![]() Phones should allow users to define a whitelist of known-good cell tower IDs, which could be loaded for a known geo-location. The C band is typically used for voice and data communications, as well as backhauling. When an IMSI catcher is detected, alerts can then be sent to all of an organization’s smartphone users. Each of these frequency bands is distinct, with its own uplink (Tx) and downlink (Rx) frequencies and RF components (LNB and BUC), making them well-suited for specific applications. Typically, such a setup involves a fixed, embedded system containing sensor hardware and a cellular modem for continuously monitoring the broadcast signals of the surrounding base stations, along with a database to which data is uploaded for analysis. > There are more reliable hardware options available for detecting IMSI catchers, which make sense when protecting multiple smartphone users in a single site, like a corporate headquarters or military base. Not much can be done, other than turning off the phone. Much of this is a result of lessons learned with previous cellular protocols and protocols like WiFi, where unencrypted/unauthenticated management traffic has often become an attack vector. That encryption isn't really intended as a security feature, we're talking about the modulation mode, but comes out of the fact that LTE revisions have erred on the side of caution with encrypting as much of the management traffic as practical. However, some packets are transferred in plaintext by design." One of the reasons you here about cell-site simulators ("stingrays") a lot less these days is that improving security standards in the cellular network has made them less useful, although they are still widely employed and particularly rely on forcing downgrades to 3G.Įlsewhere, the article notes that one of the difficult things about sniffing LTE is that even the parameters used for the radio connection are encrypted, so some of them have to be inferred and guessed. It can only obtain encrypted packets in most cases because it can’t know the cryptographic keys of users. The article addresses this point: "The target of LTESNIFFER is to capture the wireless packets between the base station and the user. Modern LTE features a fairly high level of traffic security, although downgrade attacks remain a major problem.
0 Comments
Leave a Reply. |