Version 1 - History - TasksTasksNATBSCAuthentication - OpenBSC - Open Source Mobile Communications

TasksTasksNATBSCAuthentication » History » Version 1

Anonymous, 02/19/2016 10:47 PM

 == Make authentication of the BSC (more) secure ==
 ||Mentor ||Holger Freyther||
 ||Skills ||C  ||
 ||Length ||5 days  ||
 === Goal ===
 The nat authenticates a BSC by sending a token in clear text. A challenge and response mechanism should be used instead, e.g. the MILENAGE implementation of libosmocom could be used to implement challenge and response. The code can be found inside the BSC and NAT implementation.
 === Thoughts ===
 This does not protect against someone hijacking the TCP connection after the initial connection setup.

IMPORTANT NOTICE: This page contains information about a legacy version of the Osmocom software. This legacy version is no longer maintained. If you use it, don't be surprised if it doesn't work. It was your choice to ignore man-years worth of developments, improvements and fixes. Please migrate to the active/supported software (Osmocom CNI, consisting of OsmoBSC, OsmoMSC, OsmoHLR, OsmoSTP, OsmoMGW - a NITB style setup is described at Osmocom_Network_In_The_Box).

Project

General

Profile

Cellular Network Infrastructure » cni-legacy » OpenBSC

TasksTasksNATBSCAuthentication » History » Version 1