[VoiceOps] SS7
Chris Aloi
ctaloi at gmail.com
Thu Apr 21 12:56:53 EDT 2016
It looked like they had access to SS7 links (likely A links terminated to a physical server) and were using FreeSWITCH to somehow fork the media from the call and record it. Just a guess based on the quick console recording.
Correct, SS7 doesn't carry the actual voice it handles the signaling to bring up the voice channels (by identifying be point code and CICs) and various other signaling bits. Not sure if there are provisions for CALEA in SS7 that could fork a media stream or exactly how that would work.
So I guess the barrier to entry would be access to the SS7 network, not as easy as hopping on the Internet, but certainly not much of a challenge.
---
Christopher Aloi
Sent from my iPhone
> On Apr 21, 2016, at 11:52 AM, Kidd Filby <kiddfilby at gmail.com> wrote:
>
> There is no VOICE traversing the SS7 network, so you cannot possibly record a conversation by having access to the SS7 network only.
>
>> On Thu, Apr 21, 2016 at 9:36 AM, Matthew Yaklin <myaklin at firstlight.net> wrote:
>>
>> In other words the hacker has to have working SS7 trunks or access to someone who does? That is how I understood it.
>>
>> Not exactly a remote hack from mom's basement sort of thing.
>>
>> Matt
>>
>> ________________________________________
>> From: VoiceOps <voiceops-bounces at voiceops.org> on behalf of Peter Rad. <peter at 4isps.com>
>> Sent: Thursday, April 21, 2016 11:25 AM
>> To: voiceops at voiceops.org
>> Subject: [VoiceOps] SS7
>>
>> FYI...
>>
>> U.S. carriers mum on 60 Minutes report on vulnerability in SS7 -
>> http://www.fiercewireless.com/story/us-carriers-mum-60-minutes-report-vulnerability-ss7/2016-04-19
>>
>> Regards,
>>
>> Peter Radizeski
>> RAD-INFO, Inc.
>> 813.963.5884
>> http://rad-info.net
>> * Need bandwidth or colocation? call me
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
>
>
>
> --
> Kidd Filby
> 661.557.5640 (C)
> http://www.linkedin.com/in/kiddfilby
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160421/fb4a0bc3/attachment.html>
More information about the VoiceOps
mailing list