Feeds

How do spooks build surveillance rigs? In Oz they TENDER for it

Federal Police seek kit capable of swallowing Euro-standard intercepts

High performance access to file storage

Australia's Federal Police force (AFP) has issued a tender for deep packet inspection (DPI) kit capable of processing data encapsulated by the European Telecommunications Standards Institute's ETSI 102 232 format for lawfully-intercepted communications.

Why does the AFP need to listen to telecoms intercepts? Aside from the fact its a policing outfit, the Force's “About” page says “The nature of the AFP and what is required of it, has changed significantly in recent years. The AFP has responded to a rapidly changing environment and this has required a greater focus on national and international operations.”

Some of those international operations are peace-keeping missions in Pacific nations where rule of law has broken down. Others concern terrorism and cyber-crime, matters that would make listening to telecom interceptions from abroad quite useful.

After reading the tender Vulture South is leaning towards the force needing kit capable of listening in on its own networks and processing data from outside sources, based on the following list of requirements the successful tenderer will be required to demonstrate:

  • The appliance must analyse flows at 10 Gbps
  • The appliance must be able to accept TCP/IP as an input
  • The appliance must be able to receive IPv4
  • The appliance must be able to receive IPv6
  • The appliance must be able to identify services
  • The appliance must be able to identify applications (Layer 7)
  • It is recommended that the appliance can be expanded to higher speeds
  • The appliance should be able to accept a network flow encapsulate as ETSI 102 232 as an input
  • The appliance should be able to accept PCAP captures as an input
  • The appliance should be able to separate flows based on multiple inputs of MPLS
  • The appliance should be able to separate flows based on multiple inputs of VLAN
  • The appliance should identify Anti-Virus
  • The appliance should identify Malware
  • The appliance should identify Communication Applications
  • The appliance should identify Mobile Applications
  • The appliance should extract and store metadata
  • The appliance should de-capsulate tunnelling protocols
  • The appliance should detect different types of encryption
  • The appliance should filter based on keywords
  • The appliance should filter based on protocols
  • The appliance should filter based on applications
  • The appliance should filter based on IP lists
  • The appliance should filter traffic based on port lists

The tender also calls for the chosen appliance to possess the ability to create logs and to log filtered data, plus a requirement “not drop packets, both malformed or corrupt”.

Over to you, readers. Is the AFP rolling its own PRISM or just taking care of business? The tender is here if you want to read more for yourself. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.