Open Source SS7/Diameter firewall

• SigFW BlackHat USA 2017 Presentation
• SigFW BlackHat USA 2017 Whitepaper

For more detailed installation and build instructions refer to this page.

Install Maven (Optional) Netbeans IDE for developers

git clone https://github.com/P1Sec/SigFW

cd ./SigFW/sigfw/sigfw.sigfw
mvn clean install -Dmaven.test.skip=true

mvn exec:java -Dexec.mainClass="ss7fw.SS7Firewall"
mvn exec:java -Dexec.mainClass="ss7fw.SS7ClientLiveInput"
mvn exec:java -Dexec.mainClass="ss7fw.SS7Server"

cd ./input
mkfifo pipe
tshark -T ek -x -j "" -r ./input/sigtran.pcap > sigtran.json
cat ./input/sigtran.json > pipe

mvn exec:java -Dexec.mainClass="diameterfw.DiameterFirewall"
mvn exec:java -Dexec.mainClass="diameterfw.DiameterClientLiveInput"
mvn exec:java -Dexec.mainClass="diameterfw.DiameterServer"

cd ./input
mkfifo pipe
tshark -T ek -x -j "" -r ./input/diameter.pcap > diameter.json
cat ./input/diameter.json > pipe

For both SS7FW and DiameterFW before using.

realm.properties: Change the username, password for firewall API

sigfw.json: Generate new Public, Private Keys. Change the mThreat salt

Jetty: Change the certificate

Instead of SS7Firewall run SS7FirewallFirstInstance and SS7FirewallSecondInstance

Instead of DiameterFirewall run DiameterFirewallFirstInstance and DiameterFirewallSecondInstance

Program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.

SigFW is licensed under dual license policy. The default license is the Free Open Source GNU Affero GPL v3.0. Alternatively a commercial license can be obtained from P1 Security S.A.S.

For the list of contributors, see the AUTHORS file.

Original work was created by Martin Kacer, Philippe Langlois

Copyright 2019, P1 Security S.A.S and individual contributors

We would like to thanks for everyone supporting this project.