0

On reading about IMSI catchers, it is almost always mentioned together with MITM attacks, i.e. as if IMSI catchers are same as MITM.

But from my understanding, IMSI catchers and MITM are not the same thing:

IMSI catcher - as its name hints - only catches nearby IMSI number. For this purpose the fake BTS can connect to the mobile, without forwarding the inbound/outbound calls.

On the other hand, MITM allows the fake BTS to connect to real network, (just like a proxy) so that data from/to attacker is still flowing quite the same as before, except that it is now going through the fake BTS too.

So, is it correct to assume that IMSI catcher does not forward calls from faked BTS to the real network?

schroeder
  • 123,438
  • 55
  • 284
  • 319
ransh
  • 515
  • 6
  • 11

2 Answers2

1

IMSI is just a single method in which a MITM attack could take place. Most of the time a IMSI catcher is fairly passive in that it wants to see RX/TX data and proxy it to the proper tower for full functionality as to make sure the user has no clue. However, it can also be used as a DOS tool as well where it can become more of an active attack tool if need be. This only works, however, if the users are not connecting to other "legit" towers.

Long story short, MITM and IMSI are not mutually inclusive but, it's certainly high probability.

Joshua Faust
  • 638
  • 3
  • 8
0

IMSI catcher is only one of possible ways to launch a MITM attack: they are not comparable. And, BTW, IMSI catcher "is" a proxy.

Maurizio
  • 1
  • When imsi catcher vatch a phone without allowing in and out calls, is it still a "proxy"? – ransh Apr 24 '17 at 05:23