Tuesday, February 16th, 2010 by Derek Grocke
Hi, I’m Derek, Internode’s Security Manager.
My role is to be the classic black hatter… you know, the “what if” bloke. So I get to hunt down and fix any risks or weaknesses that are inherent in any large professional IT shop. A really important part of my job is that I also get to think about the security risks facing Internode’s customers as well as the company, and I am a vocal advocate of safe computing… I get to fix my parent’s PC too. <sigh> :)
So, onto Internode’s new and improved Network Firewall. Last week was a pretty good week for me, the improved Network Firewall was announced to our customers, at the same time we also released a new Customer Security support page where we will be putting up information about key security issues and concerns in the near future.
In case you missed it, the Internode Network Firewall is a range of network controls that have been put in place to help protect Internode customers from some dangerous security threats on the Internet. In 2006, we created the opt-in/opt-out firewall (then called a ‘port filter’) to block some nasty Windows viruses and worms, and also to help cut down on email spam originating from our network. The virtual world is like the real world, there are some nasties out there and we want to add some additional protection to address some more recent “unpleasant customer experience” issues.
So why the update?
Having a look at some of our recent customer complaints has found a pattern where there had been some unauthorised use of some customers usernames and passwords. Needless too say, this equals customer pain and as a rule we don’t like customer pain. So anyway, it appears that some customer ADSL modems and routers are susceptible to being compromised through a combination of weak Admin passwords and allowing remote Administrator access from the Internet, or simply because the firmware on the device hasn’t been kept up to date, making them vulnerable to ‘brute-force’ attacks. I hate to be the bearer of bad news, but most modems and routers wont warn you that it is happening.
There is some pretty dodgy equipment out there, but we aren’t going to tell you what kit you can use with our service, that’s up to you (we have our own preference, of course). We also know that not everyone is a techno-geek with high-level firewall skills, but what we can do is offer you our network management experience to block some of these attacks coming from the Internet. We do this by blocking the ‘ports’ typically used to make the attacks on your ADSL equipment or servers – Think of it as us stopping someone breaking into your car by putting a gate at the end of your street. They can’t get near your car, so there is no way they can break in. Keeping the analogy going; if you don’t want our gate to be there, go turn it off in My Internode, we won’t stop you and the gate will be gone in minutes. Want it back, reverse the move. Oh, this is also free – we aren’t going to charge you for it – this is about improving your online experience and improving customer security. Outbound access from you to the Internet is unaffected – we are pretty hot on maintaining that too.
Home customers get the Network Firewall switched on by default, so the new additional ports will be added automatically, unless you have logged into My Internode and turned the Firewall off. Some more advanced home users may have web servers or other systems on their ADSL service that they don’t want affected by this change and you can easily opt-out of the firewall, but we recommend using your own firewall to compensate. Take a look at the FAQ for more information. Business and SOHO customers will need to turn the Network Firewall on if they want it, which I strongly recommend if you don’t have any services that might be impacted.
We will continue monitoring customer calls and we’ll likely add more ports in the future as the need arises, as well as offering a more flexible security model too. We wanted to move quickly on this because customers are getting burnt and we don’t spring for that around here. We are putting in something proven and effective – we honestly hope it helps.
More on security…
We’ll be launching some more security initiatives soon to help make your internet experience a safer one. I’ll also be blogging now and then with more security tips.
In the mean time:
Safe interwebs everyone.