Thanks for the link. I will definitely give it a read. Also folks, don't forget, the same outcome of recording someone's call is MUCH easier to accomplish once it is VoIP. IMHO, of course. ;-)
Kidd On Thu, Apr 21, 2016 at 12:09 PM, Matthew Yaklin <[email protected]> wrote: > > Here is a paper that may shed some light on the discussion for the curious. > > > > https://www.sans.org/reading-room/whitepapers/critical/fall-ss7--critical-security-controls-help-36225 > SANS Institute InfoSec Reading Room > <https://www.sans.org/reading-room/whitepapers/critical/fall-ss7--critical-security-controls-help-36225> > www.sans.org > The Fall of SS7 Ð How Can the Critical Security Controls Help? 4 " > #$$#%!&'()#*+!"#$$#%,-')#*./-#01,2'-! area notices this registration and > transfers to a Visitor ... > > > > > ------------------------------ > *From:* Kidd Filby <[email protected]> > *Sent:* Thursday, April 21, 2016 2:01 PM > *To:* Chris Aloi > *Cc:* Matthew Yaklin; [email protected] > *Subject:* Re: [VoiceOps] SS7 > > In a strictly TDM world, or conversation... having access to the SS7 > network gets you nothing but what and where the call traversed. NO audio > is carried and without End Office controlling software for call routing, > just dropping it into some IP connection is not going to afford you > anything other than what you already have. You still need access to the > audio carrying infrastructure of the network to get the audio. > > I cannot comment on CALEA > > Kidd > > On Thu, Apr 21, 2016 at 10:56 AM, Chris Aloi <[email protected]> wrote: > >> It looked like they had access to SS7 links (likely A links terminated to >> a physical server) and were using FreeSWITCH to somehow fork the media from >> the call and record it. Just a guess based on the quick console >> recording. >> >> Correct, SS7 doesn't carry the actual voice it handles the signaling to >> bring up the voice channels (by identifying be point code and CICs) and >> various other signaling bits. Not sure if there are provisions for CALEA >> in SS7 that could fork a media stream or exactly how that would work. >> >> So I guess the barrier to entry would be access to the SS7 network, not >> as easy as hopping on the Internet, but certainly not much of a challenge. >> >> --- >> Christopher Aloi >> Sent from my iPhone >> >> On Apr 21, 2016, at 11:52 AM, Kidd Filby <[email protected]> wrote: >> >> There is no VOICE traversing the SS7 network, so you cannot possibly >> record a conversation by having access to the SS7 network only. >> >> On Thu, Apr 21, 2016 at 9:36 AM, Matthew Yaklin <[email protected]> >> wrote: >> >>> >>> In other words the hacker has to have working SS7 trunks or access to >>> someone who does? That is how I understood it. >>> >>> Not exactly a remote hack from mom's basement sort of thing. >>> >>> Matt >>> >>> ________________________________________ >>> From: VoiceOps <[email protected]> on behalf of Peter Rad. < >>> [email protected]> >>> Sent: Thursday, April 21, 2016 11:25 AM >>> To: [email protected] >>> Subject: [VoiceOps] SS7 >>> >>> FYI... >>> >>> U.S. carriers mum on 60 Minutes report on vulnerability in SS7 - >>> >>> http://www.fiercewireless.com/story/us-carriers-mum-60-minutes-report-vulnerability-ss7/2016-04-19 >>> >>> Regards, >>> >>> Peter Radizeski >>> RAD-INFO, Inc. >>> 813.963.5884 >>> http://rad-info.net >>> * Need bandwidth or colocation? call me >>> _______________________________________________ >>> VoiceOps mailing list >>> [email protected] >>> https://puck.nether.net/mailman/listinfo/voiceops >>> _______________________________________________ >>> VoiceOps mailing list >>> [email protected] >>> https://puck.nether.net/mailman/listinfo/voiceops >>> >> >> >> >> -- >> Kidd Filby >> 661.557.5640 (C) >> http://www.linkedin.com/in/kiddfilby >> >> _______________________________________________ >> VoiceOps mailing list >> [email protected] >> https://puck.nether.net/mailman/listinfo/voiceops >> >> > > > -- > Kidd Filby > 661.557.5640 (C) > http://www.linkedin.com/in/kiddfilby > -- Kidd Filby 661.557.5640 (C) http://www.linkedin.com/in/kiddfilby
_______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
