[VoiceOps] SS7

Kidd Filby kiddfilby at gmail.com
Thu Apr 21 14:20:44 EDT 2016 

Thanks for the link.  I will definitely give it a read.

Also folks, don't forget, the same outcome of recording someone's call is
MUCH easier to accomplish once it is VoIP.  IMHO, of course.  ;-)

Kidd



On Thu, Apr 21, 2016 at 12:09 PM, Matthew Yaklin <myaklin at firstlight.net>
wrote:

>
> Here is a paper that may shed some light on the discussion for the curious.
>
>
>
> https://www.sans.org/reading-room/whitepapers/critical/fall-ss7--critical-security-controls-help-36225
> SANS Institute InfoSec Reading Room
> <https://www.sans.org/reading-room/whitepapers/critical/fall-ss7--critical-security-controls-help-36225>
> www.sans.org
> The Fall of SS7 Ð How Can the Critical Security Controls Help? 4 "
> #$$#%!&'()#*+!"#$$#%,-')#*./-#01,2'-! area notices this registration and
> transfers to a Visitor ...
>
>
>
>
> ------------------------------
> *From:* Kidd Filby <kiddfilby at gmail.com>
> *Sent:* Thursday, April 21, 2016 2:01 PM
> *To:* Chris Aloi
> *Cc:* Matthew Yaklin; voiceops at voiceops.org
> *Subject:* Re: [VoiceOps] SS7
>
> In a strictly TDM world, or conversation... having access to the SS7
> network gets you nothing but what and where the call traversed.  NO audio
> is carried and without End Office controlling software for call routing,
> just dropping it into some IP connection is not going to afford you
> anything other than what you already have.  You still need access to the
> audio carrying infrastructure of the network to get the audio.
>
> I cannot comment on CALEA
>
> Kidd
>
> On Thu, Apr 21, 2016 at 10:56 AM, Chris Aloi <ctaloi at gmail.com> wrote:
>
>> It looked like they had access to SS7 links (likely A links terminated to
>> a physical server) and were using FreeSWITCH to somehow fork the media from
>> the call and record it.  Just a guess based on  the quick console
>> recording.
>>
>> Correct, SS7 doesn't carry the actual voice it handles the signaling to
>> bring up the voice channels (by identifying be point code and CICs) and
>> various other signaling bits.  Not sure if there are provisions for CALEA
>> in SS7 that could fork a media stream or exactly how that would work.
>>
>> So I guess the barrier to entry would be access to the SS7 network, not
>> as easy as hopping on the Internet, but certainly not much of a challenge.
>>
>> ---
>> Christopher Aloi
>> Sent from my iPhone
>>
>> On Apr 21, 2016, at 11:52 AM, Kidd Filby <kiddfilby at gmail.com> wrote:
>>
>> There is no VOICE traversing the SS7 network, so you cannot possibly
>> record a conversation by having access to the SS7 network only.
>>
>> On Thu, Apr 21, 2016 at 9:36 AM, Matthew Yaklin <myaklin at firstlight.net>
>> wrote:
>>
>>>
>>> In other words the hacker has to have working SS7 trunks or access to
>>> someone who does? That is how I understood it.
>>>
>>> Not exactly a remote hack from mom's basement sort of thing.
>>>
>>> Matt
>>>
>>> ________________________________________
>>> From: VoiceOps <voiceops-bounces at voiceops.org> on behalf of Peter Rad. <
>>> peter at 4isps.com>
>>> Sent: Thursday, April 21, 2016 11:25 AM
>>> To: voiceops at voiceops.org
>>> Subject: [VoiceOps] SS7
>>>
>>> FYI...
>>>
>>>   U.S. carriers mum on 60 Minutes report on vulnerability in SS7 -
>>>
>>> http://www.fiercewireless.com/story/us-carriers-mum-60-minutes-report-vulnerability-ss7/2016-04-19
>>>
>>> Regards,
>>>
>>> Peter Radizeski
>>> RAD-INFO, Inc.
>>> 813.963.5884
>>> http://rad-info.net
>>> * Need bandwidth or colocation? call me
>>> _______________________________________________
>>> VoiceOps mailing list
>>> VoiceOps at voiceops.org
>>> https://puck.nether.net/mailman/listinfo/voiceops
>>> _______________________________________________
>>> VoiceOps mailing list
>>> VoiceOps at voiceops.org
>>> https://puck.nether.net/mailman/listinfo/voiceops
>>>
>>
>>
>>
>> --
>> Kidd Filby
>> 661.557.5640 (C)
>> http://www.linkedin.com/in/kiddfilby
>>
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
>>
>>
>
>
> --
> Kidd Filby
> 661.557.5640 (C)
> http://www.linkedin.com/in/kiddfilby
>



-- 
Kidd Filby
661.557.5640 (C)
http://www.linkedin.com/in/kiddfilby
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160421/d5750f50/attachment-0001.html>

More information about the VoiceOps mailing list