SDR 101 - NDSU CyberSecurity 2017

Software Defined Radio 101Mike Saunders @hardwaterhacker

About Mike

• Started IT in 1998

• Security since 2007

• Avid ice fisherman

http://nickolaylamm.com/

Signals Around Us• Cell phones (900/1,800/1,900 MHz)

• Wifi (2.4 & 5 GHz)

• Bluetooth (2.4 GHz)

• Zigbee (2.4 GHz)

• Broadcast TV (54 - 900 MHz)

• Pagers (35/43/152/157/163/454/462/929 MHz)

• ADSB (978/1090 MHz)

• AIS (162 MHz)

• HAM radio (varied)

• Police & military comms (varied)

• Satellite comms (varied)

• Cordless phones (1.7/27/43-50/900 MHz, 1.9/2.4/5.8 GHz)

• Radar (varied)

• Car remotes (315 / 433 MHz)

• Garage door openers (310/315/390 MHz)

• TV remotes (varied)

• Wireless presenter remotes (varied)

• Etc. etc. etc.

What is SDR?

• Radios used to be implemented in hardware

• Software Defined Radio - software tunes receiver hardware to desired frequency

• Additional software can decode transmission to reveal data

• Signals can be transmitted with certain hardware

What You Need

• Hardware

• rtl, HackRF One, Ubertooth One, Yardstick, Funcube, etc.

• Antenna

• Software

• GNU Radio, SDR#, GQRX, etc.

Getting Started - Hardware

• Generic RTL2832U / R820T

• ≈ $15

• 25 - 1700 MHz

• RX only


• Generic RTL2832U / R820T

• Aluminum case limits noise

• ≈ $25

• 25 - 1700 MHz

• RX only


• HackRF One

• ≈ $330

• 10 MHz - 6GHz

• TX & RX

• 20M samples/second

Getting Started - Software

• Windows

• SDR#, HDSDR, SDR-RADIO.COM

• Mac & Linux

• GNU Radio, GQRX, Linrad

• Android

• SDR Touch, Wavesink Plus, RFAnalyzer

Getting Started - SDR#

• SDR# - www.airspy.com

• Quick start guide - http://www.rtl-sdr.com/rtl-sdr-quick-start-guide/

Getting Started - Tuning

• http://www.nws.noaa.gov/nwr/coverage/station_listing.html

• https://www.youtube.com/watch?v=gFXMbr1dgng

Getting Started - FM Radio

Common Problems

• Don’t forget to install Zadig driver with generic RTL

• Some USB 3.0 ports don’t work well

• Issues with USB passthrough in VMs

• Frequency drift due to temperature differences (non-TCXO chipset)

SDR# Common Problems

• Slower processors = dropped samples, choppy audio

• Even an issue in VMs on more powerful hardware

• HDSDR is harder to use, but less overhead

SDR# Common Problems

ID an unknown signal

• Spend time sweeping through frequencies

• Search for known frequencies at radioreference.com

• Look up signal waterfall on sigidwiki.com

• Signal @ 152.480 Mhz

radioreference.com

FCC License Search

Search Results

Review Frequencies

Review Registration

Check SigIDWiki

Captured sample waterfall SigIDWiki Reference

Legal Disclaimer

• I am not a lawyer, this may or may not be illegal

• Research and decide for yourself

• 18 U.S.C § 2511

• 18 U.S.C § 2510

Decoding Pages• Walk through:

• http://www.rtl-sdr.com/rtl-sdr-tutorial-pocsag-pager-decoding/

• You need:

• SDR#

• VBCable

• http://vb-audio.pagesperso-orange.fr/Cable/index.htm

• PDW

• http://www.discriminator.nl/pdw/index-en.html

SDR 101 - NDSU CyberSecurity 2017

Technology

Transcript of SDR 101 - NDSU CyberSecurity 2017