I am trying to find out if I can uniquely identify smartphones (I would like to find constant identifiers such as IMEI) by passively sniffing the cellular data frequencies.
I know that sensitive data such as SMS/DATA/CALLS are generally encrypted. I'm interested in only mapping nearby phones or cellular enabled devices.
An analogy could be gathering the MAC address of all the network equipment on an ethernet network.
So here I am, doing a reality-check to see if I am planning (I'd probably use some antenna and a Linux environment, as I doubt that Windows can handle the task) to miserably waste my time. Thanks. ;)