News
16.4.2021 tsharkVM updated to support ELK 7.12 and tshark 3.2.3.
19.11.2020 DeepSec 2020 conference talk - Security Model Of Endpoint Devices
Source code and slides were published - https://github.com/H21lab/Android2PrivateLAN
26.9.2020 json2pcap script was updated to enable easier pcap manipulation.
2.6.2020 json2pcap script is supporting pcap anonymization
26.5.2020 tshark + ELK VM project available https://github.com/H21lab/tsharkVM
9.1.2020
SigFW is supporting the Diameter security by implementing the GSMA DESS Phase1 (Diameter integrity protection) according to the latest changes in GSMA FS.19 document.
Additionally it is prototyping the DESS Phase2 (Diameter confidentiality and integrity protection) using DTLS sessions. Recently updated were the signatures for the DESS Phase2.
8.10.2019 tshark + Elastic in Docker article added to see how to perform pcap analytics using Docker images
28.8.2019 IANA registered the GSMA DESS extension for Diameter interconnect security. The SigFW code has been updated according to it.
22.3.2019 SigFW master including now DTLS support for Diameter protocol prototyping the GSMA DESS (Diameter End-to-end Security Subgroup) protection method
10.3.2019 SigFW v1.3-beta released. Multi-threaded, increased performance and included performance tests.
15.2.2019 Starting with Wireshark 3.0.0rc1, TShark can generate an Elasticsearch mapping file by using the -G elastic-mapping option (see Analyzing Network Packets with Wireshark, Elasticsearch, and Kibana)
9.11.2018 SigFW v1.2-beta released
18.6.2018 Analyzing Network Captures, Crafting Network Protocols, Kali Linux Tips, Penetration Testing Cheat Sheet pages added to Tools
25.1.2018 SigFW v1.1-beta released
29.12.2017 Updates in Anomaly Detection repository (unsupervised learning added)
27.7.2017 Signalling Firewall published with P1 Security and released on the BlackHat USA 2017
30.8.2016 SS7 messages screening, filtering presentation
16.7.2016 Protecting Telecom Core Networks from SS7 Attacks presentation
12.7.2016 SS7, Diameter, GTP Security presentation