| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: contact_jamie_fisher at yahoo.co.uk (jamie fisher) Subject: GPRS/IP-session from Nokia/Symbian mobile phone stays up The session you refer to is called the "PDP context". Invariably the PDP context will stay open between your mobile and the Mobile Operators network until the user ceases traffic. And yes, you will be charged for the traffic requests. Re: Pinging other mobile phones. You might be able to, but that would be poor network design in terms of what the network can route to the mobile phone from another mobile phone - unless of course you're on the same Corporate APN then that would be a value added service :-) Marco Davids (Prive) wrote: >Hi, > >For what it is worth: > >When my Nokia 6600 (Symbian V7.0s) mobile phone was connected to the >Internet and an imap-server for some tests the other day, I decided to >run a ping to the phone's IP-address (in fact I did an nmap -O to the >phone first, but that didn't work). > >After the mail was retrieved I closed the email-application on the phone. >Normally the GPRS-session is terminated in such a case. But not this time, >while the pings went on. This time I had to force the session to go down, >which is an option on the phone, luckily. I just never used it before :-) > >Later on I tried an SSH-session with the Mocha Telnet application from my >phone. Same behaviour. After I closed the SSH-application and as the >pings went on the (expensive) GPRS-session did not terminate as it >normally does when there is no incoming icmp traffic. When I finished >the external pings to the phone, the GPRS-session closed by itself. > >I tried again, this time with a larger packet-size, but that did not work. > >Then I tried a flood-ping and that did work. The GPRS-session stayed up >and the GRPS-counters increased dramatically! By this time my little >experiments where getting rather pricey for me. > >Conclusion: Even after the last application that uses IP on the phone is >closed, the GPRS-session stays up as long as there is incoming >(icmp)traffic. I am not sure what to think of this, but this seems >rather undesirable to me. Do other phones also 'suffer' form this >behaviour? > >This 'feature' can be abused. One could easily be lead to believe that the >GPRS-session is over, while in reality it is not. > >I did a quick ping-scan on the IP-range that my phone was in and >discovered 355 active, 'pingable', IP-addresses out of 2048. I figured it >be better not to start flood-pinging all of them them, but I couldn't help >thinking what would happen if some punk did: many phone's online would >probably stay online, depending on the number of phone models that show >the same behaviour. That would not only generate costs to their owners, >but would probaly also exhaust available IP-addresses for new >connections, resulting in some kind of DoS to the GPRS IP-service. > >Greetings, > >-- >Marco Davids > > > > > > > > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html --------------------------------- Win a castle for NYE with your mates and Yahoo! Messenger -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041213/26250ef9/attachment.html
Powered by blists - more mailing lists