Lone Packet Crashes Telco Networks

← Back to Stories (view on slashdot.org)

Lone Packet Crashes Telco Networks

Posted by Soulskill on Friday October 12, 2012 @02:10AM from the sharpshooting-with-information dept.

mask.of.sanity writes "A penetration tester has shown that GSM communications systems can be taken down with a handful of malformed packets. The weakness was in the lack of security around the Home Location Register server clusters which store GSM subscriber details as part of the global SS7 network. A single packet, sent from within any network including femtocells, took down one of the clusters for two minutes."

5 of 57 comments (clear)

Min score:

Reason:

Sort:

Re:Hardly surprising... by Severus+Snape · 2012-10-12 02:26 · Score: 5, Insightful

You surely can't be that naive and must be trolling. GSM masts are critical pieces of infrastructure in mobile telecoms and it's in every stakeholders that they are secure and reliable. It's security researchers jobs to find these holes, if they were so poorly designed we'd see stories like this every day.
Re:Hardly surprising... by Megane · 2012-10-12 02:52 · Score: 4, Insightful

It's basically a completely different set of protocol stacks unrelated to tcp/ip - so you have to learn a whole bunch to even attempt it. You need a few thousand dollars (this may have come down slightly) of specialised equipment to do the attack. You are doing something that is often illegal, or of dubious legality at best.
What you are talking about is security through obscurity, which is of dubious security at best.

--
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
Re:Hardly surprising... by grcumb · 2012-10-12 03:23 · Score: 4, Insightful

"Security through obscurity is a perfectly fine extra layer of security."
FTFY
In other words: If you're relying on obscurity, you're doing it wrong.

--
Crumb's Corollary: Never bring a knife to a bun fight.
Re:Hardly surprising... by scamper_22 · 2012-10-12 03:25 · Score: 3, Insightful

Or there's a much simpler explanation... people who design protocols make tradeoffs or don't care about security.
Most of the Internet protocols were designed in a relatively open way. Are they secure?
Have you perhaps taken a look at SMTP, HTTP... heck even TCP isn't really secure. There's no authentication.
Now yes, things have been built on top of things and security added on and more focused on... but really...
In any case, just looking at history in the internet space, I think the lack of security has more to do with tradeoffs and trying to get things out quickly than any grand plan for patents.
Re:Hardly surprising... by DarkOx · 2012-10-12 05:10 · Score: 4, Insightful

Well yes and know. Authentication, Confidentiality, and forms of integrity are session or higher layer problems. Availability is also a key component of security. You can't tell me issues like ye'old LAND attack, tear drop, ping of death, negative sequence numbers etc don't cause Availability problems and they are decidedly network and transport layer. If I can cut your wire to jam your airwaves thats a physical layer issue.

--
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html