Tag

P1 Security Computer Emergency Response Team – P1 CERT –  is officially open! P1 CERT role is to guarantee a professional incident and vulnerability management by direct cooperation with Customers, VKB Subscribers, Telecom Vendors, Operators, Governments and... Read More…

P1 Security Computer Emergency Response Team – P1 CERT –  is officially open! P1 CERT role is to guarantee a professional incident and vulnerability management by direct cooperation with Customers, VKB Subscribers, Telecom Vendors, Operators, Governments and... Read More…

Backdoors are not only a problem regarding the original insertion made by the vendor, but also about the subsequent usage of these backdoors once discovered. In the recent network storage equipment backdoors (HP Keeps Installing Secret Backdoors in Enterprise Storage), the... Read More…

Backdoors are not only a problem regarding the original insertion made by the vendor, but also about the subsequent usage of these backdoors once discovered. In the recent network storage equipment backdoors (HP Keeps Installing Secret Backdoors in Enterprise Storage), the... Read More…

Backdoors are not only a problem regarding the original insertion made by the vendor, but also about the subsequent usage of these backdoors once discovered. In the recent network storage equipment backdoors (HP Keeps Installing Secret Backdoors in Enterprise Storage), the... Read More…

As part of our effort to further the knowledge on telecommunications technologies in the open source and security community we have presented an introduction into mobile and telecom networks and From walled garden to open and reviewed security  Telecommunication networks... Read More…

Sometime, reverse engineering for bug hunting reveals some fun stuff. So of course, when you’re dealing with Core Network elements such as Huawei MSC, MSC Proxy and SoftSwitch MSoftX 3000, you don’t expect to find these Chinese ASCII arts of an octopus being killed by... Read More…

With the explosion in the mobile communications sector, the deregulation of public switched telecommunication networks (PSTN) as well as the introduction of many new services the dependence on the signalling system 7 (SS7) network has rapidly increased over the last two decades.... Read More…

The problem with wireshark Primary usage of wireshark is to visualize packets coming from traditional IP traffic, that is why default wireshark settings provides a relatively good overview of IP packets for most of the use cases. The problem is that this configuration is not at... Read More…

SIM Man In The Middle I had in the past several time to sniff the traffic between a SIM card and a phone: In NFC applications, SIMs are updated OTA (Over The AIr) with the CAT_TP protocol. It was necessary to inspect the traffic Analyze the timing between the air traffic and the... Read More…

UMA / GAN UMA = Unlicensed Mobile Access GAN = Generic Access Network ts 43.318 and 44.318 Wikipedia says: Generic Access Network or GAN is a telecommunication system that extends mobile voice, data and IP Multimedia Subsystem/Session Initiation Protocol (IMS/SIP) applications... Read More…

Femtocell Ubiquisys v2 Ubiquisys G3 Here is a look of the PCB In fact, it’s 2 PCB, one module from Ubiquisys connected with a B2B (board to board) connector to the NEC platform that is there for powering, ethernet, usb, at24 Eeprom. Some info about the cpu, before Broadcom... Read More…

These are important links to know when you’re going to enter the telecom world for security assessment.   Ericsson data http://en.wikipedia.org/wiki/PLEX_(programming_language) http://en.wikipedia.org/wiki/AXE_telephone_exchange   Billing... Read More…