[VoiceOps] SS7

Mary Lou Carey marylou at backuptelecom.com
Sat Apr 23 15:03:43 EDT 2016


You can get SS7 through any of the ILECs as well but there are two things to
remember with them.
1. They don't usually offer SigTran so in addition to the SS7 ports, you also
have to pay for the transport to the STPs.
2. They will usually only cover routes in their territory so if you go into
another LEC territory they will tell you that you need a second set of links for
those areas. Companies like Syniverse and Neustar are connected to pretty much
everyone and while some routes are off-net and cost more, they will only require
one set of SS7 links.
 
Mary Lou Carey
BackUP Telecom Consulting
Marylou at backuptelecom.com
Office: 615-791-9969
Cell: 615-796-1111
 

> On April 23, 2016 at 12:15 PM Kidd Filby <kiddfilby at gmail.com> wrote:
> 
>  It is now possible to do it.  I'm not sure when it started but, I know
> PB/SBC/ATT in CA. offered me SS7 connectivity many years ago.  I'm pretty sure
> all of the Baby Bells now offer the service.  I am sure SNET does as well.
>  Now the choice is up to you if you want them to see all of your PSTN-bound
> traffic.  The technology still holds true that your SS7 provider is all or
> nothing.  You can't have multiple SS7 providers yet.
> 
>  Kidd
> 
>  On Fri, Apr 22, 2016 at 7:28 PM, Christopher Aloi <ctaloi at gmail.com
> <mailto:ctaloi at gmail.com> > wrote:
>    > > I didn't realize you can now connect to another company without
>    > > ordering the route-set from a third party. How does this work ? I feel
>    > > old !
> > 
> >    On Fri, Apr 22, 2016 at 2:40 PM Kidd Filby <kiddfilby at gmail.com
> > <mailto:kiddfilby at gmail.com> > wrote:
> >      > > >      Very well said Mike.
> > > 
> > >      Back In The Day... Interconnection between 2 companies had to occur
> > > via a 3rd party, like Illuminet.  Their had to be SS7 gateway providers
> > > and that's all they were allowed to do.  Route SS7 traffic between
> > > LEC/ILEC/CLEC networks.  Oh... do I remember the pains...
> > > Gateway-Screened... CNAM database corruption, LIDB services not
> > > provided.... Still makes my head hurt.
> > > 
> > >      Kidd
> > > 
> > >      On Fri, Apr 22, 2016 at 12:28 PM, Mike Ray, MBA, CNE, CTE
> > > <mike at astrocompanies.com <mailto:mike at astrocompanies.com> > wrote:
> > >        > > > > 
> > > >        It seems to me that this SS7 vulnerability issue is just the
> > > > latest result of all of the de-regulation that’s been going on for the
> > > > past… two decades or so.  There was a time that you could not buy
> > > > commercial access to the SS7 network; to get that access you had to be a
> > > > real carrier.  Also, back at that time, inter-company SS7 signalling
> > > > could only occur on established, ordered signaling routes where both
> > > > parties placed an order to open the route between them.  Therefore, this
> > > > would not have been possible back then because the carrier would not
> > > > have ordered a route to the hacker’s point code(s) and it therefore
> > > > would not exist.
> > > > 
> > > >         
> > > > 
> > > >        If I am a US local carrier in 2001, I have no need to order a
> > > > signaling route to a German carrier either so even the hacker having
> > > > full access to a German carrier’s network would not compromise my
> > > > network. (in response to the nation-state issue)  To get a call to
> > > > Germany, I signal to the access tandem or IXC switch I’ve chosen to
> > > > interconnect with in the US and that switch signals upstream, etc.
> > > > 
> > > >         
> > > > 
> > > >        If we were not on this path of de-regulation where whatever makes
> > > > commercial sense for one company can open up the whole SS7 network to
> > > > un-trusted parties, we likely wouldn’t be here.  At some point, a
> > > > decision was made somewhere to allow this loosy-goosy inter-company
> > > > signaling over the SS7 network between two point codes that would not,
> > > > under the original implementation of SS7, be able to talk to each other
> > > > in the first place.
> > > > 
> > > >         
> > > > 
> > > >        If the drumbeat of “solve everything with IP!” continues, I hope
> > > > that at least it gets solved by establishing something close to what the
> > > > VPF was supposed to be, and not just a general dumping of all voice
> > > > traffic across the internet between carriers.  That certainly wouldn’t
> > > > bode well for reliability or security.
> > > > 
> > > >         
> > > > 
> > > >        Mike
> > > > 
> > > >         
> > > > 
> > > >        Mike Ray, MBA, CNE, CTE
> > > > 
> > > >        Astro Companies, LLC
> > > > 
> > > >        11523 Palm Brush Trail #401
> > > > 
> > > >        Lakewood Ranch, FL  34202
> > > > 
> > > >        DIRECT: call or text 941 600-0207
> > > > 
> > > >        http://www.astrocompanies.com <http://www.astrocompanies.com>
> > > > 
> > > >         
> > > > 
> > > >         
> > > > 
> > > >         
> > > > 
> > > >         
> > > > 
> > > >        From: VoiceOps [mailto:voiceops-bounces at voiceops.org
> > > > <mailto:voiceops-bounces at voiceops.org> ] On Behalf Of Dan York
> > > >        Sent: Thursday, April 21, 2016 3:45 PM
> > > >        To: Kidd Filby <kiddfilby at gmail.com <mailto:kiddfilby at gmail.com>
> > > > >
> > > >        Cc: voiceops at voiceops.org <mailto:voiceops at voiceops.org>
> > > >        Subject: Re: [VoiceOps] SS7
> > > > 
> > > >         
> > > > 
> > > >        This is generally true if the calls are *unencrypted* on VoIP... 
> > > > 
> > > >         
> > > > 
> > > >        On Thu, Apr 21, 2016 at 2:20 PM, Kidd Filby <kiddfilby at gmail.com
> > > > <mailto:kiddfilby at gmail.com> > wrote:
> > > > 
> > > >         > > > > > 
> > > > >          
> > > > > 
> > > > >         Also folks, don't forget, the same outcome of recording
> > > > > someone's call is MUCH easier to accomplish once it is VoIP.  IMHO, of
> > > > > course.  ;-)
> > > > > 
> > > > >        > > > > 
> > > >         
> > > > 
> > > >        ... BUT... what's fascinating is the recent rise in end-to-end
> > > > (e2e) encryption among IP-based communications platforms that include
> > > > voice.
> > > > 
> > > >         
> > > > 
> > > >        WhatsApp, for instance, just completed the rollout of e2e
> > > > encryption on April 5, and not just for messaging, but also for voice
> > > > and video calls as well as file transfers (
> > > > https://blog.whatsapp.com/10000618/end-to-end-encryption ).  Just
> > > > yesterday the team behind Viber announced that they will soon have e2e
> > > > encryption for all clients.  The app Wire ( http://wire.com ) also does
> > > > e2e encryption for voice, video and group chats.
> > > > 
> > > >         
> > > > 
> > > >        In a US Congress hearing this week, a Congressman asked a Dept of
> > > > Homeland Security representative if e2e encryption available in apps
> > > > would have prevented this interception that happened via SS7. The DHS
> > > > answer was that it would mitigate the interception of the content,
> > > > although the location meta-data would still be available.  (You can view
> > > > the exchange via the link in this tweet:
> > > > https://twitter.com/csoghoian/status/722854012567969794 )
> > > > 
> > > >         
> > > > 
> > > >        The end result is that we're definitely moving to a space where
> > > > the communication over IP-based solutions will wind up being far more
> > > > secure than what we had before.
> > > > 
> > > >         
> > > > 
> > > >        Interesting times,
> > > > 
> > > >        Dan
> > > > 
> > > >         
> > > > 
> > > >        --
> > > > 
> > > >         
> > > > 
> > > >        Dan York
> > > > 
> > > >        dyork at lodestar2.com <mailto:dyork at lodestar2.com>
> > > >   +1-802-735-1624   Skype:danyork
> > > > 
> > > >        My writing -> http://www.danyork.me/
> > > > 
> > > >        http://www.danyork.com/ <http://www.danyork.com/>
> > > > 
> > > >        http://twitter.com/danyork <http://twitter.com/danyork>
> > > > 
> > > > 
> > > >        _______________________________________________
> > > >        VoiceOps mailing list
> > > >        VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> > > >        https://puck.nether.net/mailman/listinfo/voiceops
> > > >      > > > 
> > > 
> > > 
> > >      --
> > >      Kidd Filby
> > >      661.557.5640 (C)
> > >      http://www.linkedin.com/in/kiddfilby
> > >      _______________________________________________
> > >      VoiceOps mailing list
> > >      VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> > >      https://puck.nether.net/mailman/listinfo/voiceops
> > >    > >  > 
> 
> 
>  --
>  Kidd Filby
>  661.557.5640 (C)
>  http://www.linkedin.com/in/kiddfilby
>  _______________________________________________
>  VoiceOps mailing list
>  VoiceOps at voiceops.org
>  https://puck.nether.net/mailman/listinfo/voiceops
> 

 
Mary Lou Carey
BackUP Telecom Consulting
Marylou at backuptelecom.com
Office: 615-791-9969
Cell: 615-796-1111
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160423/c90b09ae/attachment-0001.html>


More information about the VoiceOps mailing list