Hello all,
I have a couple questions for you about your CALEA implementations. I am having issues with the receiving Data Retention server. I am following the Mikrotik Wiki’s on CALEA and IDS/IPS as well as some forum posts. They aren’t informational only brief with lines of code. I have spent many hours researching and found very little information. I can’t seem to get traft working with tcpdump or snort. So, I am trying to better understand this so I could try new paths and help others with the same issues. If someone could help me by giving me detailed answers, I am sure this article will help many others too! Or maybe you know of some guides that will help me if you can link me to them?
- What exactly does TZSP protocol do for CALEA? And why do you need to decapsulate it?
- Is the decapsulation process part of the hashing process?
- What software are you using to capture, decapsulate, and hash this?
- How do you capture and store the hash separate from the captured data?
- What are the hardware requirements needed for this?
- Is there any extra information on Traft? There is no man page and there are forums posts saying it’s to out of date to use.
Thanks!