Hello,
I am using a SDR device (a BladeRF) and there is a nice tool called 'kal' that
will show me all of my nearby GSM base stations.
In addition to listing base stations and their frequencies, I could also use that
frequency info to monitor the beacon channel with gr-scan/airprobe.
So at this point I know:
- base station exists
- I know its frequency
- based on beacon channel assignments, etc., I *sort of* know how busy it is.
But what else can be learned about a particular base station with simply passive
observation and no decryption (and no sim card) ? If all I have is a passive monitor with
a SDR, what else can I learn frmo the beacon channel or from the station itself ?
Is it possible to learn things like software version, protocols supported, connectivity to
network, or to other base stations ?
My goal is to learn about the GSM networks around me and I wonder how deeply I can
understand them with just passive observation of the beacon channel (or other sources of
info that can be seen with SDR).
Thank you.