Planned Maintenance - Antwerp area

Dear customers,

We have planned a maintenance in 03 zone, causing a brief interruption in the traffic flow on some access lines. Please find the details below.

Description: 
Start: 2015-03-26 06:00 AM^*
End: 2015-03-26 07:00 AM^*
Duration: 1 minute
Impacted services: All edpnet services (Internet, telephony, e-mail...) for the areas below.

Affected Areas:  03

We apologize for the inconvenience

The edpnet team

^{*All times are listed in CET, Central European Time}

Planned Maintenance Proximus - Charlerloi and Gent

Dear customers,

Proximus has planned a maintenance in 2 of its data centers.
This maintenance may affect your data services. Please find the info below.

Description: Maintenance Charleroi
Start: 2015-09-02 02:00 AM^*
End: 2015-09-02 04:00 AM^*
Duration:15 minutes
Impacted services: All data services (internet, telephony, ...)
Affected Areas: Area code: 010, 060, 064, 065, 067, 068, 069, 071

Description: Maintenance Gent
Start: 2015-09-02 02:00 AM^*
End: 2015-09-02 04:00 AM^*
Duration:15 minutes
Impacted services: All data services (internet, telephony, ...)

Affected Areas: Area code: 050, 051, 052, 053, 054, 055, 056, 057, 058, 059, 091

We apologize for the inconvenience

The edpnet team

^{*All times are listed in CET, Central European Time}

Security bulletin: "Ghost" vulnerability on Linux devices

Dear customers,

Recently a critical security bug has been found with the Name Service Switch (nss) library in almost all Linux distributions. This bug can allow attackers to gain access to affected systems remotely by possibility to remotely execute arbitrary machine code without permissions.

Information on this bug and how it can be resolved can be found below. Edpnet has already patched this vulnerability on all of its servers, and we strongly advice our customers to do the same.

A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.

Source and info: http://ma.ttias.be

Best regards,The edpnet team

^{*All times are listed in CET, Central European Time}

Info: Phishing report

Dear customers,

Some customers have received the phishing e-mail below.
We would like to inform you that this message can be disregarded and is not coming from edpnet.

What is Phishing? Phishing emails are fraudulent messages made to look like they were sent by reputable companies in an attempt to gather your personal and financial details.

Example:

From: INFO SERVICE TELENET [mailto:<removed>]
Sent: woensdag 3 december 2014 16:30
Subject: *Chers (es) clients (es) de EDPNET,*

*Chers (es) clients (es) de EDPNET,*
Le service technique chargé de la maintenance des comptes de messagerie a détecté des accès illégaux à votre messagerie à travers différentes adresses IP. Au risque que votre compte ne soit suspendu dans les prochains jours, notre service de maintenance vous demande de confirmer vos accès de connexion. Au cas où les informations ne seront pas fournies, votre accès à la messagerie serait suspendu définitivement. Pour des raisons de sécurité, veuillez fournir l’intégralité des informations demandées.
Complétez les informations suivantes pour la confirmation à votre accès

* Nom d'utilisateur:........................................
* Mot de passe:.............................................. 

* Adresse e-mail :.......................................... 

* Mot de passe :.............................................
* E-mail secondaire :....................................... 

* Mot de passe :.............................................. 

* Date de naissance:....................................... 

* Pays ou territoire:.........................................
* Profession:......................................................
* Tel:..................................................................
Dès la réception de ces informations, votre messagerie serait suivie contre les accès illégaux. Merci de votre collaboration. 

Webmail EDPNET*

*Cordialement,*

*L’équipe EDPNET*

Info: Possible Power Shortage

Edpnet would like to inform you of the availability of our services during the possible powercuts.

Our government and the media already communicated about the possible power shortage in the next coming months. It is possible that rotational electrical power cuts will be executed in order to avoid a general power outage at any time.
These power cuts will be executed in phases, per areas, presumably during peak hours (between 17h and 20h).

Meanwhile, the government launched the campaign "Off/On" with the aim to provide as much useful information as possible and to answer the many questions you are facing: www.offon.be

You can visit following pages as well:
http://economie.fgov.be/nl/elektriciteitsschaarste
http://economie.fgov.be/fr/penurie_electricite

26 November - Short connectivity issue

Dear customers,

Because of a change on our core infrastructure, customers without a fixed IP may have had issues with their connection. Rebooting the modem solved the issue. Professional customers with a fixed IP did not have any impact.

We apologize for the inconvenience

The edpnet team

^{*All times are listed in CET, Central European Time}

10 November - Vandalism in Proximus buildings

Dear customers,

Due to suspected vandalism on the Proximus network, 2 LEX's have been disconnected. Multiple copper and fiber cables were cut, causing a large impact on ADSL and VDSL customers.

Update: According to Proximus, the last connections should be up by tomorrow evening.
The affected customers are in zones 071, Gosselies and Montigny-le-Tilleul.

More info: standaard.be (Dutch Article)

Description: Cables cut in LEX's Wallonia
Start: 2014-11-08
Expected End: 2014-11-11 PM
Duration: /
Impacted services: All edpnet services for the affected customers

We apologize for the inconvenience

The edpnet team

^{*All times are listed in CET, Central European Time}

Phishing Report

Dear customers,

Some customers have received the phishing e-mail below.
We would like to inform you that this message can be disregarded and is not coming from edpnet.

-----Original Message-----
Van: edpnet.be [mailto:l.barbier@edpnet.org]
Verzonden: donderdag 2 oktober 2014 10:31
Aan: undisclosed-recipients:

Onderwerp: Belangrijke Post Notice

Οur securιty systeem υnυsυal actιvιty οn yουr edpnet.be mailaccount gedetecteerd, om te terug te krijgen ιt yοu'll nodig hebt om uw accοunt ιnfοrmatιοn updaten. door te klikken op de link hieronder en aanmelden.

<Link removed for security reasons>

Regards,
Edpnet Support

-----Original Message-----
De : edpnet.be admin update [mailto:wealthjonah@gmail.com]
Envoyé : samedi 30 août 2014 01:05
Objet : (c)edpnet.be Webmail IT Help Desk. 

Attention:

An Attempt has been made to Your Account from a new computer. For the security of your account, we are poised to open a query or update your account. Kindly Click,

<Link removed for security reasons>

for secure security and instant online account upgrade.
©edpnet.be Webmail IT Help Desk.

18 September 2014 - Email Migration

Update: 2014-10-02:  The migration is now complete. We had some receiving issues yesterday evening which are resolved.

Dear customers,

Edpnet will start migrating its customers' e-mail accounts to a new and improved server farm.

The webmail on https://webmail.edpnet.net now supports SSL encryption for better security between the customer and our servers.

During this migration, customers may not get any incoming e-mail during 5-15 minutes whilst their account is being migrated. Once done, those e-mails will be delivered.

Description: Email migration
Start: 2014-09-22
End: 2014-10-01
Impacted services: Edpnet Email

We apologize for the inconvenience

The edpnet team

No heartbleed impact

As you may already know, a bug called ‘Heartbleed’ was recently detected in the ‘OpenSSL’ protocol.

This bug is an error in the OpenSSL software. OpenSSL is security software that protects your confidential data when it travels on the internet. OpenSSL is used in application worldwide (e.g. webmail, home banking social media, ...).

Because of this bug it was possible for cybercriminals to access your confidential data. The heartbleed bug made it possible to intercept data that should be encrypted. 

Not all sites are/were affected, however some major sites you use probably are (it depends on which OpenSSL version was installed).

Our My edpnet/e-mail/hostings and other applications were not impacted.

If you want to know more about Heartbleed you can read more about it on :

•  http://heartbleed.com
•  http://www.digitaltrends.com/computing/the-heartbleed-bug-explained-by-a-web-comic-xkcd/#!FkG6e
• http://en.wikipedia.org/wiki/Heartbleed 

It is important to note that this bug has nothing to do with edpnet. The Open SSL protocol is being used by lots of companies and organizations worldwide.

However, we encourage all our customers to change and reinforce their passwords for all their accounts (social media, webmail, etc.) preemptively.

To create a strong password, pay attention to the following:

• Change your password on a regular basis
• The length of your password: the longer, the better.
• The variety of characters: the more variety the better. Mix lowercase, uppercase, numbers and symbols.
• Practical tip: use a pass phrase instead of a single password.
• Use a password manager (like LastPass, KeePass, Roboform, 1Password and more. More info on http://www.cnet.com/news/beyond-heartbleed-why-you-need-a-password-manager/)

Global DNS and NTP amplification attacks

Dear customer

Recently there seems to be a significant increase of cyber-incidents. According to Cert, the federal cyber emergency team, the number of cyber-incidents in Belgium doubled in 2013 (https://www.cert.be/docs/number-cyber-incidents-belgium-doubled-2013).

More often cyber criminals use so-called amplification attacks that specifically abuse NTP (Network Time Protocol) and DNS (Domain Name Systems) servers: http://www.us-cert.gov/ncas/alerts/TA14-017A (for Belgium: https://www.cert.be/docs/dns-amplification-attacks-and-open-dns-resolvers). Cyber criminals search for vulnerable devices in a network which are used to initiate such attacks. We can confirm that we see a huge increase of such attacks on our network as well.

Edpnet has always been a provider reluctant to block ports on its network. But because of the increase of these attacks, we are now forced to start blocking certain protocols in order to protect the quality of our network, the internet and your surfing experience as a customer.

Therefore ports 53 (DNS) and 123 (NTP) will be blocked as from today. If you are using a fixed IP-address and you would like these ports to remain open, please contact us. We are able to make exceptions for fixed IP customers.

Do not hesitate to contact us on following number 03 265 67 00 if you should have questions left.

Customer-friendly regards
The edpnet helpdesk team

21 February 2014 – Recommended FRITZ!Box firmware upgrade

Recently the German manufacturer AVM released a firmware upgrade for their FRITZ!Box modems because of reported hacking attempts on this type of modems. Hackers could break into the modem and call via the customer’s VoIP number. AVM confirmed reported cases in Germany and in The Netherlands.

Meanwhile AVM communicated that they collaborate closely with the authorities to catch the hackers. A new firmware upgrade should do the trick to block future hacking attempts. The reported cases concerned all models and AVM provided an upgrade for over more than 40 distributed models (http://www.avm.de/en/Sicherheit/update_list.html).

Edpnet needs to protect her FRITZ!Box users as well. We can confirm that we received some complaints of customers who noticed something ‘abnormal’. Therefor we insist on executing the firmware upgrade as soon as possible. All FRITZ!BOX users will receive a ticket with the necessary instructions.

If you do not want to wait for this ticket, please find an online explanation how to start up this firmware upgrade via http://www.avm.de/de/Service/FRITZ_Clips/start_clip.php?clip=fritz_clip_firmware_update_en