25 lines
1.1 KiB
Plaintext
25 lines
1.1 KiB
Plaintext
OsmocomBB: A tool for GSM protocol level security analysis of GSM networks
|
|
|
|
By: Harald Welte[1]
|
|
|
|
The OsmocomBB project[2] is a Free Software implementation of the GSM
|
|
protocol stack running on a mobile phone.
|
|
|
|
For decades, the cellular industry comprised by cellphone chipset makers and
|
|
network operators keep their hardware and system-level software as well as GSM
|
|
protocol stack implementations closed. As a result, it was never possible
|
|
to send arbitrary data at the lower levels of the GSM protocol stack.
|
|
Existing phones only allow application-level data to be specified, such as
|
|
SMS messages, IP over GPRS or circuit-switched data (CSD).
|
|
|
|
Using OsmocomBB, the security researcher finally has a tool equivalent
|
|
to an Ethernet card in the TCP/IP protocol world: A simple transceiver
|
|
that will send arbitrary protocol messages to a GSM network.
|
|
|
|
Well-known and established techniques like protocol fuzzing can finally
|
|
be used in GSM networks and reveal how reliable and fault tolerant the
|
|
equipment used in the GSM networks really is.
|
|
|
|
[1] http://laforge.gnumonks.org/
|
|
[2] http://bb.osmocom.org/
|