contact@p1sec.com

Huawei reverse engineering: legacy and new network elements surprises

Sometime, reverse engineering for bug hunting reveals some fun stuff. So of course, when you’re dealing with Core Network elements such as Huawei MSC, MSC Proxy and SoftSwitch MSoftX 3000, you don’t expect to find these Chinese ASCII arts of an octopus being killed by...
Read More…

SS7 traffic analysis with Wireshark

The problem with wireshark Primary usage of wireshark is to visualize packets coming from traditional IP traffic, that is why default wireshark settings provides a relatively good overview of IP packets for most of the use cases. The problem is that this configuration is not at...
Read More…

Security impact of the ATCA architecture adoption (webcast)

What is the security impact of the ATCA network element architecture that has been adopted by various Network Equipment Providers such as Nokia, ZTE, Huawei and Alcatel Lucent? The use of standard, off-the-shelf components for telecom equipment and network elements seem a good...
Read More…

Using P1 Telecom Auditor to fight SS7 Denial of Service (SS7 DoS)

You can prepare against SS7 Denial of Service (SS7 DoS) using a SS7 vulnerability scanner such as PTA. We had an interesting request recently: Identify the Network Elements of the SS7 network which are exposed on the International and National perimeter to identify exposed Global...
Read More…

Vulnerability contact point start to appear in Telecom and Mobile industry

When some network equipment vendor go in the right direction for security in telecom and mobile, it’s rare enough to mention it. This time it’s NSN who published their Responsible disclosure | Nokia Siemens Networks page in the corporate website. (Thanks to Martin...
Read More…

ITU and 3GPP Important standards for security

[1a] 3GPP TR 21.905: “Vocabulary for 3GPP Specifications”./ [2] 3GPP TS 22.016: “International Mobile station Equipment Identities (IMEI)”./ [2a] 3GPP TS 22.060: “General Packet radio Service (GPRS); Service description; Stage 1”./ [2b] 3GPP TS...
Read More…

Vital tool for SS7 security audit: ss7calc

How many times did you use ipcalc in a pentest? Now you have the same thing for SS7 networking: ss7calc. Check our Tools page for our fresh project just released on Github. This utility was created due to the high number of SS7 point codes conversions we had to do during the last...
Read More…

SIPp tool enables easy VoIP SIP testing

This tool helps a lot to test VoIP implementation: SIPp. It has still many limits which then mandates using something more specialized to Telecom and Mobile / IMS environment, for SIP-I and SIP-T for example such as P1 Telecom Auditor (PTA).
Read More…
12