Sniffing GPRS

Dario Lombardo dario.lombardo at libero.it
Fri Feb 17 10:55:34 UTC 2012


On Fri, Feb 17, 2012 at 11:50 AM, Sylvain Munaut <246tnt at gmail.com> wrote:

> Hi,
>
> > I'm still not able to sniff enough data to reconstruct TCP sessions.
> > I can get datagrams (even TCP), but they look like "sparse" datagrams.
> Even
> > using 2 sniffing phones I have a slightly better result, but not enough
> to
> > consider it satisfying.
> > Are there some other steps that can be done?
>
> Sure ... debug the issue, fix it, submit a patch. You'll probably need
> deep knowledge of GPRS RLC/MAC layers to do that properly.
>

I do it for sure, if I am able to.


>
> > Is there anyone, other that gprs decoder authors, able to make it
> completely
> > working?
>
> I'm not even sure they do.
>
> The code is more of a "demo" than a complete system, a lot is missing
> to properly decode everything (for, it just "guesses" the GPRS channel
> from a single assignement and then listen on all timeslot of that,
> which mostly a short cut to grab stuff, proving it's possible but not
> that much more, unless the cell has only 1 GPRS arfcn).
>
>
It would be nice to have a result like their

http://srlabs.de/dl/gprs_262_80_0001_0000_20110710_2252_875_514147_0f.dat

where I can find reconstructed HTTP sessions.


> Also since it only support GPRS and not EDGE you can pretty easily
> miss stuff ...
>
>
That's an interesting point I can check...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/baseband-devel/attachments/20120217/363cf5fe/attachment.html>


More information about the baseband-devel mailing list