[VOIPSEC] VoIP Attack : How feasible
Geoff Devine
gdevine at cedarpointcom.com
Sun Jul 2 06:42:38 CDT 2006
Christopher A. Martin writes:
> SS7 may be going back inband over IP from some of the trends that I
> have been seeing/hearing about.
Right. SS#7 over IP using SIGTRAN is becoming more and more common.
The circuit switched solution tends to have big access charges compared
to the IP-based solution so operators are prone deploy signaling
gateways to share the expensive circuit switched connection among
multiple media gateway controllers. The signaling gateway sometimes
resides at another service provider (Level3, for example.) The signaling
gateway has two IP network interfaces. The SCTP transport uses
redundant paths through the IP network that are typically statically
routed. Unlike TCP, SCTP is multi-threaded so a dropped packet on one
thread doesn't grind the transport to a halt and minor amounts of
dropped packets does not invoke flow control. SCTP is also
packet-oriented rather than TCP's byte-stream orientation. You'd
usually run SCTP behind a firewall on a managed IP network or on a
private network/VPN.
The downside of this approach is that you dramatically increase your
failure group size. SS#7 networks are pretty bomb-proof so if you
direct-connect to them, your failure group size is your switching office
size (usually limited to ~100k lines). If a signaling gateway goes down
or if the redundant internet links go down, you take out everybody who
uses the signaling gateway. A service provider could have an outage
that impacts millions of customers.
Geoff
More information about the Voipsec
mailing list