17 July, 2008

NSA Spy Software - SKYPE eavesdropping

Blog digest, a collection of clever articles... enjoy
The technology behind NSA spying

poke around kevin's cryptogon site, "horrified"

talking about the information the att whistleblower, mark klein, revealed about what he helped att install in one of their main network switching centers in san francisco...

This is arcane information. It will not be easy for laypeople to understand. But… For those of you who want names, model numbers, techniques, and locations all related to how, IN FACT, They are watching EVERYTHING we are doing online, this is it.

The only reason this is public is because Mark Klein, an ATT engineer who participated in building the secret NSA infrastructure, outed it. There can be no idiotic commentary about “conspiracy theories” or “paranoia” with this. These are court documents containing information provided under penalty of perjury by an eye witness and participant in the operation. The expert analysis provided by J. Scott Marcus–which was just unsealed today—is, quite literally, shocking. For those of us who just knew this was happening, but couldn’t put our fingers on how, well, now we know.

I’ve followed publicly available information on NSA for about fifteen years and I’ve never seen anything like this. The capabilities of this system are awesome and terrifying.

When you read J. Scott Marcus’ analysis, it will become very clear to you why NSA and ATT wanted that thing sealed. Oh my, that is a good one.

So, how does NSA do it?

A company called Narus has developed the NarusInsight Intercept Suite: a purpose built network surveillance system that is capable of analyzing (in real time) ALL of the data passing through the largest network nodes in existence. This system is capable of applying sophisticated targeting rules to the traffic, as well as recording entire, individual sessions for later analysis. According to the Narus website:
These capabilities include playback of streaming media (i.e. VoIP), rendering of web pages, examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols. Narus partner products offer the ability to quickly analyze information collected by the Directed Analysis or Lawful Intercept modules. When Narus partners’ powerful analytic tools are combined with the surgical targeting and real-time collection capabilities of Directed Analysis and Lawful Intercept modules, analysts or law enforcement agents are provided capabilities that have been unavailable thus far.

Naurus Skype / VoIP / p2p / VoIP blocker : Secure. Classify and Intercept. Lawful Intercept and Regulatory Compliance.

Quote_small NEW YORK (AP) - Narus Inc., a maker of network technology to monitor phone and Internet traffic, or even help block certain communications like a Skype call, said Monday it has raised $30 million in new capital to fund development of next-generation products and expand overseas sales. The company, based in Mountain View, Calif., sells data-mining equipment that lets companies and other entities sift through the information in Internet traffic and identify nuggets of interest in e-mail, users' Web-surfing and even Internet phone calls. source.

Nuggets of interest… That sounds interesting…

Skype blocking by naurus

Source : http://www.narus.com/products/index.htmlVoIP Security via the NarusInsight Secure Suite

  • VoIP Security via the NarusInsight Secure Suite

VoIP and other real-time IP services are subject to an emerging breed of new threats, anomalies and fraudulent acts. Not only can the NarusInsight Secure Suite detect and mitigate common threats like DoS, DDoS, worms and viruses, but also layer 7 and service attacks.

  • VoIP Classification via the NarusInsight Discover Suite

NarusInsight Discover Suite provides detailed information about VoIP traffic, including details about the calling and called party, type of service, gateways used, source and destination IP addresses. Global carriers gain deep understanding of the impact of VoIP traffic on business operations, empowering new product and revenue opportunities as well as managing VoIP bypass traffic. Utilizing powerful parsing, data aggregation and filtering, VoIP Analysis delivers this information to various operating and support systems. The platform can also collect and analyze data from numerous sources, in multiple formats, over various protocols.

The VoIP detection application module of the NarusInsight Discover Suite provides carriers and service providers the ability to detect VoIP traffic and understand the impact on their networks and businesses. It enables them to address unauthorized or bypass VoIP traffic (i.e. revenue leakage) by billing for, or blocking, re-directing and re-prioritizing, them.

  • VoIP Intercept via the NarusInsight Intercept Suite

The NarusInsight Intercept Suite features both a Lawful Intercept application module, and a proprietary Directed Analysis application module. The Lawful Intercept module is fully CALEA- and ETSI-compliant, and featuries a robust warrant management system. Capabilities include full reconstruction and playback of VoIP and other streaming media, in addition to the rendering of Web pages, examination of e-mails and the ability to analyze the payload/attachments of e-mail or file transfer protocols. The Directed Analysis monitoring and surveillance application module offering seamless integration with the NSS or other DDoS, intrusion or anomaly detection systems, securely providing analysts with real-time, surgical targeting of suspect information (from flow to application to full packets).

intercept diagram

Press release : Narus Secures $30 Million in Expansion Financing
Request Whitepaper via e-mail

NarusInsight™ Intercept Suite

NarusInsight Intercept Suite (NIS) provides real-time, surgically precise targeting, allowing full IP session reconstruction and visibility of targeted traffic.

A critical concern of those conducting network surveillance is ensuring the comprehensive collection of targeted data while simultaneously attending to issues related to privacy, traceability, and authentication. Put simply, it is essential to capture all targeted data, but nothing else.

NarusInsight Intercept Suite (NIS) enables capture of packet-level, flow-level and application-level usage information along with complete session packets for forensic analysis, surveillance or for satisfying regulatory compliance.

Narus uniquely provides insight into the entire network, ensuring that all targeted data is captured regardless of the size, speed, or asymmetric topology of the network. Any number of links, at any speed, with any routing architecture, can be simultaneously monitored.

Complementing the NIS total network view is real-time monitoring and capture at line-speed, eliminating the need for unmanageable volumes of data, costly post processing, and the side effects of capturing untargeted data.

NIS' unmatched breadth of target criteria also provides for surgically precise capture of data. Supported targets include both broad identifiers such as port, protocol, RADIUS login, or IP address as well as application specific identifiers such as e-mail address, web-mail identity (even those within a 'cc' or 'bcc' field), SIP URI, VOIP number and many others.

NarusInsight Intercept Suite

NIS supports comprehensive forensic capabilities that dramatically simplify analysis of captured data. This includes playback of streaming media (such as captured VoIP), rendering of web pages, examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols.

Narus offers a webmail update service where customers receive regular updates in response to changes by webmail service providers.


Carriers and government organizations have deployed Narus around the world to protect their countries and infrastructure.

Bookmark and Share
posted by u2r2h at Thursday, July 17, 2008


Post a Comment

Links to this post:

Create a Link

<< Home

Locations of visitors to this page Politics Blogs - Blog Top Sites