[VoiceOps] SS7

Mary Lou Carey marylou at backuptelecom.com
Mon Apr 25 13:12:50 EDT 2016


I am by no means an expert on who offers what and at what price. Just sharing my
experience as a consultant who helps carriers get their networks turned up. If
you have a list of smaller SS7 providers that are not re-sellers of the big ones
I would love to get a list from you! Having as many options to give out as
possible is always a good thing!
 
Mary Lou Carey
BackUP Telecom Consulting
Marylou at backuptelecom.com
Office: 615-791-9969
Cell: 615-796-1111 
 

> On April 24, 2016 at 7:43 AM Jay Patel <clecny at gmail.com> wrote:
> 
>  This is not 100% accurate, there are other small STP operators who can offer
> you cheaper option ( < $500/month price point) for Sigtran connectivity. Feel
> free to contact me off list.
> 
>  On Sat, Apr 23, 2016 at 2:59 PM, Mary Lou Carey <marylou at backuptelecom.com
> <mailto:marylou at backuptelecom.com> > wrote:
>    > >    There are really only two large companies that will do SS7 via
>    > > SigTran and they are Syniverse and Neustar (formerly TNSi / Verisign /
>    > > Illuminet), They don't really like to give out their pricing publicly
>    > > so you have to sign an NDA to get it, but I would budget about $1,000
>    > > per month to be safe. You pay for each ISUP route as well so that price
>    > > depends on how many routes you have. 
> >     
> >    Are you asking which carriers provide SS7 links or which ones will do the
> > host switch product?
> >     
> >    Mary Lou Carey
> >    BackUP Telecom Consulting
> >    Marylou at backuptelecom.com <mailto:Marylou at backuptelecom.com>
> >    Office: 615-791-9969
> >    Cell: 615-796-1111  
> >     
> > 
> >     > > > On April 23, 2016 at 1:21 PM Erik Flournoy <erik at eespro.com
> >     > > > <mailto:erik at eespro.com> > wrote:
> > > 
> > > 
> > >     Hey since we're on this topic what's the average cost for SigTran and
> > > who would you guys recommend? Who actually has SS7 and would be interested
> > > in interconnecting.
> > > 
> > >     On Apr 23, 2016 7:21 AM, "Kidd Filby" <kiddfilby at gmail.com
> > > <mailto:kiddfilby at gmail.com> > wrote:
> > >       > > > >       ABSOLUTELY!!!!
> > > > 
> > > >       On Sat, Apr 23, 2016 at 9:28 AM, Hiers, David <David.Hiers at cdk.com
> > > > <mailto:David.Hiers at cdk.com> > wrote:
> > > >         > > > > > 
> > > > >         People tend forget the existence and benefit of physical and
> > > > > administrative security controls until they disable them.  Sure, they
> > > > > are an expensive speedbump at times, but you can’t hack what you can’t
> > > > > touch.
> > > > > 
> > > > >          
> > > > > 
> > > > >          
> > > > > 
> > > > >         David
> > > > > 
> > > > >          
> > > > > 
> > > > >          
> > > > > 
> > > > >         From: VoiceOps [mailto:voiceops-bounces at voiceops.org
> > > > > <mailto:voiceops-bounces at voiceops.org> ] On Behalf Of Mike Ray, MBA,
> > > > > CNE, CTE
> > > > >         Sent: Friday, April 22, 2016 11:28
> > > > >         To: voiceops at voiceops.org <mailto:voiceops at voiceops.org>
> > > > >         Subject: Re: [VoiceOps] SS7
> > > > > 
> > > > >          
> > > > > 
> > > > >         It seems to me that this SS7 vulnerability issue is just the
> > > > > latest result of all of the de-regulation that’s been going on for the
> > > > > past… two decades or so.  There was a time that you could not buy
> > > > > commercial access to the SS7 network; to get that access you had to be
> > > > > a real carrier.  Also, back at that time, inter-company SS7 signalling
> > > > > could only occur on established, ordered signaling routes where both
> > > > > parties placed an order to open the route between them.  Therefore,
> > > > > this would not have been possible back then because the carrier would
> > > > > not have ordered a route to the hacker’s point code(s) and it
> > > > > therefore would not exist.
> > > > > 
> > > > >          
> > > > > 
> > > > >         If I am a US local carrier in 2001, I have no need to order a
> > > > > signaling route to a German carrier either so even the hacker having
> > > > > full access to a German carrier’s network would not compromise my
> > > > > network. (in response to the nation-state issue)  To get a call to
> > > > > Germany, I signal to the access tandem or IXC switch I’ve chosen to
> > > > > interconnect with in the US and that switch signals upstream, etc.
> > > > > 
> > > > >          
> > > > > 
> > > > >         If we were not on this path of de-regulation where whatever
> > > > > makes commercial sense for one company can open up the whole SS7
> > > > > network to un-trusted parties, we likely wouldn’t be here.  At some
> > > > > point, a decision was made somewhere to allow this loosy-goosy
> > > > > inter-company signaling over the SS7 network between two point codes
> > > > > that would not, under the original implementation of SS7, be able to
> > > > > talk to each other in the first place.
> > > > > 
> > > > >          
> > > > > 
> > > > >         If the drumbeat of “solve everything with IP!” continues, I
> > > > > hope that at least it gets solved by establishing something close to
> > > > > what the VPF was supposed to be, and not just a general dumping of all
> > > > > voice traffic across the internet between carriers.  That certainly
> > > > > wouldn’t bode well for reliability or security.
> > > > > 
> > > > >          
> > > > > 
> > > > >         Mike
> > > > > 
> > > > >          
> > > > > 
> > > > >         Mike Ray, MBA, CNE, CTE
> > > > > 
> > > > >         Astro Companies, LLC
> > > > > 
> > > > >         11523 Palm Brush Trail #401
> > > > > 
> > > > >         Lakewood Ranch, FL  34202
> > > > > 
> > > > >         DIRECT: call or text 941 600-0207
> > > > > 
> > > > >         http://www.astrocompanies.com
> > > > > <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.astrocompanies.com&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=3qAav7xK7z7Y9z78Wz6C13xGAsE6OybjLD3yoSCDCMw&e=>
> > > > > 
> > > > >          
> > > > > 
> > > > >          
> > > > > 
> > > > >          
> > > > > 
> > > > >          
> > > > > 
> > > > >         From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On
> > > > > Behalf Of Dan York
> > > > >         Sent: Thursday, April 21, 2016 3:45 PM
> > > > >         To: Kidd Filby <kiddfilby at gmail.com
> > > > > <mailto:kiddfilby at gmail.com> >
> > > > >         Cc: voiceops at voiceops.org <mailto:voiceops at voiceops.org>
> > > > >         Subject: Re: [VoiceOps] SS7
> > > > > 
> > > > >          
> > > > > 
> > > > >         This is generally true if the calls are *unencrypted* on
> > > > > VoIP... 
> > > > > 
> > > > >          
> > > > > 
> > > > >         On Thu, Apr 21, 2016 at 2:20 PM, Kidd Filby
> > > > > <kiddfilby at gmail.com <mailto:kiddfilby at gmail.com> > wrote:
> > > > > 
> > > > >          > > > > > > 
> > > > > >           
> > > > > > 
> > > > > >          Also folks, don't forget, the same outcome of recording
> > > > > > someone's call is MUCH easier to accomplish once it is VoIP.  IMHO,
> > > > > > of course.  ;-)
> > > > > > 
> > > > > >         > > > > > 
> > > > >          
> > > > > 
> > > > >         ... BUT... what's fascinating is the recent rise in end-to-end
> > > > > (e2e) encryption among IP-based communications platforms that include
> > > > > voice.
> > > > > 
> > > > >          
> > > > > 
> > > > >         WhatsApp, for instance, just completed the rollout of e2e
> > > > > encryption on April 5, and not just for messaging, but also for voice
> > > > > and video calls as well as file transfers (
> > > > > https://blog.whatsapp.com/10000618/end-to-end-encryption
> > > > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__blog.whatsapp.com_10000618_end-2Dto-2Dend-2Dencryption&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=NXBMKUweqEyjsPnLdKiYN2dxhQ18iIhqv6gKxWa8RwM&e=>
> > > > > ).  Just yesterday the team behind Viber announced that they will soon
> > > > > have e2e encryption for all clients.  The app Wire ( http://wire.com
> > > > > <https://urldefense.proofpoint.com/v2/url?u=http-3A__wire.com&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=s0P24iUsIb4FU2rZ9YaaIn1gsVb6jA2Oeu0YoEDq6y0&e=>
> > > > > ) also does e2e encryption for voice, video and group chats.
> > > > > 
> > > > >          
> > > > > 
> > > > >         In a US Congress hearing this week, a Congressman asked a Dept
> > > > > of Homeland Security representative if e2e encryption available in
> > > > > apps would have prevented this interception that happened via SS7. The
> > > > > DHS answer was that it would mitigate the interception of the content,
> > > > > although the location meta-data would still be available.  (You can
> > > > > view the exchange via the link in this tweet:
> > > > > https://twitter.com/csoghoian/status/722854012567969794
> > > > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_csoghoian_status_722854012567969794&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=UJf4zA4kmH2CF_OG1ESNYtGC_6hytXx1oxXRCaijN3M&e=>
> > > > > )
> > > > > 
> > > > >          
> > > > > 
> > > > >         The end result is that we're definitely moving to a space
> > > > > where the communication over IP-based solutions will wind up being far
> > > > > more secure than what we had before.
> > > > > 
> > > > >          
> > > > > 
> > > > >         Interesting times,
> > > > > 
> > > > >         Dan
> > > > > 
> > > > >          
> > > > > 
> > > > >         --
> > > > > 
> > > > >          
> > > > > 
> > > > >         Dan York
> > > > > 
> > > > >         dyork at lodestar2.com <mailto:dyork at lodestar2.com>
> > > > >   +1-802-735-1624   Skype:danyork
> > > > > 
> > > > >         My writing -> http://www.danyork.me/
> > > > > <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.danyork.me_&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=1tJ3a90UREz7qDElplqt-_ZCxGSIQM13CbKJzTWGQJM&e=>
> > > > > 
> > > > >         http://www.danyork.com/
> > > > > <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.danyork.com_&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=kSavjgKqquFSm8Dkxir_Loji91imTbDbGoi84xbo6ok&e=>
> > > > > 
> > > > >         http://twitter.com/danyork
> > > > > <https://urldefense.proofpoint.com/v2/url?u=http-3A__twitter.com_danyork&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=xbVyAccZCDshp_g-4GjTTTbCxLtHE4qF4JCEM9YlwAM&e=>
> > > > > 
> > > > > 
> > > > >         ---------------------------------------------
> > > > >         This message and any attachments are intended only for the use
> > > > > of the addressee and may contain information that is privileged and
> > > > > confidential. If the reader of the message is not the intended
> > > > > recipient or an authorized representative of the intended recipient,
> > > > > you are hereby notified that any dissemination of this communication
> > > > > is strictly prohibited. If you have received this communication in
> > > > > error, notify the sender immediately by return email and delete the
> > > > > message and any attachments from your system.
> > > > > 
> > > > >         _______________________________________________
> > > > >         VoiceOps mailing list
> > > > >         VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> > > > >         https://puck.nether.net/mailman/listinfo/voiceops
> > > > >       > > > > 
> > > > 
> > > > 
> > > >       --
> > > >       Kidd Filby
> > > >       661.557.5640 (C)
> > > >       http://www.linkedin.com/in/kiddfilby
> > > > 
> > > >       _______________________________________________
> > > >       VoiceOps mailing list
> > > >       VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> > > >       https://puck.nether.net/mailman/listinfo/voiceops
> > > >     > > >     _______________________________________________
> > >     VoiceOps mailing list
> > >     VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> > >     https://puck.nether.net/mailman/listinfo/voiceops
> > > 
> > >    > > 
> >     
> >     
> > 
> >    _______________________________________________
> >    VoiceOps mailing list
> >    VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
> >    https://puck.nether.net/mailman/listinfo/voiceops
> >  > 

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160425/84fc221a/attachment-0001.html>


More information about the VoiceOps mailing list