- Need to identify attack surface of a device that has a cellular interface (phone, IoT)
- Want to know and understand any call home functionality (IPSEC, SSH,etc)
- Scan for network daemons that might be listening on the cell interface. In real world cell provider might be blocking network traffic.
- Verify firewall rules are working
- MitM opportunities
- This setup is not a cellular downgrade attack
Details are in this slide.