"... We accessed [an operator's] systems through their x25 network which they never knew was running because the network vendor never disclosed it -- it was just underlying technology ..."
Old school. X.25 allowed Julian Assange to attack NASA with the WANK worm via X.25
"... Tencati was sure he could show the WANK worm attack on NASA originated in France. But he also knew he had to document everything, to have exact answers to every question and counter-argument put forward by the French secret service agents at the FBI meeting. When he developed a timeline of attacks, he found that the GEMPAK machine showed X.25 network connection, via another system, from a French computer around the same time as the WANK worm attack. ..." ~ http://suelette.home.xs4all.nl/underground/justin/chapter_2....
Personally I had thought all of the public x.25 networks like Sprintnet/Telenet, Datapac, etc. had been shut down at the beginning of the last decade. I'm guessing these must be private networks still running x.25. It would be interesting to hear from anyone not in the US or Canada if their x25 networks are still up - can you still dial into a PAD? Here in the US you used to be able to dial into a 1-800 number and login with phones/phones (or something like that) to get a directory of local dialups in your area which you could then call locally (so you wouldn't get hit with long distance charges).
"... I think I down-voted you by accident. I meant to upvote! ..."
don't worry about the karma. The book is good & I was reading it just before this film was shown locally: 'Underground: The Julian Assange Story' ~ http://www.imdb.com/title/tt2357453/ set in Melbourne late 80's.
Yeah I'm in Australia too :). Melbourne. I saw "Underground" on TV and became bored very easily. I read two paragraphs of the text version that you linked and I was hooked! Makes me wish I was 20 years younger. I suppose we have our own movements now, but the physical computer bazaar's and the culture sound awesome.
I'll start by saying that I approve of security testing networks and the telco industry could do with more of it. I agree that security can be lax sometimes.
Sure, Telco SS7 networks and the equipment within them are just like any other in that there can be bugs that cause it to go down.
However, there are much higher barriers for entry to get an SS7 network link (c.f. a connection to the internet) and you're not going to keep it for very long if all you're doing is sending out SS7 messages crashing HLRs left, right and center.
I'm assuming that the packet he's talking about is a fuzzing attack and only affects a particular vendor's HLR and may have even been fixed by now. So if everyone in the world used the same vendor, all used the same software version and you had unfettered access to all of them, then yes, you could crash all of the HLRs in the world.
And really?... "World's HLR". Well I'm glad someone is nice enough to host a HLR for the world. And apparently crashing the "World's HLR" will stop one country's communication. Oh noes! Which one is it?! I hope it's not mine! And I'd be interested to see how crashing a HLR stops my landline and my internet connection from functioning.
You're wrong: it's extremely (and increasingly) easy to hack an operator in say africa or asia and then use their SS7 interconnection to send traffic.
Of course, DoS is the thermonuclear option. Most of the attacks are much more silent. Btw, before we released our IDS there even were no detection equipment available for operators.
The question I had is whether the femtocell claim is true - those are much easier to get access to. I'd like to believe that they're correspondingly more locked down but there is rather a long track record of telcos botching basic security design.
Has it been taken down or is it because I am on a Swedish IP?
"403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied."
Old school. X.25 allowed Julian Assange to attack NASA with the WANK worm via X.25
"... Tencati was sure he could show the WANK worm attack on NASA originated in France. But he also knew he had to document everything, to have exact answers to every question and counter-argument put forward by the French secret service agents at the FBI meeting. When he developed a timeline of attacks, he found that the GEMPAK machine showed X.25 network connection, via another system, from a French computer around the same time as the WANK worm attack. ..." ~ http://suelette.home.xs4all.nl/underground/justin/chapter_2....