Category 2
This category includes messages that should only be received from visiting subscribers home network. These should normally only be received from an inbound roamer’s home network.
- Blocking all messages from home-PLMN (messages where target IMSI is using the MCC+MNC of the own network.
- Blocking all messages from home-PLMN for inbound roamers, where OperatorID referenced by all parameters in MAP and OperatorID in CgPA do not match.
- Blocking the messages for which the HLRid is not consistent with the CgPA.
Following is the list of vulnerable category 2 opcodes:
Table 3-2 Message Category 2
| opCode | Originating SSN | Destination SSN | Description |
|---|---|---|---|
| provideRoamingNumber | HLR | MSC | This opcode is used in FLOBR/TOBR feature.
when received from an HLR, the MAP message is screened for any Category 2 vulnerabilities. Blocks the received HLR-to VLR provideRoamingNumber packets. |
| insertSubscriberData | HLR | MSC SGSN |
This opcode is used in FLOBR/TOBR feature. Blocks the insertSubscriberData packets with application context values 16, 1, or 32. |
| mt-forwardSM | MSC | MSC |
This opcode is used in FLOBR/TOBR feature. |
| getPassword | HLR | MSC |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| reset | |||
| unstructuredSS-Request | HLR | MSC SGSN |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| unstructuredSS-Notify | HLR | MSC SGSN |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |