A proper horror story!

[phil d]

A chap I know rang me recently, it turn's out that I used to help his father out many years ago when I was an apprentice.

Well, he had ,had his broadband disconnected as something on his network was "allegedly" causing problems, he's a real technophobe and knew very little about IT.

I visited with a friend and we found an unsecured open wifi network, no firewall, and several virus issues, which we dealt with.

However the isp still refused to restore service until we had blocked port 22, there was no way to access the ports on the router, and it came with all ports open, both inbound and outbound. I rang them up and they actually suggested that I purchase a "better router"!

The guy does everything through the internet, his phone is voip, his cctv is monitored over the internet, as is his intruder alarm.

We've advised him to go with one of the better known providers, as this company ( zen of Rochdale) are most unhelpful, we did however find 2 other issues, one annoying, and one worrying.

He'd been informed by the cctv company that there was a problem as they couldn't see his camera's, they are obviously doing their job, however his alarm monitoring company (ADT) have not contacted him to say they are unable to monitor his intruder alarm! The annoying thing was that the phone number to Zen is a premium rate one, the call cost me nearly £20! not happy.

It is hard to believe that a firm can get away with behaving like this and still stay in business, I think this guy has been badly advised on a number of issues, and we'll be advising him accordingly. he's paying way over the top, for a monitored cctv system that hasn't been updated in years, his alarm is garbage, and again he's paying loads for it, I think we've built up a good rep with him, as we've identified issues he wasn't aware of and he's going to ring us for anything else he needs

 

[Andy™]

hows the alarm signalling connected? if its single or dual path GSM then the internet / phone line is irrelevant. if its single path IP then you should have got a poll fail, time on that depends on monitoring grade (generally anything between 3 minutes & 24 hours). if its path IP / GSM then it should have reported path failure

as for ports open, routers dont just open all ports, they would need to be opened and directed somewhere. to show as open from the outside world they would have to be open and forwarded to a local device, and that local device would have to listening to that port. try this site to see if it really is open

http://www.yougetsignal.com/tools/open-ports/

for the premium rate phone number, ask for their complaints number. it must not be a premium rate

 

[Lurch]

TBH Phil most of your post is completely wrong.

Zen are very good, I would recommend them. I don't see how better known means they are a better ISP. BT are probably the best known, they aren't great. Sky are very well known, they are one of the worst. Zen are relatively unknown (but very well established and have been around for years). They are one of the better ones.

It is unlikely there was "no firewall".

The alarm would be outbound so no need to open ports.

If someone has been adding/playing with the outer it is likely that they had no idea what they are doing so resorted to just opening all ports. There is also no way that there was "no way to access the ports on the router". I can almost guarantee you that there is not a router on the market that comes with all ports in and out wide open.

I think the phrase "blind leading the blind" applies here.

 

[UNG]

TBH Phil most of your post is completely wrong.

I really think most of your post is completely wrong but we all have our opinions. I will declare my interest here that I was the friend that went to site with Phil

Zen are very good, I would recommend them. I don't see how better known means they are a better ISP. BT are probably the best known, they aren't great. Sky are very well known, they are one of the worst. Zen are relatively unknown (but very well established and have been around for years). They are one of the better ones.

May be your experience of Zen has been good as for recommending them based on my experience to date I certainly wouldn't be along with the third party reseller

Zen are no better than a similar type of company I worked for just over a decade ago, some of the problems on this site are compounded by the fact that a third party reseller is involved and they are no better than Zen. As is usual in these cases some of the communications between the supplier and end customer though the third party lose some detail. In one of these conversations a guy that was looking into the problem gave his name upon contacting Zen to clarify something we were told nobody by that name worked there the guy we did speak to said he couldn't really help as we were not the customer the third party reseller was. Zen have only been around for just over 20 years and looking at their website they appear typical of a lot of similar companies in this sector a lot of gloss and little substance

It is unlikely there was "no firewall".

The alarm would be outbound so no need to open ports.

If someone has been adding/playing with the outer it is likely that they had no idea what they are doing so resorted to just opening all ports. There is also no way that there was "no way to access the ports on the router". I can almost guarantee you that there is not a router on the market that comes with all ports in and out wide open.

The Zen router that was supplied to the customer was unsecured and with all ports in and out open as advised by Zen themselves making it very open to external attack and hacking once you get under the fancy names what you find is a rebadged Thomson router to actually block any ports on this router it requires command line programming that is obviously well within the abilities of most end user customers who just want an internet connection whilst the third party reseller should have some responsibility for this trying to resolve this problem so should the ultimate supplier whose attitude is less than helpful

I think the phrase "blind leading the blind" applies here.

I find that comment very unhelpful and unwarranted.

There are 2 companies involved here who are both quite happy to take the customers money and offer nothing in return when things go wrong when it gets to that may be it is time to look to one of the bigger players in the market as their customer cannot be and worse than what has been offered to date.

 

[steptoe]

I really think most of your post is completely wrong but we all have our opinions. I will declare my interest here that I was the friend that went to site with Phil

May be your experience of Zen has been good as for recommending them based on my experience to date I certainly wouldn't be along with the third party reseller

Zen are no better than a similar type of company I worked for just over a decade ago, some of the problems on this site are compounded by the fact that a third party reseller is involved and they are no better than Zen. As is usual in these cases some of the communications between the supplier and end customer though the third party lose some detail. In one of these conversations a guy that was looking into the problem gave his name upon contacting Zen to clarify something we were told nobody by that name worked there the guy we did speak to said he couldn't really help as we were not the customer the third party reseller was. Zen have only been around for just over 20 years and looking at their website they appear typical of a lot of similar companies in this sector a lot of gloss and little substance

The Zen router that was supplied to the customer was unsecured and with all ports in and out open as advised by Zen themselves making it very open to external attack and hacking once you get under the fancy names what you find is a rebadged Thomson router to actually block any ports on this router it requires command line programming that is obviously well within the abilities of most end user customers who just want an internet connection whilst the third party reseller should have some responsibility for this trying to resolve this problem so should the ultimate supplier whose attitude is less than helpful

I find that comment very unhelpful and unwarranted.

There are 2 companies involved here who are both quite happy to take the customers money and offer nothing in return when things go wrong when it gets to that may be it is time to look to one of the bigger players in the market as their customer cannot be and worse than what has been offered to date.

ah, 

so, how can you complain about a company that you have no contract with?

you have no issue with ZEN,

your issue is with the reseller,

NOT with ZEN

yet another post with half the information supplied.

anyone with any sense knows that a reseller is just a con to make money out of the average guy for doing jack,

how many times do we hear of agencies getting slated in our trade,?

they are just a reseller.

 

[UNG]

ah, 

so, how can you complain about a company that you have no contract with?

you have no issue with ZEN,

your issue is with the reseller,

NOT with ZEN

yet another post with half the information supplied.

anyone with any sense knows that a reseller is just a con to make money out of the average guy for doing jack,

how many times do we hear of agencies getting slated in our trade,?

they are just a reseller.

Zen are the company who are offering no support for their supplied router

The issue is with Zen they have withdrawn the internet service due to issues caused by a router supplied by them, may be the reseller has been misled by Zen

We all know resellers are parasites and may be Zen needs to vet it's resellers properly to avoid situations like this occurring either way they are both taking money to provide a service or not as the case might be

 

[steptoe]

Zen are the company who are offering no support for their supplied router

The issue is with Zen they have withdrawn the internet service due to issues caused by a router supplied by them, may be the reseller has been misled by Zen

We all know resellers are parasites and may be Zen needs to vet it's resellers properly to avoid situations like this occurring either way they are both taking money to provide a service or not as the case might be

the only person that has taken money from 'your' client is the reseller,

your problem is with them,

NOT with ZEN

I notice that this reseller has yet to be named,

would it not be better to actually name the party at fault rather than slag of Zen?

if you have a problem with BG or npower supplying your electricity you normally say that, you dont blame who actually makes the electric ,

BG and npower are merely resellers.

 

[Lurch]

Zen are no better than a similar type of company I worked for just over a decade ago, some of the problems on this site are compounded by the fact that a third party reseller is involved and they are no better than Zen.

OK, so really Zen don't have to do anything at all, it's not their problem. I sell telecoms and broadband, I am a reseller. If any of my customers rang up my supplier they would say it's not their problem. This is exactly how it works, for telephones, broadband, electricity, gas.... in fact pretty much any service is resold in some fashion.

The Zen router that was supplied to the customer was unsecured and with all ports in and out open as advised by Zen themselves making it very open to external attack and hacking once you get under the fancy names what you find is a rebadged Thomson router to actually block any ports on this router it requires command line programming that is obviously well within the abilities of most end user customers who just want an internet connection whilst the third party reseller should have some responsibility for this trying to resolve this problem so should the ultimate supplier whose attitude is less than helpful

Again, Zen aren't the supplier here, the reseller are so it is down to the reseller to sort that out, not Zen (directly). If you are saying the customer opened the ports after Zen said to do this (which I find highly unlikely) then that must mean that you can configure ports, which is not what Phil said. The Thomson routers Zen supply are fine, and they are not just configurable with a CLI.

I find that comment very unhelpful and unwarranted.

There are 2 companies involved here who are both quite happy to take the customers money and offer nothing in return when things go wrong when it gets to that may be it is time to look to one of the bigger players in the market as their customer cannot be and worse than what has been offered to date.

Clearly neither of you know much about broadband or routers so how is it unwarranted?

Ultimately I couldn't care less what you, Phil or the customer do or who they go with, but I see nothing so far that says they should be switching. People have bad experiences, sometimes it is their own doing and they blame the provider, sometimes they chose the wrong provider.

 

[user 28595]

Lighten up people, this is supposed to be the "friendliest electrical forum".

cheers, Paul

 

[Lurch]

Yeah, just give out duff advice so as not to look unfriendly.

 

[phil d]

hows the alarm signalling connected? if its single or dual path GSM then the internet / phone line is irrelevant. if its single path IP then you should have got a poll fail, time on that depends on monitoring grade (generally anything between 3 minutes & 24 hours). if its path IP / GSM then it should have reported path failure

as for ports open, routers dont just open all ports, they would need to be opened and directed somewhere. to show as open from the outside world they would have to be open and forwarded to a local device, and that local device would have to listening to that port. try this site to see if it really is open

http://www.yougetsignal.com/tools/open-ports/

for the premium rate phone number, ask for their complaints number. it must not be a premium rate

Cheers Andy, it's definately not GSM, so given the broadband is down it should as you said have raised a fault somewhere, nobody has contacted the customer so something has gone badly wrong, We were told by Zen that they send these routers out with all ports open, and the firewall was turned off! I only got involved with then as the company he has the contract with were getting nowhere with Zen.

The only answer anyone gets from them is "block port 22 outbound", I'd care less if they were at least a little bit helpful, but they are not, Personally I think this guy has been led up the garden path by somebody, apparently he reckons he's paying for 3 phone lines, 1 for his alarm monitoring, which we know is done via ip. 1 for fax, which he hasn't got, and one for his phone, which is voip we'll have to do some digging and sort it out for him.

The reseller was Nexus, the guy knows next to nothing about computers so it won't have been him opening ports, obviously somebody had set it up for him originally, who knows, my issue is that Zen reckon they know what's causing the problem but won't tell us, "block port 22 outbound", if they know which piece of kit is causing an issue then just say so!

 

[Lurch]

The only answer anyone gets from them is "block port 22 outbound",

I think what's happening here is something on the network is infected/defective, and Zen just want it to stop doing whatever it is doing. Easiest way for them to do that (bearing in mind they are only providing the broadband, not computer support services) is to get the port blocked so the device will stop communicating with the world. The actual problem is down to the customer to rectify, Zen are just looking to sort the problem on their part of the network, not the customers.

1 for his alarm monitoring, which we know is done via ip

TBF, this could be just the way it is set up. I have a few dual path units and generally if a single path is down then it is an engineer call, not an end user. It is down to the grading and the contract to decide whether to perform any actions on this or not. Again, without any more specific details from the customer you cannot say the alarm company is in the wrong.

the guy knows next to nothing about computers so it won't have been him opening ports, obviously somebody had set it up for him originally,

That was what I said, not blaming the customer, someone who has been on site at some point has configured something incorrectly. It's probably not that difficult to sort out, if someone who knew what they were doing went to site.

if they know which piece of kit is causing an issue then just say so!

Why/how would they? All they can see is traffic coming from your mates router on port 22. They have no idea what device it is coming from, it's not their problem. I still haven;t seen anything that Zen have done anything wrong here.

We were told by Zen that they send these routers out with all ports open, and the firewall was turned off! I only got involved with then as the company he has the contract with were getting nowhere with Zen.

I'm fairly certain there is some miscommunication here. This doesn't sound right, and is the polar opposite of my experiences with Zen. Again though, the problem here is Zen aren't supplying the end user directly so even if they send out routers completely open it is down to the actual provider (Nexus) to make sure they are configured correctly when installed.

The whole situation is not great, but I think a lot of this comes from confusion on the customers part (not in a bad way, just lots of contracts and equipment not understood/set up correctly).

 

[phil d]

I think what's happening here is something on the network is infected/defective, and Zen just want it to stop doing whatever it is doing. Easiest way for them to do that (bearing in mind they are only providing the broadband, not computer support services) is to get the port blocked so the device will stop communicating with the world. The actual problem is down to the customer to rectify, Zen are just looking to sort the problem on their part of the network, not the customers.

TBF, this could be just the way it is set up. I have a few dual path units and generally if a single path is down then it is an engineer call, not an end user. It is down to the grading and the contract to decide whether to perform any actions on this or not. Again, without any more specific details from the customer you cannot say the alarm company is in the wrong.

That was what I said, not blaming the customer, someone who has been on site at some point has configured something incorrectly. It's probably not that difficult to sort out, if someone who knew what they were doing went to site.

Why/how would they? All they can see is traffic coming from your mates router on port 22. They have no idea what device it is coming from, it's not their problem. I still haven;t seen anything that Zen have done anything wrong here.

I'm fairly certain there is some miscommunication here. This doesn't sound right, and is the polar opposite of my experiences with Zen. Again though, the problem here is Zen aren't supplying the end user directly so even if they send out routers completely open it is down to the actual provider (Nexus) to make sure they are configured correctly when installed.

The whole situation is not great, but I think a lot of this comes from confusion on the customers part (not in a bad way, just lots of contracts and equipment not understood/set up correctly).

We ran scans for everything and anything, virus, trojans, worms, malware, you name it we scanned for it! we did find a couple of issues to be fair, however the annoying thing is they still want port 22 blocking outbound, they admit they cannot see a problem currently, but still harp on about port 22. Now suppose this port was being used by the computer? it would just use another port, if it was something else, what then, block another port, do we continue until there are no open ports left? They could and indeed should be more helpful, they are not, in the begining we were told the issue was being handled by Faisel, then we get told farther down the line that nobody of that name works there, how can you trust people when they even lie about who they are!

 

[Lurch]

however the annoying thing is they still want port 22 blocking outbound, they admit they cannot see a problem currently, but still harp on about port 22

Probably one of those 'well if you just close it then we won't have this issue again will we' type things. I can sort of see their point.

Now suppose this port was being used by the computer? it would just use another port,

Not necessarily, it depends what is using it. That's not how it works. Take for instance you browser, it connects to websites on port 80. If you block port 80 outbound then it just doesn't work, it won't just use another port as there would be nothing the other end to connect to. Web servers are listening on port 80.

Port 22 is SSH, so it is likely something is trying to set up a remote secure tunnel somewhere. If you blocked port 22 it wouldn't communicate on another port, it would just try to connect to port 22, get blocked at the firewall and timeout/fail.

As I have said before, it really isn't there problem. You have gone to site, and clearly know a bit about computers but not enough to actually do anything useful or solve the problem. From Zens PoV your lack of ability isn't their problem. I still don't see what your issue is, you are saying that no-one else that this bloke has had out knows what they are doing, and neither do you. Not being offensive or argumentative about it, but you haven't solved the problem or even identified what the issue is.