[Gsmmap] How much of the IMSI Catcher Score can be derived WITHOUT a mobile phone ?

Mm Bsd mmbsd1982 at yahoo.com
Mon Oct 19 15:49:26 CEST 2015

On Saturday, October 17, 2015 3:14 PM, Steve Glass <stevie.glass at gmail.com> wrote:

> An SDR can, in theory, capture more information that is just available
to the phone and can do so passively. Many of the same metrics apply
but can be derived from other traffic, e.g., for C1 the presence of
any unencrypted traffic on any channel in countries where traffic is
normally encrypted is a big giveaway.  Passively monitoring traffic
gives a more complete picture. It is, however, a game that a much
smaller number of participants can play because the hardware
requirements are for a suitable SDR rather than just a
Qualcomm-equiped Android phone.

Thanks for your response.  I had not considered the ability to derive C1 by looking for unencrypted traffic.

So, just to clarify, am I correct that every single 'A' metric and also K1 and T1 are easy to derive from airprobe and wireshark ?

What about T1 (registration timer)  ?


More information about the Gsmmap mailing list