SlideShare une entreprise Scribd logo

Hacking a Bird in the Sky: Hijacking VSAT Connection

Jim Geovedi
Jim Geovedi
TechnologieBusiness
1  sur  46
Hacking a Bird in the Sky Hijacking Very Small Aperture Terminal (VSAT) Connections Jim Geovedi and Raditya Iryandi BELLUA ASIA PACIFIC
Hacking a Bird in The Sky Disclaimer This presentation is intended to demonstrate the inherent security, design and configuration flaws in publicly accessible satellite communication networks and promote the use of safer satellite communication systems. Viewers and readers are responsible for their own actions and strongly encourage to behave themselves. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 2
Hacking a Bird in The Sky Satellite • A satellite is any object that orbits another object (which known as its primary). Artificial Satellites • It was the English sci-fi writer Arthur C. Clarke who conceived the possibility of artificial communication satellites in 1945. Clarke examined the logistics of satellite launch, possible orbits and other aspects. • The first artificial satellite was Sputnik 1 launched by Soviet Union on 4 October 1957 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 3
Hacking a Bird in The Sky Types of Artificial Satellites • Astronomical satellites • Solar power satellites • Reconnaissance satellites • Space stations • Navigation satellites • Weather satellites • Killer satellites/anti-satellite weapons • Miniaturised satellites • Biosatellites Warning: You are allowed to steal any contents of this material with or without notifying the authors. 4
Hacking a Bird in The Sky How is a Satellite Launched into an Orbit? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 5
Hacking a Bird in The Sky Satellite Internet Services • Used in locations where terrestrial Internet access is not available and in locations which move frequently, e.g. vessels at sea and war zone. • Can be used where the most basic utilities are lacking, require a generator or battery power supply that can produce enough electricity. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 6
Hacking a Bird in The Sky Three Types of Satellite Internet Services • One-way multicast: used for IP multicast-based data, audio and video distribution. Most Internet protocols will not work correctly over one-way access, since they require a return channel. • One-way with terrestrial return: used with traditional dial-up access to the Internet, with outbound data travelling through a telephone modem, but downloads are sent via satellite at a speed near that of broadband Internet access. • Two-way satellite access: allows upload and download data communications. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 7
Hacking a Bird in The Sky Very Small Aperture Terminal (VSAT) • Two-way satellite ground station with a dish antenna that is smaller than 3 metres. • Nearly all VSAT systems are now based on IP, with a very broad spectrum of applications. • Most commonly used interactive and transactional application (online communication between head office and branches, flight ticket and hotel reservation, ATM (Automated Teller Machine) and small data traffic) and terminal application with centralised database (data entry, inventory control and payment point) Warning: You are allowed to steal any contents of this material with or without notifying the authors. 8
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 9
Hacking a Bird in The Sky Internal Computer (TT&C) Body Power source Attitude control Grapple Fixture Communications Satellite Anatomy Warning: You are allowed to steal any contents of this material with or without notifying the authors. 10
Hacking a Bird in The Sky The Control Centre Warning: You are allowed to steal any contents of this material with or without notifying the authors. 11
Hacking a Bird in The Sky Tracking, Telemetry and Command Station Warning: You are allowed to steal any contents of this material with or without notifying the authors. 12
Hacking a Bird in The Sky Topologies of VSAT • A star topology, using a central uplink site, such as a network operations centre (NOC), to transport data back and forth to each VSAT terminal via satellite, • A mesh topology, where each VSAT terminal relays data via satellite to another terminal by acting as a hub, minimising the need for a centralised uplink site, • and a combination of both star and mesh topologies. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 13
Hacking a Bird in The Sky Satellite Footprint • The footprint of a satellite is the ground area that its transponders cover, and determines the satellite dish diameter required to receive each transponder's signal. • There is usually a different map for each transponder (or group of transponders) as each may be aimed to cover different areas of the ground. • Footprint maps usually show either the estimated minimal satellite dish diameter required, or the signal strength in each area measured in dBW. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 14
Hacking a Bird in The Sky 100º E - 145.9º E (SE Asia, Australia, China, Japan, Korea) Satellite Name Position HD TV TV Digital TV Analog Radio Digital Radio Analog Data ASIASAT 2 100.5º East 0 97 0 51 0 4 EXPRESS A2 103.0º East 0 13 0 12 0 2 ASIASAT 3S 105.5º East 0 258 0 56 0 22 CAKRAWARTA 1 107.7º East 0 70 0 19 0 5 TELKOM 1 108.0º East 0 57 0 0 0 4 AAP 1 108.2º East 0 57 0 0 0 17 BSAT 1A, 2A 110.0º East 10 3 4 14 0 0 JCSAT 110 110.0º East 0 63 0 20 0 0 SINOSAT 1 110.5º East 0 59 0 36 0 4 PALAPA C2 113.0º East 0 31 2 4 0 8 KOREASAT 2 113.0º East 0 48 0 0 0 3 KOREASAT 3 116.0º East 0 125 0 1 0 12 TELKOM 2 118.0º East 0 1 0 0 0 0 THAICOM 1A 120.0º East 0 6 0 1 0 0 ASIASAT 4 122.0º East 0 79 0 1 0 17 JCSAT 4A 124.0º East 0 93 0 0 0 7 JCSAT 3 128.0º East 0 142 0 103 0 21 JCSAT 5A 132.0º East 0 2 0 0 0 0 APSTAR 6 134.0º East 0 46 2 55 0 3 APSTAR V / TELSTAR 18 138.0º East 0 151 0 0 0 2 EXPRESS AM3 140.0º East 0 14 0 8 0 1 SUPERBIRD C 144.0º East 0 57 0 4 0 0 source: http://www.satcodx4.com/eng/ accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 15
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 16
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 17
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 18
Hacking a Bird in The Sky MEASAT-1 @ 91.5º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 19
Hacking a Bird in The Sky PALAPA C2 @ 113.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 20
Hacking a Bird in The Sky TELKOM 1 @ 108.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 21
Hacking a Bird in The Sky TELKOM 2 @ 118.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 22
Hacking a Bird in The Sky Attacks against Satellite Systems It’s politically sensitive, but it’s going to happen. Some people don’t want to hear this, and it sure isn’t in vogue … but—absolutely—we’re going to fight in space. We’re going to fight from space and we’re going to fight into space… General Joseph W. Ashy Former Commander in Chief U.S. Space Command source: http://www.au.af.mil/au/awc/awcgate/saas/spacy_wl.pdf accessed on 21 September 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 23
Hacking a Bird in The Sky Hypothetical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 24
Hacking a Bird in The Sky Denial of Service Attacks • Jam uplink and downlink • White noise at frequency. • Requires directed antenna. • Requires very low power. • Difficult to detect, especially if occurring at irregular intervals. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 25
Hacking a Bird in The Sky Denial of Service Attacks • Overpower uplink • Can be done with transportable satellite ground terminals • In tri-band (C-band, X-band, and Ku-band). • Power limited. • Uplink equipment now contains ID coding. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 26
Hacking a Bird in The Sky Orbital Positioning Attacks • Ranging transponder spoofing • Multiple ground stations triangulate satellite position using a series of tones sent to a transponder. • Ground stations observe phase differentials. • Ground or airborne spoofer could transmit false response, resulting in incorrect orbit determination. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 27
Hacking a Bird in The Sky Orbital Positioning Attacks • Direct commanding • Preparation and delivery of telecommand queue. • Command replay • Record outbound telecommand queue from TT&C facility. Replay later to initiate duplicate action. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 28
Hacking a Bird in The Sky Orbital Positioning Attacks • Insertion after confirmation but prior to execution • SCC formulates telecommand queue and sends to TT&C. • TT&C uplinks and receives readback, which it returns to SCC. • If readback is correct, SCC waits for proper time to execute. • Channel is vulnerable to update during this period — new telecommand queue may be uploaded prior to authenticated execute. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 29
Hacking a Bird in The Sky Practical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 30
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 31
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 32
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 33
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 34
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 35
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 36
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 37
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 38
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 39
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 40
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 41
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 42
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 43
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 44
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 45
Hacking a Bird in The Sky Discussion • Other attacks against satellite? • Law issues? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 46

Recommandé

Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipJim Geovedi
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverJim Geovedi
 
Hacking a Bird in the Sky
Hacking a Bird in the SkyHacking a Bird in the Sky
Hacking a Bird in the Skyshizhao
 
IPV9人类共同的理想/IPv9 - The common ideal for human being
IPV9人类共同的理想/IPv9 - The common ideal for human beingIPV9人类共同的理想/IPv9 - The common ideal for human being
IPV9人类共同的理想/IPv9 - The common ideal for human beingshizhao
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
 
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Jim Geovedi
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
 
Internet Worms
Internet WormsInternet Worms
Internet WormsJim Geovedi
 

Recommandé

Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipJim Geovedi
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverJim Geovedi
 
Hacking a Bird in the Sky
Hacking a Bird in the SkyHacking a Bird in the Sky
Hacking a Bird in the Skyshizhao
 
IPV9人类共同的理想/IPv9 - The common ideal for human being
IPV9人类共同的理想/IPv9 - The common ideal for human beingIPV9人类共同的理想/IPv9 - The common ideal for human being
IPV9人类共同的理想/IPv9 - The common ideal for human beingshizhao
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
 
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Jim Geovedi
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
 
Internet Worms
Internet WormsInternet Worms
Internet WormsJim Geovedi
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour ruleJim Geovedi
 
Professional Hackers
Professional HackersProfessional Hackers
Professional HackersJim Geovedi
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobetJim Geovedi
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log ManagementJim Geovedi
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony SecurityJim Geovedi
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsJim Geovedi
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingJim Geovedi
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Jim Geovedi
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Jim Geovedi
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank JobJim Geovedi
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 
Wireless Hotspot Security
Wireless Hotspot SecurityWireless Hotspot Security
Wireless Hotspot SecurityJim Geovedi
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundJim Geovedi
 
Hacking Trust
Hacking TrustHacking Trust
Hacking TrustJim Geovedi
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 

Contenu connexe

Plus de Jim Geovedi

HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour ruleJim Geovedi
 
Professional Hackers
Professional HackersProfessional Hackers
Professional HackersJim Geovedi
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobetJim Geovedi
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log ManagementJim Geovedi
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony SecurityJim Geovedi
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsJim Geovedi
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingJim Geovedi
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Jim Geovedi
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Jim Geovedi
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank JobJim Geovedi
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 
Wireless Hotspot Security
Wireless Hotspot SecurityWireless Hotspot Security
Wireless Hotspot SecurityJim Geovedi
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundJim Geovedi
 

Plus de Jim Geovedi (17)

HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour rule
 
Professional Hackers
Professional HackersProfessional Hackers
Professional Hackers
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobet
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log Management
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony Security
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry Birds
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite Hacking
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank Job
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
 
Wireless Hotspot Security
Wireless Hotspot SecurityWireless Hotspot Security
Wireless Hotspot Security
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers Playground
 
Hacking Trust
Hacking TrustHacking Trust
Hacking Trust
 

Dernier

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Dernier (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Hacking a Bird in the Sky: Hijacking VSAT Connection

  • 1. Hacking a Bird in the Sky Hijacking Very Small Aperture Terminal (VSAT) Connections Jim Geovedi and Raditya Iryandi BELLUA ASIA PACIFIC
  • 2. Hacking a Bird in The Sky Disclaimer This presentation is intended to demonstrate the inherent security, design and configuration flaws in publicly accessible satellite communication networks and promote the use of safer satellite communication systems. Viewers and readers are responsible for their own actions and strongly encourage to behave themselves. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 2
  • 3. Hacking a Bird in The Sky Satellite • A satellite is any object that orbits another object (which known as its primary). Artificial Satellites • It was the English sci-fi writer Arthur C. Clarke who conceived the possibility of artificial communication satellites in 1945. Clarke examined the logistics of satellite launch, possible orbits and other aspects. • The first artificial satellite was Sputnik 1 launched by Soviet Union on 4 October 1957 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 3
  • 4. Hacking a Bird in The Sky Types of Artificial Satellites • Astronomical satellites • Solar power satellites • Reconnaissance satellites • Space stations • Navigation satellites • Weather satellites • Killer satellites/anti-satellite weapons • Miniaturised satellites • Biosatellites Warning: You are allowed to steal any contents of this material with or without notifying the authors. 4
  • 5. Hacking a Bird in The Sky How is a Satellite Launched into an Orbit? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 5
  • 6. Hacking a Bird in The Sky Satellite Internet Services • Used in locations where terrestrial Internet access is not available and in locations which move frequently, e.g. vessels at sea and war zone. • Can be used where the most basic utilities are lacking, require a generator or battery power supply that can produce enough electricity. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 6
  • 7. Hacking a Bird in The Sky Three Types of Satellite Internet Services • One-way multicast: used for IP multicast-based data, audio and video distribution. Most Internet protocols will not work correctly over one-way access, since they require a return channel. • One-way with terrestrial return: used with traditional dial-up access to the Internet, with outbound data travelling through a telephone modem, but downloads are sent via satellite at a speed near that of broadband Internet access. • Two-way satellite access: allows upload and download data communications. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 7
  • 8. Hacking a Bird in The Sky Very Small Aperture Terminal (VSAT) • Two-way satellite ground station with a dish antenna that is smaller than 3 metres. • Nearly all VSAT systems are now based on IP, with a very broad spectrum of applications. • Most commonly used interactive and transactional application (online communication between head office and branches, flight ticket and hotel reservation, ATM (Automated Teller Machine) and small data traffic) and terminal application with centralised database (data entry, inventory control and payment point) Warning: You are allowed to steal any contents of this material with or without notifying the authors. 8
  • 9. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 9
  • 10. Hacking a Bird in The Sky Internal Computer (TT&C) Body Power source Attitude control Grapple Fixture Communications Satellite Anatomy Warning: You are allowed to steal any contents of this material with or without notifying the authors. 10
  • 11. Hacking a Bird in The Sky The Control Centre Warning: You are allowed to steal any contents of this material with or without notifying the authors. 11
  • 12. Hacking a Bird in The Sky Tracking, Telemetry and Command Station Warning: You are allowed to steal any contents of this material with or without notifying the authors. 12
  • 13. Hacking a Bird in The Sky Topologies of VSAT • A star topology, using a central uplink site, such as a network operations centre (NOC), to transport data back and forth to each VSAT terminal via satellite, • A mesh topology, where each VSAT terminal relays data via satellite to another terminal by acting as a hub, minimising the need for a centralised uplink site, • and a combination of both star and mesh topologies. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 13
  • 14. Hacking a Bird in The Sky Satellite Footprint • The footprint of a satellite is the ground area that its transponders cover, and determines the satellite dish diameter required to receive each transponder's signal. • There is usually a different map for each transponder (or group of transponders) as each may be aimed to cover different areas of the ground. • Footprint maps usually show either the estimated minimal satellite dish diameter required, or the signal strength in each area measured in dBW. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 14
  • 15. Hacking a Bird in The Sky 100º E - 145.9º E (SE Asia, Australia, China, Japan, Korea) Satellite Name Position HD TV TV Digital TV Analog Radio Digital Radio Analog Data ASIASAT 2 100.5º East 0 97 0 51 0 4 EXPRESS A2 103.0º East 0 13 0 12 0 2 ASIASAT 3S 105.5º East 0 258 0 56 0 22 CAKRAWARTA 1 107.7º East 0 70 0 19 0 5 TELKOM 1 108.0º East 0 57 0 0 0 4 AAP 1 108.2º East 0 57 0 0 0 17 BSAT 1A, 2A 110.0º East 10 3 4 14 0 0 JCSAT 110 110.0º East 0 63 0 20 0 0 SINOSAT 1 110.5º East 0 59 0 36 0 4 PALAPA C2 113.0º East 0 31 2 4 0 8 KOREASAT 2 113.0º East 0 48 0 0 0 3 KOREASAT 3 116.0º East 0 125 0 1 0 12 TELKOM 2 118.0º East 0 1 0 0 0 0 THAICOM 1A 120.0º East 0 6 0 1 0 0 ASIASAT 4 122.0º East 0 79 0 1 0 17 JCSAT 4A 124.0º East 0 93 0 0 0 7 JCSAT 3 128.0º East 0 142 0 103 0 21 JCSAT 5A 132.0º East 0 2 0 0 0 0 APSTAR 6 134.0º East 0 46 2 55 0 3 APSTAR V / TELSTAR 18 138.0º East 0 151 0 0 0 2 EXPRESS AM3 140.0º East 0 14 0 8 0 1 SUPERBIRD C 144.0º East 0 57 0 4 0 0 source: http://www.satcodx4.com/eng/ accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 15
  • 16. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 16
  • 17. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 17
  • 18. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 18
  • 19. Hacking a Bird in The Sky MEASAT-1 @ 91.5º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 19
  • 20. Hacking a Bird in The Sky PALAPA C2 @ 113.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 20
  • 21. Hacking a Bird in The Sky TELKOM 1 @ 108.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 21
  • 22. Hacking a Bird in The Sky TELKOM 2 @ 118.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 22
  • 23. Hacking a Bird in The Sky Attacks against Satellite Systems It’s politically sensitive, but it’s going to happen. Some people don’t want to hear this, and it sure isn’t in vogue … but—absolutely—we’re going to fight in space. We’re going to fight from space and we’re going to fight into space… General Joseph W. Ashy Former Commander in Chief U.S. Space Command source: http://www.au.af.mil/au/awc/awcgate/saas/spacy_wl.pdf accessed on 21 September 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 23
  • 24. Hacking a Bird in The Sky Hypothetical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 24
  • 25. Hacking a Bird in The Sky Denial of Service Attacks • Jam uplink and downlink • White noise at frequency. • Requires directed antenna. • Requires very low power. • Difficult to detect, especially if occurring at irregular intervals. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 25
  • 26. Hacking a Bird in The Sky Denial of Service Attacks • Overpower uplink • Can be done with transportable satellite ground terminals • In tri-band (C-band, X-band, and Ku-band). • Power limited. • Uplink equipment now contains ID coding. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 26
  • 27. Hacking a Bird in The Sky Orbital Positioning Attacks • Ranging transponder spoofing • Multiple ground stations triangulate satellite position using a series of tones sent to a transponder. • Ground stations observe phase differentials. • Ground or airborne spoofer could transmit false response, resulting in incorrect orbit determination. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 27
  • 28. Hacking a Bird in The Sky Orbital Positioning Attacks • Direct commanding • Preparation and delivery of telecommand queue. • Command replay • Record outbound telecommand queue from TT&C facility. Replay later to initiate duplicate action. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 28
  • 29. Hacking a Bird in The Sky Orbital Positioning Attacks • Insertion after confirmation but prior to execution • SCC formulates telecommand queue and sends to TT&C. • TT&C uplinks and receives readback, which it returns to SCC. • If readback is correct, SCC waits for proper time to execute. • Channel is vulnerable to update during this period — new telecommand queue may be uploaded prior to authenticated execute. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 29
  • 30. Hacking a Bird in The Sky Practical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 30
  • 31. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 31
  • 32. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 32
  • 33. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 33
  • 34. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 34
  • 35. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 35
  • 36. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 36
  • 37. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 37
  • 38. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 38
  • 39. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 39
  • 40. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 40
  • 41. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 41
  • 42. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 42
  • 43. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 43
  • 44. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 44
  • 45. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 45
  • 46. Hacking a Bird in The Sky Discussion • Other attacks against satellite? • Law issues? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 46