Dear mr. Ricci, There are companies that offer tools and equipement to violate privacy on GSM networks. I am sure that if you are 'testing' a good network they (the operator) are aware that GSM is not an flawless concept. However they will also know the countermesure of each type of attack, if such exists. I do not have the impression that you are lawfully testing such a network. Therefor I will not aid you with company names but with types of attack I know. 1. You can overpower a basestation with your fake basestation. FLAW: The sim / GSM has to authenticate to the network. The network does not have to prove it's authenticety. Secondly the GSM will allways use the strongest signal. 2. You can copy a sim card. There are ways to get too the important numbers and reprogram them. 3. You can eavesdrop comunications between basestations. It's a focused beam of information but over a distance of km's the beam will spread a little. Hope I've set you on your way. Good luck. I am not here to judge who is to use lawfull interception tools and who is not. I would like to get rid of mistakes. > Hello All, > > I would like to know if there is any company offering penetration test > services onto GSM network not the IP network. How to perform that type of > test? Which company can offer that service? > > Thanks. > > Ricci ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Jan 25 2002 - 09:22:25 PST