Upload
bibrahim
View
13
Download
0
Embed Size (px)
DESCRIPTION
P1 Security - TS-201 Telecom Security Hands-On Course Program
Citation preview
© P1 Security. All rights reserved.
Contact: Philippe Langlois [email protected] +33 98045 0447
Security Training Course Reference: TS-201
TS-201 TELECOM SECURITY Hands-on course with lab testing
© P1 Security. All rights reserved.
TS-‐201 Telecom Security hands-‐on course with lab testing Security in Telecom Network
Description of Training Class This training provides an in-‐depth knowledge of telecom security problems and their roots in the telecom systems
Duration • Unique version: 2-‐3 days
Attendees will receive • Training material: Slides copy of the presenter. • Virtual Machine with hands on exercises and SIGTRAN/SS7 tools
Pre-‐requisites of training class • Basic knowledge of telecom & network principles;
o What is 2G, 3G, 4G; o OSI network layers; o Basic knowledge of telecom technologies
• Laptop with Linux installed either in a VM or native, Backtrack or Ubuntu with reverse engineering and hacking tools recommended;
• Good knowledge and usage of Wireshark; • Basic skills and usage of Linux for reverse engineering (strings,
knowledge of tools in a Backtrack for reverse engineering); • Legal IDA Pro license optional, but recommended; • Good security background; • Good telecom background
Covered in this training SS7 security and attacking telecom signaling infrastructure is a practical SS7 and Telecom security training to understand the theory and practice hands-‐on attacks and protections of Telecom signaling network in the context of security and frauds. This training provides engineers with an already established knowledge either in telecom or security with strong bases to understand and evaluate security problems within a SS7 and telecom signaling environment.
© P1 Security. All rights reserved.
• SS7 Security o SS7 basics and possibilities o SS7 protocols description o Telecom signaling network architectures o SS7 external access and geo-‐localization over http (Hands on) o SS7 low level protocols analysis. o Low level SS7 packet analysis, sniffing and network tracing.
(Hands on) o Signalization attacks. o SS7 and SIGTRAN Audit methodology. o Low level peering (M3UA). o SCTPscan usage in Core Network settings o Scanning SS7 networks (from MTP to SCTP and upper SS7).
(Hands on) o SCTP netcat (Tool discovery) o SS7 higher level protocols (User Adaptation layers). o M3UA Peering analysis vs M2PA. (Hands on) o Links and alerts (availability, warnings, detection). o Network elements, functions, HLR, VLR, STP, MSC, 3G alternatives
• Telecom signaling vulnerabilities o Network Elements underlying technologies. o Identifying signalization and core network equipment: Proprietary
OS, Windows-‐based, Linux-‐based, Solaris-‐based. (Case study & Hands on)
o Telecom signaling networking technologies (microwave, x25, AAL ATM, serial links).
o Attacking X25 signaling O&M (OAM) infrastructures. (Hands on) o SS7 signaling equipment vulnerabilities. o Huawei debug backdoor aka pseudo message. (Case study) o Crafting SS7 packets (MSU) by hand. (Hands on) o Context and network layers. o Spoofing SS7 (Hands on) o Network Element vulnerability research: discovering zero days in
SS7 equipment (Hands-‐on) o Mobile Reverse Engineering (Hands-‐on) o Industrialization of vulnerability scanning in SS7 & SIGTRAN
context. • Higher level applications.
o SMS Fraud and abuses. o SMSC (kannel) abuses. (Hands on) o Fraud management systems (FMS) and FRA. o Legal Interception (LI) systems. o Limits of CDR based fraud detection and security.
• Mobile devices. o GAN/UMA. o Subscriber Identity Module. o GSM Authentication A3/A8. o Machine to machine (M2M) (Femtocell Case study). o Practical SIM fraud (Case study)
© P1 Security. All rights reserved.
About P1 Security Inc. P1 Security is a vendor independent, technology pioneer and leader in Telecom Security Audit products with patent pending technology and top research and development recognized by the GSM Association. Experts from P1 Security give conferences and training on SIGTRAN and SS7 security worldwide. Visit our website at www.p1sec.com or contact us for further information.
Contact Email: [email protected] Web: http://www.p1security.com Address: P1 Security, 231 rue Saint Honoré, 75001 Paris, France