> For anybody who's interested I have written a paper last year (that was > presented at Blackhat Hong Kong and Singapore) on GSM security, so feel > free to ask and I'll send you a copy. So the Blackhat has fallen :-) The info that I found comes from the CCC. On their congress of last december they had a guy from a German Telecom operator that spoke of the IMSI catcher.See http://www.ccc.de/congress/2001/fahrplan/event/340.en.html ftp://ftp.ccc.de/pub/congress/congress01/mp3/vortraege/tag2/saal2/28-s2-1300 -IMSI-Catcher.mp3 http://channelnet.tv/18c3.html It's a tool from a german firm called Rohde & Schwarz that uses the methode 1 (see previous mail). The tool comes in 2 versions, one compliant with german law and one exclusively for export. It is an expencive piece of equipement. It's use is not undetectable but because of the complexity and vastness of modern networks it does not raise any allarmbells. Methode 2 can be done with a DIY kit. Again see CCC site for more details : http://www.ccc.de:8080/thema/gsm/ On the encryption part: yes encryption is used in many parts of the GSM concept. That does not mean it is 'Good Crypto' (tm) as in 'Unbreakable' (c) (tm) (Pat.Pend.) Know that these are powerfull tools. This power is easy to abuse. Proven by the incident from the ComversInfosys guys. There once was a post on Fox news. It has 'gone away'. http://www.newsmax.com/archives/articles/2001/12/18/224826.shtml http://www.security.nl/misc/comverse-scandal/file02.txt They make a Lawfull Investigation tool according to CALEA J-STD-025 and ETSI ES-201-671 standards for both circuit switched and Next Generation networks. But they are not the only one. Comverse Inofsys http://anon.free.anonymizer.com/http://www.cominfosys.com/Content/CTMiniHome Page.asp?CID=1 Nice http://www.nice.com/iss/products/nicetrack.html European ETSI http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=8789 US http://global.ihs.com/search_res.cfm?RID=TIA&INPUT_DOC_NUMBER=IS%2DJ%2DSTD%2 D025&partial_match=on&nbr_rows=25 Happy clicking. (I hope I don't lose my NATO clearance :-) Cheers, Tom CISSP 27411 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Jan 27 2002 - 14:05:49 PST