Is there any way to know SIM is in roaming.
Does any AT cmd or any Remote Access Service API provide any help over this.
Or any TAPI api on win32 helps me in getting this information?
The technical definition of "roaming" is that you're not on your home network, i.e. you're talknig to a VLR (Visiting Location Register) instead of a HLR (Home Location Register). Obviously the VLR will be operated by a different company.
[edit]
On second thought, you'll see more changes. For instance, you'll also a foreign radio network. I.e. RILCELLTOWERINFO will contain a MCC/MNC that doesn't match your SIM.
There is a standard AT-command to do this:
AT+CREG?
You have to look at the second value (stat). If it's equal to 5, this means that the device is currently roaming.
For more information please look in the 3GPP TS 27.007 standard.
Related
I'm a software developer with very little knowledge on telco, recently my boss asked me to find a way to request user location with their imsi from the HLR. I have never done such thing before, i work mostly on high end applications. I've done some research, read some articles, like on dialogic.com, but until now i haven't found clear instructions on have to make it.
So can someone explain me what are all the steps i should take in order to make it? I'm working on windows but a linux based solution will be good to. Please consider I'm a newbie.
There is a way to do it, of course, but all depends on the core network. If it is up to 3g, you could (depending on the operator) either do ATI against HLR based on IMSI, or send an SRI-SM query to the HLR and in response get the VLR id.
then send PSI (Provide subscriber info) query with Location Information tag to the VLR which you got from HLR.
In response of PSI the VLR/MSC will respond back with LAC and Cellid of
subscriber. For newer (4-5G) mobile networks, there is an explanation here http://4g5gworld.com/blog/lcs-architecture-lte-eps
The interface to the HLR is usually not an open interface - it is an SS7 based interface on what is a closed network for operators.
The information in the HLR and VLR (Visitor Location Register - a local copy of the HLR on visited switches) and the VLR is not usually available externally. Some of the information would never be shared, but there are some services which will allow you query some HLR info - for example (I have not used these and cannot vouch for them):
https://www.hlr-lookups.com
http://www.vianett.com/en/products/overview/hlr-number-lookup
If you wanted to implement a service like this yourself, you would need a gateway between the IP and SS7 networks.
The HLR lookup service provides information for IMSI and roaming MSC. A MSC have country code and network code. If this is the only information which serves the purpose the , you can get lookup services from any service provider , just by checking the coverage. If you are telecom company and have SS7/Sigtran level access to the mobile operators then can develop your own lookup gateway.
https://www.cspsprotocol.com/what-is-hlr-lookup/
I found what i needed with Telestax Restcomm GMLC server. It's available here
https://github.com/RestComm/gmlc
But be aware that the solution only works on Linux server, because windows does not implement the SCTP Stack.
I know it's an old post, but if it's any help to others, I use a company called Data Soap for HLR lookups and they provide information about phone network, along with the originating country.
https://www.datasoap.co.uk/data-quality-services/hlr-lookup
This is my first post so please bear with me, will i get use to the posting requirements.
I need help finding out when i insert a smartcard (on Windows 64bit machine), what it then access in the background. I have tried using process monitor, process explorer and TCP View. These didn't provide me with what i needed which is to be able to see ports, registry keys, background network access and so on.I need something that will allow me to activate it to observe what happens when i use a smartcard. The idea is that a smartcard is inserted and then it looks at certain registry keys and also checks via an connection various URL's, ports to ensure access is granted. The problem is the software we have installed hasn't put the registry keys where they should be so i can't change them, and these are what i really need to get at. I have also tried searching the registry keys for a value one would be logged under and i can't seem to find it that way either.
I use to have a piece of software years ago that provided it, was a listener of some sort, but i can't think of it for the life of me what it is called. If anyone can point me in the direction of what i need to be thinking off i would be so grateful!
If i need to be clearer please let me know, thanks!
Actually a smartcard accesses nothing on its own. I'm aware, that Windows might look up the ATR in the registry in order to provide a "friendly card name", but if absent no harm is done except not having the friendly card name.
Any actions like internet request are more likely to be associated with a software tool called Service Provider, which knows, what commands to send for this specific card in order to perform actions like:
User authentication
Signature computation
Significant knowledge concerning the specific card is required, so entering some registry entries is far from sufficient. If the card contains a certificate, some software may try to verify the certificate chain or ensure, that the key was not revoked, but this is also not initiated by the card.
I'd like to know how to determine, in a running application, the domain controller/primary domain controller of the Windows workstation or server on which the application is running, using Win32 APIs.
In particular, given a machine's hostname, I want to find the name of the authoritative source of resolving that hostname to a particular machine. (I think that's the domain controller; my knowledge of this area is pretty weak so I may be asking the question the wrong way.).
I've seen a C# code fragment that purportedly does this, but don't know if there is any relation to Win32 APIs. There's lots of "how to get DC" web pages, but they are all invoking command scripts, not the APIs.
Happy to have code, but willing to do the homework on extracting the steps, if somebody points me in the right direction.
Is there an analog in Linux? (e.g., native calls to find a name server? I'm not assuming a Linux context with a Windows domain controller).
(Aha... just discovered this question: Get the domain name of a computer from Windows API. Will dig into it some more. EDIT: Maybe the function I want is NetDCName? Where do I get the parameters that it wants?).
EDIT April 19: I coded/tested NetDCName using Eric's hints. Yes, it produces the domain controller name when there is one,
and an error signal when there is not, which is just the right functional behavior.
However, the function call seems to take several seconds! Why would that be?
That puts an unacceptable, user-visible delay in a check I'm trying to do.
NetGetDCName is one option; if you need more functionality, DsGetDcName is also an option.
The MSDN documentation clearly states that NULL is used to indicate the default, so
nStatus = NetGetDCName(NULL, NULL, (LPBYTE *) &lpDcName);
would return the domain controller for the default domain on the local computer.
is there a way to find out the location without using GPS on the Windows phone 7. It's okay if ts approximate, as i want to get the city (not the precise longitude and latitude).
Use of the location API within Windows Phone 7 is described in this collection of MSDN articles. Pay special attention to the section in Location Programming: Best Practices about the right level of accuracy. When setting the GeoCoordinateWatcher to default instead of high accuracy it is optimzed for power-usage. In practice this means it will only resort to GPS of there is nothing else available.
All use of the location API will require you to ask the user for permission to use their location. The only way to get around that (if you really want to) is by using one of the tricks described in other answers.
I think it is not allowed by their policy. You have to use their Location services and include a on/off switch as well as privacy policy.
If you'll try to work around that, it may not pass the certification.
If you can find out the IP address assigned by an ISP (such as the IP address of the wireless router you connect to or the phone itself if it is on 4G (?)), you can use a GeoIP look-up. demo: http://www.geoiptool.com/
As many of you probably know, online banks nowadays have a security system whereby you are asked some personal questions before you even enter your password. Once you have answered them, you can choose for the bank to "remember this computer" so that in the future you can login by only entering your password.
How does the "remember this computer" part work? I know it cannot be cookies, because the feature still works despite the fact that I clear all of my cookies. I thought it might be by IP address, but my friend with a dynamic IP claims it works for him, too (but maybe he's wrong). He thought it was MAC address or something, but I strongly doubt that! So, is there a concept of https-only cookies that I don't clear?
Finally, the programming part of the question: how can I do something similar myself in, say, PHP?
In fact they most probably use cookies. An alternative for them would be to use "flash cookies" (officially called "Local Shared Objects"). They are similar to cookies in that they are tied to a website and have an upper size limit, but they are maintained by the flash player, so they are invisible to any browser tools.
To clear them (and test this theory), you can use the instructions provided by Adobe. An other nifty (or maybe worrying, depending on your viewpoint) feature is that the LSO storage is shared by all browsers, so using LSO you can identify users even if they switched browser (as long as they are logged in as the same user).
The particular bank I was interested in is Bank of America.
I have confirmed that if I only clear my cookies or my LSOs, the site does not require me to re-enter info. If, however, I clear both, I had to go through additional authentication. Thus, that appears to be the answer in my particular case!
But thank you all for the heads-up regarding other banks, and possibilities such as including the User-Agent string.
This kind of session tracking is very likely to be done using a combination of a cookie with a unique id identifying your current session, and the website pairing that id with the last IP address you used to connect to their server. That way, if the IP changes, but you still have the cookie, you're identified and logged in, and if the cookie is absent but you have the same IP address as the one save on the server, then they set your cookie to the id paired with that IP.
Really, it's that second possibility that is tricky to get right. If the cookie is missing, and you only have your IP address to show for identification, it's quite unsafe to log someone in just based of that. So servers probably store additional info about you, LSO seem like a good choice, geo IP too, but User Agent, not so much because they don't really say anything about you, every body using the same version of the same browser as you has the same.
As an aside, it has been mentioned above that it could work with MAC adresses. I strongly disagree! Your MAC address never reaches your bank's server, as they are only used to identify sides of an Ethernet connection, and to connect to your bank you make a bunch of Ethernet connections: from your computer to your home router, or your ISP, then from there to the first internet router you go through, then to the second, etc... and each time a new connection is made, each machine on each side provide their very own MAC addresses. So your MAC address can only be known to the machines directly connected to you through a switch or hub, because anything else that routes your packets will replace your MAC with their own. Only the IP address stays the same all the way.
If MAC addresses did go all the way, it would be a privacy nightmare, as all MAC addresses are unique to a single device, hence to a single person.
This is a slightly simplified explanation because it's not the point of the question, but it seemed useful to clear what looked like a misunderstanding.
It is possible for flash files to store a small amount of data on your computer. It's also possible that the bank uses that approach to "remember" your computer, but it's risky to rely on users having (and not having disabled) flash.
My bank's site makes me re-authenticate every time a new version of Firefox is out, so there's definitely a user-agent string component in some.
It could be a combination of cookies, and ip address logging.
Edit: I have just checked my bank and cleared the cookies. Now I have to re-enter all of my info.
I think it depends on the bank. My bank does use a cookie since I lose it when I wipe cookies.
Are you using a laptop? Does it remember you, after you delete your cookies, if you access from a different WiFi network? If so, IP/physical location mapping is highly unlikely.
Based on all these posts, the conclusions that I'm reaching are (1) it depends on the bank and (2) there's probably more than one piece of data that's involved, but see (1).
MAC address is possible.
IP to physical location mapping is also a possibility.
User agents and other HTTP headers are quiet unique to each of the machines too.
I'm thinking about those websites that prevents you from using an accelerating download managers. There must be a way.