Category Archives: Computing

Computing, networking, and the like. Non-Ham Radio related.

Ohio Section Journal – The Technical Coordinator – October 2017 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at: http://arrl-ohio.org/news/OSJ-October-17.pdf

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

October is National Cyber Security Awareness Month. I either made your eyes roll because security can be complicated or piqued your interest because of the TWO Equifax breaches. I can certainly get into the weeds with data and cybersecurity because it’s an interest of mine – as a user and programmer. Realizing that most readers won’t have a background in programming or system administration, I’ll set aside the technical details. I’ll briefly cover some cybersecurity issues and give tips anyone reading this article can use.

The whole concept of computing is built on trust. The list of things we trust is infinitely long: trust programmers of the operating system and program developers are following good practices. Trust the company stands behind their product, fixing problems and issues. Trust “Information Security Officers” of a company actually have a background in information security. Trust audits are taking place to uncover problems. Trust customer data is being stored in accordance with good security practices. Trust the website you’re browsing to is really CompanyWebsite.com. Trust “[insert name of company here] Free Wi-Fi” is really that company’s free Wi-Fi. Trust that devices in your home aren’t spying on you. You start to get the idea.

Security is a tradeoff between safety and convenience. Computing could be made very secure but those systems would be completely unusable due to the layers of security. There is no such thing as a “completely secure” system or device – it just means the mistakes, problems, and bugs haven’t been found yet. “Shellshock” is considered to be a very severe security bug. Disclosure came in September of 2014. This bug affected millions of servers connected to the internet. It was determined the bug, in some form, had existed in the UNIX (and Linux) command-line interface since 1989.
Humans program computers. Humans use computers. Humans make mistakes.

Hackers leverage these mistakes and use them to their advantage, often to gain unauthorized access. The word “hacker” has two meanings. “White-hat hackers” are the ones who experiment with and modify devices and software to make it work better. Hams are examples of these because we take commercial gear and make repeaters or use off-the-shelf routers for things like Mesh networking. “Black-hat hackers” are the bad guys and the ones we hear about on the news stealing credit card data from Target and personal data from Equifax. These are the ones I will be referring to.

Hollywood gives us the perception that hackers are in some 3rd-world country or in a dark basement, no lights, and only the glow of their computer screens. Hackers come from all parts of the world and sometimes are acting on a government’s behalf. In fact, legitimate companies exist solely to sell their black-hat hacking tools. They have buildings, employees, call centers, and help desks – as does any legitimate company.

What’s the motivation behind hacking?

Money. It’s hard not to tie everything back to money. The first reference to malicious hacking was “phreaking” (pronounced freaking. AKA: phone hacking) where one of the goals was to manipulate the public phone system and use it to make long-distance calls when it was very expensive to call around the world. More recent financial examples include everything from disrupting nation-states (economic), blackmail, and ransom payments for access to data. Ransomware encrypts all documents and pictures. It demands payment before it will (hopefully) decrypt your files allowing you to use those files again. Ransomware utilizes the same technology, strong encryption, which you use to securely transact with your bank online.

My social media, computer, or online account has no value [to me] / I only check email / I don’t store anything on my computer / why would anyone want access to my email or computer?

I hear these alot. Many of us don’t realize all the things a bad guy can do with computer access or an email account. Brian Krebs is a blogger who covers computing security and cybercrime on his website Krebs on Security. He is known for infiltrating underground cybercrime rings and writes about his experiences. His site is highly recommended reading for anyone with an interest in cybersecurity.

Brian posted two articles titled “The Value of a Hacked Email Account” and “The Scrap Value of a Hacked PC…” When signing up for any online service, an email address is almost always required. In 2013, according to Brian’s article, hackers who have access to email accounts can subsequently gain access to other services such as iTunes and sell that access for $8 each. FedEx, Continental, United accounts go for $6. Groupon, $5. Hosting and service accounts like GoDaddy, AT&T, Sprint, Verizon Wireless, and T-Mobile, $4 apiece. Facebook and Twitter accounts were $2.50/ea.

Aside from the monetary value, bad guys have access to family pictures, work documents, chat history, can change billing and deposit addresses on banking accounts, drain financials like 401K, bank or stock accounts, and target other individuals like family members. In 2012, a hacker went after Wired journalist Mat Honan locking him out of his digital life. The attacker used flaws in Amazon and Apple’s services, which helped them gain access to Mat’s Gmail and ultimately his Twitter account.

Access to a personal computer can be gained through a number of schemes including: fake ‘you have an out-of-date plugin/flash version’ on a webpage, receive an email about a past due invoice, notification of a problem with some shipment, or by innocently installing a program thought to be legitimate. A recent example of a compromised program was the widely popular PC maintenance program, CCleaner. Untold millions of people unknowingly downloaded a malicious version of the program from the vendor’s site.

A hacked PC can be used for: generating email spam, harvesting other accounts (see above), gain access to a work network, steal online game keys and characters, be part of a Denial of Service attack, infect other devices on the network (like DVRs), create fake eBay auctions, host child porn, capture images from web-cams or network cameras and use them for extortion purposes.

What can I do to protect myself?

Unfortunately in situations of compromise like Target and Equifax, there was nothing you could do – other than not use a credit card at Target or not apply for any kind of credit reported to Equifax. Unlikely for many. You can only react after-the-fact by closing accounts with fraudulent charges and place credit warnings or freezes on your credit.

The SANS Institute, which specializes in information security and cybersecurity training, offers a “monthly security awareness newsletter for everyone” called “Ouch!” Their October 2017 newsletter outlines five steps to help anyone overcome fears and securely use today’s technology. Check the newsletter for more information on these points.

  1. Social Engineering: is an old technique which creates a sense of urgency to tick people into giving up information they shouldn’t: someone needs money quickly, boss needs a password, the IRS is filing suit against you, Microsoft Tech Support calls you about a “virus” on your computer, etc. Never give a password, any personal information, or remote access to any solicitor.
  2. Passwords: Create unique, strong passwords for all online devices and online accounts. Use a password manager which will assist in creating strong passwords. LastPass utilizes a web interface and cloud storage, KeePass is an application and stores the database locally on your computer. Both are excellent solutions for a password manager.
    If you’re uncomfortable with a password manager, use pass-phrases which are passwords made up of multiple words. Passphrases can be written down, but store these in a secure location. Use two-step verification, often called two-factor authentication. Two-factor authentication (2FA) is a combination of something you know (your password) and something you have (a smartphone). A list of services offering 2FA with instructions can be found at: twofactorauth.org. Note: text messages are NOT a secure two-factor method because the cellphone network is not secure and attackers have been able to re-route text messages.
  3. Patches: Put all devices connected to the Internet behind a firewall (router) and keep all systems connected to the internet up-to-date. This includes home routers, computers, smartphones, tablets, streaming media devices, thermometers, Raspberry PIs, lights, automation systems, speakers, and video cameras. If devices are not being updated by the vendor, potentially dangerous mistakes are not being fixed. It’s time to consider better devices.
  4. Anti-virus: can protect you when you accidentally click on the thing you shouldn’t have and infected your system. It won’t protect against every form of infection. Windows Defender, available for all current Windows operating systems, is sufficient.
  5. Backups: I cannot stress this enough, backup, backup, backup! Many times I’m asked something similar to: ‘how can I recover my daughter’s wedding pictures from my computer’s crashed drive?’ Maybe you can, but often not. ‘I lost my phone, didn’t have cloud backup enabled, and had vacation pictures on there.’ Yea, they’re really gone. Backups serve as a way to recover from your own mistakes like accidentally deleted files and ransomware cyberattacks. A “3-2-1 backup strategy” includes 3 copies of your data, 2 on different media, 1 off-site. For most of us, this means: the original data is the 1st copy, an external hard drive (disconnected when not copying data) or network storage drive houses the 2nd copy, and a copy on a USB flash drive stored at work or backed up using a cloud backup solution – is the off-site 3rd copy.

A layered approach to security is considered best practice. As an example, creating strong passwords AND using two-factor authentication. The more layers the better, but more layers means less convenience. Brian Krebs also offers his “Tools for a Safer PC” which includes switching to OpenDNS in your home router. DNS is the service that turns human-readable URLs into IP address. OpenDNS blocks communication with known malware sites.

Hopefully this information has grabbed your attention and guided you to take steps to become safer online. Thanks for reading and 73… de Jeff – K8JTK

Imgs: Krebs on Security, Ars Technica.

Ohio Section Journal – The Technical Coordinator – April 2016 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at: http://n8sy2.blogspot.com/2016/04/april-edition-of-ohio-section-journal.html

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey Gang,

So — Windows 10. This topic was brought up during the after meeting at my local club. Many of you are undoubtedly seeing the upgrade nag-screens. You too might be wondering: what’s changed in Windows 10, might have heard some of the issues surrounding the new operating system, and why the big push to upgrade. This month I’ll cover the new operating system from the perspective of what has happened so far and not from a ham radio perspective. Also to preface this whole thing, Microsoft has never been very clear about their statements and often retracts or goes back on things they’ve said. In other words, any of this may change as we go along.

windows-update-impending-upgradeWhat is Windows 10?… why not Windows 9? There are many theories surrounding the choice in numbering. The named version of Windows hasn’t matched the real version number since Windows NT 4.0. Windows 10 is the successor to Windows 8.1, but not Windows as you know it. It represents a shift in the direction of Microsoft as a company. Microsoft indicated this is the “the last version of Windows.” While they’re not killing it off, Microsoft is moving to a model they call “Windows as a service.” This means Microsoft will deliver innovations and updates in an ongoing manner instead of separate releases (versions) of Windows. The ultimate goal is to have one version of Windows that will run on all platforms. Everything, including Raspberry Pi, phones, tables, HoloLens (wearable, so called “smart-glasses”), laptops, desktop PCs, Surface Hubs (interactive whiteboards), and Xbox entertainment systems. Having one version of an operating system means all of these systems will become integrated and share information easily.

windows-product-family

A large part of this shift includes the use of “the cloud.” The cloud is a fancy term for someone else’s equipment on the Internet. The most common example is ‘cloud storage.’ Services like DropBox, Google Drive, or OneDrive allow you to save your documents and pictures elsewhere. You upload files to these services and you can access those files or share them with others on the Internet. The cloud is heavily integrated into Windows 10. After installing Windows 10, it will prompt you to sign in using a Microsoft Account. This syncs your user profile with the Microsoft cloud. When you sign into another device using your Microsoft Account, your settings will be the same across those devices. You can use Windows 10 without a Microsoft account. The computer will operate in standalone mode similar to previous versions of Windows. Microsoft’s online storage service called OneDrive is integrated into the operating system as well. Other new features include your new personal assistant, Cortana. She will help find things on your computer and the web, set reminders, similar to Apple’s Siri or Google Now.

Universal apps: These first appeared in Windows 8 as “Metro Apps.” This concept is to have developers write one application and have it work the same way on any Windows platform. These apps are found and delivered via the Microsoft Store (similar to the Android Play Store or Apple’s App Store), and again – available on all platforms. Some games and applications that came preloaded in previous versions of Windows have been replaced with Universal Apps in 10.

Edge browser: Microsoft Internet Explorer has been replaced with Microsoft Edge. It’s been touted as a more secure browser. However, this has yet to play out because browser extensions are very limited.

upgrade-is-readyFree upgrade: Legal copies of Windows 7/8/8.1 are eligible for a free lifetime upgrade to Windows 10 until July 29, 2016. There are some stipulations to this free upgrade. “Lifetime” means the lifetime of the device eligible for the free upgrade. When that device fails, you cannot transfer the free upgrade to another device. What happens after July 29th? Microsoft hasn’t said. The free upgrade is expected to become a premium upgrade that you’ll have to purchase, even for a device that was previously eligible for the free upgrade. Versions prior to Windows 7 are not eligible for the free upgrade. To be honest, if you’re running a version of Windows prior to 7, you probably want to upgrade your hardware for 10.

Now reality.

Big upgrade push: Windows users have seen the icon in the system tray nagging them to upgrade. Why the big push? Microsoft is trying to avoid another Windows XP. At the time Windows XP was declared “end-of-life,” it accounted for about 10% of all computers on the Internet. Two years later, about 7% are still using XP. That’s a lot of users running a dead operating system. On top of that, Windows 7 will be 7 years old in July and only supported for 4 more years (until January 2020).

While Windows XP maybe working great, there are reasons to get off of it. Google has been leading a push for a more secure Internet. Windows XP cannot handle many modern security methods in use today. All browsers in XP (except Firefox) will display ‘your connection is not private’ when connecting to a website that has more modern security then XP can understand. Since Windows XP is not a supported operating system, it won’t be updated to handle modern security methods. While the website will still work, your connection will be less secure. A work around for this security issue is to use Firefox. Though no known vulnerabilities exist in XP, best practice dictates users should remove unsupported operating systems from the Internet if it doesn’t need to be on the Internet. Another reason to upgrade is new hardware and software will not have support for old operating systems.

upgrade-is-waitingThe upgrade push for Windows 10 has been nothing short of a disaster. Last year, users eligible for the upgrade began seeing a Windows icon in the system tray saying ‘you’re PC is ready for your free upgrade.’ This deplorable tactic is commonly used by malware and spyware authors to trick you into installing software you don’t want or need. As an Information Technology professional with an interest in cyber security, this is the type of message I tell users NOT to acknowledge. Kind of ironic. Initially this tray icon came in the form of a Windows “Recommended” update. Then Microsoft upgraded it to a “Critical” Windows Update -yet another deplorable tactic. Despite this maneuver, Windows 10 is NOT a critical update. The upgrade popups are very confusing as the clickable options are: “upgrade now,” “upgrade later,” “OK,” or “Get Started.” Oh, it gets worse. Users are reporting they vigilantly closed the prompts to upgrade (clicked the red “X”) but their system was still upgraded automatically against their wishes. They went to bed with Windows 7 and got up the next morning to Windows 10. Surprise.

Once the upgrade happens, you do have 30 days to revert back to your previous version of Windows. The problem here is users have found the roll back frequently fails. Imagine that. ‘Don’t worry, you can go back… if you want. Opps, the roll back just failed! Guess you’re stuck.’ Thanks.

Start Menu: Microsoft tried to remove the Start menu in Windows 8 and replaced it with a full screen tile menu. This was an attempt start a unified experience between PCs and mobile devices. The change worked fine on small screen devices but was a terrible experience on PCs. It was met with much outcry. The Start menu has returned in Windows 10 with something that kind of resembles the Start menu from Windows 7. It’s more of a combined Start menu — “Live Tile” experience. Live Tiles display updates like weather, news, and photos, while others are just a static application icon.

windows-10

Adding to the confusion, there now two places where system settings reside: “Settings” and “Control Panel.” Settings typically run between devices like time zone, personalization, notifications, and user accounts. The Control Panel is mostly desktop specific settings.

Tracking: Microsoft Windows 10 tracks much of what you do and where you go. Their claim is they provided a free upgrade so you can give some information back to Microsoft on your usage. Two problems with this: even if you pay for the Windows 10 upgrade, this information is still shared with Microsoft. The other, this tracking is now rolled into Windows 7 and 8. Privacy advocates feel this is a violation of user’s privacy. The argument on the other side is most use Google or Apple’s services and they know just as much about you. This Ars Technica article explains tracking is a growing trend in technology: http://arstechnica.com/information-technology/2015/08/windows-10s-privacy-policy-is-the-new-normal/

Upgrade tips: create a full system backup using a backup service or create an image of your current installation on an external hard drive before attempting to upgrade. This is a backup incase the rollback fails. Check the vendor’s website of your hardware and critical software applications. Look for driver support or knowledge base articles about Windows 10 before upgrading. Knowing whether your devices and software are supported will help minimize regret because your favorite app or device no longer works.

Certainly some of these concerns have caused me to look at alternative operating systems. I have found in my deployments (I have yet to upgrade all of my desktops) with a little work, I can get 10 to act a lot like (my favorite) Windows 7. Turning off or uninstalling cruft helps a lot: turning off notifications, disabling camera & microphone usage, disable Cortana, remove many Universal Applications, and turn off background apps. I use Classic Shell to return a normal looking Start menu and Anti-Beacon to disable tracking. Links to those applications and ones to disable the upgrade nag-screens are below. Seriously, if you find any of these apps useful, consider donating to the author because we need to support those doing the right thing and allowing choice.

Thanks for reading and 73… de Jeff – K8JTK

Image sources: thurrott.com, zdnet.com, and blogs.windows.com.

As always, use these at your own risk.
Disable Windows 10 upgrade and notifications in Windows 7 & 8/8.1:
Never 10: https://www.grc.com/never10.htm
GWX Control Panel (advanced users): http://ultimateoutsider.com/downloads/

Start menu replacement for Windows 8 & 10:
Classic Shell: http://www.classicshell.net/
Start 10 (trial): http://www.stardock.com/products/start10/

Disable Windows tracking:
https://github.com/10se1ucgo/DisableWinTracking
https://www.safer-networking.org/spybot-anti-beacon/ (from the makers of SpyBot Search and Destroy, works on all versions of Windows).
A more manual approach is presented: http://arstechnica.com/information-technology/2015/08/windows-10-doesnt-offer-much-privacy-by-default-heres-how-to-fix-it/

Bridge a Remote Site Network with OpenVPN Access Server

Having access to your devices over the Internet is a requirement for any admin deploying a project. Instead of running to a remote site to administer devices (making changes, applying updates and patches), it’s easier to connect remotely and make changes. Remote access poses many issues and concerns.

Security

First and foremost is security. You always, always, ALWAYS want devices connected to the Internet behind a router with a built-in firewall (NAT router). A firewall filters traffic between two networks (your ISP and home for example) and will block attempts to connect to your internal (private) network.

Device manufacturers take security for granted. Little testing and auditing takes place because the analysis is expensive for throw-away devices. This is noted in many stories including Bug Exposes IP Cameras, Baby Monitors where simply clicking “OK” on the login dialog allowed access to the Internet connected video camera. It is trivial to find these devices on the Internet because of Shodan. Shodan is dubbed the “Internet of Things Search Engine.” If you’re not familiar, think of it as the Google for devices connected directly to the internet. These could be: web servers, printers, cameras, industrial machines, bitcoin mining… Putting devices behind a firewall minimizes the risk because anything trying to peer into the network would be blocked by the firewall.

This holds true for networks you don’t control (granted access on someone else’s network). Put your stuff behind a router/firewall so they can’t see your devices and you can’t be exploited by devices on the other network.

Port Forwarding is a popular technique to only allow traffic on a specific port to a device you specify in your firewall (router). This provides little security as it still allows a potentially vulnerable service to accept incoming connections from the Internet.

Choose a good router

Couple of tips for a good router:

  • You get what you pay for. Don’t opt for cheap.
  • Opt for ones that support third-party firmware like DD-WRT and Tomato or setup a dedicated computer running pfsense or Untangle. These have proven to be more secure than stock firmware in addition to offering a more complete feature set.
  • Stick with popular models as found on Amazon, Newegg, or other tech store. They’re more likely to be reliable, well updated models.
  • Look for ones that accept USB cellular modem dongles for installations that have no accessible network connection like a remote site.

Virtual Private Network

The preferred way to connect to a remote network is to use a VPN. A VPN connects to a private network securely over the Internet. It allows the user to exchange data, use services, and connect to devices as if they were directly connected to that network. An open-source project that implements VPN technologies security is OpenVPN. OpenVPN is an application that allows for secure point-to-point communication. There are many implementations of OpenVPN including using it in many third-party router firmware (mentioned above). OpenVPN Access Server is one of the many implementations and the one used for this project.

This project was inspired by Hak5 1921 – Access Internal Networks with Reverse VPN Connections. As an Amateur Radio operator into the newer computer and digital technologies, more devices are located at remote sites.

This setup consists of:

  1. A remote network behind a firewall where devices exist you want to access. This will be a Linux server on the remote network that will act as the gateway and persistently connected to the bridge. This could be a full desktop computer purposed for something else or Raspberry Pi. Also on the same network will be a Windows machine.
  2. An unsecure/unknown network, AKA the Internet.
  3. A private server that will act as the bridge between the remote network and a device you choose.
  4. A device in a separate location that will connect to the cloud server and will be able to access the remote network. I will use a Windows machine to act as a ‘home’ computer.

This setup works in nearly all cases because the only device receiving incoming connections is the bridge server in the cloud. Firewalls block incoming connections by default. Very few block connections originating inside the network out to the Internet (egress). If a device along the way filters by content, connection attempts will be blocked. Many corporate networks are doing this kind of filtering. Otherwise the traffic looks the same as secure web traffic on port 443. No port forwarding is used.

Hosting

I recommend using an infrastructure hosting provider for the bridge server. This can cost anywhere from $5-$15 per month. The device can be anywhere on the public Internet. It must accept multiple connections on different ports but only by a couple users at a time are needed. Minimal configuration is more than sufficient. Bandwidth, latency, and up-time of all points in this setup effect reliability. My personal recommendations for infrastructure hosting providers are: Rackspace and DigitalOcean.

IP addressing

All remote networks and the home user networks cannot overlap in address space. That is they need to be differently numbered. For example, typically home networks have addressing as 192.168.1.x. The remote site(s) can’t have the same numbering (192.168.1.x). It must be different. I suggest making the remote site different enough to not cause conflict with any home users’ networks. Remote sites as 192.168.25.x, 192.168.26.x, and 192.168.27.x would work fine when the home users’ networks is addressed 192.168.0.x, 192.168.1.x, 192.168.2.x, and so on (except 25-27). Similarly addressed networks create routing conflicts and the packets will not reach the correct network.

Downsides

Cost.

In addition to hosting, a downside to using OpenVPN Access Server is licensing. While OpenVPN is Open-Source Software and OpenVPN Access Server is free, the license allows for only two concurrent tunnel connections at any one time. This means the remote site counts as one connection and the home device the second. If a second person (third device) needed access to the remote network, they would get a message saying ‘Access Server has reached its concurrent connections limit.’ The first person would need to disconnect first before the second could connect otherwise current connections will begin to be booted. Additionally, connecting two or more remote sites and a home user is not possible without purchasing licenses or running an additional bridge server. Additional licenses can be purchased for “$9.60 License Fee Per Client Connection Per Year. Support & Updates included. 10 Client minimum purchase.” $96 per year.

An alternative to OpenVPN Access Server is to setup your own (roll your own) OpenVPN server which is free. I hope to do an OVPN server setup at some point in the future.

Assumptions

This guide is step-by-step in nature, meant for beginners, with brief explanations of the steps. It will help to have an understanding of Linux commands and scripting. Capitalization is important in Linux! Understanding of basic networking concepts including determining network prefixes and CIDR notation is also required.

Program versions

I used a Windows 7 64 bit PC for configuration (and Home PC). Applications and versions used in this writeup:

  • OpenVPN Access Server 2.0.24
  • Putty 0.67
  • Ubuntu 14.04 x64 (bridge and remote servers)
  • Filezilla 3.16.0

P25 Trunked Tracking and Decoding with RTL-SDR, Unitrunker, and DSDPlus

The project that got me really into experimenting with the RTL-SDR dongles is using them to decode P25 digital trunked public service radio systems.  I have been a casual scanner listener for years and like to listen to emergency calls nearby.  In college it was great to listen in on a party weekend hearing fights, disturbances, or why my street suddenly filled with cars at 3 AM.

Narrowbanding

That was when most agencies were analog.  To get more use out of the radio spectrum, the FCC decreed a narrowbanding mandate requiring a “maximum of 12.5 kHz bandwidth across the private land mobile bands between 150-174 and 421-512 MHz.”  This means going digital for much of that radio spectrum because traditional FM transmissions are 15 KHz.  Ironically they will “go digital” but move to 700/800 MHz.

As a casual listener, I wasn’t exactly thrilled with spending at least $500 for a scanner capable of digital (P25 mostly) and trunked system tracking (also Radio Reference wiki).

$40 RTL-SDR trunked scanner

Lurking around the Radio Reference forums, I saw references to being able to use the RTL-SDR dongles for trunked digital decoding.  I had to try it.  I had played around with these dongles and read about the many projects people were doing with them.  In actuality this project cost me $65.

About the project

You will need at least two RTL-SDR dongles ($20/each) and a copy of Virtual Audio Cable ($26).  I already had a premium Radio Reference account.  You can do the project with one dongle but you loose many features in Unitrunker like talkgroup priority.  Theoretically, the single dongle listens to the system control channel and then tunes to voice calls, then back to the control channel.  You will miss calls because that notification comes across the control channel while the dongle was tuned to a voice transmission.  I will cover a two dongle setup and do not plan to cover a single dongle setup.

This project is still very complicated but it is MUCH easier than it used to be.  This manly thanks to Rick, the developer of Unitrunker who implemented support for the RTL-SDR chipset in his program.  Previously, there needed to be a plug-in for both Unitrunker and SDRSharp, there were all kinds of “moving parts.”  In one respect, being able to see the signal waveform on a spectrum analyzer made it much easier to fine tune the PPM correction on-the-fly as opposed to guessing on a modulation scope.  This setup is much cleaner and the Unitrunker developer has implemented advanced features like drift correction.  It will take some time and patience to understand, research, and know the types of systems and system specifics.

There are some advantages like cost and being software based.  Changing modulation types is often as easy as changing programs.  As an example, DSDPlus will decode MotoTrbo as opposed to no standalone scanner being able to do so currently.  However, portability of this setup is limited as you have to have many pieces of equipment with you.  You’ll need an Internet connection to find sites to program and a PC to tweak settings.

Two very specific and key things to note about trunked radio systems in general:

  • You cannot tell the tower your’re listening to which talkgroup you want to monitor.  Doing so would require the ability to transmit and IS ILLEGAL because you are not authorized to do so.  If the talkgroup is not transmitted by the tower, you’re out of luck.  You can’t be in Dayton and tell the system you want to listen to a talkgroup originating from Cleveland.
  • Nothing here (and no program I know of) will defeat encryption, even if you own the keys.  Decoding encrypted transmissions is not implemented in any of these programs.  On the flip side, be aware that using this tutorial and feeding the audio to Radio Reference and Broadcastify may not make agencies happy.  You could get a take-down notice or even worse, it is trivial to turn on encryption at the system level and you just blocked reception for all scanner listeners.

Thanks to those whose tutorials I first used getting this setup working: $20 trunking police scanner and RTL-SDR Tutorial: Following Trunked Radio With Unitrunker.

Program versions

I used a Windows 7 64 bit PC. Applications and versions used in this writeup:

  • SDRSharp: 1.0.0.1330
  • Virtual Audio Cable: 4.14
  • DSDPlus: 1.51
  • UniTrunker: 1.0.30.10

Parts list

Listed below are all the parts needed to get this project working.

  • Computer with some processing and memory horse power.  It is recommended to have a computer with a recent Intel Core i5 processor and 8GB of RAM, or better.
  • Receive antenna that covers 700 & 800 MHz where P25 trunked usually resides. For an external antenna, splitters and coax runs maybe needed.  The stock RTL-SDR dongle antennas worked fine for me.
  • Two RTL-SDR Dongles.  To decode more than one voice transmission, increase the number of dongles needed.
  • Virtual Audio Cable.  Not free but trial version available.
  • Radio Reference account.  Premium account.  If you don’t want to fork over the money, become an audio feed provider.
  • Recommend a USB hub.  Couple years ago I picked up a Rosewill RHUB-300 USB 2.0 Hub 7-Port HUB.  I recommend this hub because when the dongle is plugged in, the antenna connector is pointed up.  This makes it easier to connect an adapter and a Pryme RD-98.  If available, connect the hub to an Intel USB chipset on your motherboard.  I’ve had far less issues using Intel based hardware.

ADS-B Decoding with RTL-SDR, ADSBSharp, and Virtual Radar Server

Update: ADSBSharp (ADSB#) is no longer available and has been deprecated.  Copies can be found by doing some searching.  It is not available from the authors site as described in this post for the RTL-SDR. A program like RTL1090 or Dump1090 (or any of its forks) can be substituted.  The author is focusing on AirSpy devices and ADSBSpy is available from the same site as SDR#.


An interesting project I came across using the RTL-SDR dongle is to decode ADS-B data.  ADS-B stands for Automatic dependent surveillance – broadcast allowing aircraft to be tracked by ground stations and provide situational awareness to nearby aircraft.  It is part of the FAA’s NextGen project and mandated by agencies across the globe.  ADS-B uses a frequency of 1090 MHz.

Thanks goes out to Robert Nickels – W9RAN and his article in the January 2014 edition of QST which covers this project and how to make a Collinear Array for 1090.  HAK5 also did a couple episodes showing how to make an antenna and configure Virtual Radar Server.

adsb-hub-diagram
Block diagram of the ADS-B Hub setup. From: QST, January 2014.

Program versions

I used a Windows 7 64 bit PC.  Applications and versions used in this writeup…

SDRSharp: 1.0.0.1330
ADSBSharp: 1.0.11.1
Zadig: 2.1.0.658
Virtual Radar Server: 2.0.2
SBS Resources: 6.7

Parts list

Listed below are all the parts needed to get this project working.

Antenna with receive coverage of 1090 MHz.
RTL-SDR dongle.

I had a ham radio antenna that I used.  It is the MP Antenna 08-ANT-0860 Ultra Mobile Antenna if you’re interested.  To build an antenna, see the QST article above.  The one that comes with the dongle will work but at short range.