3.1.1 Category 1
This category includes messages that should only be received from within the same network and/or are unauthorized at interconnect level, and should not be sent between operators unless there is an explicit bilateral agreement between the operators to do so.
To handle the category 1 vulnerabilities, you must have the opcodes listed in Table 3-1. These opcodes ensures blocking of MAP messages that are for intra-PLMN use only.
Table 3-1 Message Category 1
| opCode | Originating SSN | Destination SSN | Description |
|---|---|---|---|
| provideRoamingNumber | MSC | This opcode is used in FLOBR/TOBR feature.
when received from a VLR, the MAP packet can be used to pass information associated with the handover of active calls. Where, a network does not support handover across network boundaries, these messages gets blocked. |
|
| sendParameters | VLR | HLR |
This opcode is used in FLOBR/TOBR feature. When addressed to a VLR, the MAP packet can be used to pass information associated with the handover of active calls. These MAP messages gets blocked, where a network does not support the handover across network boundaries. |
| insertSubscriberData | HLR | VLR |
This opcode is used in FLOBR/TOBR feature. When addressed to a VLR, the MAP packet can be used as part of the CUG and GroupCall services. Where CUG and GroupCall services are not supported across network boundaries, these MAP messages gets blocked. |
| registerSS | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| eraseSS | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| activateSS | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| deactivateSS | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| interrogateSS | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| registerPassword | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| getPassword | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| processUnstructuredSS-Data | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| processUnstructuredSS-Request | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| unstructuredSS-Request | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| unstructuredSS-Notify | VLR | HLR |
This opcode is used in FLOBR/ToBR and Stateful Security Support (VLR Validation) features. It blocks the SS related MAP packets. |
| readyForSM | MSC | VLR |
This opcode is used in FLOBR/TOBR feature. Block MAP readyForSM packets. |