ProtocolTracing » History » Version 1
Anonymous, 02/19/2016 10:47 PM
1 | 1 | = Recording and viewing A-bis communication = |
|
---|---|---|---|
2 | |||
3 | == Recording == |
||
4 | The bsc_hack application inside openbsc provides a command line option to automatically create a PCAP file. The resulting dump is only a subset of what is actually transmitted over the wire. Currently only Link Access Protol D-Channel (LAPD) messages are logged, the actual LAPD header is spoofed and only the TEI and SAPI information is invalid. This is mostly due mISDN not providing us with a LAPD header/frame and the encapsulation we use for wiretap/pcap. In the future there might be a dedicated encapsulation type for the complete mISDN traffic. |
||
5 | |||
6 | To write the protocol dump simply invoke bsc_hack: |
||
7 | ./bsc_hack -p networking.pcap |
||
8 | |||
9 | == Viewing == |
||
10 | Wireshark already provides dissectors for the various protocols we use (LAPD, RSL, GSM-A, GSM-SMS...). The LAPD protocol dissector needs some minor configuration though. Go to Edit -> Preferences -> Protocols -> LAPD and check the checkbox saying "Use GSM Sapi Values". Afterwards wireshark will be able to display a lot of the A-bis protocol. There are some glitches in the protocol analysis, some missing features and dissection of OML is completely missing. |
||
11 | |||
12 | == Dumps for you == |
||
13 | Here are some dumps that might be useful. Make sure that you only provide data from your own network and equipment (no IMSI/IMEI you do not know...) |