[Gsmmap] False Positives
alex at srlabs.de
Mon Mar 30 20:42:50 CEST 2015
On 25/03/15 21:00, simson1312 at riseup.net wrote:
> Can the results be false-positives? How to investigate that?
Yes, the detection metric used by SnoopSnitch is a heuristic. As such,
it could produce false positives (e.g. due to misconfigured cells,
unexpected network behavior etc.). The get some idea about what was
going on, you could send me your App ID an I could look into your data
(if you uploaded it).
> My other Question is regarding the Null Paging warning. What does SS7
> Null Paging mean?
It is an artifact we saw during our SS7 attack research. Basically you
have a paging that is aborted (without any useful transaction like a
call or SMS happening). Again, this is just a heuristic.
More information about the Gsmmap