Professional Documents
Culture Documents
Blog
Categories
Introduction
With all the recent fuss over 4G / LTE. Pentura thought a nice blog post 13.56MHz 125kHz Adafruit Android
highlighting the changes and developments of mobile infrastructure would apache arduino Bluetooth breach
be interesting for our readers. Below is a high-level description of the 2G,
clone cookies Cross Site Scripting data
3G, 3G-Femto and finally 4G networks.
default files DLP Ducky electronics
Encryption exploit exploitation
2G
firefox flash flex fuzzing Hak5
2G (GSM/GPRS) is the initial backbone for all mobile infrastructure. At the
front end it comprises of a Radio Tower (BTS) , and the Base Station HF HID IPad java javascript LF Linux
Controller (BSC). The backend comprises of the usual core components the metasploit Microsoft Windows
HLR, VLR, MSC.
MIFARE Open Source OpenWrt
opinion pentesting
pentura PHP Pi Pineapple
Pololu privacy privilege escalation
Programming proxmark Proxmark3
Radio Raspberry Pi rdggeek RFID
robotics robotics week rootedcon RTL-
SDR SDR security server
3G
When it came to implementing 3G, the decision was made to build on top of
the existing 2G infrastructure and share some of the backend components.
The only dierence is the Radio Tower (NodeB) that supports a higher data
rate (faster speed) together with a Radio Network Controller (RNC). Note:
Users are referred to User Entities (UE). The backend comprises of the usual
core components the HLR, VLR, MSC, with the addition of the SSGN and
GGSN; which provide access to the Packet Switching Network, otherwise
known as the INTERNET!
The diagram below shows how 2G (top) and 3G/UMTS (bottom) networks
work side-by-side:
3G Femtocell Technology
This technology allows customers with broadband connections so set up
their own mini mobile tower in their home/business supporting up to 8
Mobile Subscribers (MS). The femtocell is known as an eNodeB or rather a
Home eNodeB (HeNB), that then tunnels all communication down an IPSEC
tunnel to your cellular providers IPSEC gateway; Thus being able to talk to
your cellular providers core network.
Note: The Femtocells do not support encryption unlike the big eNodeBs on
your cellular network. So if you monitor the connection between your
handset and the Femtocell you will see the negotiation of the A5/0
encryption scheme; A5/0 = NO ENCRYPTION!
4G
This is now where things become a little different
Again the Radio Tower is connected to a device called an eNodeB (like the
Femto Cell), this connects to the EPC. The EPC is an all-in-one solution that
contains the following components : Mobile Management Entity (MME)
(replacing the MSC); which in turn connects to the Service Gateways SGw
and PGw (which replace the GGSN and the SSGN) and the Policy Charging
and Rules Functionality (PCRF): performing bandwidth shaping and billing.
That connects users to the Public Data Network (Internet),
Rate this:
3 Votes
Share this:
Like
Leave a Comment
Leave a Reply
Blog at WordPress.com.