Signaling System No.7 Protocol Architecture And Sevices part 59

MTP3: Management Messages These messages are generated by the MTP3 level to maintain the signaling service and to restore normal signaling conditions in the case of failure, either in signaling links or signaling points. MTP3 is explained in Chapter 7, "Message Transfer Part 3 (MTP3)." MTP3 messages carrying relevant information that can affect the network if abused and can be split into two categories
Nội dung trích xuất từ tài liệu:
Signaling System No.7 Protocol Architecture And Sevices part 59MTP3: Management MessagesThese messages are generated by the MTP3 level to maintain the signaling serviceand to restore normal signaling conditions in the case of failure, either in signalinglinks or signaling points. MTP3 is explained in Chapter 7, Message Transfer Part3 (MTP3).MTP3 messages carrying relevant information that can affect the network if abusedand can be split into two categories: • Messages communicating unavailability (such as COO, COA, ECO, ECA, TFP, TFR, and TFC) • Messages communicating availability (such as CBD and TFA)A higher degree of risk is associated with the first category, because they diminishavailable resources. As such, care should be given to the screening of suchmessages. For example, the Transfer Restricted (TFR) message is involved inrouting reconfiguration and traffic diversion. Therefore, a degree of risk isinvolved in receiving or sending this message if it is propagated unintentionally orwith malicious intent. Unintentional transmission is likely to be caused by softwareor configuration errors. Malicious intent is because someone with physical access(an insider) sends the message intentionally with the use of a protocol analyzer, forexample.Table 15-1 lists the main MTP3 messages that should be screened. Table 15-1. MTP3 Messages to Be ScreenedMessage Parameter Reason for ScreeningMSU (in case of an OPC Verifies that the originating node is known (isSTP) present in the routing tables). This provides a degree of protection against unauthorized access to the network. DPC Verifies that the message is destined for a valid node (a node to which the originating point is allowed to route).Changeover, OPC Verifies that the message is received from anChangeback, and adjacent node that is allowed to send thisEmergency message type.Changeover DPC Verifies that the message is destined for itself.Transfer Prohibited OPC Verifies that the message is received from a node allowed to send these types of messages.Transfer RestrictedManagement OPC Verifies that the message is received from anInhibiting adjacent node allowed to send this type of message.Transfer Control OPC Verifies that the message is received from a node allowed to send this type of message. The operator should choose the allowed node list according to their network topology and routing. DPC Verifies that the message is destined for a node to which the originating node can route traffic.It should be verified that all messages MSUs are received on a valid linkset—thatis, the originating point is allowed to use that particular linkset.The primary MTP3 parameters that should be screened are the originating anddestination point code. These are described next.Originating Point CodeThis parameter is the address of the originating node and forms part of the routinglabel. The OPC should be verified, as well as the rights that the node sending themessage can route via the STP. This can be done by checking that the node ispresent in routing tables. Note that no mechanisms prove that the node is the oneclaimed. Instead, the OPC simply acts as a check that the node at least claims to bethe correct node.Destination Point CodeThis parameter is the address of the destination node, and it forms part of therouting label. The DPC should be analyzed to verify the following:• MSUs coming from an external node are addressed to a node inside your own network (to keep the STP from being used as a transit node of unwarranted traffic).• MTP3 management messages coming from an external node are addressed only to the STP and not to a node inside your own network. (Management messages should involve interconnecting only nodes at the interface with other networks, not other parts of the signaling network itself.) < Day Day Up > < Day Day Up >SCCPThis section describes typical SCCP screening considerations. SCCP is explainedin Chapter 9, Signaling Connection Control Part (SCCP).SCCP User MessagesThese messages come from above S ...