Re: Femtocell Question

Author	All Replies
NetFixer Freedom is NOT free Premium join:2004-06-24 The 'Boro Reviews: ·Vonage ·Cingular Wireless ·Comcast ·AT&T Southeast	reply to Uncle Paul Re: Femtocell Question Do you know what a femtocell is? I think that is the crux of your question. You keep referring to a femtocell as if it were a WiFi AP, with references to being detected by Netstumbler or Kismet. Neither of those programs (or any similar programs) will be able to detect the presence or the usage of a femtocell. A femtocell is a local repeater for cellphones. Whether or not a specific femtocell can handle cellphone data connections as well as voice connections will depend on the service provider. Either way, it will have nothing to do with a company's (or an individual's) data network security except for whatever bandwidth is used by the femtocell router. The only security feature offered is the ability for some femtocell routers to use a whitelist of cellphones that are allowed to connect. -- A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed. »portscan.dcs-net.net »nature-pics.com
	to forum · permalink · 2009-07-02 20:45:53 ·
Uncle Paul join:2003-02-04 USA kudos:1	I know a Femtocell is not a WiFi AP, my question can it be used as one? If the answer is yes, then it certainly does effect a company's security position regarding the use and configuration of network access points. I know cellular traffic is not picked up by most WiFi location tools, but there may be tools like them designed for Femtocell's. I am not overly familiar with Femtocells thus some of my questions about their capabilities. You mentioned some allow whitelisting. What is the white list based on? Can it be spoofed? Simple Wifi snooping can easily allow me to bypass MAC address filtering on devices, can the same be said for Femtocells? Is there built in encryption? If so, what kind and what strength?
	to forum · permalink · 2009-07-04 09:29:08 ·
Jahntassa What, I can have feathers Premium join:2006-04-14 Conway, SC kudos:4	said by Uncle Paul: I know a Femtocell is not a WiFi AP, my question can it be used as one? If the answer is yes, then it certainly does effect a company's security position regarding the use and configuration of network access points. I would think any communication between the cellular device accessing the Femtocell and the rest of the world would be limited to the carriers network. I do not believe that by connecting a Femtocell to your local LAN will create a security hole allowing anyone with a cellphone access to your local network. The connection goes between the Cell and the Femtocell, then through a connection from the Femtocell directly to the Carriers network.
	to forum · permalink · 2009-07-04 10:37:13 ·
Uncle Paul join:2003-02-04 USA kudos:1	Dual homed laptop bypassing firewalls?
	to forum · permalink · 2009-07-04 13:25:10 ·

NetFixer Freedom is NOT free Premium join:2004-06-24 The 'Boro Reviews: ·Vonage ·Cingular Wireless ·Comcast ·AT&T Southeast	reply to Uncle Paul said by Uncle Paul: I know a Femtocell is not a WiFi AP, my question can it be used as one? The direct answer is no. I have heard that some cellular service providers are possibly planning on introducing "gateway" products that would incorporate femtocell and WiFi into a broadband router, but I don't think that any providers currently offer such devices. Even if this occurs, the femtocell activity (and circuitry) would likely still remain isolated from your local network since there would be no reason for it to be connected since the voice and data that passes through the femtocell is only for communication between a cell phone and the cellular provider's network. In fact I can think of many reasons that the cellular provider would need/want to keep this information isolated for their own security concerns. said by Uncle Paul: I know cellular traffic is not picked up by most WiFi location tools, but there may be tools like them designed for Femtocell's. There are tools that can be used to monitor cellular traffic, and since a femtocell is simply a low powered local cellular service, those tools would work for a femtocell as well as they would work for a traditional cell tower. said by Uncle Paul: I am not overly familiar with Femtocells thus some of my questions about their capabilities. You mentioned some allow whitelisting. What is the white list based on? Can it be spoofed? Simple Wifi snooping can easily allow me to bypass MAC address filtering on devices, can the same be said for Femtocells? The whitelist would be setup by supplying the same information about the specific cell phone(s) to the femtocell router that is provided to the cellular service provider to activate the phone(s). Can a modern digital cellphone be cloned? Possibly, but if it happened it would have nothing to do with your femtocell, since that cell phone would have access to that providers entire network, not just through your femtocell. said by Uncle Paul: Is there built in encryption? If so, what kind and what strength? The standard encryption that is used for cell phone traffic with your cellular service provider is also used (by necessity) by a femtocell connected to that service. The kind and strength would depend on what is used by your cellular service provider. The bottom line is that a femtocell provides a connection between a cell phone device and the cellular service provider. It does not provide a connection between a cell phone device and your local network. The only common thing is the shared bandwidth. -- A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed. »portscan.dcs-net.net »nature-pics.com
	to forum · permalink · 2009-07-04 14:20:19 ·
NetFixer Freedom is NOT free Premium join:2004-06-24 The 'Boro Reviews: ·Vonage ·Cingular Wireless ·Comcast ·AT&T Southeast	reply to Uncle Paul said by Uncle Paul: Dual homed laptop bypassing firewalls? That could be accomplished with traditional analog dialup and/or by connecting to a foreign WiFi connection and/or by a cellular data connection to a cell tower. Why would a femtocell data connection be any different? -- A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed. »portscan.dcs-net.net »nature-pics.com
	to forum · permalink · 2009-07-04 14:23:38 ·
Uncle Paul join:2003-02-04 USA kudos:1	reply to NetFixer I'm not sure if I agree with your security posture. But we'll leave that for another discussion. Does the Femtocell create a VPN from it out to the Cellular company's network? You said the standard encryption is used for cell phone traffic. Is that encryption FIPS compliant?
	to forum · permalink · 2009-07-04 16:38:04 ·
no_one @qwest.net	reply to Uncle Paul said by Uncle Paul: Dual homed laptop bypassing firewalls? So? For any data charges the person silly enough to do that would pay for it? I set up a free wifi connection to my cell account. If my cell charges anything for it I get to pay not the person using it for free? Plus if I owned a femtocell or wifi company I ain't war driving anything. I would set up my test lab. Make sure it is secure before shipment or install. If I hear or read something may do some more testing. But random war driving? My equipment will be secure and charge the user. If my user sets up stuff after my product that is not secure and runs up a bill not my problem. It is theirs. May put it in TOS as a warning not to. Now for a laptop dual homed. Say I have given an employee a company laptop for VPN into my business. Will inform them business use only no changes to software etc. Want your own laptop buy it. They set up something insecure fired. That could be caught by a proper security setup and random or every so often laptop checks if questionable things seem to be going on. Now yes maybe for a secure building walk thru checks for unauthorized access points. But netstumbler or kizmet? There is cheap hardware for that to locate such access points.
	to forum · permalink · 2009-07-04 17:29:19 ·
NetFixer Freedom is NOT free Premium join:2004-06-24 The 'Boro Reviews: ·Vonage ·Cingular Wireless ·Comcast ·AT&T Southeast 1 edit	reply to Uncle Paul The easiest (and most accurate) way to find the answer to your femtocell security/encryption questions would be to directly pose those questions to your specific cellular service provider. I don't directly work for any cellular service provider, so I can't supply you with explicit answers to those questions. I have however, been involved with installing some picocell/femtocell devices for a cellphone service provider who shall officially remain nameless because client privacy is my policy. Some information on the picocell devices I have installed may be seen at »www.ipaccess.com/technology/index.php . Perhaps the documentation for those devices might answer some of your questions. Generic marketing information is available publicly, but you will need to register to be able to receive whitepapers, data sheets, etc. References to "Connected Home services" are perhaps what concern you the most, but I don't think any of the currently available devices are capable of that functionality yet (at least not with the devices I have seen). said by ip.access : 3G Converge will also evolve to support integration of mobile phones into the Connected Home environment -- A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed. »portscan.dcs-net.net »nature-pics.com
	to forum · permalink · 2009-07-04 18:21:37 ·

Broadband Tech > Security > Security > Femtocell Question