文摘
Private mobile communication systems (MCS) can be established easily with an open project and small MCS base stations are increasingly deployed in experiment environment. They can support not only voice communication, but also short message services (SMS) and data services. If a user has small base station (BS), then establishing a private real-world MCS becomes a clear option. For a private MCS to function properly, the services of private MCSs based on open projects should be configured similarly to those provided by commercial MCSs. In other words, the service should include voice communication, a SMS, and a General Packet Radio Services/Enhanced Data rates for GSM Evolution service. Also, the subscriber station, likewise, should be configured to support such services. In this paper, we consider attack scenarios using experimental MCSs with small BSs. We experimentally show the feasibility of attacks resulting in the leakage of private information, attacks on OpenBSC control, and DNS spoofing at the network level, all without subscriber knowledge. Keywords OpenBSC MSC BTS/femtocell Security Exploit