day1_Hacking-telco-equipment-The-HLR-HSS-Laurent-Ghigonis-p1sec
day1_Hacking-telco-equipment-The-HLR-HSS-Laurent-Ghigonis-p1sec
day1_Hacking-telco-equipment-The-HLR-HSS-Laurent-Ghigonis-p1sec
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Recommendations<br />
• Secure SDLC (Secure Software Development Life Cycle)<br />
– Design<br />
– Implementation<br />
– Testing<br />
• Especially for vendors custom stacks/services<br />
TCAP/MAP parsing bugs leading to overflows, …<br />
• Vendors security audits (<strong>HLR</strong> isolated)<br />
– System audit<br />
– Network audit<br />
• Testbed audits (<strong>HLR</strong> in environment)<br />
– System audit<br />
– Network audit<br />
– Before deploying to production<br />
2014, Hackito Ergo Sum - Security Conference