Implementation and Analysis of SS7 Signalling Firewall Research Laboratory

Abstract

This report details the creation of a high-fidelity, isolated laboratory environment designed to practically analyze Signalling System 7 (SS7) protocol vulnerabilities and the defensive capabilities of modern signalling firewalls. The primary objective of the project is to transform telecommunications infrastructure security testing into an accessible and repeatable methodology using entirely open-source tools. The laboratory architecture is based on a classic Man-in-the-Middle (MITM) scenario involving an attacker (SigPloit), a target (Osmocom STP), and a defense mechanism (P1sec SigFW). This configuration allows all signalling traffic between the attacker and the target to pass through the interposed firewall, enabling a systematic evaluation of the firewall's effectiveness. The report provides a step-by-step guide for setting up the laboratory, configuring the components, executing the test scenarios, and analyzing the results obtained. The empirical findings indicate that while open-source firewalls offer viable mitigation capabilities against standard rule-based threats, they exhibit critical structural limitations when exposed to stateful tracking anomalies and advanced evasion techniques targeting protocol parsers. This work serves as both a theoretical foundation and a practical guide for professionals and researchers working in the field of telecommunications security.