contact@p1sec.com

SS7 Security Perimeters and INAT0 NAT0 NAT1 definitions

While P1 Security professional services team are busy deploying Core Network security monitoring with PTM Signaling IDS on SS7, Diameter, GTP, SIP IMS VoLTE, and Radius, one question keeps coming back: the concept of Network Perimeter in SS7. This recurring misunderstood aspect...
Read More…

P1 Security Vulnerability Knowledge Base reaches vulnerability #1000 (P1VKB#1000)

The number of referenced vulnerabilities in our unique telecom-specific Vulnerability Knowledge Base has just reached #1000. This is a very Important Milestone in P1 Security’s research in critical networks security. P1 Security’s VKB is a rare case of a private...
Read More…

[31C3] SS7map : mapping vulnerability of the international mobile roaming infrastructure at #31C3

Laurent Ghigonis and Alexandre De Oliveira from P1 Security team will be presenting the work done on the global SS7 network at Chaos Computer Conference in Hambourg the 27th Dec 2014. The conference “SS7map : mapping vulnerability of the international mobile roaming...
Read More…

[Hackito Ergo Sum 2014] Hacking Telco Equipment: The HLR/HSS

P1 Security presented at the Hackito Ergo Sum 2014 conference in Paris (http://2014.hackitoergosum.org/) the weaknesses of Telecom Infrastructure systems, and particularly HLR/HSS equipment. Hacking Telco equipment: The HLR/HSS, by Laurent Ghigonis from P1Security Download slides...
Read More…

P1 Security research cited by Washington Post

In a recent article, The Washington Post has cited P1 Security’s research on SS7 and GRX, explaining the problems and risks to operators and subscribers linked to interests from various parties including Intelligence Agencies and the global Intelligence Community (IC). This...
Read More…

[Hackito Ergo Sum 2014] Worldwide attacks on SS7/SIGTRAN network

We are pleased to announce that P1 Security was present at the Hackito Ergo Sum 2014 conference in Paris (http://2014.hackitoergosum.org/). Worldwide attacks on SS7/SIGTRAN network from P1Security Download slides here. Abstract: Mobile telecommunication networks are complex and...
Read More…

SS7 traffic analysis with Wireshark

The problem with wireshark Primary usage of wireshark is to visualize packets coming from traditional IP traffic, that is why default wireshark settings provides a relatively good overview of IP packets for most of the use cases. The problem is that this configuration is not at...
Read More…

Security impact of the ATCA architecture adoption (webcast)

What is the security impact of the ATCA network element architecture that has been adopted by various Network Equipment Providers such as Nokia, ZTE, Huawei and Alcatel Lucent? The use of standard, off-the-shelf components for telecom equipment and network elements seem a good...
Read More…

Using P1 Telecom Auditor to fight SS7 Denial of Service (SS7 DoS)

You can prepare against SS7 Denial of Service (SS7 DoS) using a SS7 vulnerability scanner such as PTA. We had an interesting request recently: Identify the Network Elements of the SS7 network which are exposed on the International and National perimeter to identify exposed Global...
Read More…

ITU and 3GPP Important standards for security

[1a] 3GPP TR 21.905: “Vocabulary for 3GPP Specifications”./ [2] 3GPP TS 22.016: “International Mobile station Equipment Identities (IMEI)”./ [2a] 3GPP TS 22.060: “General Packet radio Service (GPRS); Service description; Stage 1”./ [2b] 3GPP TS...
Read More…

SS7 Workshop at hack.lu : SS7 and Telecom Core Network Weaknesses, Attacks and Defenses

Philippe Langlois will present a workshop at Hack.LU 2010 conference in Luxembourg on SS7 Security called “SS7 and Telecom Core Network Weaknesses, Attacks and Defenses” on Wednesday 27.10.2010. In this workshop, we propose to make people practice SS7 message...
Read More…

Vital tool for SS7 security audit: ss7calc

How many times did you use ipcalc in a pentest? Now you have the same thing for SS7 networking: ss7calc. Check our Tools page for our fresh project just released on Github. This utility was created due to the high number of SS7 point codes conversions we had to do during the last...
Read More…

SIPp tool enables easy VoIP SIP testing

This tool helps a lot to test VoIP implementation: SIPp. It has still many limits which then mandates using something more specialized to Telecom and Mobile / IMS environment, for SIP-I and SIP-T for example such as P1 Telecom Auditor (PTA).
Read More…