Prezentacija za novi tim SKOK-a koji ce ucestvovati u organizaciji tri internacionalna dogadjaja u Prijepolju. Prezentacijom je predstavljen rad organizacije, ideje i saveti za novi tim.
This document outlines a vertical slice schedule for a dream-based puzzle game. The schedule includes:
1) Creating a world exploration prototype by November 1st focusing on art and an initial toy to test player engagement.
2) Developing a puzzle prototype by November 8th to test level design and dream mobilities with placeholder art.
3) Continuing level design and assigning sound design by November 15th.
4) Drafting an introductory sequence by November 22nd to introduce the game.
A Brief How-(not)-to on Press Releases (A Maze Berlin 2014)spunior
This document parodies the typical structure and content of press releases. It includes a fake headline, subheadline, and quotes from "Julian" who encourages the reader to listen to him instead of reading. The following paragraphs contain exaggerated buzzwords and phrases often found in press releases like "innovative," "revolutionary," and claims of being a "leading developer." The document mocks the poor writing and lack of substance sometimes found in press releases. It concludes with a silly "presentation checklist" and credits for "Julian Dasgupta."
The document contains lyrics from multiple songs that reference biblical figures and themes. The songs praise God, declare his word, reference Jesus as the Lamb of God who died for sins, and express gratitude for God's love and salvation. They describe working together to spread God's word and different ways people serve, from preaching boldly to praying quietly.
The document discusses what makes games fun and how to design for enhanced player. It states that fun comes from a state of "flow" where there is balance between challenge and skills. Well-designed games keep players in a flow state by providing interesting goals that get progressively harder to master, clear feedback on performance, and meaning/context for players. This creates optimal challenge, engagement and sustained satisfaction for players.
Radio waves are part of the electromagnetic spectrum and have the lowest frequency and longest wavelengths. They are used for Wi-Fi, TV, radio, and other wireless technologies. Ultra-high frequency (UHF) radio waves can penetrate buildings better than lower frequencies but have a shorter range; they allow for more channels by using a wider frequency band. Orthogonal frequency-division multiplexing splits signals to reduce interference. Super-high frequencies are used for mobile phones and satellites due to their small wavelengths enabling compact antennas and worldwide bandwidth. Radio waves continue to take on new uses and research may lead to improved wireless technologies.
GRX is the global private network where telecom network operators exchange GPRS roaming traffic of their users. It’s also used for all M2M networks where roaming is used, and that is the case from some company’s truck fleet management system down to intelligence GPS location spybug tracking system.
GPRS has been there from 2.5G GSM networks to the upcoming LTE Advanced networks, and is now quite widespread technology, along with its attacks. GRX has had a structuring role in the global telecom world at a time where IP dominance was beginning to be acknowledged. Now it has expanded to a lightweight structure using both IP technologies and ITU-originated protocols.
In this presentation, we’ll see how this infrastructure is protected and how it can be attacked. We’ll discover the issues with specific telco equipment inside GRX, namely GGSN and SGSN but also now PDN Gateways in LTE and LTE Advanced “Evolved Packet Core”. We will see the implications of this with GTP protocol, DNS infrastructure, AAA servers and core network technologies such as MPLS, IPsec VPNs and their associated routing protocols. These network elements were rarely evaluated for security, and during our engagements with vulnerability analysis, we’ve seen several vulnerabilities that we will be showing in this speech.
We will demo some of the attacks on a simulated “PS Domain” network, that it the IP part of the Telecom Core Network that transports customers’ traffic, and investigate its relationships with legacy SS7, SIGTRAN IP backbones, M2M private corporate VPNs and telecom billing systems. We will also seem how automation enable us to succeed at attacks which are hard to perform and will show how a “sentinel” attack was able to compromise a telecom Core Network during one penetration test.
Philippe Langlois - LTE Pwnage - P1securityP1Security
Today, we’re entering the realm of LTE super high speed always-on connectivity and with that comes the victory of TCP/IP in front of the old ITU/3GPP protocols. And with this comes many side effects: software gets standardized, everything runs on top of ATCA (Advanced Telecom Computing Architecture) hardware running mostly Linux -give or take 6 or 8 proprietary FPGA-based sister cards, TFTP-booted with decade old VxWorks that routinely show hardcoded DES credentials and funny “behaviour”. Easily 20 GB of fat C++ binaries, some for x86, PPC, MIPS, some with up to 200 Mbytes file sizes for one single EXE! It’s called a vulnerability research and reverse engineering paradise… or hell.
All the protocols now run on top of IP, which ends up having 12 layers thanks to encapsulation and still the weight of legacy in bugs quantity and diversity. We’ll see how the porting of SS7 MAP on top of IP (SIGTRAN, Diameter) has given rise to funny Denial of Service (DoS) attacks against telecom core elements (DSR, STP), with trashy-crashy anti-forensics consequences for DPI and tracking (Hey @grugq!!).
We’ll look into specific vulnerabilities, and talk about the very particular way that Network Equipment Vendors deal with security in the telecom domain.
We will demo a virtualized Huawei HSS from our testbed and show some of the vulnerabilities and attacks directly on the equipment itself. We will finally talk about telco equipment and product security reviews and the fallacy of (some) certification and (many) standardization attempts. We will then see how to conduct a practical and fast telecom product security life cycle with automation and open source tools.
This document outlines a vertical slice schedule for a dream-based puzzle game. The schedule includes:
1) Creating a world exploration prototype by November 1st focusing on art and an initial toy to test player engagement.
2) Developing a puzzle prototype by November 8th to test level design and dream mobilities with placeholder art.
3) Continuing level design and assigning sound design by November 15th.
4) Drafting an introductory sequence by November 22nd to introduce the game.
A Brief How-(not)-to on Press Releases (A Maze Berlin 2014)spunior
This document parodies the typical structure and content of press releases. It includes a fake headline, subheadline, and quotes from "Julian" who encourages the reader to listen to him instead of reading. The following paragraphs contain exaggerated buzzwords and phrases often found in press releases like "innovative," "revolutionary," and claims of being a "leading developer." The document mocks the poor writing and lack of substance sometimes found in press releases. It concludes with a silly "presentation checklist" and credits for "Julian Dasgupta."
The document contains lyrics from multiple songs that reference biblical figures and themes. The songs praise God, declare his word, reference Jesus as the Lamb of God who died for sins, and express gratitude for God's love and salvation. They describe working together to spread God's word and different ways people serve, from preaching boldly to praying quietly.
The document discusses what makes games fun and how to design for enhanced player. It states that fun comes from a state of "flow" where there is balance between challenge and skills. Well-designed games keep players in a flow state by providing interesting goals that get progressively harder to master, clear feedback on performance, and meaning/context for players. This creates optimal challenge, engagement and sustained satisfaction for players.
Radio waves are part of the electromagnetic spectrum and have the lowest frequency and longest wavelengths. They are used for Wi-Fi, TV, radio, and other wireless technologies. Ultra-high frequency (UHF) radio waves can penetrate buildings better than lower frequencies but have a shorter range; they allow for more channels by using a wider frequency band. Orthogonal frequency-division multiplexing splits signals to reduce interference. Super-high frequencies are used for mobile phones and satellites due to their small wavelengths enabling compact antennas and worldwide bandwidth. Radio waves continue to take on new uses and research may lead to improved wireless technologies.
GRX is the global private network where telecom network operators exchange GPRS roaming traffic of their users. It’s also used for all M2M networks where roaming is used, and that is the case from some company’s truck fleet management system down to intelligence GPS location spybug tracking system.
GPRS has been there from 2.5G GSM networks to the upcoming LTE Advanced networks, and is now quite widespread technology, along with its attacks. GRX has had a structuring role in the global telecom world at a time where IP dominance was beginning to be acknowledged. Now it has expanded to a lightweight structure using both IP technologies and ITU-originated protocols.
In this presentation, we’ll see how this infrastructure is protected and how it can be attacked. We’ll discover the issues with specific telco equipment inside GRX, namely GGSN and SGSN but also now PDN Gateways in LTE and LTE Advanced “Evolved Packet Core”. We will see the implications of this with GTP protocol, DNS infrastructure, AAA servers and core network technologies such as MPLS, IPsec VPNs and their associated routing protocols. These network elements were rarely evaluated for security, and during our engagements with vulnerability analysis, we’ve seen several vulnerabilities that we will be showing in this speech.
We will demo some of the attacks on a simulated “PS Domain” network, that it the IP part of the Telecom Core Network that transports customers’ traffic, and investigate its relationships with legacy SS7, SIGTRAN IP backbones, M2M private corporate VPNs and telecom billing systems. We will also seem how automation enable us to succeed at attacks which are hard to perform and will show how a “sentinel” attack was able to compromise a telecom Core Network during one penetration test.
Philippe Langlois - LTE Pwnage - P1securityP1Security
Today, we’re entering the realm of LTE super high speed always-on connectivity and with that comes the victory of TCP/IP in front of the old ITU/3GPP protocols. And with this comes many side effects: software gets standardized, everything runs on top of ATCA (Advanced Telecom Computing Architecture) hardware running mostly Linux -give or take 6 or 8 proprietary FPGA-based sister cards, TFTP-booted with decade old VxWorks that routinely show hardcoded DES credentials and funny “behaviour”. Easily 20 GB of fat C++ binaries, some for x86, PPC, MIPS, some with up to 200 Mbytes file sizes for one single EXE! It’s called a vulnerability research and reverse engineering paradise… or hell.
All the protocols now run on top of IP, which ends up having 12 layers thanks to encapsulation and still the weight of legacy in bugs quantity and diversity. We’ll see how the porting of SS7 MAP on top of IP (SIGTRAN, Diameter) has given rise to funny Denial of Service (DoS) attacks against telecom core elements (DSR, STP), with trashy-crashy anti-forensics consequences for DPI and tracking (Hey @grugq!!).
We’ll look into specific vulnerabilities, and talk about the very particular way that Network Equipment Vendors deal with security in the telecom domain.
We will demo a virtualized Huawei HSS from our testbed and show some of the vulnerabilities and attacks directly on the equipment itself. We will finally talk about telco equipment and product security reviews and the fallacy of (some) certification and (many) standardization attempts. We will then see how to conduct a practical and fast telecom product security life cycle with automation and open source tools.
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisP1Security
Telecommunications Infrastructure Security
Getting in the SS7 kingdom: hard technology and disturbingly easy hacks to get entry points in the walled garden. This document discusses vulnerabilities in SS7 that allow unauthorized access to telecommunications infrastructure. It describes how SS7 was designed for reliability over security. It also outlines various entry points like STP connectivity, SIGTRAN protocols, and vulnerabilities in 3G femtocells that can be exploited to conduct attacks. The document warns that the traditional walled garden of telecom networks is opening up due to these issues and becoming harder to secure.
Telecom security from ss7 to all ip all-open-v3-zeronightsP1Security
Telecom security is way more than SIP-breaking some peripheral PBXs and raking a few thousands of dollars of free calls. From the formerly closed garden of SS7 to new all-IP telecom protocols such as Diameter and LTE protocols, the telecom domain faces now both the challenges of availability -one minute of downtime costs literally millions- and signaling vulnerabilities cutting down entire countries, causing massive frauds and the all new networking protocols. These new telecom protocols are rolled out in IP-centric fashion, with its myriad of standard IP security pitfalls and vulnerabilities, as well as very specific telecom vulnerabilities. The HLR is not only using TCP/IP for OAM and business workflow, but also now being named an HSS, it uses IP-only protocols such as Diameter for its Core Network signaling operations. That means that now telecom are facing new security risks both in term of exposure and threats, with its Core Network being exposed to unsophisticated IP-centered attackers, and the continuous waves of telecom-centered defrauders. In this presentation, we'll demo the new technologies of 3G and LTE networks and how to attack and defend them. We'll also show what kind of exposure one telecom companies, Mobile Network Operators and SS7 providers shows to external attackers.
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...P1Security
This document discusses the history of telecommunications security and exploring signaling networks. It begins with the origins of "phreaking" in the 1960s and blue boxes. It then covers more modern threats like SIP account hacking and SS7/SIGTRAN hacking. The document reviews digital telephony concepts and how SS7 networks are organized. It explains how SIGTRAN moved SS7 to TCP/IP using SCTP. It discusses discovering SS7 networks through SCTP scanning and fingerprinting SCTP stacks. The presentation demonstrates SCTPscan and analyzing higher layer protocols with Ethereal.
Hacking Telco equipment: The HLR/HSS, by Laurent GhigonisP1Security
HLR and HSS are the most important Telecom Equipment in an Operator Core
Network.
We are going to see that this so-called “Critical Infrastructure” is not
as robust as you could think, by exploring the some weaknesses of the
HLR/HSS equipment.
Plan:
* Virtualization of HLR/HSS, for instrumentation purposes
* HLR/HSS system analysis
* SS7/Diameter network fuzzing
* HLR/HSS binaries reverse
Worldwide attacks on SS7/SIGTRAN networkP1Security
Publication performed by Alexandre De Oliveira and Pierre-Olivier Vauboin during Hackito Ergo Sum 2014
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisP1Security
Telecommunications Infrastructure Security
Getting in the SS7 kingdom: hard technology and disturbingly easy hacks to get entry points in the walled garden. This document discusses vulnerabilities in SS7 that allow unauthorized access to telecommunications infrastructure. It describes how SS7 was designed for reliability over security. It also outlines various entry points like STP connectivity, SIGTRAN protocols, and vulnerabilities in 3G femtocells that can be exploited to conduct attacks. The document warns that the traditional walled garden of telecom networks is opening up due to these issues and becoming harder to secure.
Telecom security from ss7 to all ip all-open-v3-zeronightsP1Security
Telecom security is way more than SIP-breaking some peripheral PBXs and raking a few thousands of dollars of free calls. From the formerly closed garden of SS7 to new all-IP telecom protocols such as Diameter and LTE protocols, the telecom domain faces now both the challenges of availability -one minute of downtime costs literally millions- and signaling vulnerabilities cutting down entire countries, causing massive frauds and the all new networking protocols. These new telecom protocols are rolled out in IP-centric fashion, with its myriad of standard IP security pitfalls and vulnerabilities, as well as very specific telecom vulnerabilities. The HLR is not only using TCP/IP for OAM and business workflow, but also now being named an HSS, it uses IP-only protocols such as Diameter for its Core Network signaling operations. That means that now telecom are facing new security risks both in term of exposure and threats, with its Core Network being exposed to unsophisticated IP-centered attackers, and the continuous waves of telecom-centered defrauders. In this presentation, we'll demo the new technologies of 3G and LTE networks and how to attack and defend them. We'll also show what kind of exposure one telecom companies, Mobile Network Operators and SS7 providers shows to external attackers.
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...P1Security
This document discusses the history of telecommunications security and exploring signaling networks. It begins with the origins of "phreaking" in the 1960s and blue boxes. It then covers more modern threats like SIP account hacking and SS7/SIGTRAN hacking. The document reviews digital telephony concepts and how SS7 networks are organized. It explains how SIGTRAN moved SS7 to TCP/IP using SCTP. It discusses discovering SS7 networks through SCTP scanning and fingerprinting SCTP stacks. The presentation demonstrates SCTPscan and analyzing higher layer protocols with Ethereal.
Hacking Telco equipment: The HLR/HSS, by Laurent GhigonisP1Security
HLR and HSS are the most important Telecom Equipment in an Operator Core
Network.
We are going to see that this so-called “Critical Infrastructure” is not
as robust as you could think, by exploring the some weaknesses of the
HLR/HSS equipment.
Plan:
* Virtualization of HLR/HSS, for instrumentation purposes
* HLR/HSS system analysis
* SS7/Diameter network fuzzing
* HLR/HSS binaries reverse
Worldwide attacks on SS7/SIGTRAN networkP1Security
Publication performed by Alexandre De Oliveira and Pierre-Olivier Vauboin during Hackito Ergo Sum 2014
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
3. mi smo skok/jump menjali društvo /održavali veze iz sveta/ putovali/ menjali živote/ stvarali mrežu /ideje 2010 – eco park – 10i zemalja – snađi se – 2 EVS – 20 mladih putovalo – 3YiA