Apn hack

Apn hack DEFAULT

How do APN hacks work?

The APN is just a field that is sent to the mobile network when your phone establishes a data connection (also called a PDP context).

Equipment down the path can decide what to do with your traffic based on the APN, like routing it to different paths of the network, routing it to a company's internal network over VPN (companies can pay to have their own APNs which connect directly to their network, bypassing the need for an on-device VPN if they trust the mobile provider - which they shouldn't do).

The behavior you're seeing is just the result of years and years of technical debt - the alternative APN you're using may not even be in use anymore by the provider, it's just still there and they've forgotten about it, so they also forgot to implement traffic shaping on it and that's why you can bypass bandwidth limits. Since we're talking about a mobile carrier, it seems that mis-selling and implementing artificial limits like data caps is more important on their roadmap than cleaning up technical debt.

On a properly designed mobile network there is no need to have more than one APN as the network can differentiate between subscribers by their SIM's ICCID (which is also sent to the network and known to the equipment managing the PDP contexts) and assign policies regardless of which APN is in use. This removes confusion and prevents customers accidentally/maliciously using a different plan which could result in an incorrect policy being applied or extra charges.

Sours: https://security.stackexchange.com/questions/145985/how-do-apn-hacks-work

GPRS/ Internet connection settings around the world

Algeria

– Service Provider: Nedjma (Wataniya Telecom Algérie)
– Bearer: GPRS
– APN: nedjmawap
– Username: wap
– Password: wap
– Port: 9201 (3128 for TCP phones)
– Gateway: 192.168.52.2

Argentina

– Service Provider: Personal
– APN: gprs.personal.com
– Username: gprs
– Password: adgj
– Proxy: 172.016.000.020
– Port: 9201

– Service Provider: Telefónica Móviles (Movistar) – Unifon, Telefónica
– APN: wap.gprs.unifon.com.ar
– Username: wap
– Password: wap
– Proxy: 200.5.68.10:8080

Armenia
– Service Provider: Armentel
– Dial-up number: +37491444454
– Call type: analogue for prepaid cards, ISDN for postpaid
– Login: wap
– Password: wap
– DNS: 212.73.65.20

– Service Provider: Vivacell
– APN: inet.vivacell.am
– Proxy/Gateway: 83.217.226.71:8080 or 83.217.226.71:9201

Australia

– Service Provider: Virgin Mobile
– APN: Virgin.Internet

– Service Provider: Vodafone
– APN: vfinternet.au

Austria

– Service Provider: A1 (Vodafone live! package)
– APN: live.a1.net

Bangladesh

– Service Provider: GrameenPhone Ltd.
– APN: gpinternet
IP and Port depends on the Phones (HTTP/WAP2.0 – 8080, WAP1.0 – 9201)
WAP Portal: http://wap.gpsurf.net/gp
Settings Instruction: http://www.grameenphone.com/upload/EDGE_Manual.htm

– Service Provider: Aktel
– APN: internet
WAP Portal: http://wap.aktel.com

– Service Provider: Banglalink
– APN: blweb

– Service Provider: Warid Telecom.
– APN: internet
Settings Instruction: http://www.waridtel.com.bd

– Service Provider: Teletalk
– APN: wap gprsunl (for unlimited)

Barbados
– Service Provider: Digicel
– APN: web.digicelbarbados.com
– Proxy: 172.016.007.012
– Port: 9201

Belarus

– Service Provider: MTS.BY
— Internet via WAP profile —
– Dial-up number: 0885
– Call type: ?nalogue
– Login-name: mts
– Password: mts
– DNS (optional): 217.021.061.020
– GPRS: off

Belgium
– Service Provider: BASE
– APN: gprs.base.be
– Username: base
– Password: base
– Proxy: 172.031.198.037
– Port: 9201 (WAP1) or 5080 (WAP2)

– Service Provider: Mobistar
– APN: internet.be for residential and web.pro.be for businnes customer

– Service Provider : Proximus (Belgacom Mobile)
– APN : wap.proximus.be
– Username: wap
– Password: none
– Proxy: 010.253.007.003
– Port: 8080
(charged for mobile internet, NOT wap)

Bolivia

– Sevice Provider: TIGO
– APN: internet.tigo.bo
– Proxy: 172.25.100.8
– Port: 9201

Brazil

– Service Provider: Oi
– APN: gprs.oi.com.br

– Service Provider: Claro
– APN: claro.com.br
– Username: claro
– Password: claro

– Service Provider: Telemig Celular
– APN: gprs.telemigcelular.com.br
– Username: celular
– Password: celular
– Port: 9201

– Service Provider: TIM
– APN: mms.tim.br
– Username: tim
– Password: tim

Brunei Darussalam

– Service Provider: BMobile
– APN: bmobilewap
– Username and password: blank
– Proxy: 129.9.10.20
– Port: 6500

– Service Provider: DST
– APN: dst.wap
– Username: wap
– Password: wap
– Proxy: 10.100.6.105
– Port: 3130

Bulgaria

– Service Provider: GloBul
– APN: internet.globul.bg
– Username: globul

– Service Provider: MTEL
– APN: inet-gprs.mtel.bg or wap-gprs.mtel.bg
– IP: 213.226.6.66

Cameroon

– Service Provider: MTN
– APN: mtnwap
– Username: mtnuser
– Password: mtnuser
– Proxy: 196.202.236.195
– Port: 9201

Canada

– Service Provider: Fido
– APN: wap.fido.ca
– Username: fido
– Password: **** (probably “fido”)

– Service Provider: Rogers Wireless (formerly Rogers AT&T)
– APN: internet.com
– Username: wapuser1
– Password: wap
– DNS 1: 207.181.101.4
– DNS 2: 207.181.101.5
– Port: 80

Czech republic

– Service Provider: Vodafone
– APN: internet (for fixed payment tariff), ointernet (for credit services)

Chile

– Service Provider: Entel PCS
– APN: imovil.entelpcs.cl
– Username: entelpcs
– Password: entelpcs

China

– Service Provider: CHINA MOBILE(CMCC)
– APN: CMWAP
– Proxy: 10.0.0.172
– Port: 80

– Service Provider: CHINA MOBILE(CMCC)
– APN: CMNET
– Proxy: NO

Colombia

– Service Provider: Comcel 3GSM
– APN: wap.comcel.com.co
– Username: COMCELWAP
– Password COMCELWAP
– Proxy: 198.228.090.228
– Proxy Port: 8799

Croatia

– Service Provider: T-Mobile
– APN: web.htgprs
– Proxy: 10.12.0.1
– Port: 8080

Czech Republic

– Service Provider: Oskar/Vodafone
– APN: ointernet

– Service Provider: T-Mobile
– APN: internet.t-mobile.cz

Denmark

– Service Provider : 3
– APN: data.tre.dk

– Service Provider: Telia
– APN: www.internet.mtelia.dk
– Username: telia
– Proxy: 62.44.158.29

– Service Provider: Telmore/TDC
– APN: internet
– Username: tdc
– Password:
– Proxy: 194.182.251.15

Dominica

– Service Provider: Cable & Wireless
– Service Type: HTTP
– Prepaid APN: ppinternet
– Postpaid APN: internet
– Proxy: 10.20.5.34
– Port: 9201

Dominican Republic

– Service Provider: Orange
– APN: orangeworld
– Gateway IP: 172.16.126.70
– Port: 8080
– DNS: 0.0.0.0

Egypt

– Service Provider: Mobinil
– APN: mobinilwap
– Proxy: 10.7.13.21 port 9201 or 62.241.155.45 port 8080

– Service Provider: Vodafone
– APN: wap.vodafone.com.eg
– Username: wap
– Password: Blank
– Proxy: 163.121.178.2 port 8080

Estonia

– Service Provider: EMT
– APN: internet.emt.ee

– Service Provider: Tele2
– Automatic setup: http://www.tele2.ee/271_ETI_HTML.html

Fiji

– Service provider: Vodafone
– APN: vfinternet.fj

Finland

– Service Provider: Elisa
– APN: “Elisa internet” (3g) or “Elisa GPRS WAP” (GPRS)
– Username, if needed: “wap” for gprs, “3g” for 3g
– Password, if needed: “wap” for gprs, “3g” for 3g

– Service Provider: Saunalahti (Uses elisa’s network)
– APN used for Opera Mini: internet.saunalahti

– Service Provider: Sonera (TeliaSonera Finland)
– APN used for Opera Mini: wap.sonera.net (GPRS)
– Proxy: 192.156.25.4
– Port: 80

France

– Service Provider : Bouygues Télécom (Bouygtel)
– APN : ebouygtel.com
– IP and port depends on the phone (found on http://parametrer.bouyguestelecom.fr…Service.action )

– Service Provider: Orange with with “Tv & surf” option
– APN: orange
– Port: use http and port 80 to surf for free

– Service Provider: SFR
– APN: wapsfr
– Proxy: 195.115.25.129:8080

Georgia

– Service Provider – GeoCell
– APN used for Opera Mini – separate APN (set as preffered, not the APN from Geo Internet Settings): internet

– Country:Germany
– Service provider: T-mobile
– APN: internet.t-mobile
– Username and Password: usr:t-mobile, psw:tm
– DNS#1: 193.254.160.1
– DNS#2: 193.254.160.130

and

– Country:Germany
– Service provider: T-mobile
– APN: internet.t-d1.de
– Username and Password: Usr:t-mobile, Psw:tm
– DNS#1: 193.254.160.1
– DNS#2: 193.254.160.130

Germany

– Service Provider: Debitel
– Automatic Configuration: http://www.debitel.de/kunden/infocen…ndys/index.php

– Service Provider: e-plus
– APN: wap.eplus.de
– Username and password: eplus / wap
– Proxy: 212.023.097.009
– Port: 8080
– Automatic Configuration: http://www.eplus.de/Dienste/13/13_3/13_3.asp

– Service Provider: E-Plus
– APN: internet.eplus.de
– User: eplus
– Pass: whatever you want, not blank
– DNS: no need, but in case -> 212.023.097.002 (DNS2: .003)
– Automatic Configuration: http://www.eplus.de/Dienste/13/13_3/13_3.asp

– Service Provider: Mobilcom
– Automatic Configuration: http://www.mload.de/mof/wap/cfg/otaProfile.do

– Service Provider: O2
– APN: internet
– Info: According to some people, the proxy initially set default by O2 must be deleted.
– Automatic Configuration: http://www.o2online.de/nw/support/hi…lle/index.html

– Service Provider: T-mobile
– APN: internet.t-mobile.de
– Username and Password: usr:t-mobile, psw:tm
– DNS#1: 193.254.160.1
– DNS#2: 193.254.160.130

– Service Provider: T-mobile
– APN: internet.t-d1.de
– Username and Password: Usr:t-mobile, Psw:tm
– DNS#1: 193.254.160.1
– DNS#2: 193.254.160.130

– Service Provider: Vodafone D2
– APN: web.vodafone.de
– Automatic Configuration: http://www.vodafone.de/hilfe-support…ion/96986.html

Greece

– Service Provider: Wind
– APN: gwap.b-online.gr
– Username: wap
– Password: wap
– Proxy: 192.168.200.10
– Port: 9401

Grenada

– Service Provider: Cable & Wireless Grenada (bMobile Grenada)
– APN: Prepaid= ppinternet and postpaid=internet

Guernsey

– Service Provider: Cable and Wireless
– APN: internet
– Username: guest
– Password: guest

Guyana

– Service Provider: GT&T CELLINK PLUS
– APN: wap.cellinkgy.com
– Username: gtt
– Password: gtt
– Proxy: 10.0.1.99
– Port: 8080

Honduras

– Service Provider: Claro
– APN: web.megatel.hn
– Username: webmegatel
– Password: webmegatel
– Port: 8080

– Service Provider: TIGO
– APN: internet.tigo.hn

Hong Kong

– Service Provider: Three (3G + HSDPA data)
– APN used for Opera Mini: Internet

Hungary

– Service Provider: Vodafone HU
– APN: internet.vodafone.net (contract) or vitamax.internet.vodafone.net (prepaid)

India



– Service Provider: AirTel
– APN: airtelwap.com or airtelmms.com
– Proxy: 100.1.200.99
– Port: 8080

– Service Provider: AirTel (BHARTI)
– APN: airtelgprs.com
– Proxy: 202.56.231.117
– Port: 8080

– Service provider: Airtel – Tamil Nadu
– APN: airtelgprs.com

– Service Provider: BPL (Mumbai)
– APN: mizone
– Username: (your number here) eg: 98********
– Password: ?
– Proxy: 10.0.0.10
– Port: 9401

– Service Provider: BSNL SOUTH(KERALA)
– APN: bsnlsouth
– Username: your phonenumber
– Password: your phonenumber
– Protocol: HTTP
– Proxy: 10.31.54.2
– Port: 9401

– Service Provider: CellOne
– APN : wapnorth.cellone.in or gprsnorth.cellone.in
– Proxy: 010.132.194.196
– Port: 8080

– Service Provider: hutch
– IP: 10.10.1.100
– APN: portalnmms
– Port: 9401

– Service Provider: Idea
– APN: internet
– IP: 10.4.42.15
– Port: 8080

– Service Provider: Idea (alternative settings)
– Homepage: http://www.ideafresh.com
– Service Type 1: WAP
– Proxy 1: 10.4.42.15
– Port 1: 9201
– Service Type 2: WAP
– Port 2: 9201
– Timeout: 15 minutes
– Speed (Bps)1: 9600
– Line Type 1: Modem
– Speed (Bps)2: 9600
– Line Type 2: Modem
– GPRS APN: internet

– Service Provider: Reliance smart(gsm)
– Name: RTLWAP
– Homepage: http://wap.rworld.co.in/gsm/index.xhtml
– Service Type1: HTTP
– Proxy1: 97.253.29.199
Port1: 8080
– Port2: 0
– Timeout: 15 minutes
– GPRS APN: RISLWAP

– Service Provider: SPICE TELECOM
– APN: simplydownload
– Proxy: 10.200.200.3
– Port: 8080

– Service Provider: Vodafone
– Vodafone Mobile Connect service
– APN: www
– Vodafone live service
– APN: portalnmms
– Proxy: 10.10.1.100
– Port: 9401
– Information: For vodafone mobile connect type ‘WWW’ and send it to 52586 and for vodafone live type ‘VL’ and send it to 52586.

Indonesia

– Service Provider: Excelcomindo (XL)
– APN: www.xlgprs.net
– Username: xlgprs
– Password: proxl
– Proxy: 202.152.240.50
– Port: 8080

– Service Provider: Indosat (IM3)
– APN: www.indosat-m3.net
– Username: gprs
– Password: im3
– Proxy: 10.19.19.19
– Port: 8080

– Service Provider: Mentari (Indosat)
– APN: indosatgprs
– Username: indosat
– Password: indosat
– Proxy: 10.19.19.19
– Port: 8080

– Service Provider: Telkomsel
– APN: telkomsel or internet or [blank]
– Username: wap
– Password: wap123
– Proxy: 10.1.89.130
– Port: 8000

Iran

– Service Provider: Mtn Irancell
– APN : mtnirancell
– Proxy: 10.131.26.138
– Port: 8080

Ireland

– Service Provider: Meteor
– APN: isp.mymeteor.ie
– Username: my
– Password: isp
– Info: Before using these settings, you have to call Meteor and ask them to enable ISP Access on your account – they don’t allow it by default. You need to tell them you want to connect to the internet using your phone as the modem. The first thing they need to do is have your account “provisioned on the HLR for ISP (internet access)”.

– Service Provider: O2
– APN: open.internet (tarif) or pp.internet (prepay)
– Username: gprs
– password: gprs
– Info: The p2.wap.o2.ie (The standard WAP one) works, but photo blogging will not work with it.

– Service provider: Vodafone
– APN: isp.vodafone.ie(contract) live.vodafone.com(pre-pay)
– Username: vodafone
– Password: vodafone
Info: You may also need to contact vodafone to get them to allow data connection with your sim. It often isn’t enabled by default on business phones.

Italy

– Service Provider: Vodafone
– APN: web.omnitel.it
– DNS: 194.185.097.134 (not mandatory, if something wrong put 000.000.000.000)
– Auto conf. message: Call 190 and ask it to operator.

– Service Provider: Wind
– APN: internet.wind
– DNS: 212.245.255.002
– Auto conf. message: Call 155 and ask it to operator.

– Service Provider: TIM
– APN: ibox.tim.it or wap.tim.it
– Proxy: 213.26.205.1
– Port: 80 or 9201
– DNS: 192.120.029.030
– Auto conf. message: Call 119 and ask it to operator.

Jamaica

– Service Provider: Digicel
– APN: Opera Mini
– Username: wapuser
– Password: wap03jam
– DNS, 172.16.7.12

Kuwait

– Service provider: MTC-Vodafone
– APN: pps
– Username: pps
– Password: pps
– Proxy: 10.43.4.5
– Port: 8080

Latvia

– Service Provider: Amigo (SIA Zetcom)
– APN: amigo.lv
– Username: amigo
– Password: amigo
– Proxy: 212.093.097.200
– Port: 9201
– Automatic configurator for Amigo: http://amigo.lv/pakalpojumi/gprs_dat…rs_parametrus/

– Service Provider: Bite Latvia
– APN: wap
– Username: wap
– Password: wap
– Proxy: 213.226.131.133

– Service provider: LMT
– APN: internet.lmt.lv

– Service provider: Tele2
– APN: internet.tele2.lv
– Automatic configurator for TELE2 Latvia: http://selfwap.tele2.se/ota2/?countlang=lv

Lebanon

– Service Provider: Alfa
– APN: wap.mic1.com.lb
– Username: mic1
– password: mic1
– Proxy: 192.168.23.50
– Port: 80
More info here (registration required): http://www.alfa.com.lb/mobconf/wap/d…asp?language=1

Lithuania
– Service Provider: Omnitel
– APN: omnitel
– Username: omni
– Password: omni
– DNS1: 194.176.32.129
– DNS2: 195.22.175.1

– Service Provider: Tele2
– APN: internet.tele2.lt
– Username: wap
– Password: wap

– Service Provider: Tele2
– APN: wap.tele2.lt
– Port: 8080
– Proxy IP: 130.244.196.90

Malaysia

– Service Provider: Celcom
– APN: celcom3g
– Proxy Server IP: 10.128.1.242
– Proxy Server PORT: 8080

– Service Provider: DiGi Malaysia
– Service: WAP
– Gateway IP: Leave Blank
– Port: 9201
– GPRS APN: diginet

– Service Provider: Maxis Hotlink
– APN: net
– Automatic Configurator at http://www.hotlink.com.my/level2/hotlevel2.asp?AID=1237

– Service Provider: Maxis
– APN: net
– User Name: maxis
– Password: wap
– Proxy: 202.075.133.049

Malta

– Service Provider: Vodafone
– APN: internet
– Username: internet
– Password: internet

Mexico

– Service Provider: Telcel
– APN: internet.itelcel.com
– Username: webgprs
– Password: webgprs2002

Moldova
– Service Provider: Orange
– APN: wap.orange.md
– Username and password: NA
– Proxy: 192.168.127.124
– Port: 3128
Settings page: http://www.orange.md/?c=5&sc=56

Montenegro
– Service Provider: T-Mobile
– Username: 38167
– Password: 38167
– APN: internet-prepaid (for prepaid) or internet-postpaid (for postpaid)
– Proxy: 10.0.5.19

Nepal

– Service Provider: Mero Mobile
– APN: mero
– IP (if needed): 192.168.29.9

– Service Provider: Nepal telecom
– APN: ntwap
– Proxy: 192.80.7.133
– Port: 8000

Netherlands

– Service Provider: Debitel (www.lowcall.nl, KPN network)
– APN: internet.debitel.nl
– Username: username

– Service Provider: KPN Mobile with internet everywhere
– APN: internet
– Automatic Configurator at http://www.kpn.com/kpn/show/id=755013

– Service Provider: Orange (Orange World)
– APN: internet
– Internet mode: HTTP (only)
– DNS: 10.250.255.188

– Service Provider: T-Mobile
– APN: internet
– Username and password: tmobile/tmobile
– Proxy: 10.10.10.10 (for WAP account)
– Port: 9201 (for WAP account)
– DNS: auto

– Service Provider: Telfort
– Service Type/Connection Type: HTTP (not all phones have this option. But it must be HTTP for Opera Mini, instead of WAP)
– APN: internet
– Username and password: (leave blank)
– (Gateway) IP: 193.113.200.195
– Port: 8080

– Service Provider: Vodafone
– APN: live.vodafone.com
– Username: vodafone
– Password: vodafone
– Proxy: 192.168.251.150 (for Web account)
– Port: 8799 (for Web account)

New Zealand
– Service Provider: Vodafone NZ
– APN: www.vodafone.net.nz
Automatic Configurator at http://wireless.vodafone.co.nz/ota.cfm

Nicaragua

– Service Provider: Claro
– APN: wap.ideasalo.ni
– User: wap
– Password: wap
– Proxy: 10.6.32.2
– Port: 8080

– Service Provider: Movistar
– APN: wap.movistar.ni
– User: movistarni
– Password: movistarni
– Proxy:010.012.023.001
– Port: 80/8080

Nigeria

– Service Provider: MTN
– APN: web.gprs.mtnnigeria.net
– IP: 10.199.212.2

– Service Provider: Celtel Nigeria
– APN: wap
– Username: none
– Password: gprs
– Proxy: 172.18.254.5
– Port: 8080

Norway

– Service Provider: Netcom (and every provider on Netcom’s network)
– APN: netcom
Automatic Configurator at https://netcom.no/ota/

– Service Provider: Telenor (and every provider on Telenor’s network)
– APN: internet
Automatic Configurator at https://dms.telenormobil.no/telenor/wizard.form

Pakistan

– Service Provider: Mobilink
– APN: wap.mobilinkworld.com (“connect.mobilinkworld.com” for GPRS instead of WAP)
– Username: mobilink
– Password: mobilink
– Proxy: 172.24.97.29
– Port: 8080
– DNS: 172.24.97.29

– Service Provider: Telenor
– APN: internet
To download setting manually, send following message to 131: internet manufacturer model

– Service Provider: Ufone
– APN: ufone.internet

– Service Provider: Warid
– APN: wap.warid
– Proxy: 10.4.2.1
– Port: 8080
– DNS: 10.4.2.1

Paraguay

– Service Provider: Personal
– APN: http://wap.personal.com.py
– Username: personal
– Password: personal
– Proxy: 172.016.192.006
– Port: 9201

– Service Provider: TIGO http://www.tigo.com.py
– APN: wap.tigo.py
– IP: 10.16.17.12 (optional)
– Username: tigo
– Password: tigo

Peru

– Service Provider: Claro
– APN: wap.claro.pe
– Username: tim
– password: tulibertad

– Service Provider: Movistar
– APN: movistar.pe
– Username: [email protected]
– Password: movistar

Philippines

– Service Provider: Globe
– APN: http.globe.com.ph
– Port: 8080

– Service Provider: SMART
– APN: internet
– DNS: 202.57.96.3
– Info: Don’t enter any IP address.

Poland
– Service Provider: PlusGSM
– Connection type: GPRS (or HTTP)
– APN: www.plusgsm.pl (or ‘internet’)
– DNS 1 – IP: 212.2.96.51
– DNS 2 – IP: 212.2.96.52

– Service Provider: Orange
– APN: wap
– Username: wap
– Password: wap
– Proxy (IP Address): 192.168.006.102
– Port: 9201

– Service Provider: PTC Era
– APN: erainternet
– Username: erainternet
– Password: erainternet

Portugal

– Service Provider: Optimus
– APN: internet
– Login: guest (or leave blank, if having problems)
– Password: guest (or leave blank, if having problems)
– DNS: 194.79.69.129

– Service Provider: Vodafone (pay-per-use)
– APN: internet.vodafone.pt
– Username: vas
– Password: vas

– Service Provider: Vodafone (flat-fee)
– APN: wap.vodafone.pt
– Username: wap
– Password: wap
– Proxy: 172.16.19.50
– Port: 8799

Romania

– Service Provider: Orange
– APN: wap
– Internet mode: HTTP
– Proxy: 62.217.247.252
– Port: 8799

– Service Provider: Orange
– APN: internet
– Internet mode: HTTP

– Service Provider: Vodafone
– APN: live.vodafone.ro
– Username: live
– Password: vodafone (?)
– Proxy: 193.230.161.231
– Port: 8080
For the setting to work you need to activate Vodafone Live service (call public relations *222).

– Service Provider: Vodafone
– APN: internet.vodafonme.ro
– Username: internet.vodafone.ro
– Password: vodafone

Russia

– Service Provider: BaikalWestCom
– APN: inet.bwc.ru
– Username: bwc
– Password: bwc

– Service Provider: BashCELL
– APN: internet.bashcell.ru

– Service Provider: Beeline
– APN: internet.beeline.ru

– Service Provider: Megafon (NWGSM)
– APN: internet.nw or internet

– Service Provider: Megafon (Moscow)
– APN: internet.msk or internet
– APN: internet.ltmsk (“Lite” pay plans)
– Username: gdata
– Password: gdata
To activate GPRS in your plan: *105#, 4, 4, 3. (free of charge)

– Service Provider: Megafon Siberia
– APN: internet.sib

– Service Provider: Megafon (Volga region)
– APN: internet.volga
– Username: wap
– Password: wap
– Proxy: 83.149.16.16
– Port: 9201
– DNS 0.0.0.0

– Service Provider: MTS RUS
– APN: internet.mts.ru

– Service Provider: NCC (Nizhegorodskaya Cellular Communications)
– APN: internet
– Port: 80 or 8080

– Service Provider: SMARTS
– APN: internet.smarts.ru
– Username: internet
– Password: internet

– Service Provider: STEK gsm (Kuzbass)
– APN: internet.stekgsm.ru

– Service Provider: Tele2
– APN: internet.tele2.ru
– Username: tele2
– Password: tele2

– Service Provider: U-tel (ex-USI)
– APN: internet.usi.ru

Saudi Arabia

– Service Provider: STC
– APN: jawalnet.com.sa
– Proxy: 10.224.3.249
– Port: 8080

Serbia
– Service Provider: Telekom Srbija (MTS 064)
– APN : gprswap
– Username: mts
– Password: 064
– IP: 172.017.088.198

– Service Provider: Telenor (063)
– APN : internet
– Username: telenor
– Password: gprs
– Proxy: 217.065.192.033
– Port: 8080

Singapore

– Service Provider: StarHub
– Service Type 1: WAP
– Port 1: 9201
– GPRS APN: shwap

– Service Provider: Singapore M1
– Service Type 1 : HTTP
– Port: 9201
– APN: sunsurf
– Username: 65xxxxxxx (?)
– Password: user123

Slovakia

– Service Provider: T-Mobile
– APN: internet
– DNS1: 194.154.230.066
– DNS2: 194.154.230.074

– Service Provider: Orange
– APN: internet
– Username: wap
– Password: wap
– DNS1: 213.151.200.003
– DNS2: 213.151.208.161
– Proxy: 8080

Slovenia

– Service Provider: Si.mobil
– APN: internet.simobil.si
– Username: simobil
– Password: internet

South Africa
– Service Provider: Vodacom
– APN: internet (vlive doesn’t work anymore)
– Port: 8080

Country: Spain
Service provider: Telefonica movistar
APN: movistar.es
Username and password: MOVISTAR (username and password are the same)


Spain

– Service Provider: Telefonica movistar
– APN: movistar.es
– Username and password: MOVISTAR (username and password are the same)

– Operator: Yoigo
– APN: internet
– Proxy: 010.008.000.036
– Port: 8080

Sri Lanka

– Service Provider: Dialog TeleKom
– Subscription: “kit” prepaid
– APN for HTTP: ppwap
– APN for Socket: ppinternet
– IP: 192.168.122.002

– Service Provider: Mobitel (Internet via WAP profile)
– APN: wap
– Username: (leave blank)
– Password: (leave blank)
– Internet Mode: HTTP
– Use Proxy: Yes
– Proxy address: 192.168.050.163
– Port: 8080

– Service Provider: Tigo (Formerly Celltel)
– APN: wap
– IP: 192.168.104.004
– Port: 9401
– Internet Mode: HTTP

Switzerland

– Service Provider: Orange
– APN: internet
– DNS1: 213.055.128.001
– DNS2: 213.055.128.002

Sweden

– Service Provider: Comviq Kontant
– APN: wap.swipnet.se
– Username and password: usr:wap, psw:wap
– Proxy: 130.244.196.090
– Port: 8080

– Service Provider: Comviq (Subscription)
– APN : isplnk1.swip.net
– Username and password: usr:wap, psw:wap
– Proxy: 130.244.196.090
– Port: 8080

– Service Provider: Tele2Comviq
– APN: internet.tele2.se
– Proxy: 130.244.196.090 (some models will convert the last octet into .30)

– Service Provider: Vodafone cashcard
– APN : services.vodafone.net

– Country: Sweden
– Service provider: Comviq Kontant
– APN : wap.swipnet.se
– Username and password: usr:wap, psw:wap
– Proxy: 130.244.196.090
– Port: 8080

– Country: Sweden
– Service provider: Comviq (Subscription)
– APN : isplnk1.swip.net
– Username and password: usr:wap, psw:wap
– Proxy: 130.244.196.090
– Port: 8080

Thailand

– Service Provider: DTAC
– APN: DTAC-GPRS-WAP
– Proxy: 203.155.200.133
– Port: 8080

UK

– Service Provider: Orange
– APN: orangewap
– (The WAP profile works well)

– Service Provider: O2 WAP
– Connect using: O2 WAP
– Internet mode: HTTP
– Use proxy: Yes
– Proxy address: 193.113.200.195
– Port number: 8080
– Username & Password are left blank.

– Service Provider: O2 WAP GPRS
– Connect using: O2 WAP GPRS
– Other settings as above.

– Service Provider: O2 Mobileweb
– Connect using: O2 Mobileweb
– Other settings as above.
– (Please note the above are “Internet settings” profiles. “Data comm.” settings are all as per settings received from O2, which you can get sent direct to your mobile from their website. http://www.o2.co.uk/services/ota4/select )

– Service Provider: Telecom Plus
– APN: data.uk
– Configurator @ Telecom Plus Help Page

– Service Provider: Virgin Mobile
– APN: goto.virginmobile.uk
– Username: user
– Password:

– Service Provider: Vodafone UK Contract Wap
– APN: wap.vodafone.co.uk
– Authorisation type: normal
– User: wap
– Password: wap
– Protocol: HTTP
– IP/Gateway: 212.183.137.12
– Proxy. 8799
– Log in timeout: 300

– Service Provider: Vodafone UK payandgo
– APN: pp.vodafone.co.uk
– User: web
– Password: web
– IP/Gateway: 212.183.137.012
– Proxy. 8799
– Internet mode: HTTP or WAP

– Service Provider: Vodafone UK
– APN: internet
– Username: web
– Password: web

Ukraine

– Service Provider: UMC
– APN: www.umc.ua

– Service Provider: Mobi
– APN: internet.urs

– Service Provider: Kyivstar (Ace&Base, prepai.)
– APN: www.ab.kyivstar.net

Uruguay

– Service Provider: Ancel
– APN: wap
– Connection Type: HTTP
– Proxy: 200.40.246.2
– Proxy Port: 3128

USA

– Service Provider: Cingular
– APN: wap.cingular
– Username: [email protected]
– Password: CINGULAR1
– Proxy: wireless.cingular.com (for Unlimited Media Contract)
– Port: 80 (for Unlimited Media Contract)

– Service Provider: Edge Wireless
– APN: isp

– Service Provider: T-Mobile
– APN: wap.voicestream.com
Configurator at http://tmobileussupport.wdsglobal.co…/configuration

– Service Provider: Unicel
– APN: apn.unicel.com
– WAP Gateway: 63.99.231.135
– Port: 8080

Venezuela

– Service Provider: Movistar
– APN: internet.movistar.ve
– Username: Your cell number – no spaces, no dashes, no special characters, numbers only, all 10 digits of your cell phone number
– Password: Your Cedula de Indentidad number, no letters just the numbers

Vietnam

– Service Provider: Vinaphone
– APN: m3-world
– Username: mms
– Password: mms
– Proxy: 10.1.10.46
– Port for WAP: 9201
– Port for Internet: 8000

————————————————————————
DONT FORGET TO ADD REP AND THANKS IF YOU LIKE MY POST

Sours: https://www.hackingloops.com/gprs-internet-connection-settings-around-the-world/
  1. Hp smart printer
  2. Versace pool slides red
  3. Dial liquid bath soap

Hacking IoT manufacturers and smart cars through APN (Access Point Network)

By Shaurya Sharma January 25, 2018  Access Point Network, APN, how to, How to Hack IOT, IoT, Smart Cars

To connect to any cellular APN service, the device must have the following information: access point name, user name and password.This scheme works in the case of SIM-cards purchased from intermediaries.

Before we go directly to the topic of the article, we will clarify the notion of APN:

APN (Access Point Name), access to which can be obtained from most mobile operators, is a service used to collect mobile data from 3G / 4G protocols originating from the device and redirect traffic to the destination IP site in the corporate network (source –CESG).

Sometimes IoT devices and vehicles that we test transmit only IP traffic through cellular networks.If you think that the use of secret APN-keys enhances security, then we hasten to disappoint you.
We found that APN keys are often easily compromised.In addition, you can use the IoT device and gain access to the APN without breaking the key, after which confidential information and other devices using the same APN become available.This list includes other IoT devices from the same manufacturer and other vehicles.In addition, we can even compromise internal corporate network systems.

Connecting toAPN

To connect to any cellular APN service, the device must have the following information: access point name, user name and password.This scheme works in the case of SIM-cards purchased from intermediaries.  

The provider can give out APN-settings for your phone when connected to the network.Or, more likely, information will be available for self-tincture.Providers use various APNs when providing services for tablets, computers or telephone traffic.If you google the phrase “APN Settings”, you can get a large list of public APNs for different cellular providers around the world.In addition, you can find these settings in the unloaded firmware.In any case, connecting to an APN allows a cellular device to communicate over IP, whether it’s the Internet or a private internal band.

Even though sometimes the lack of a standard Ethernet interface on a “smart” device makes testing difficult, at the same time, the process itself can be quite interesting.

Extract APN accounting records

Assuming that a device connected to a private APN service is physically protected, the natural question arises: “How to extract APN accounting records?”

Most of the time, the device will connect to the cellular network to which it can.This does not mean that the phone with a Vodafone SIM card will connect to the O2 network, but it means that we can replace the factory SIM card with our own and the phone will connect to the network we want to.

We have a femtocell that supports the 3G standard, a “Network in a Box” device and several SIM cards.We ordered these devices at Sysmocom, whose specialists are doing a really useful job in terms of accessibility of developments for the 3G standard as part of the Osmocom project.

Once the femtocell and network are operational, we can insert the SIM card into the target device (be careful and do not lose the factory SIM card, which is useful to us in the future) and are waiting for the connection to the network.Thus, through a normal Ethernet interface, we can see what operations the device will perform through the cellular connection.For example:

  • Which traffic generates the device where it tries to connect, and whether encryption is used.
  • Are there any open ports?Developers can assume that only the use of a cellular APN interface provides a sufficient level of security.Perhaps we can find the superuser password, and also the password used when connecting via Telnet.
  • The secret information used for APN authentication.

The first two points we will not consider, since there are enough resources covering this topic.

On the other hand, little is written about APN authentication.APN authentication via 3G network is based on the PPP CHAP protocol.The CHAP protocol, first proposed in 1996 as the predecessor to MS-CHAP, uses a three-way “handshake”: call, response, authentication / rejection.

BypassingAPN authentication

The Osmocom application, on the basis of which our 3G network operates, ignores APN authentication requests, and allows you to connect to any device with any APN-name, user name and password.However, the triple “handshake” is still happening.

If you analyze the authentication process with tcpdump, you will see something like:

In the figure above, the relevant packages are highlighted in a red box.Wireshark shows that the packet containing information about APN-authentication is called (RUA) DirectTransfer (DTP) (SM) Activate PDP Context Request.

But where is the password?

The APN username and username are displayed in clear text.But not the password.

For a direct answer, we need to refer to RFC1994.It turns out that the CHAP Response Value is a slightly collapsed hash.

The octet of the request identifier (in this case, “0x01”) is followed by a password, and then the value of CHAP authentication (in this case, “f3bcc7c0d43ff6a7dafcb4a7a388975d”).After merging, the entire string is coded with the MD5 algorithm.

Yes, this isMD5

By lucky coincidence, hashcat has a mode for iSCSI CHAP hashes.The mode number is 4800. Input is given to hashes in the following format:

[CHAP Response Value]: [CHAP Challenge Value]: [Response Identifier Octet]

In our case, the line will look like this:

7e1062f19af0b4ff4611206457de99e4: f3bcc7c0d43ff6a7dafcb4a7a388975d: 01

Hashcat is easily managed with MD5.Weak passwords will be cracked in 100% of cases.Even in the August 1996 RFC, it is recommended to use a password of at least 16 characters.

Our setup, consisting of several GPUs, operates at a rate of 10 GH / s when selecting hashes encoded by the MD5 algorithm.Thus, the selection of a password of 9 characters in the top / bottom + digits takes about 20 minutes.This is the speed of a simple bust without optimizations, which could make the hacking process even faster.

In addition, for the MD5 algorithm, there are rainbow tables for combinations up to 9 characters or up to 10 symbols in the lower layout plus digits.

Do you know how complicated and how long your secretAPN key is?

Next, we can insert the factory SIM card into the cellular modem and connect to the APN using a compromised account.Directly to the environment that the client uses.Thus, hardware testing becomes an assessment of the internal infrastructure through the cellular network.

We conducted the pentests and compromised the entire internal network of the organization using IoT-devices, which were supposed to be isolated.I remember one access controller that used GSM / LTE through a private APN in a remote and physically accessible location where the theft would not be difficult.We dismantled the device, removed the SIM-card, cracked the APN-key and got access to the network used by the client.The attack vector associated with breaking the secret APN-key was not taken into account.

We also worked with a very large network of intelligent lighting systems.After compromising one lighting device, we got access to the entire APN service and then to other devices on that network.Then to the network of consumers and then to the network of manufacturers of lighting IoT-devices.

Who needs their own 3Gnetwork?Another method

IOT devices often store secret keys in memory, which is almost always unencrypted.

Even if we can not unload the firmware, it is often possible to count the keys directly from the RAM and then compromise the network.

The operation of secretAPN-keys in vehicles

Most modern vehicles have telematics control units (TCUs) that contain SIM cards for working with mobile data.In Europe, because of the ECall automatic warning system, similar control units are used in almost all new cars.Private APNs are used in cellular communications to improve security.The TCU is easily extracted from the vehicle and carried out a study.

Often there are many problems related to TCU in the field of security, which makes the compromise relatively simple.You may not even need hardware related to hardware research.  
The main problem is that the telematic blocks pass through a large logistics chain: the spare parts manufacturer, the block manufacturer, the thematic provider and the provider that services the connections.In each link of the chain, errors can be made.

During one of the tests of the vehicle manufacturer, we examined the TCU.Since we had physical access to the block, we did not even need to crack the secret APN-key, since this device was reliable.In exploring the network to which TCU had access, we experienced both interest and horror at the same time.

It was obvious that a huge number of devices were connected to this network.We did not have any special access rights to study the environment outside of the car manufacturer’s network.

And we just did a reverse DNS query …

… and received a large list of DNS records related to vehicle manufacturers that were not associated with our client.Mostly the brands of German cars.And at this stage we stopped.

It was quite obvious that there was no segregation between vehicles and brands.The telematics provider did not even realize segregation between vehicle brands.And only between the vehicles themselves.

The potential of the opportunity we found was enormous.One vulnerability that allows remote exploitation in the TCU, and you can potentially remotely compromise each brand car and other brands.In the past, a similar story has already happened when the Renesas V850 processor compromise the Uconnect telematics system.In this story, secret APN keys were not used, and hacking was based on the lack of segregation in the Sprint network.

We believe that in the attack through secret APN-keys, the potential and consequences could be much more serious if similar errors were made.

I useAPN keys in my products and services, what should I do?

If you are using APNs on connected devices, make sure that both the device and the APN are protected at an acceptable level:

  • Always use authentication (some people do not use) with a long and complex password.
  • Think carefully about the safe storage and use of the secret password.Think about ways to recover the password in case the device is compromised.The recall of vehicles and the replacement of all SIM cards in TCU units is an extremely expensive pleasure.
  • Embedded SIM cards (eSIM) allow for easier backup and recovery in the case of compromised APN records.In addition, these cards are more difficult to remove from the device, since they are soldered.
  • Your services, to which you can connect via APN, must be segregated.Do not allow connection to the entire internal corporate network.
  • Make sure that only the selected SIM cards have access to the private APN service.You do not want any of the cellular networks to be able to connect to your APN?
  • If necessary, segregate customers in a location so that the compromised device does not affect other devices.
  • Make sure that you are not giving out broadband outbound Internet access.You do not want the one who stole the SIM card to use the free 4G Internet through your APN?
  • Perhaps you think that your APN is private, but it’s better to treat a private APN as a public VPN.Anyone who has access to the SIM card can access your APN.

Post Views: 3,146

Related

Sours: https://cyberops.in/blog/hacking-iot-manufacturers-smart-cars-apn-access-point-network/

Hack Apn Internet Cell Phone

How To :Hack a cell phone to make free phone calls

Want to control a friend's cell phone remotely and make "free" calls from it? In this hack how-to video, you'll learn how to hack Bluetooth-enabled cell phones with your Sony Ericsson or Nokia phone and the Super Bluetooth Hack—or "BT Info"—, a free program easily found throug ...more

How To :Hack your phone to get free Internet via Bluetooth

Having the Internet on your phone is definitely handy. You can look up anything at anytime, and connect with friends in so many more ways. In this tutorial, learn how to use your PC and your Bluetooth enabled mobile phone to get free Internet on your cell phone and avoid buyi ...more

How To :Hack Someone's Cell Phone to Steal Their Pictures

Do you ever wonder how all these celebrities continue to have their private photos spread all over the internet? While celebrities' phones and computers are forever vulnerable to attacks, the common folk must also be wary. No matter how careful you think you were went you sent ...more

How To :Play the Snake Game Online (YouTube, Gmail & Facebook)

It's 1976. The hottest arcade game on the market is Blockade (or Blokade), an 8-bit maze game for 2 players. You and your opponent must move your characters around the screen in 90-degree angles, leaving a solid line behind them. Whoever runs into one of the solid lines first, ...more

How To :Send video from your iPhone 3G via MMS

Take a look at this video if you've ever been curious on how people send video messages via the iPhone. This is the source you need to get in Cydia iphonevideorecorder.com/3 This is the Unlock code for the app: xumiqdikni Here is a list of some Cellphone email address forma ...more

News :An Introduction to Macro Photography (Plus Some Insane Shots)

Giveaway Tuesdays has officially ended! But don't sweat it, WonderHowTo has another World that's taken its place. Every Tuesday, Phone Snap! invites you to show off your cell phone photography skills. Submit your best shot to our weekly competition for a chance to win an awes ...more

News :10 of the Finest Cell Phone Mods

Oh, LifeHacker, we love you. You've brought us so many handy HowTo's: Hack Wireless Internet, Bypass Blocked Websites, Convert a Laptop Into a Projector, Watch TV & Movies on the Web For Free, 10 Must-Know Google Privacy Settings, and more. And now, another great one: LifeHac ...more

How To :Things to Do on WonderHowTo (01/04 - 01/10)

WonderHowTo is made up of niche communities called Worlds. If you've yet to join one (or create your own), get a taste below of what's going on in the community. Check in every Wednesday for a roundup of new activities and projects. This week: A phoneography challenge on silh ...more

Analyzing the Hacks :The Girl in the Spider's Web Explained

The latest film addition in the American-produced Millennium series, The Girl in the Spider's Web, was just released on Blu-ray a few days ago. As you could expect, the movie has many hacking scenes throughout, just like the previous English and Swedish language movies centere ...more

The Hacks of Mr. Robot :How to Spy on Anyone's Smartphone Activity

Welcome back, my greenhorn hackers! As all you know by now, I'm loving this new show, Mr. Robot. Among the many things going for this innovative and captivating program is the realism of the hacking. I am using this series titled "The Hacks of Mr. Robot" to demonstrate the ha ...more

Our 3G Tower Is Broken :The Trials & Tribulations of Staying Connected on a 3-Month Bike Trip Across Central Asia

Silence spreads over these mountains like nothing I've ever felt. If I didn't have Moby blasting in my earphones, there'd probably be no other sounds around. Well, except for someone, Phil probably, murmuring in a nearby tent just low enough to make his words indiscernible. W ...more

News :Project Fi Beats T-Mobile in Download Speeds & Reception

Google's new Project Fi cellular carrier has been making waves across the mobile industry, so we decided to put it to the test against T-Mobile, one of the more established networks. For the actual testing, we slapped a SIM card from each carrier into two identical Pixel XL ph ...more

How To :Hack WiFi Passwords for Free Wireless Internet on Your PS3

People are always looking for ways to save money, and for the most part, saving money and cheating the system are synonymous when it comes to things like free internet access. Practically every new gadget is capable of connecting to the web, which means more and more people ar ...more

News :Here's How Much Money You Could Save by Switching to Google Fi

In case you hadn't heard, Google is now a legit cell service provider. Google Fi has its pluses and minuses, but the biggest upside is in the pricing. Depending on how much data you typically use, there's a good chance you could save a lot of money without sacrificing coverage ...more

How To :Use a Firewall to Keep Data-Hungry Apps in Check

If you exceed your monthly mobile data limit, your cell phone bill can skyrocket pretty quickly. This is why a lot of people vigilantly monitor internet usage and even uninstall apps that use too much background data. Don't Miss: 10 Tricks for Conserving Data on Android Up u ...more

How To :5 Major Privacy Concerns with 5G

For all the benefits 5G brings to cellular data, it isn't without weaknesses, the biggest being privacy. Yes, the latest standard comes with breakneck downloads speeds up to 4.3 Gbps, but at what cost? Like with all things on the internet, 5G devices open opportunities for bot ...more

Android Basics :How to Prevent Going Over Your Monthly Data Limit

Mobile data is expensive. The internet connection that comes with your cell phone plan is generally limited to a certain amount of gigabytes that can be downloaded before your monthly cap kicks in, at which point you run the risk of incurring costly overage fees. Luckily, tho ...more

News :Qualcomm Introduces the Snapdragon 835—The Processor That'll Power Your Next High-End Phone

The Snapdragon 820 and 821 were met with praise last year, receiving almost no complaints compared to their overheating predecessor, the Snapdragon 810. But now, all eyes are on Qualcomm to see what goodies they have in store for us this year, as their new SoC, the Snapdragon ...more

How To :Secure Your Identity & Become Anonymous Online in 2019

Your social security number, credit card information, and medical history can fall into the wrong hands if you're not careful about how and where you share your data online. If you really care about your data, there are tools and techniques you can utilize to protect yourself ...more

How To :6 Easy Ways to Increase Battery Life on Your Android Device

Smartphones have otherworldly specs these days, so it's relatively uncommon that you hear someone complaining about display resolution, build quality, or general speed and performance. At best, these are secondary concerns, with the number 1 issue almost unilaterally being bat ...more

How To :3 Tips to Help You Drive Safer with Waze

Because it sources a majority of its vital data from actual drivers on the road, Waze is easily one of the best navigation apps to use if you prioritize safety. Benefits such as crowd-sourced traffic data, police trap locations, and road work avoidance, when combined, help you ...more

How To :3 Great Apps for Reverse Phone Number Lookup on Android

As much as you try to safeguard your personal information, you may have made a small mistake by giving your phone number to the wrong entity, and now you're being bombarded with dozens of spam calls every day. To help parse your call log and reject the proper numbers without a ...more

User Testimonials :Why People Are Switching from iPhone to Pixel

Reading through various internet forums, it certainly sounds like the Google Pixel and Pixel XL are attracting more iPhone users than any of Google's previous Nexus devices. The sales figures seem to back that up, too, as the Pixel is outpacing last year's Nexus 6P, and pre-or ...more

Advice from a Real Hacker :How I Would Build the God's Eye of Furious 7

In the recent hit movie Furious 7, the storyline revolves around the acquisition of a hacking system known as "God's Eye" that is capable of finding and tracking anyone in real time. Both the U.S. spy agencies and an adversarial spy agency (it's not clear who the adversary is, ...more

How To :Communicate Offline — No Wi-Fi, Cell Reception, or Mobile Data Needed

Almost 20% of the US population (about 60 million Americans) live in rural areas where mobile reception is weak or nonexistent. In times of crisis, these Americans can't rely on the internet to communicate with loved ones or receive new information. This is why being able to i ...more

Android Security 101 :How to Secure Your Communications & Messages

Due to the overnight success of smartphones, millions of people are connecting with others. Currently, over 15 million text messages are sent every minute worldwide. Most of this communication is happening in the open where any hacker can intercept and share in the discussion ...more

Anonymous Texting 101 :How to Block Your Cell Phone Number While Sending Text Messages

When browsing the web, I enjoy my privacy. It's reassuring that I can peruse the internet without the worry of having my activity tracked back to me, allowing me to leave fun, anonymous comments when I get the urge to troll. Anonymity can also be important when sending a mess ...more

How To :Add & Activate an eSIM Line on Your iPhone XS, XS Max, or XR

All of the new iPhones from 2018 were released with dual-SIM support, but none of them were capable of actually using the eSIM in iOS 12, only the physical nano-SIM. But on iOS 12.1 and later, you can finally take advantage of eSIM so you can have, say, a business and personal ...more

News :Hands-on with the World's First Android Phone — What a Difference a Decade Makes

These days, it seems new phones get announced every other week. We've grown accustomed to glossing over the specs, looking at some press renders, then moving on to check out the next phone. If you had done this in September 2008, you might have overlooked what would become one ...more

News :iOS 12 Beta 4 for iPhone Released to Developers

As the official release of iOS 12 nears closer each day, Apple continues to update its betas. The company released the fourth beta of the upcoming software to developers Tuesday, July 17, exactly two weeks after the release of the third developer beta which came out just a few ...more

How To :Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+

If you want to follow Null Byte tutorials and try out Kali Linux, the Raspberry Pi is a perfect way to start. In 2018, the Raspberry Pi 3 Model B+ was released featuring a better CPU, Wi-Fi, Bluetooth, and Ethernet built in. Our recommended Kali Pi kit for beginners learning e ...more

How To :Everything You Need to Disable on Your Galaxy S9 for Privacy & Security

Smartphones are like high tech buckets that collect our personal information through constant use. This has some obvious benefits, like getting a more personalized experience with our devices. On the other hand, this data is a tempting target for bad actors looking to make a b ...more

How To :7 Tips to Help You Use Waze Like a Pro

Waze is the go-to navigation app for millions of drivers, and it's easy to see why. Benefits such crowd-sourced traffic data, police trap locations, and road work avoidance are just the tip of the iceberg. It can almost be overwhelming, but with these simple tips, you'll maste ...more

News :Honor View 10 Is Coming — Get Oreo & a Bigger Battery for Just $20 More Than the OnePlus 5T

Huawei's sub-brand, Honor, just announced a pair of new smartphones to help close out the year. We knew the midrange Honor 7X was on its way, but what came as a surprise was the announcement of the Honor View 10 and its impending release in the US. Thanks to Honor, US customer ...more

YouTube 101 :Is YouTube Red Worth It?

When Google announced YouTube Red — a paid monthly subscription service that disables advertising, among other perks — many of us thought "just use an ad blocker." But it isn't really that simple. Ad blockers give you an ad-free YouTube experience, but also take revenue away ...more

News :This Dad Wants to Make Selling Pre-Teens Smartphones Illegal

While restaurants and classrooms have enacted policies banning cell phones, one father has had enough of his kids' obsessive phone habits. Dr. Tim Farnum is now seeking to ban the sale of smartphones to children under 13. Yes, you read that right. Farnum was inspired to propo ...more

How To :Everything You Need to Know About RCS Universal Profile

Google is on a mission to bring a better messaging experience to Android users. We've seen them try and fail over the years with various messenger apps, but this time, they're taking a different approach by working with industry leaders to create a new messaging standard. The ...more

How To :18 Tips & Tricks to Help You Master Your Google Pixel

Google's new Pixel and Pixel XL flagships are some very powerful smartphones, but as with any high-tech gadget, they're only as capable as the user allows them to be. So if you're a proud new Pixel owner, it's time to bone up on a few new features to help get the most out of y ...more

How To :Top 5 Android VoIP Apps for Making Free Phone Calls

The telecommunications industry has come a long way since Ma Bell opened the first telephone exchange in the late 1800s. With the advent of fiber optics and wireless broadband technology, we no longer have a need for a dedicated phone connection, as today's data networks can c ...more

How To :7 Deliciously Genius Things You Can Make in Your Microwave

Most of the time we only use the microwave to reheat or defrost, but you can actually save a lot of time by using it for cooking. These genius recipes make the most of this underused appliance, and also turn out some pretty tasty dishes. First: Is It Safe to Cook in the Micro ...more

How To :Tether Your Nexus 5 Without Your Carrier Knowing

It used to be easy to hack tethering—root your device and install a third-party or modded tethering app. But snuck in amongst the changes in Android 4.3, a new data-monitoring service of sorts made its debut. There used to be a time when your data connection was yours. You pai ...more

How To :Tired of Paying for Calls & Texts? These 6 Free Apps Can Cut Down Your Cell Phone Bill

Smartphones are great. They help you keep in touch with your loved ones and stay up to date on what's going on in the world. The problem is that like everything else that's useful, they cost money to use, and between calling, texting, and data plans, it can get really expensiv ...more

How To :The 4 Best Phones for Privacy & Security in 2020

Smartphones are inherently bad for privacy. You've basically got a tracking device in your pocket, pinging off cell towers and locking onto GPS satellites. All the while, tracking cookies, advertising IDs, and usage stats follow you around the internet. So no, there's no such ...more

News :ElementalX's Flar2 Talks 'Death' of Rooting & Future of Android

You can mod every aspect of your phone's software with root, but if you want to make changes at the hardware level, you'll need a custom kernel. If you've looked into custom kernels before, one name undoubtedly kept coming up: ElementalX. It's easily the best custom kernel out ...more

Android Security :13 Must-Know Tips for Keeping Your Phone Secure

These days, that pocket-sized computer we call a smartphone is home to your entire digital life. But with the onset of mobile payments and online banking, the line between your virtual world and the physical realm is becoming increasingly blurred. We vigilantly remember to lo ...more

How To :Permanently Delete Text Messages on Your iPhone

Deleting text messages on your iPhone may seem like a pretty simple task, but it's those really simple tasks that usually end up causing headaches later on. Data can stick around, even if you asked it not to, so there's always a slight chance that embarrassing and incriminatin ...more

How To :Enable Offline Finding on Your Galaxy So You Can Locate Your Phone in Airplane Mode

Nowadays, even the dumbest thieves know that the first thing you should do after you steal a phone is turn on airplane mode. Not only does this make it harder for police to track the phone through cell tower triangulation, but it also disables security features the person you ...more

How To :5 Ways to Communicate Safely on Your Smartphone — Keep Police & Big Data Out of Your Conversations

It is well documented that what you say and do online is tracked. Yes, private organizations do their best to protect your data from hackers, but those protections don't extend to themselves, advertisers, and law enforcement. Whether you are a journalist, a protestor, or a hi ...more

How To :Everything You Need to Know About 5G — Answers to the Most Common Questions

We are now in the age of 5G. Carriers worldwide are upgrading their networks to the newest standard for mobile, which will dramatically improve your phone experience. How? By giving it download speeds and latency that surpass Wi-Fi. But before you upgrade, there are few things ...more

2019 Gift Guide :Must-Have Phone Accessories for Movie Lovers

There's never been a better time for streaming movies and TV shows on the go. With so many services available, the only limitation to your enjoyment is your phone's accessories. Whether you're buying for yourself or someone else, here are some of the best gifts that improve th ...more

How To :Set Up Google Fi on Your iPhone

Google's next-gen cellular carrier, Google Fi, which replaces Project Fi, is making waves across the mobile industry. With super-cheap plans starting at only $20 and the ability to connect to millions of Wi-Fi hotspots across the globe, it's tempting many users to make the swi ...more

News :Everything You Need to Know About the iPhone XS

Apple's successor to the iPhone X is a beautifully made smartphone with much of the same characteristics, including a 5.8-inch OLED screen, two storage choices, and Face ID. But many features set the iPhone XS apart from its predecessor, as well as the other 2018 lineup of iPh ...more

How To :Use MDK3 for Advanced Wi-Fi Jamming

You may have heard of a signal jammer before, which usually refers to a device that blasts out a strong enough radio signal to drown out the reception of nearby devices like cell phones. Purpose-built jammer hardware is outright illegal in many countries. Still, Wi-Fi is vulne ...more

Google Play Music 101 :How to Adjust Music Quality to Save Data While Listening

The nemesis of music streamers is data caps, cell phone or otherwise. Restricting monthly data and forcing users to decide between quantity and quality of music has had audiophiles tearing their hair out since streaming toppled the iPod. While the problem regarding music quali ...more

Fresh Today :The Latest iOS 10 Bugs, Features & Updates You Should Know About

When a new version of iOS comes out, everybody gets caught up in the craze of finding features and playing around with new functionality. But this generally leads to a lack of coverage on the finer aspects of the update—things like bugs, minor tweaks, and pain points that user ...more

How To :10 Unique & Practical Ways to Repurpose Your Old Hard Disk Drives

At one point in the '90s, about fifty percent of the CDs produced worldwide had an AOL logo. About fifty percent of the CDs in my home still have that AOL promise of 500 free hours on them. Though they never got me to join their internet service, I did get a lifetime supply of ...more

How To :Get an Internet Connection in the Middle of Nowhere to Hack Remotely

If you're living or staying out in the middle of nowhere or a rural area outside of a big city or town — where there are no reliable cable, fiber, or wireless networks available — how can you get an internet connection? There are several possibilities, but they all come with t ...more

News :Apple Watch vs. Fitbit — What's the Best Bang for Your Buck?

In the case of Apple Watch v. Fitbit, the winner comes down to the judge at hand. Apple currently offers two smartwatches — the Series 5 and the Series 3 — while Fitbit offers three models — the Fitbit Versa 2, Fitbit Ionic, and Fitbit Versa Lite. Whatever your assumptions abo ...more

2019 Gift Guide :Must-Have Smartphone Accessories for the Traveler

Smartphones are vital travel companions. While you're on the go, they connect you with loved ones back home, help you find tickets and passes for tourist attractions, and make it easy to find your way through foreign roads — but even the most powerful smartphone could use help ...more

Android 10 Changelog :60 New Features You Should Know About

|Choose Your View: Quick Bullet Points | Detailed Descriptions Android's newest major update is a special one — it's the tenth full version of the world's most commonly used operating system. The latest release, dubbed simply Android 10 (codename Android Q), was first showcas ...more

  • SharePlay: How to Screen Share in iOS 15 with FaceTime on Your iPhone

  • News: The Future of Apple Augmented Reality Wearables Through the Lens of Steve Jobs & His Legacy

  • News: Facebook Outage Takes Down the Metaverse, Oculus Quest & Ray-Ban Smartglasses Users Impacted

  • Market Reality: NASA AR Launches, Smartglasses Showdown, Vuzix Secret Lab, Magic Leap Turns the Corner

  • News: Microsoft HoloLens 2 & Unity Used to Highlight the Threat to Endangered Whales at the Smithsonian

  • News: What Is the Difference Between Facebook Ray-Ban Stories, Snap Spectacles, & Amazon Echo Frames Smartglasses?

  • News: NASA Launches First Woman to Moon via AR App, & Delivers Interactive Visit to New Space Telescope

  • News: Robots, Drones, Disney, Halo View & More — Here Are the New Gadgets & Alexa Skills Amazon Wants to Fill Your Home With

  • News: BlueJeans Video Conferencing Giant to Launch Native Google Glass App for Remote Assistance

  • News: Apple Maps Revamped with 3D Map Navigation in iOS 15

  • News: Vuzix Smartglasses Factory Reveal Gives Another Glimpse of Next-Gen AR Wearable

  • News: NASA Integrates Microsoft HoloLens into Regular Maintenance Operations on International Space Station

  • Market Reality: Instagram Smartglasses, Oculus AR Gaming, Google AR Search, & Facebook Exec Shuffle

  • How To: Copy Text from Real World & Photos via Live View for iPhone on iOS 15

  • News: Facebook's AR/VR Chief Andrew Bosworth Tapped as New CTO

  • News: This Billie Eilish Oculus Quest 2 Video Inadvertently Offers a Peek at AR Gaming on the VR Headset

  • News: Google Adds Famous Monuments & Iconic Buildings to Augmented Reality Search Feature

  • News: Facebook Makes Portal Portable, Upgrades Portal Plus, & Adds Microsoft Teams

  • News: Upgrade to iOS 15 & Play with These 10 New Features

  • News: Netflix Launches Oculus Quest Immersive Game for Animated Streaming Series 'Eden'

  • All

Sours: https://tag.wonderhowto.com/hack-apn-internet-cell-phone/

Hack apn

Here is a short blog post that explains how you can make your own Man-in-the-Middle (MitM) setup for sniffing the traffic between a SIM card and the backend server. This is NOT a new research but I hope this will help anyone who doesn’t have a telco background to get started to play with mobile data sniffing and fake base stations. This is applicable to many scenarios today as we have so many IoT devices with SIM cards in it that connects to the backend.
In this particular case, I am explaining the simplest scenario where the SIM card is working with 2G and GPRS. You can probably expect me with more articles with 3G, 4G MitM in future. But lets stick to 2G and GPRS for now.

Motivation
In many IoT devices these days, we have a scenario that the device is connected to its backend with a SIM card.  The IoT device could be anything starting from simple things like a coffee machine, a smart watch, smart glasses to bigger stuff like cars or critical medical equipment. If you want to sniff the traffic between your IoT device and the backend server, a setup like this will be very handy to you.

Objective
Perform Man-in-the-Middle for the mobile data traffic. In order to perform that, we make a simple fake base station using USRP hardware.

Requirements
I am mentioning the devices that I used for making this setup.
There are many other possibilities of doing the same. So I don’t have any claims that this is the best possible way to do it!

Hardware

  1. USRP B210  (with antennas and cables (USB 3) to connect to PC)
  2.  A smart phone/or an old GSM phone. In case of an IoT pentest scenario, we have the IoT device here instead.
  3. A SIM card
  4. A laptop

Software

  1. OpenBTS
  2. SipauthServ
  3. Smqueue (Optional – if you want to play with some SMS messaging)
  4. Asterisk (Optional – if you want to play with making calls)
  5. OS – Ubuntu 16.04

Human ability

Googling, reading, writing and a lot of patience to start, stop, play kicker, restart, stop, pause, drink coffee, start, stop ….. in loop. 😉

What is OpenBTS

OpenBTS.org is an open source software project dedicated to making telco protocols and traditionally complex, proprietary hardware systems with Internet Protocol and a flexible software architecture. The OpenBTS software is a Linux application that uses a software-defined radio to present a standard 3GPP air interface to user devices, while simultaneously presenting those devices as SIP endpoints to the Internet. This forms the basis of a new type of wireless network which promises to expand coverage to unserved and underserved markets while unleashing a platform for innovation, including offering support for emerging network technologies, such as those targeted at the Internet of Things. [reference]

Building your fake base station

The first thing to do is having a working build of OpenBTS running.

Source code:

I followed this link for building the OpenBTS from source. There is usually some missing dependencies to fix. Apart from that, there is no specific setup needed for building OpenBTS. To get started, we mainly need two services which is OpenBTS itself and SipauthServe. After building OpenBTS and SipauthServe from source, start both the services in a terminal. In the above link, there is also other components such as Smqueue and Asterisk which is needed for making calling and SMS features working. But as our focus here is mainly on mobile data, (here GPRS), we don’t care about setting those components here. But it is still fun to try and get it working.

Running OpenBTS

  • Connect the USRP device to your computer with the USB 3 cable that comes with it.
  • In my case, I made a VM where I built all the required software to make it easy to port. When you have a VM, make sure you have USB 3 forwarding possibility. In virtualbox, you should be able to enable USB > Devices > Ettus Research USRP B210 (or some similar name. If you don’t know the right name, do dmesg to figure out.)
  •  uhd_usrp_probe : Use this command – USRP Hardware Driver Peripheral Report Utility for linux – this will download the firmware for B210 once it detects the device.
  • Run SipauthServe
home/dev/subscriberRegistry/apps$ sudo ./sipauthserve home/dev/openbts/apps$ sudo ./OpenBTS home/dev/openbts/apps$ sudo ./OpenBTSCLI

Configuring the Base Station
In the above step, you would have noticed running OpenBTSCLI. This is mainly for configuring our OpenBTS.
Below are the main configurations to be done in OpenBTSCLI for us to get a functioning model:

  •  Allow any phone to connect to the base station without any authentication. This allows registrations from any phone regardless of their provider. OpenBTS> config Control.LUR.OpenRegistration .*
  • Enable GPRS
    OpenBTS> config GPRS.Enable 1 echo 1 > /proc/sys/net/ipv4/ip_forward
  • Setup iptables : The whole GPRS and IPtables setup is found in detail here.

Getting the phone connect to the Base Station

If you have a smart phone, you have to change some settings to actually make the phone connect to the base station. This gets even more challenging when there is an IoT device in place as there is hardly any option to configure the “Mobile Network” in an IoT device. But we will get to that later.

Setting up an Android phone:

(Basically similar on iPhones.)

  • Enable 2G. This is downgrading to 2G from 4G: Settings > Cellular Networks > Preferred network type > 2G
  • Add an APN : Settings > Cellular Networks > Access Point Names. When you add, make sure that the MCC and MNC are set as the same value as for the SIM card. In Germany, the MCC is 262. The MNC will change based on the provider. This is a link where you can find that out. Apart from that, the APN and Name value could be anything. Also, keep the authentication as none.
  • Search for our base station and manually connect to it: Settings > Cellular Networks > Search Networks. Usually it appears as numbers including MCC and MNC values.

If you see the message, that your phone is registered on the network, then you can confirm that by checking in OpenBTSCLI.

OpenBTS> tmsis

This will show the IMSI of the SIM card that registered to your base station. If you manage to do till here, you already have your first finding which is the IMSI of the SIM card. IMSI is the private identifier of your SIM card. An attacker with an IMSI can identify and track the subscriber’s network and can even try to perform impersonation.

Mobile data sniffing

Once GPRS is working, you should be able to see the symbol ‘G’ in the place where you actually see ‘LTE’ or mobile data symbol in your phone.

Try to google for something in the browser in your smart phone.  It is going to be super slow. Remember the old GPRS days. 😀

Open Wireshark in your OpenBTS VM.

You will be able to see the packets..

I guess I don’t have to explain further on how to place a Burp proxy for that interface.

We have a full MitM ready for hacking.. yey….

Thoughts on IoT

As we know, none of the devices today are going to use GPRS for connecting to its backend. It is either LTE or at least 3G. If the IoT device is small enough, the best idea to get it connect to our base station is by placing it in a faraday cage. In that case, there are no other signals available and the SIM card gradually connects to our base station. But this is not possible when the device is big like a car. (unless you have a garage with a faraday cage). One possible technique here is to use a jammer so that the SIM card actually disconnects from its original provider. Meanwhile we have our OpenBTS ready next to the device as soon as we turn off the jammer. Then pray and wait for the SIM to actually connect to us. This takes lots of trial and errors. But if we are lucky, we might get a working setup. Also, having a jammer that allows to selectively break only LTE and 3G might lead to downgrade attacks making the SIM connect to our 2G base station. Anyhow, I must say that these are not so easy in practice.

Note: Using a jammer is prohibited in many places. Make sure you can control the range and frequencies disrupted with the jammer. It has to be limited to your device that you are testing.

For those who are really interested in trying 4G sniffing, srsLTE must be interesting.

Hope you enjoyed reading this article.

By the way, if you are into IoT or Telco security, Troopers18 is having some super cool tracks that might be interesting to you. Check out our “Next Generation Internet” and TelcoSecDay for more details.

Ciao,

Priya

Sours: https://insinuator.net/2018/02/hacking-101-to-mobile-data/
Super fast \u0026 stable free internet l 4g 5g+ fast apn settings setup

IoT Hacking Series #11: How do VPN, APN and Fixed IP SIM work?

In this post, we explain all the little details and nuances about VPNs, APNs and Fixed IP features and their exact meanings.

After reading the post, you shouldn't have any further confusion between the different variants of APN and VPN deployment models available.

This newest blog post continues on the topic of APN and VPN technology, which we have explored earlier.

What is an APN?

From the above-mentioned blog post, we know that APN stands for Access Point Name. It is the name of a gateway and point of entry onto the Internet (IP network) from a mobile network.

Also, we already know that there are several variants of APNs in everyday use. These are:

  • Public APN
  • Private APN
  • Custom APN

Public APN is the default option that is associated with all SIM subscriptions of a given service provider. These default settings allow all users access to the Internet without any additional steps in IoT device reconfiguration.

Private APN, also called Corporate APN, is used to access a specific network. Here, the SIM subscription must be provisioned on this specific APN gateway, and APN settings have to be updated in the IoT device.

The picture below illustrates the traffic flow in a typical use case of a Private APN.


Here, the traffic flows directly from the IoT device via the mobile network to the customer's private network, where it terminates. This traffic does not travel across the Internet.

Private APN offers more security than Public APN, which uses the Internet. Only SIM subscriptions that are authorised by the customer may be provisioned onto an APN gateway. Private APN is not accessible to any other subscriber since it is a private network that can only be accessed by the customer's SIM subscriptions.

The last variant, Custom APN is a de-facto Public APN with an alias, set up according to the customer organisation’s requirements, masking a generic name assigned by a service provider.

Why would anyone need Private APNs?

As per its name, Private APN gives more control over how to secure and configure the data connection.

There are several benefits of using Private APN for customers, including:

  • Configurability. It offers the ability to configure various settings such as IP addressing (either static or dynamic) and authentication methods. 
  • Security. Subscribers are only visible to other devices on the same APN. This makes Private APNs a superior solution in terms of data security when compared to using Public APN or any other Internet access. It allows data to remain only on the customer's private network.
  • Cost-effectiveness. It offers a cost-effective mobile security solution due to the ability to aggregate usage.
  • Organization Policies. When applied as part of a mobile security solution, it benefits from having mobile users conform to security and usage policies. This feature limits potential misuse of mobile services.
  • Global Coverage. With a network of global carrier partners, users have access to their Private APN across the globe, allowing for convenient and secure access to all the customer organisation's applications.

The Private APN solution offers truly secure mobile connectivity, comparable to the level of protection applied in private networks that allow sending customer organisation's data traffic within a closed and private group of hosts.

What is a VPN?

VPN stands for Virtual Private Network. It is a layer of security for Internet access from an IoT device. It allows for the data exchange to remain confidential via encryption and decryption mechanisms. It is crucial when a device remains connected to the Internet via a public network, including Public APN.

A VPN is set up as a site-to-site connection. It creates a so-called VPN tunnel, which is stretched between two endpoints. One end, the Software VPN Client, is running on an IoT device, and the VPN Server on the other side, which is usually the organisation's back-end server or specialised hardware firewall or router.

These two endpoints add headers to the original packet, with these headers including fields that allow the VPN devices to make the traffic secure. The VPN devices also encrypt the original IP packet, meaning that the original packet's contents are indecipherable to anyone who happens to see a copy of the packet as it is transmitted over the Internet.

The picture below illustrates the VPN tunnel concept.


For creating a VPN tunnel on the IoT device side, there is a need to assign an IP address. This IP address is assigned by use of an APN gateway via APN settings applied on the IoT device. It enables connections directly to the device through a VPN tunnel and extends this private and secure network to the IoT devices.

Specialised mobile VPN solutions are used for IoT devices where an endpoint of the VPN is not fixed to a single IP address, but instead roams across various data networks without dropping the secure VPN session or losing application sessions.

Here, Mobile VPN tunnels are not tied to physical IP addresses and instead each tunnel is bound to a logical IP address. That logical IP address is assigned to the IoT device (being a device in motion) no matter where it may roam. Applications running on the device and inside the customer organisation’s network communicate through that one logical IP address, remaining unaware of the user's motion and the different physical IP addresses and data network transitions.

Why would anyone need VPNs?

VPNs provide the same security features as private networks, while still sending data over a network that is open to other participants, such as the Internet. Compared to a private network, the Internet does not provide a secure environment that protects the privacy of a customer organisation's data.

The main benefits of using VPNs are security-related features:

  • Confidentiality and Privacy. Preventing anyone in the middle of the Internet ('man in the middle') from being able to read the data, including website owners, third parties, and other agencies specialising in an online traffic tracking.
  • Authentication. Verifying that the sender of the VPN packet is a legitimate device and not a device used by an attacker.
  • Data Integrity. Verifying that the packet was not changed as the packet crossed the Internet.
  • Anti-replay. Preventing a 'man in the middle', from copying and later replaying the packets sent by a rightful user, to appear to be a legitimate user.

From the more practical side, using a VPN allows setting up a connection from the server to the IoT device. Without a VPN, different firewalls or Network Address Translation (NAT) can prevent connecting to the device, and moreover such a connection can only be initiated from the IoT device itself.

And last but not least, a VPN protects against unwanted connections from other users trying to reach the IoT device. Only the SIM subscriptions provisioned with the VPN can connect to the customer organisation's applications. Outside SIM subscriptions and users can not access the configured VPN tunnel.

What is Fixed IP?

There are two types of IP addressing - fixed IP address, also called static IP address, and dynamic IP address.

Dynamic IP addresses are assigned automatically based on preconfigured settings in the network and dedicated DHCP servers (dynamic host configuration protocols), which manage a pool of IP addresses available for use.

Fixed IP addresses remain static and don't change over time. Their use allows for opening two-way communication between the IoT device and the customer organisation's servers. In other words, it ensures remote access to the IoT device to retrieve information when needed, and without having to wait for the device to send its data back to the server. Since it is a fixed IP address assigned to the IoT device, the IP address to reach the device is already known.

The illustration below shows the difference between both types.


Also, there are several variants of Fixed IP:

  • Public Fixed IP, which provides a static and a public IP address. It is unique on a global scale and allows for connections to an IoT device from any other host connected to the Internet. In this case, a standard Public APN is used.
  • Private Fixed IP, which provides a static and a private IP address. Such an address is valid only within a particular customer organisation's network (which is an example of a private network). In this case, a customer-defined Private APN must be used.

Why would anyone need Fixed IPs?

There are several benefits of using a Fixed IP:

  • It allows greater visibility and control over IoT devices. They can be easily reached from anywhere in the world using a public Internet connection.
  • In connection with VPN technology, it ensures end to end security and encryption in data traffic.

In the next blog post, we’re going to learn about real-life deployments for APNs, VPNs and Fixed IPs. Together with a guide to finding the best solution for every IoT company.

If you have any questions, don't hesitate to reach us at hacking[at] 1oT.com.

Sours: https://1ot.com/resources/blog/vpn-apn-fixed-ip

You will also be interested:

IoT Hacking Series #3: What is Access Point Name (APN) and How it Works?

An Access Point Name is a link between a mobile network and the internet. The device trying to connect to the internet needs to have this parameter configured and presented to the carrier, who can then decide which IP address to assign the device and which security method to use. So the carrier is being responsible for the creation of a network connection using APN information. Furthermore, it is good to know that APN is not only used for internet or private network connectivity but also for Multimedia Messaging Service (MMS).

APN structure

An Access Point Name consists of two parts:

The operator identifier in turn consists of two other parts:  

  • Mobile Network Code (MNC)

  • Mobile Country Code (MCC)



As MNC’s and MCC’s are a whole different topic we will not dive deeper into right now, but for everyone interested to know more than there is a GSMA Mobile Network Codes and Names Guidelines and Application Form which gives a good overview.

APN itself can look like this: “internet.mnc012.mcc345.gprs”. But, it can also use a customized domain name from a Domain Name Service (DNS) operator. This will give you an APN like “terminal”, which for example is the most common APN used for 1oT SIM cards. A custom APN is linked with the same network and operator identifier parameters but is just translated by the DNS.

Types of APN

There are a couple of APN types depending on functionality and several abbreviations which might confuse you. Let’s clear things up a bit. We can divide APNs based on if it is connected to a public or private network and also based on how the IP address is assigned. Taking this into account we get four different types:


  • Public APN - this is mostly referred to as just “APN”. A device connecting to the gateway with a public APN is given an IP address dynamically to mostly access the internet.

  • Public APN with static IP - the gateway assigns a static IP address to the device based on the available IP pool of the public network.

  • Private APN - this is also mistaken as “APN with VPN”. A device that has a private APN configuration can be connected to a companies’ own internal network by the gateway.

  • Private APN with static IP - the gateway assigns a static IP address to the device based on the available IP pool of the private network.

When we compare Public APN and Private APN we can see that the latter doesn’t necessarily even need an internet connection. Private APNs ensure secure data handling by never allowing it to access the public internet while at the same time staying on cellular network infrastructure.

Private APN and Virtual Private Network(VPN) is often mistaken as the same but VPN is an extra layer on top of the public internet to create a secure communication channel.

Dynamic IP is not accessible to inbound connections and therefore it cannot be used to initiate communications to the IoT or M2M device as this IP address is not known until the device initiates the connection itself.  

APNs with static IP are fully routable and it is possible to initiate communication externally.


Do I need to configure APN myself?

If you think about using your phone, you might not recap having to enter APN settings to establish a network connection or to use MMS. That’s because these settings are sent via SMS once the device logs onto a network. Some phones ask you to confirm these settings, others do it in the background without you noticing.

For IoT/M2M devices APN needs to be configured manually. This is because the software feature for automatic APN recognition usually has not been implemented by IoT/M2M cellular hardware manufacturers. There simply is not a need for it. That said, this is not a rule and you can find few exceptions like Telit 4G Cat-M and NB-IoT modules for example.


Can I get a custom APN for my business?

Telecoms can create custom APNs but they typically only offer this service for huge multi-national companies. 1oT takes custom APN requests also case by case so make sure to contact us with any inquiries.


Need help with deciding on the right APN type?

We at 1oT can help you with deciding on the right APN type to us for your IoT/M2M project. Make sure to contact us with technical questions at hacking [at] 1oT.mobi.


Sours: https://1ot.mobi/resources/blog/iot-hacking-series-3-what-is-access-point-name-apn-and-how-it-works


28236 28237 28238 28239 28240