Menu
▾
▴
[Openbts-discuss] Cell-reselection - automatic handover
|
From: Simen S. <sim...@ho...> - 2016-02-25 14:25:18
|
Hello everyone! I am currently working on a project where I am looking into the detection of IMSI Catchers. I have set up a USRPB200 (with GPSDO) running openbts, smqueue and sipauthserve. I am currently trying to configure the OpenBTS such that an MS will automatically perform a handover to my fake base station. The problem I am having is that the nearby "valid" base stations sends out an RSSI equally strong (21 - recorded with AIMSICD) to that of my fake base station, and it will therefore calculate a reselection value C2 too weak to perform a handover. I have set the ARFCN to one that exists in the BCCH frequency list (but not in use) and have set the MCC and MNC to spoof the real network. (I am aware of the legal implications and are running in a lab). I have also set a different LAC so to force an interaction between the MS and the OpenBTS. Is there any way I can manipulate any configuration value (or by other means) so that it will perform a automatic handover? Thank you in advance! |
