Sniffing GPRS

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/baseband-devel@lists.osmocom.org/.

Dario Lombardo dario.lombardo at libero.it
Fri Feb 17 11:39:50 UTC 2012


On Fri, Feb 17, 2012 at 12:15 PM, Luca Bongiorni <
luca.bongiorni1 at studenti.unimi.it> wrote:

> Hi Dario,
>
> which is the environment that you are using for the tests? (eg. OpenBSC or
> a PLMN: in this case which one? 01, 10, 88)
>

PLMN


>
> Are you trying to just sniff the air or also stimulating the traffic with
> your own ME?
>

stimulating


>
> Good results depends from many factors:
> - If the "session" is hopping through chans or not;
> - If the ME supports only GPRS or not;
> - If you are making tests on your own lab's environment or a PLMN;
> - an other related with the osmocombb's ME and the cable used.
>
> In case you don't use OpenBSC with nanobts or BS-11, i would suggest use
> to use an old ME that supports only GPRS and not EDGE, thus u will avoid it
> to use EDGE's coding-schemes (eg. i obtained good results with an old gprs
> usb modem on PLMNs). Then i would suggest you to find an ARFCN of a PLMN
> that doesn't hop: i found some good ones by checking with a Blackberry's
> Field Test [1].
>
>
My stimulating ME supports edge, so my fake traffic is not good for
tracking. I must find the right phone... do you have some model to suggest?
I can find very old phones or very new, but it's hard to find some "medium"
that support GPRS and not EDGE :).


> [1] http://i41.tinypic.com/20huagj.jpg
>
>
That sounds very interesting, since I have a BB. How can you check that
your arfcn is not hopping from this menu?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/baseband-devel/attachments/20120217/c15d288b/attachment.htm>


More information about the baseband-devel mailing list