Feeds

How do spooks build surveillance rigs? In Oz they TENDER for it

Federal Police seek kit capable of swallowing Euro-standard intercepts

Website security in corporate America

Australia's Federal Police force (AFP) has issued a tender for deep packet inspection (DPI) kit capable of processing data encapsulated by the European Telecommunications Standards Institute's ETSI 102 232 format for lawfully-intercepted communications.

Why does the AFP need to listen to telecoms intercepts? Aside from the fact its a policing outfit, the Force's “About” page says “The nature of the AFP and what is required of it, has changed significantly in recent years. The AFP has responded to a rapidly changing environment and this has required a greater focus on national and international operations.”

Some of those international operations are peace-keeping missions in Pacific nations where rule of law has broken down. Others concern terrorism and cyber-crime, matters that would make listening to telecom interceptions from abroad quite useful.

After reading the tender Vulture South is leaning towards the force needing kit capable of listening in on its own networks and processing data from outside sources, based on the following list of requirements the successful tenderer will be required to demonstrate:

  • The appliance must analyse flows at 10 Gbps
  • The appliance must be able to accept TCP/IP as an input
  • The appliance must be able to receive IPv4
  • The appliance must be able to receive IPv6
  • The appliance must be able to identify services
  • The appliance must be able to identify applications (Layer 7)
  • It is recommended that the appliance can be expanded to higher speeds
  • The appliance should be able to accept a network flow encapsulate as ETSI 102 232 as an input
  • The appliance should be able to accept PCAP captures as an input
  • The appliance should be able to separate flows based on multiple inputs of MPLS
  • The appliance should be able to separate flows based on multiple inputs of VLAN
  • The appliance should identify Anti-Virus
  • The appliance should identify Malware
  • The appliance should identify Communication Applications
  • The appliance should identify Mobile Applications
  • The appliance should extract and store metadata
  • The appliance should de-capsulate tunnelling protocols
  • The appliance should detect different types of encryption
  • The appliance should filter based on keywords
  • The appliance should filter based on protocols
  • The appliance should filter based on applications
  • The appliance should filter based on IP lists
  • The appliance should filter traffic based on port lists

The tender also calls for the chosen appliance to possess the ability to create logs and to log filtered data, plus a requirement “not drop packets, both malformed or corrupt”.

Over to you, readers. Is the AFP rolling its own PRISM or just taking care of business? The tender is here if you want to read more for yourself. ®

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.