Mobile Network Assessment Tools » History » Version 15
Linus, 12/23/2013 05:18 PM
1 | 1 | Linus | h2. Overview |
---|---|---|---|
2 | |||
3 | This is a collection of tools for the assessment of mobile network security. |
||
4 | It includes: |
||
5 | 3 | Linus | |
6 | 8 | Karsten | * *[[GSMmap-apk]]* |
7 | Android application that collects 2G and 3G network traces from Samsung Galaxy phones |
||
8 | |||
9 | 3 | Linus | * *[[xgoldscanner]]* |
10 | 8 | Karsten | Linux application that collects 2G and 3G network traces from Samsung Galaxy phones |
11 | 2 | Linus | |
12 | 10 | Karsten | * *[[CatcherCatcher]]* |
13 | 8 | Karsten | Collect evidence of 2G fake base station activity (requires Osmocom phone) |
14 | 1 | Linus | |
15 | |||
16 | 14 | Karsten | The tools are included in the *[[GSMmap-live]]* system, which auto-submits data for analysis at "GSMmap.org":https://GSMmap.org |
17 | 13 | Karsten | Also on the live system lives: |
18 | 1 | Linus | |
19 | 13 | Karsten | * "*SIMtester*":https://opensource.srlabs.de/projects/simtester/wiki |
20 | Finds configuration bugs in SIM cards |
||
21 | 1 | Linus | |
22 | 14 | Karsten | A public mailing list for discussions and occasional announcements is found "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap |
23 | 2 | Linus | |
24 | 1 | Linus | ***** |
25 | |||
26 | 6 | Linus | |
27 | h3. Disclaimer |
||
28 | |||
29 | 14 | Karsten | The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can. |
30 | 6 | Linus | |
31 | 14 | Karsten | Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number. |
32 | 6 | Linus | |
33 | 14 | Karsten | During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings. |
34 | 6 | Linus | |
35 | 14 | Karsten | To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests. |
36 | 1 | Linus | |
37 | h3. Instructions |
||
38 | |||
39 | 14 | Karsten | # Download TODO |
40 | # unpack TODO |
||
41 | 1 | Linus | # run: <pre>sudo ./xgoldscanner.sh -n [telephone number, e.g. +491234567]</pre> |
42 | 4 | Linus | Optional parameters: |
43 | 1 | Linus | * -g conduct GPRS test |
44 | 4 | Linus | * -d display debug messages |
45 | 1 | Linus | * -o offline mode [skip log upload for manual submission] |
46 | 4 | Linus | * -3 conduct 3G tests only [skip 2G tests] |
47 | 1 | Linus | * -y assume "yes" to questions and confirmation dialogues [for automated testing] |
48 | * -i <n> repeat each test <n> times (default is 5) |
||
49 | 2 | Linus | |
50 | 1 | Linus | h3. Advanced usage |
51 | |||
52 | 14 | Karsten | Use Tobias Engel's "xgoldmon":https://github.com/2b-as/xgoldmon tool to analyze the trace log files. |
53 | 3 | Linus | |
54 | h3. Mailing list |
||
55 | |||
56 | 14 | Karsten | A public mailing list for discussions is found "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap |
57 | 2 | Linus | |
58 | ***** |
||
59 | 1 | Linus | |
60 | 10 | Karsten | h2. CatcherCatcher |
61 | 2 | Linus | |
62 | 14 | Karsten | The CatcherCatcher tool detects mobile network irregularities hinting at fake base station activity. |
63 | 2 | Linus | |
64 | 14 | Karsten | h3. Requirements |
65 | 2 | Linus | |
66 | * Osmocom phone |
||
67 | 14 | Karsten | * Osmocom cable |
68 | * Linux computer |
||
69 | 1 | Linus | |
70 | h3. Download: |
||
71 | |||
72 | 14 | Karsten | * Source Code TODO |
73 | * Live System TODO |
||
74 | 1 | Linus | |
75 | h3. Instructions |
||
76 | 2 | Linus | |
77 | 14 | Karsten | # Download TODO |
78 | # unpack TODO |
||
79 | 11 | Karsten | # run: TODO call |
80 | 1 | Linus | * TODO command line parameters |
81 | 2 | Linus | |
82 | 1 | Linus | h3. Mailing list |
83 | |||
84 | 2 | Linus | A public mailing list discussion is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/catchercatcher |
85 | 1 | Linus | |
86 | 2 | Linus | ***** |
87 | 1 | Linus | |
88 | h2. GSMmap-apk |
||
89 | 2 | Linus | |
90 | 1 | Linus | Actively collect 2G and 3G traces using Samsung Android phones. |
91 | |||
92 | h3. Requirements: |
||
93 | |||
94 | 2 | Linus | * Samsung Galaxy S2 / S3 phone |
95 | 1 | Linus | |
96 | h3. Download: |
||
97 | |||
98 | 14 | Karsten | * Pre-compiled .apk TODO |
99 | * Source Code TODO |
||
100 | 1 | Linus | |
101 | 6 | Linus | h3. Disclaimer |
102 | |||
103 | 14 | Karsten | The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can. |
104 | 6 | Linus | |
105 | 14 | Karsten | Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number. |
106 | 2 | Linus | |
107 | 14 | Karsten | During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings. |
108 | 2 | Linus | |
109 | 14 | Karsten | To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests. |
110 | 1 | Linus | |
111 | 3 | Linus | h3. Instructions |
112 | 5 | Ben | |
113 | 14 | Karsten | # Install application from Google Play app store TODO |
114 | 2 | Linus | # Run |
115 | |||
116 | 1 | Linus | h3. Mailing list |
117 | 2 | Linus | |
118 | 3 | Linus | A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap |
119 | |||
120 | 2 | Linus | ***** |
121 | 1 | Linus | |
122 | h2. GSMmap-live |
||
123 | |||
124 | 14 | Karsten | This live Linux system is equipped with all the assessment tools listed above. It furthermore includes TODO |
125 | The live system facilitates their use and automatically uploads logs to GSMmap.org. |
||
126 | 2 | Linus | |
127 | 14 | Karsten | h3. Requirements |
128 | 2 | Linus | |
129 | 14 | Karsten | * Computer capable of running 64bit Linus |
130 | * For each test: Requirements listed in the respective tool wiki pages |
||
131 | 6 | Linus | |
132 | 14 | Karsten | h3. Download |
133 | 6 | Linus | |
134 | 14 | Karsten | * Live system image TODO |
135 | 6 | Linus | |
136 | 14 | Karsten | |
137 | 6 | Linus | h3. Disclaimer |
138 | |||
139 | 14 | Karsten | The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can. |
140 | 6 | Linus | |
141 | 14 | Karsten | Second, your phone will send SMS short messages via an invalid SMS-C to an invalid number. |
142 | 6 | Linus | |
143 | 14 | Karsten | During our tests (in Europe) we have not encounter any network that would charge for these transactions. However, we can not rule out that you may be charged in specific settings. |
144 | 6 | Linus | |
145 | 14 | Karsten | To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests. |
146 | 2 | Linus | |
147 | h3. Instructions |
||
148 | |||
149 | 14 | Karsten | # Download TODO |
150 | 2 | Linus | # Unpack: <pre>tar xvzf gsmmap-live.img.tar.gz</pre> |
151 | 1 | Linus | # Write to stick <pre>dd if=gsmmap-live.img of=/dev/[USB-stick] [bs=1M]</pre> |
152 | 2 | Linus | # Boot from stick |
153 | |||
154 | 3 | Linus | h3. Mailing list |
155 | |||
156 | A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap |
||
157 | 14 | Karsten | |
158 | Please file bugs and support requests through the "issue tracker":https://opensource.srlabs.de/projects/mobile-network-assessment-tools/issues/new as they may be of little relevance to the majority of the mailing list subscribers. |