  18. GOONER1 on October 2nd, 2007 10:18 pm

    I have the offending piece of equipment and I have disabled the wireless option.Is that enough to protect my system?

  19. Bart B on October 2nd, 2007 10:32 pm

    Gooner1 – if you have WiFi turned off on the router then you are safe from most of the problems described here. You should consider setting a password on the router’s configuration page though so that malicious websites or software can’t re-configure your router behind your back.

    Bart.

  20. Pilotsnipes on October 2nd, 2007 10:39 pm

    Indeed. I was looking at one article, whilst posting on this one.

    Glad to see it out in the open. Well done.

  21. GOONER1 on October 2nd, 2007 11:09 pm

    Thats great, thanks.It will be interesting to see what Eircom do about this.
    I’ll let you know if I’m contacted by them.

  22. BT Upstage Eircom With Security Flaw : Bart Busschots on October 9th, 2007 3:14 pm

    [...] security issues are bad enough to be getting on with but at least users can protect themselves with a few easy steps. BT customers seem to be much worse off with a remotely exploitable authentication bypass [...]

  23. erik_b on October 29th, 2007 5:37 pm

    recently got a broadband connection for the first time with eircom. thank god im paranoid to begin with , since everything ive read plus seen online indicates that the average joe ( myself somewhat included) is completely vulnerable to attack! in fact it would seem as though eircom are completely culpable for providing a product which in its bare state is unfit for use ! – maybe im wrong ???? im a relative newbie , tech wise but i managed , without the help of eircoms tech support (when i did call just to ask what i thought were a few ‘simple’ questions , i was told simply to use the wep key generator supplied and make sure ‘ i noted down the key’. my question had been ‘ how do i best secure my wireless connection ‘ – thank god for the net – within 5 mins i had learned how to mac filter, change ssid , switch off broadcast mode, reset password on router and switch to wpa-psk encrypt!!! tech support my butt!! call cost me a packet for nothing ! any more advice on security if anyone could help would be appreciated too.

  24. Bart B on October 29th, 2007 5:46 pm

    Hi Erik, by the sounds of it you should be fine. You’ve set a password on your router and switched to WPA-PSK. MAC filters and the rest don’t really add much security, it’s the WPA and the password on the router that are really important. One thing you don’t mention is how you chose your password. It’s really important that it be long and random. By long I mean at least 30 characters and by random I mean a good mix of upper and lower case letters, numbers and perhaps even symbols. I generally get my passwords from http://www.grc.com/passwords.

    Bart.

  25. GOONER1 on October 29th, 2007 9:22 pm

    Got a letter from eircom the other day.
    It was very general and didn’t really make the issue sound as bad as it could have been!
    Played it down to the last as you would expect from eircom!
    Anyway, all’s well, now to sort out my speed!!!
    Paying for 3 meg, barely getting 1 so I downgraded to 1 meg till they fix the exchange in Jan ’08(fingers crossed).
    Gangsters!!!!!

  26. ERIK_B on October 31st, 2007 4:18 pm

    just a quick thanks to bart b for yor reply!
    as for my ‘mysterious ‘ and hghly sophisticated password construction, the answer , honestly , is as follows- i selected 5 numbers at random , dice throw. picked onr at random, looked at the corresponind bookshelf in my sitting room , picked another book from another random number pick, then used six multiples of the 5 random number to select 6 pages from book- used a further 10 random numbers to select 10 word positions therein- ultimately, after a lot of time i ended up with a 40 letter random key. suffices to say i need to get out more/work more/ something!! thanks again !

  27. John Collins on November 1st, 2007 5:36 pm

    I come looking for help, and look who I find!! How’s the form now?? So, eircom security….bad huh? Spent a weekend back in Maynooth last month. Must say I thoroughly enjoyed it…

  28. Bart B on November 2nd, 2007 12:25 am

    Hi John,

    Great to hear from you again … isn’t the web a small place :)

    I’ll drop you a mail at the address you left with your comment.

    Bart.

  29. ema on November 5th, 2007 2:44 am

    how to change WEP to WPA?? i need help!!!

  30. Bart B on November 5th, 2007 2:17 pm

    Hi Ema,

    This page has detailed instructions and screen shots to illustrate the process: http://broadbandsupport.eircom.net/SRVS/CGI-BIN/WEBCGI.EXE/&/?St=6&E=0000000000093087718&K=8581&SXI=11&case=setupwpa&branch=4

    Bart.

  31. ema on November 6th, 2007 2:01 am

    thanx a lot Bart!!!!! ;)

  32. wreade1872 on December 14th, 2007 1:25 pm

    Hi there i changed my wep hex code just picked the letters and numbers at random then saved it to a secret text file, anyway every so often my router stops working and i’ve discovered that the router hex has been changed from what i set it to. I don’t know if it reset to default or something else set it but its very annoying and a little worrying.

  33. Bart B on December 15th, 2007 2:18 am

    Hi wreade1872, that is indeed worrying. It certainly shouldn’t be happening. All I can think of is that either your router is faulty or one of your neighbours is cracking your WEP key (trivial to do, hence actual security experts telling people to use WPA or WPA2) and re-setting it to default.

    Neither are particularly good. Were I in your situation I’d be contacting Eicrom and looking for a new router and then setting it up with the highest version of WPA it supports.

    Good luck!

    Bart.

  34. Tony Lawlor on February 2nd, 2008 12:20 am

    I do not think it’s such a big deal as the distance that the netopia wireless transmits is pityfull. I have my Netopia 2247nwg-vx in my frontroom and I cannot pick up the wireless connection from my kitchen just down the hall. Someone trying to piggyback on my signal would need to be sitting on my doorstep. However if ppl are concerbed WPA-PSK is the way to go as WEP is very weak notwithstanding Eircoms own issues.

  35. Bart B on February 2nd, 2008 1:16 am

    Hi Tony,

    You are right that with a regular WiFi antenna the range of a Netopia is not that far. However, things change when you use a directional antenna. You don’t need to be too advanced to get significant distance improvements. Something as simple as a Pringles tube makes a useful directional antenna. http://en.wikipedia.org/wiki/Cantenna

    That’s why you can’t rely on what you think is your range for protection. Assume the attacker likes crisps :)

    Bart.