Penetration Testing mailing list archives
Re: [PEN-TEST] SMS (Short Message Service) Security
From: Guy Hadsall <ghadsal () acm org>
Date: Sun, 18 Feb 2001 14:08:46 -0500
Ronen, The SMS platform will dictate the type of attack. The Ericsson is on Solaris, others are on NT. Best way to tackle the test is to prepare for the enivonment and completely understand the interfaces between systems. The TOE (test environment) for an SMS system includes both circuit switched and packet interfaces. The operating system of the network elements are often NT for non-carrier solutions and the application software has more often then not never been assessed by a security practictioner. It'll be like "fishing in a barrel" IMHO. Good luck, and please do share! GuyH -----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of Ronen Segal Sent: Sunday, February 18, 2001 7:44 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] SMS (Short Message Service) Security Hello all. I’m about to conduct a Security Risk Assessment about a- TDMA and GSM SMS Services. If you could please point me to an article that deals with this matter or some thing that could help me get started by understanding the Risks SMS poses to the Service provider and the Cellular Subscriber I would be very Thankful. Thank You. Ronen
Current thread:
- [PEN-TEST] SMS (Short Message Service) Security Ronen Segal (Feb 18)
- Re: [PEN-TEST] SMS (Short Message Service) Security The Picard (Feb 19)
- Re: [PEN-TEST] SMS (Short Message Service) Security Guy Hadsall (Feb 19)
- Re: [PEN-TEST] SMS (Short Message Service) Security Andy Murton (Feb 19)
- <Possible follow-ups>
- Re: [PEN-TEST] SMS (Short Message Service) Security thomas sjogren (Feb 19)