Penetration Testing mailing list archives
RE: GPRS security
From: "Ogle Ron (Rennes)" <OgleR () thmulti com>
Date: Wed, 27 Feb 2002 04:22:36 +0100
GPRS only protects the data over the air waves. As soon as the wireless head end converts it back to a physical link, you've got all of the same threats on the Internet that everybody else has to worry about. We tested using IPsec over GPRS and sometimes it failed because of the time delay at the wireless head-end. In order for GPRS to be really effective in supporting mobile users, it has to have enough bandwidth with low time delays to carry encrypted data over the GPRS link (in essence a tunnel in a tunnel.) This internal encrypted tunnel will connect from the mobile user to the end server or gateway to the internal network. Also, when you run this internal tunnel, you don't have to worry about the encryption strength of GPRS. Ideally to save bandwidth, the wireless head end could provide a VPN between its network (wireless) and the mobile user's gateway/ server. However, I don't believe that any GPRS vendors will support this. My .02 Ron Ogle Rennes, France -----Original Message----- From: OPITZ,PAUL (HP-France,ex2) [mailto:paul_opitz () hp com] Sent: Tuesday, February 26, 2002 2:52 PM To: pen-test () securityfocus com Subject: GPRS security Hi; Does anybody knows well known threats and vulnerabilities in the GPRS world and countermesures ? It's to secure mobility people communications and protect telecom operator services and application servers. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- GPRS security OPITZ,PAUL (HP-France,ex2) (Feb 26)
- <Possible follow-ups>
- RE: GPRS security Ogle Ron (Rennes) (Feb 27)
- Re: GPRS security my bugtraq (Feb 28)
- RE: GPRS security Toni Heinonen (Feb 28)