Сайт «rtl-sdr.com»

Mike Tests out L-Band STD-C and AERO with a Low Cost Modified GPS Antenna

SDR-Kits.net have begun selling low cost GPS antennas that are modified to receive the Inmarsat satellite frequencies between 1535 MHz to 1550 MHz. They also have a version for Iridium satellites that receives 1610 MHz to 1630 MHz. The antennas are powered by a 3-5V bias tee, so they should work fine with SDRplay, Airspy and RTL-SDR Blog V3 units.

Mike Ladd from SDRplay has recently sent us a guide to receiving AERO and STD-C messages on L-band with the SDR-Kits antenna and an SDRPlay unit running SDRUno (pdf warning).

AERO messages are a form of satellite ACARS, and typically contain short messages from aircraft. It is also possible to receive AERO audio calls. STD-C aka FleetNET and SafetyNET is a marine service that broadcasts messages that typically contain text information such as search and rescue (SAR) and coast guard messages as well as news, weather and incident reports. Some private messages are also seen. To decode AERO Mike uses JAERO, and for STD-C he uses the Tekmanoid STD-C decoder.

Mike has also created a very handy bank of frequencies for the SDRUno frequency manager which can be downloaded from here.

We note that if you're interested in waiting, at the end of September we will have an L-band patch antenna set available too. Our antenna will work from 1525 up to 1637 MHz. Prototypes have shown have shown good Inmarsat, Iridium and GPS reception. More details coming next month when manufacturing gets closer to finishing up.

Screenshot of the Tekmanoid Decoder from Mikes Tutorial
Screenshot of the Tekmanoid Decoder from Mikes Tutorial

Podcasts: GNU Radio with Ben Hilburn + New Signals and Bits Episodes

The Scanner School Podcast has recently released a new episode featuring an interview with Ben Hilburn, President of the GNU Radio project. If you want to understand what GNU Radio is, and what role it plays in the SDR/radio world, then this is a good listen.

Ben Hilburn is the project lead for GNU Radio, the free and open software radio ecosystem.

GNU Radio works best in an Linux environment and can also run on the ever popular Raspberry PI.

Ben and I discuss what GNU Radio is, how people are using GNU Radio, and how easy it is to get started with this amazing piece of free software.

If you are looking to learn how the hardware inside of a radio makes it work, or maybe you already do…. GNU radio is a great resource for you

Ben himself has a new podcast of his own titled "Signals & Bits" and there are a number of episodes already out, including an interview with SignalsEverywhere YouTube channel host Harold Giddings, Manuel Uhm Director of Marketing at Xilinx who talks about SDR designs on FPGA chips, and most recently Daina Bouquin who talks about her project called "The Space Library" that is in collaboration with the LibreSpace Foundation.

PEPYSCOPE: A Simple Panadapter for HF Radios using RTL-SDR Direct Sampling

Over on GitHub user mcogoni (Marco/IS0KYB) has recently released a new program called Pepyscope. Pepyscope is a simple and fast panadapter application that is designed to be used with direct sampling capable RTL-SDR's such as our RTL-SDR Blog V3 units. Like other panadapters you simply connect the IF output from the hardware HF radio into the input of the RTL-SDR. Then Pepyscope gives you a waterfall display that helps users to easily visualize the spectrum.

Pepyscope is open source and runs on Linux PCs. So far Marco has tested Pepyscope with a KENWOOD TS-180S (single conversion with IF at 8.83 MHz) and an RTL-SDR v3. He has also uploaded a demonstration video on YouTube.

PEPYSCOPE: a simple panadapter for Linux and the RTL-SDR in direct sampling mode

Uplinking to QO-100 with a LimeNET Micro and LimeRFE

The LimeNet Micro is a is a $329 board that combines a Raspberry Pi 3 (compute module) together with a LimeSDR radio. The LimeRFE is an amplifier and filter board accessory designed to be used with LimeSDR units. When a LimeNET Micro and LimeRFE are used together, it is possible to create a transmit capable radio system that can be used for amateur radio.

Daniel Estévez has recently been doing several experiments with the LimeRFE, and this time he's managed to create an uplink capable ground station for the QO-100 amateur radio geostationary satellite. The LimeRFE can output 1W at 2.4 GHz and Daniel writes that with a low cost 2.4 GHz WiFi parabolic grid antenna this is more than enough power to work QO-100.

In terms of software, Daniel is using a Python script that communicates with the Limesuite API for PTT control. For transmitting IQ data generated by GNU Radio he uses limesdr_send. So far he's been able to successfully test a CW beacon, SSB voice and waterfall text generated by gr-paint.

LimeNet Micro + LimeRFE + 2.4 GHz WiFi Antenna = Full QO-100 Solution
LimeNet Micro + LimeRFE + 2.4 GHz WiFi Antenna = Full QO-100 Solution

 

SignalsEverywhere: Driving around with KerberosSDR and Locating a P25 Transmitter

On this weeks episode of SignalsEverywhere, host Corrosive tests out our KerberosSDR coherent RTL-SDR unit for radio direction finding. If you didn't already know KerberosSDR is our experimental 4x Coherent RTL-SDR product. With it, coherent applications like radio direction finding (RDF) and passive radar are possible. Together with the KerberosSDR direction finding Android app it is possible to visualize the direction finding data produced by a KerberosSDR running on a Pi3/Tinkerboard.

In the video Corrosive uses the KerberosSDR together with the recently updated companion Android app to determine the location of a P25 control channel. By driving around with the app constantly collecting data he's able to pinpoint the location within about 15 minutes.

If this interests you, we also have some more driving demo videos available here.

Direction Finding With Kerberos SDR

In addition to his video, Corrosive has also created a very useful calculator that can be used to calculate the required antenna spacing for a circular or linear direction finding array that can be used with the KerberosSDR.

AIS Share App Updated and Magazine Article

Thank you to Christian, programmer of the AIS Share Android App for letting us know about some updates to his AIS Share Android application. AIS Share is a €2 app for Android that allows you to turn an Android device into an AIS receiver together with an RTL-SDR. AIS stands for Automatic Identification System and is used by ships to broadcast their GPS locations in order to help avoid collisions and aide with rescues. An RTL-SDR with the right software can be used to receive and decode these signals, and plot ship positions on a map.

Recent updates to AIS Share have brought improved AIS reception, and updates allowing it to run on the latest Android version. A new video demonstrating the software was also uploaded to YouTube.

AIS SHARE - Android (RTL-SDR AIS receiver)

The App has also been featured in the February 2019 edition the "Practical Boat Owner" magazine (paid magazine with digital editions). The article discusses using AIS Share and an RTL-SDR to stream data to Boat Beacon, which is a popular chart navigation app. A similar but free tutorial on setting up AIS Share and Boat Beacon can be found here.

An excerpt of the Practical Boat Owner AIS Share RTL-SDR Article.
An excerpt of the Practical Boat Owner AIS Share RTL-SDR Article.

RTL-SDR.COM GOES 16/17 and GK-2A Weather Satellite Reception Comprehensive Tutorial

GOES 16/17 and GK-2A are geosynchronous weather satellites that transmit high resolution weather images and data. In particular they are far enough away from the earth to be able to take beautiful 'full disk' images which show the entirety of one side of the Earth. As these satellites are in a geosynchronous orbit, they can be counted on to be in the same position in the sky at all times, so no tracking hardware is required and images can be pulled down constantly throughout the day without having to wait for a polar orbiting satellite to pass over like you would with the NOAA APT or Russian Meteor satellites.

With a low cost WiFi grid dish antenna, LNA and RTL-SDR dongle, any home user within the footprint of one of these weather satellites can receive and decode live images directly from the sky. Setting up a station is overall not too difficult, but it can be a bit fiddly with a number of steps to complete. Below is our comprehensive guide. We'll show how to set up a self contained Raspberry Pi based system with goestools (free), as well as a guide for the Windows PC software XRIT decoder (US$125).

We've attempted to make the tutorial as newbie friendly as possible, but we do need to assume basic RF knowledge (know what antennas, SDRs, coaxial, adapters etc are), basic Linux competency for the goestools tutorial (using the terminal, using nano text editor), and basic Windows competency for the XRIT decoder tutorial (unzipping, editing text files, running programs).

Click for the full size image (14MB)
A full disk false color image received directly from the GOES-17 satellite with an RTL-SDR. Click for the full size image (14MB).

There are two fourth generation NOAA GOES satellites that are currently active, GOES-16 and GOES-17. These transmit HRIT signals, and also transmit shared data from the older third generation GOES 15, and Japanese Himiwari8 satellites. At the moment GOES-16 and GOES-17 are producing full disk images every 30 minutes, and close up shots of the USA every ~10 minutes. GOES-16 (aka GOES-R) and GOES-17 (aka GOES-S) are also known as GOES-EAST and GOES-WEST respectively. At least one of these satellites can be received from North/South America, Canada, Alaska/Hawaii, New Zealand, Eastern Australia and some pacific islands.

There is also the older generation GOES-15 and GOES-14 which have been placed in standby orbits. These transmit LRIT signals which provide images at a slower rate. 

GOES 16/East and GOES 17/West Signal Footprint
GOES 16/East and GOES 17/West Signal Footprint

There is also the Korean GK-2A (GEO-KOMPSAT-2A) satellite which is very similar to the GOES satellites. GK-2A covers countries like India, Asia, Australia, New Zealand and parts of Russia. Note that you may have previously heard of the COMS-1 satellite which used to cover this area. Since July 2019 COMS-1 was replaced by GK-2A. Unlike GOES, GK-2A images are encrypted. However it has been found that "sample" encryption keys found online in demo code work just fine.

GK-2A contains both LRIT and HRIT channels, but at the moment only the LRIT channel can be decoded with the currently available software. The LRIT channel sends full disk IR images every 10 minutes in 2200x2200 resolution.

Note that even if HRIT decoding is added by the current software, you would require an Airspy or other wideband SDR as the GK-2A HRIT signal bandwidth is 5 MHz. Also since the HRIT bandwidth is so wide, the signal strength is reduced, meaning that you'll need a larger dish. People who have received the HRIT signal note that a 3M+ sized dish seems to be required.

GK-21 (GEO-KOMPSAT-2A) Foorprint
GK-21 (GEO-KOMPSAT-2A) Footprint

You might ask why bother receiving these satellite images directly, when you can get the exact same images from NOAA at https://www.star.nesdis.noaa.gov/GOES/index.php. Well, you might want to set up your own station to be independent from the internet, or you live in a remote location without internet, or maybe just for the fun and learning of it.

To set up a receiver for GOES 16/17 HRIT or GK-2A LRIT you'll need to purchase a dish antenna such as a cheap 2.4 GHz WiFi antenna, an RTL-SDR, GOES LNA, and a Raspberry Pi. The total cost could be anywhere from $150 - $200 depending on what pieces you already have available.

Before we start the tutorial, you might want to use an augmented reality Android app like "Satellite-AR" to get a rough idea of where either GOES 16/17 or GK-2A (GEO-KOMPSAT-2A) is in your sky, and if receiving them is even feasible for your location. You'll need to find an area on your land where you can mount a small satellite dish with an unobstructed line of sight view to the satellite (no trees or buildings can be blocking the signal path). If the satellite is low on the horizon (below 25 deg elevation), then things get a little more difficult as you have more obstructions and a weaker signal. But it can still be done, and we're able to routinely get good results at 24.5 deg elevation.

Hardware Required

  1. An RTL-SDR Blog V3 dongle. (US$21.95)
     
    1. Some other RTL-SDRs will work too, but confirm that the dongle you purchase has a bias tee built in. (All RTL-SDR Blog V3 dongles have a bias tee). Alternatively, you can purchase an external bias tee.
       
    2. Note that most of the cheapest generic RTL-SDRs do not work properly at 1.7 GHz due to overheating issues that we discovered can cause problems with reception above roughly 1.5 GHz. Only RTL-SDR Blog V3, E4000 and other dongles with cooling fixes will work.
       
    3. An Airspy One can also be used with goestools on Linux and XRIT Decoder on Windows. An SDRplay unit can be used with XRIT Decoder on Windows only.
       
  2. A low noise amplifier (LNA), preferably with filtering. (US$34.95) An LNA is absolutely required to receive the GOES signal. The LNA should ideally have a noise figure (NF) below 1 dB.
     
    1. We recommend purchasing the NooElec SAWbird+ Filtered GOES LNA.
       
    2. Optionally, adding a second LNA after the SAWbird can help improve reception too, but then you'll need to power the SAWbird directly. If powering directly be very careful and be aware that SAWBird products have a minor design flaw where if you use external power it will output power to the dongle side as well. This could destroy your RTL-SDR's ESD diode and other components if you do not use a DC blocking cap.
       
  3. A 2.4 GHz WiFi parabolic grid dish antenna. (US$50 - US$100) 2.4 GHz is above our intended RX frequency of 1.7 GHz, but these antennas are confirmed to still work well. Note that for reception of satellites that are low on your horizon (below 25 deg), we recommend looking for a 1.9 GHz antenna instead as these work a bit better. However we have been able to confirm that with minor modifications we can still receive the signal decently at 24.5 deg elevation with a 2.4 GHz WiFi antenna.
     
    1. A 2.4 GHz WiFi parabolic grid antenna - make sure you get the kind with the largest reflector (the grid dish part) possible. The right size is around 100cm x 60cm (39 x 24 in) or larger. Also ensure that it has a metal secondary reflector. Examples Products [1] [2] [3]
       
    2. Alternatively, if you can find a similarly sized or larger 1.9 GHz antenna, then this will work even better. But these are typically much more expensive when compared to WiFi grid antennas and sometimes difficult to find.
       
    3. Other circular satellite dishes can work too, but those typically don't come with their own feed as they're designed for LNBs. If using a circular dish you'd have to design and make your own feed. If this interests you, see Lucas' cantenna feed example as a reference.
       
    4. If needed, you can improve reception by extending the parabolic grid dish reflector size with metal chicken mesh.
       
  4. A mount for the parabolic dish. (US$39.99) This could be a portable antenna tripod, or a more permanent mast. Example product [1].
     
  5. Coax adapter for the parabolic grid. (US$5.99) The grid antenna will typically come with an N-female connector. So look for an N-Male to SMA Male adapter, to be able to fit the RTL-SDRs SMA female input. Example product [1].
     
  6. Low loss RG6 coax cable, or an active USB extension cable.
     
    1. Either use low loss coax cable or a USB extension cable to get the LNA and/or RTL-SDR out to the antenna. An active USB cable will be required for longer USB runs. You may have to build a waterproof enclosure if mounting permanently outside.
       
    2. To ensure good signal strength, the LNA must be connected right at the antenna - there should be as little coax as possible between the LNA and antenna.
       
    3. We strongly recommend using as little coax as possible after the LNA too. The SAWbird LNA doesn't have enough gain to push the signal through long runs of coax. If you're forced to use long runs of coax, use a secondary LNA. Preferably use a USB extension cable to reduce coax runs.
       
  7. A Raspberry Pi 3/4 + 8GB or larger SD card. (US$40 - US$100) Setting up the software on a Raspberry Pi 3/4 is the easiest way to create a permanent monitoring solution. Example product [1].
     
    1. (Optional) You may want to have an external hard drive connected to the Pi for image storage as you'll be getting 1-2 GB of images a day.
       
  8. (Optional) Weather proofing boxes.
     
    1. If you're planning on running the system permanently, you'll want a water proof box to house your LNA and/or RTL-SDR.
       
  9. (Optional) Additional Cooling
     
    1. Avoid running the RTL-SDR or Raspberry Pi in direct sunlight, or in very hot areas. The RTL-SDR V3 has passive cooling, but if the RTL-SDR overheats from direct sunlight or a lack of surrounding airflow you will probably begin to see the viterbi error rates rising, and eventually failed reception. If you experience heat related issues, shield the SDR from direct heat, and/or use some sort of cooling system with a heatsink and fan. Even a small amount of airflow can help significantly.

Setting Up the Hardware and Modifying the Antenna

Overview of Hardware Connections and Pieces
Overview of Hardware Connections and Pieces

Connect the SAWBird to the antenna, and then the RTL-SDR. Double check that you have the SAWBird the correct way around, with the "OUT" side connected to the RTL-SDR, and the "IN" side connected to the antenna. Keep the SAWBird as close to the antenna as possible. You can use a short run of coax between the SAWBird and RTL-SDR, but keep this to a minimum too. Instead of coax, use long active USB cables, or keep your Raspberry Pi close by.

GOES satellite signals are vertically polarized, so the secondary reflector and feed should be installed vertically, not horizontally.

For 2.4 GHz WiFi antennas, the secondary reflector might be curved. To optimize the reception for 1.7 GHz mount the secondary reflector concave side facing outwards.

You can improve the antennas performance at 1.7 GHz by adding a spacer to the secondary reflector so that it sits about 2.5 to 3.5 cm away from the primary reflector. Here is a video that demonstrates this idea. To mount the spacer you'll need to find a longer screw of the same size.

Modifications for 2.4 GHz WiFi Antennas to improve 1.7 GHz Reception
Modifications for 2.4 GHz WiFi Antennas to improve 1.7 GHz Reception

.

Pointing the Antenna

The antenna must be positioned outside. The signal is very weak so it will be very difficult to receive through a window.

Elevation: Angle up/down
Azimuth: Angle left/right
Polarization/LNB Skew: Rotation angle of the dish

Setting the Elevation and Azimuth

You'll need to point the grid antenna fairly accurately at the GOES satellite. If you are out by even 1-2 degrees, the signal will not be seen, or be weak. Use the website dishpointer.com to determine the Elevation and Azimuth that is required to point your dish, or simply take note of the line pointing towards the satellite and align the dish with features from your house. Note that on dishpointer GOES-17 is listed as 137.2W GOES-S (may change to GOES-17 in the future), and GOES-16 is listed as 75.2W GOES 16. 

For now you can just point it roughly as we'll fine tune alignment later.

Dishpointer example. Line the dish up with the driveway corner.
Dishpointer example. Line the dish up with the driveway corner.

You can also use an augmented reality Android app like "Satellite-AR" to get a rough direction of the satellite. But this cannot be trusted for accuracy as the compasses on smartphones are often not very accurate. We recommend using a standard magnetic compass to help point by using the Azimuth (magn.) information from dishpointer. 

Using the Satellite-AR Android App to check the rough direction of GOES-17.
Using the Satellite-AR Android App to check the rough direction of GOES-17.

To determine the elevation you can use a bubble leveling tool, or an Android app like "Bubble Level".

Checking Elevation with Android App Bubble Level.
Checking elevation with Android app Bubble Level. Showing 24.1 deg elevation.

Setting the Polarization

NOTE: We may be slightly wrong on this polarization info as the polarization might also be dependent on the satellites's antenna oritentation. This info seems to hold true for GOES satellites, but not GK-2A. If any one can confirm, please let us know.

Once you have the Elevation and Azimuth of the dish approximately correct, you'll need to adjust the rotation (aka skew) of the dish in order to match the polarization of the satellite at your location. Dishpointer will tell you exactly what rotation angle to use, and in which direction, under the "LNB Skew" information.

If you are on the same longitude as the satellite your skew will be zero, and no rotation will be required. However, those further away on the longitude plane will require their dishes to be rotated. Most WiFi and 1.9 GHz grid dish antennas only allow you to rotate in 45 deg angle increments, so just choose the closest increment to what is given in dish finder.

In the image below Example 1 shows a user in California, pointing at GOES 16. Dishpointer shows that the required rotation is 42.2° CCW. So standing behind the antenna you would rotate the dish by 45° so that the left side is closer to the ground. Example 2 shows a user in New York pointing to GOES 16. Here the required rotation is almost zero, so no rotation is required. Keep the dish horizontal. In Example 3 the user in is Auckland, New Zealand pointing at GOES 17. Here the rotation is 44.6° CW, so the user would rotate the dish with the right side being lower.

Note that for GK-2A we found that the LNB skew given by dishpointer appears to be reversed in terms of the required rotation direction. We're not sure why, but may have something to do with the way the antenna is oriented on GK-2A.

Signal Fine Tuning

GOES 16/17 HRIT Frequency: 1.6941 GHz
GK-2A LRIT Frequency: 1.69214 GHz

Now that you have your dish pointed in the correct direction we'll need to fine tune the positioning to detect and maximize signal strength. When fine tuning the alignment of the dish you'll need to run a program like SDR#, and keep an eye on the spectrum and waterfall while making fine adjustments to your dish. If you can't see your PC screen while positioning the antenna, it will be very difficult to confirm and tune reception. 

To make it easier if you don't have a laptop, install the Teamviewer application (or any alternative like VNC) on your desktop PC, and run SDR# with the dongle and LNA connected to the antenna. Then view the PC's screen on your mobile device using the Teamviewer App, and slowly move the dish around until you see the HRIT/LRIT signal. If using the RTL-SDR V3 make sure that you activate the bias tee first using the bias tee software (see Feature 2 on the V3 guide).

Try to get the signal as strong as you can, but do not worry too much about ultra fine tuning. Later when running the software we will optimize the reception even further using the viterbi error correction rate produced by the decoder software.

The image below shows what reception of a GOES 16/17 HRIT signal looks like. The large bump on the right is the HRIT signal which contains all the weather image data. The narrowband signal on the left is EMWIN, which contains simple text data and simple weather fax type images.

What GOES-17 looks like in SDR# on an RTL-SDR
What GOES-17 looks like in SDR# on an RTL-SDR
Checking GOES Reception Remotely via Teamviewer
Checking GOES Reception Remotely via Teamviewer

Note that there are sometimes brief periods of a few minutes where the GOES signal is idle. During this time the HRIT signal level will be a bit lower.

The image below shows that the GK-2A LRIT signal looks like.

GK-2A LRIT Signal
GK-2A LRIT Signal

Sun Interference Note: During the day time while the sun is up reception signal strength can be reduced, sometimes even resulting in no reception at all. If you cannot find the signal during the day, try again later at night after sundown. Interference appears to be the worst when the sun is behind the satellite.

When the sun is behind the satellite, we cannot receive the signal.
When the sun is behind the satellite, we cannot receive the signal at all.

Raspberry Pi goestools Linux Software Install and Setup

For the Raspberry Pi we will use the goestools software suite which decodes and generates images for us. Goestools is made for Linux, but it might be possible to compile and run on Windows/MacOS too, although we're unaware of any successful attempts. The easiest way to set it up is to install it on a cheap Raspberry Pi 3/4.

  1. Download Raspbian Lite from the Raspberry Pi site and burn the image to an SDCard using Etcher or Win32Diskimager. Insert the card into the Pi.
     
  2. Boot the Pi, and set up an internet connection either with WiFi (method A or B), or by using an Ethernet cable in method C.
     
    1. Configure wpa_supplicant.conf on your SDCard or,
       
    2. Connect the Pi to a monitor, log in with username: pi and password: raspberry, then run "sudo raspi-config" and set up your WiFi connection.
       
    3. If using an Ethernet cable you do not need to set up WiFi.

  3. Find the IP Address of the Pi either via Method A or B
     
    1. Using a monitor, open a terminal on the Pi and find it's IP address by using the command "ip addr" without quotes. Or,
       
    2. Open your network routers' configuration page on any PC, and search the settings for a list of connected devices. You should be able to see the Raspberry Pi listed there, with it's IP address.
       
  4. Now you should connect to your Pi from a PC on the same network using any SSH software such as PuTTy.
     
  5. At this point we recommend following the excellent goesrecv software installation guidelines written by Aleksey Smolenchuk (lxe). Go through steps 1 - 6. It is a simple matter of copy and pasting the commands into the SSH terminal.
     
    However, on step 6 of Aleksey's guide, we recommend changing the sample_rate to 2000000. We've found that higher sample rates often cause goesrecv to require multiple restarts in order to get a lock on the frequency.  Also if you're using an RTL-SDR V3 enable the bias tee and increase the gain to 30:
    sample_rate = 2000000
    gain = 30
    bias_tee = true

Running the Software and Fine Tuning the Antenna

Later we will create a script that automatically runs the software on boot. However, for now let's first test it.

To run the software open two separate SSH terminals on your main PC using PuTTy or a similar SSH terminal program. Connect to the Raspberry Pi's IP address, port: 2222 with SSH. Log into the Pi with the default username/password: pi/raspberry. In the first terminal run the command:

goesrecv -v -i 1 -c ~/goesrecv.conf

At this point you'll see a bunch of data begin to scroll by. The important thing to look at is the "vit(avg) and "drops" data. You should be seeing zero drops, and a vit(avg) of below 500, and ideally below 400. If you are seeing higher vit(avg) values and drops, you must realign and improve your dish antenna's reception. If you're getting a vit(avg) of around 400 - 600 you may be able to proceed, but some images may be lost or incomplete if you are seeing frequent drops. Anything above 600 and you probably won't be able to get any images.

Signal Optimization TIP: To further optimize the signal, install an SSH terminal like "JuiceSSH" on your mobile device. Run the above goesrecv command on your mobile, and adjust the antenna until the vit(avg) reading is as low as possible. You may need to restart goesrecv after a large adjustment for it to get a better lock on the frequency.

Remotely checking vit(avg) with JuiceSSH on Android.
Remotely checking vit(avg) with JuiceSSH on Android.

Finally, if you have vit(avg) below 500 and are seeing zero drops, run the following command in the second PuTTy window.

goesproc -c /usr/share/goestools/goesproc-goesr.conf -m packet  --subscribe tcp://127.0.0.1:5004 --out /home/pi/goes 

At this point images will begin to download. Check back in 15 minutes and see what you've received. All images are written to the folder specified by the --out flag, in this case /home/pi/goes.

During testing you can easily transfer files out of the Pi to a Windows machine on the same network using a program called WinSCP. When starting WinSCP, simply select "New Site", choose the SCP file protocol and enter the Pi's IP address. You can then browse the Pi's directories, and download the image files from the folders generated in the home directory. But this is slow and time consuming, so we recommend using a more automated solution explained further below.

Also, if you wanted to, you could run goesproc on another Linux PC on your network and have the images generated on that machine. To do that, run goesproc with the Raspberry Pi's IP address in the --subscribe flag on the networked machine.

Browsing Images in a Web Browser

Note that we've had issues with Mediaweb crashing and being very slow when generating thumbnails, so we generally recommend that you use syncthing (shown below) instead.

An easier way to view the downloaded images is to install a simple folder web server like "Mediaweb" which will allow you to browse your received images on a web browser over a network connection.

Install the software using the instructions on the mediaweb Git. When installing be sure to choose /home/pi/goes as the default directory. Once installed Mediaweb will run in the background continually even after rebooting. So you can always browse your images.

Once mediaweb is installed and running, you can then browse to PI_IP_ADDR:9834 on any device connected to the same network as the Pi, and you'll be able to see the currently created folders and images (where PI_IP_ADDR is the IP Address of your Raspberry Pi).

Note that you might want to enable the thumbnail cache in /etc/mediaweb.conf, too. Remember to restart mediaweb after by using "sudo systemctl restart mediaweb".

Automatically Transferring Images to your Windows/Other Main PC

Syncthing is a program that you can use to automatically copy and sync your goes image folder with your main Windows/Mac/etc PC on the same network.

  1. Install syncthing on your Raspberry Pi via the instructions at https://apt.syncthing.net
     
  2. Syncthing is configured via a web interface, with default IP address of 127.0.0.1 (localhost). As we're running Raspbian Lite, we don't have a GUI and therefore can't run a web browser on the Pi. So we'll need to open the browser based configuration GUI on a networked PC. To do this we need to set the IP address of the GUI to the Pi's local network address. Edit the syncthing config, and under the <gui> entry, change the <address> value to 0.0.0.0 which will allow you to connect to the Pi's IP Address.
    sudo nano /home/pi/.config/syncthing/config.xml 
    Syncthing config, set IP to 0.0.0.0
    Syncthing config, set IP to 0.0.0.0
  3. Save and exit with CTRL+X, Y.
     
  4. Next, run "syncthing" on the command line.
     
  5. Now on your main PC, open a web browser and browse to PI_IP_ADDR:8384 to open the syncthing GUI for the Raspberry Pi.
     
  6. On your main PC, download, install and run the Windows version of syncthing. This will automatically open up a browser with the GUI for the Windows syncthing instance. Click on "Add Remote Device". It should be able to find the Raspberry Pi automatically, and you can double check the device ID by going to Actions->Show ID in the Raspberry Pi GUI. In the Windows GUI, simply click on the device ID, and click on Save.
     
  7. Within a few seconds/minutes, the Raspberry Pi GUI should pop up with a "New Device" alert. Click on Add Device -> Save.
     
  8. Still within the Raspberry PI GUI click on Add Folder. Set the folder path to /home/pi/goes, and set the label to "GOES Images". Leave the Folder ID default. Go into the "Sharing" tab, and enable sharing for your Windows machine. Click on Save.
     
  9. After a few seconds/minute or two, the Windows GUI web interface should pop up with a "New Folder" alert. Click on "Add", then under "Folder Path" set where you want the image files to be copied to. Then click on save.
     
  10. Wait a couple of minutes, and then it should begin syncing.

Run goesrecv, goesproc and syncthing Automatically on Boot

At the moment goesrec, goesproc and syncthing all need to be started manually whenever the Pi is rebooted. It would be better to create a system that automatically runs goesrecv, goesproc and syncthing when the Pi is booted. Then there is no need to keep an SSH terminal open and manually start the receiver and decoder whenever the Pi is rebooted.

First create two startup scripts called startgoesrecv.sh and startgoesproc.sh in your home directory.

sudo nano ~/startgoesrecv.sh 

#!/bin/bash 
/usr/bin/goesrecv -v -i 1 -c /home/pi/goesrecv.conf

sudo nano ~/startgoesproc.sh

#!/bin/bash 
/usr/bin/goesproc -c /usr/share/goestools/goesproc-goesr.conf -m packet --subscribe tcp://127.0.0.1:5004 --out /home/pi/goes

Then make the script files executable

sudo chmod +x startgoesrecv.sh 
sudo chmod +x startgoesproc.sh 

Next create a system service that will load the script on boot, after the network service has already been loaded. We are creating two services instead of one, because we need goesrecv to start as root in order to be able to open the RTL-SDRs, and goesproc to start as user pi to make accessing the files easier later on. Also Syncthing cannot be run as root.

# Create the service to start goesrecv

sudo nano /etc/systemd/system/startgoesrecv.service

# Copy and paste the following
 
[Unit]
Description=Start GOES receiver after network is loaded 
After=network.target
[Service]
User=root
Group=root
Type=oneshot 
ExecStart=/home/pi/startgoesrecv.sh 
[Install] 
WantedBy=multi-user.target

# Create the service to start goesproc

sudo nano /etc/systemd/system/startgoesproc.service

# Copy and paste the following
[Unit] Description=Start GOES processor after network is loaded as user pi
After=network.target 
[Service]
User=pi
Group=pi
Type=oneshot 
ExecStart=/home/pi/startgoesrecv.sh 
[Install] WantedBy=multi-user.target

# Create the service to start synthing
sudo nano /etc/systemd/system/startsyncthing.service

# Copy and paste the following
[Unit] Description=Start syncthing after network is loaded as user pi
After=network.target 
[Service]
User=pi
Group=pi
Type=oneshot 
ExecStart=/usr/bin/syncthing 
[Install] 
WantedBy=multi-user.target

Enable the services:

sudo systemctl daemon-reload 
sudo systemctl enable startgoesrecv
sudo systemctl enable startgoesproc
sudo systemctl enable startsyncthing

Note that if you plan on making this a permanent station, it would be wise to connect a large external hard drive to your Pi, and save images to there. In that case you'd change the --out flag in the startgoesproc.sh to the path of the harddrive.

(Untested Idea) Even with a hard drive, you might also want to remove files and folders older than ~30 days or so to avoid running out of space. GOES16/17 transmit about 2GB of data a day so storage can run out fast. (Adjust +30 in the script below to how many number of days of images you want to keep)

nano ~/removeoldfiles.sh 

#!/bin/bash 
find /home/pi/goes/* -type d -mtime +30 -exec rm -rf {} \;

sudo chmod +x removeoldfiles.sh

Then create a crontab entry to run this script daily.

crontab -e

# Add the following to the end of the crontab file
@daily sh /home/pi/removeoldfiles.sh

Automatically Transferring Images to Dropbox

This is an untested idea, but may be worth looking into if you run Dropbox.

https://github.com/andreafabrizi/Dropbox-Uploader

Create GIF Videos from Images

The easiest way that we found was to use an online service like https://gifmaker.me. Pieterns goestools guide shows an offline Linux method involving Imagemagick, but we found it too slow to run on a Pi 3.

Then to share upload to an efficient GIF sharing site like gfycat.com.

Below is a GIF of half a day of GOES 17 false color full disk images that come in every 30 minutes.

 

Below is a short GIF from GK-2A with 10 minute interval images.

 

 

Raspberry Pi GK-2A goestools Tutorial

Please note that GK-2A decoding is still in it's infancy, and the decoder is still being worked on by @sam210723. He is frequently updating his modified version of goestools and his xrit-rx software for GK-2A decoding.

First install the modified goestools for Gk-2A version at https://github.com/sam210723/goestools. Compilation instructions are on the page BUT we DO NOT recommend using the apt-get install librtlsdr-dev line in his instructions, as this will most likely install an older version without bias tee support. Instead, install librtlsdr from source as explained in Aleksei's guide. If you already installed the original goestools before then you will already have the correct librtlsdr installed. But note that running sudo make install will overwrite the original GOES goestools version. If you prefer you can just run the GK-2A goesrecv program from the build/src/goesrecv folder and not run sudo make install.

Next edit the goesrecv.conf file that you copied over with "nano goesrecv.conf". If you're using an Airspy, the conf file should already be ready, but you may want to edit it to activate the bias tee. If using an RTL-SDR, change the "source" to "rtlsdr", comment out the [airspy] settings by putting a "#" in front of them, and remove the "#" from the [rtlsdr] lines. Set the gain to 30, and bias_tee to true. CTRL+X, Y to save and exit.

Editing the goesrecv.conf file for RTL-SDR GK-2A reception.
Editing the goesrecv.conf file for RTL-SDR GK-2A reception.

Install xrit-rx

XRIT-RX takes the place of goesproc. First we need to download the encryption key.

# Install dependencies
sudo apt-get install python3-pip
pip3 install pycrypto

# Download the encryption key
mkdir COMS
cd COMS
wget http://nmsc.kma.go.kr/resources/enhome/resources/satellites/coms/COMS_Decryption_Sample_Cpp.zip
unzip COMS_Decryption_Sample_Cpp.zip
mv EncryptionKeyMessage_001F2904C905.bin ~/xrit-rx/

# Decrypt the key
python3 tools/keymsg-decrypt.py EncryptionKeyMessage_001F2904C905.bin 001F2904C905

You'll now have a file EncryptionKeyMessage_001F2904C905.bin.dec stored inside the xrit-rx folder. Now edit the xrit-rx.ini file with nano, and set the "keys = EncryptionKeyMessage_001F2904C905.bin.dec"

Set key file in xrit-rx.ini
Set key file in xrit-rx.ini

Finally, open two terminal windows in PuTTy. In terminal one run the following, and confirm that you get a low vit(avg) rate, and no drops.

goesrecv -i 1 -c goesrecv.conf

In the second terminal window run the following and it will automatically begin creating LRIT files.

sh xrit-rx.sh

In order to create images from the LRIT files you need to periodically run the lrit-img.py program found in the tools folder. Once run the full disk images will be product in the FD folder

# Install a dependency
pip3 install pillow

# Browse to the current date
cd ~/xrit-rx/received/LRIT/20190819 

# Run the program on the "FD" folder
python3 ~/xrit-rx/tools/lrit-img.py FD

Like with the standard goestools setup, you could now make these programs run on boot with systemd, set up syncthing. You could probably also create a crontab entry to periodically run lrit-img.py.

Windows XRIT Decoder Tutorial

If you instead prefer to use Windows software, USA-Satcom (Joe) has a decoder called "XRIT Decoder". Due to certain libraries used, it is not free and is available for a price of USD $125. The price includes free future updates and access to a private groups.io forum for support and downloads. 

An additional US$25 gets you an option piece of software called "XView" which is a viewer that allows you to view and filter images as they arrive. This is useful if you're creating some sort of live display. XView also an animation feature that allows you to easily create weather movies.

XRIT-Decoder can decode GOES LRIT and HRIT data. It appears to be somewhat compatible with GK-2A LRIT at the moment, and this is set to be improved in the future. It is compatible with the RTL-SDR, Airspy and SDRplay software defined radios.

In order to purchase XRIT-Decider you must contact him directly by email. You can also request a 30-day demo. After purchasing or requesting a demo USA-Satcom will send you activation and usage instruction.

XRIT Decoder SpyServer Setup

Note that if you are using an SDRplay SDR, you can skip this step.

For RTL-SDR and Airspy SDRs, XRIT Decoder relies on SpyServer from SDR# to provide data. SpyServer is a remote server application that supports the RTL-SDR and Airspy products. It's a part of the SDR# software package and can be downloaded from www.airspy.com.

SpyServer runs on Linux, Windows and ARM single board PCs like the Raspberry Pi. So if you wanted to you could set up a remote SpyServer on a Raspberry Pi connected directly to the antenna, and decode the data remotely on your Windows PC with XRIT Decoder.

  1. Turn on the bias tee.
     
    1. If using an RTL-SDR V3, run the V3 bias tee software and turn ON the bias tee.
       
    2. If using an Airspy, edit spyserver.config with a text editor and uncomment (remove the preceeding #) the "enable_bias_tee" option in spyserver.config, and set it to '1'.
       
  2. Start the SpyServer by double clicking on spyserver.exe, or running it from the command line in Linux. The default config is fine for RTL-SDRs.
 

Starting and Running XRIT Decoder

After purchasing XRIT Decoder, USA-Satcom will send you usage instructions that we won't repeat here. The basic steps are to run xrit_decoder.exe, select the SDR, sample rate and mode (LRIT/HRIT), then click on Start Demod. (For GK-2A select COMS-1 LRIT). You can then adjust the gain, and check the Viterbi rate. Like with the initial antenna setup, you can then use Teamviewer and the "Dish Align" feature in XRIT Decoder to fine tune your dish for the lowest Viterbi error rate. USA-Satcom recommends a viterbi rate of below 100, but we've found that under 400 still gives decent results.

Once your viterbi is optimized, go to the GOES XRIT Ingestor screen and click Start. Now you can open xrit_file_manager.exe, and click Start Processing in that window. Over time images will be stored in the "images" folder within the XRIT folder.

Finally, if you purchased XView, open xview.exe, and set the image path if necessary. Over time the last downloaded image will be displayed.

XRIT Decoder Screens
XRIT Decoder Screens

Example Images and Text that You'll Receive from GOES 16/17 and GK-2A

Click for the full size image (14MB)
Click for the full size image (14MB)
Himawari 8 IR Full Disk Relay Image (Infrared) Received from GOES 17
GOES 16 Full Disk Relay received from GOES 17
GOES 16 Full Disk Relay Received from GOES 17
GK-2A LRIT Image
GK-2A LRIT IR Full Disk Image
Zoomed GOES17 Image
GOES17 USA Image
NOAA Analysis
NOAA Analysis
NOAA Analysis
NOAA Analysis
NOAA Analysis
NOAA Analysis

Decoding PAL Video from a Nintendo with an Airspy SDR

Oona (also known as [Windytan] and @windyoona) was recently looking for a way to capture PAL composite video from her old 1980’s Nintendo Entertainment System (NES) without spending a bunch of money on what are often poor video capture cards. As she already owned an Airspy SDR she decided to receive the PAL signal with the Airspy and modify some software to act as a PAL decoder.

PAL decoding was handled via some modifications to the TempestSDR software that we covered in a [previous article]. Normally TempestSDR is used to spy on computer/TV monitors from signals that are unintentionally emitted in the surrounding area.

Oona has made the connection from the composite output directly to the SDR antenna input so it’s not unexpected that you’d have a strong signal. However, I have to admit that’s an incredibly clear image for a video being demodulated via a software radio.

What makes this an even more amazing feat is that the latency is low enough that it’s nearly playable using a computer and SDR in place of a television set.

We note that we’ve also seen SDRs used to decode standard PAL TV broadcasts before with an SDR# plugin called TVSharp.

Using a Drone and HackRF to Inject URLs, Phish For Passwords on Internet Connected TVs by Hijacking Over the Air Transmissions

There is nothing wrong with your television set. Do not attempt to adjust the picture. We are controlling transmission.

At this years Defcon conference security researcher Pedro Cabrera held a talk titled  "SDR Against Smart TVs; URL and channel injection attacks" that showed how easy it is to take over a modern internet connected smart TV with a transmit capable SDR and drone. The concept he demonstrated is conceptually simple - just broadcast a more powerful signal so that the TV will begin receiving the fake signal instead. However, instead of transmitting with extremely high power, he makes use of a drone that brings a HackRF SDR right in front of the targets TV antenna. The HackRF is a low cost $100-$300 software defined radio that can transmit.

Title Slide from the Defcon 27 Talk: SDR Against Smart TVs; URL and channel injection attacks.
Title Slide from the Defcon 27 Talk: SDR Against Smart TVs; URL and channel injection attacks.

While the hijacking of TV broadcasts is not a new idea, Pedro's talk highlights the fact that smart TVs now expose significantly more security risks to this type of attack. In most of Europe, Australia, New Zealand and some places in Western Asia and the Middle East they use smart TV's with the HbbTV standard. This allows for features like enhanced teletext, catch-up services, video-on-demand, EPG, interactive advertising, personalisation, voting, games, social networking, and other multimedia applications to be downloaded or activated on your TV over the air via the DVB-T signal.

The HbbTV standard carries no authentication. By controlling the transmission, it's possible to display fake phishing messages that ask for passwords and transmit the information back over the internet. A hacker could also inject key loggers and install cryptominers.

Recorded talks from the Defcon conference are not up on YouTube yet, but Wired recently ran a full story on Pedros talk, and it's worth checking out here. The slides from his presentation can be found on the Defcon server, and below are two videos that show the attack in action, one showing the ability to phish out a password. His YouTube channel shows off several other hijacking videos too.

SDR Against Smart TVs: Drones carrying SDRs

SDR Against Smart TVs: Social engineering

 

SigDigger: A Graphical Digital Signal Analyzer for Linux

Recently a new open source Linux based SDR application called SigDigger was released by programmer BatchDrake (Gonzalo J. Carracedo). It is based on his own DSP libraries called Sigutils and Suscan which can take advantage of multi-core CPUs. SigDigger also makes use of the SoapySDR interface, so it is compatible with almost all software defined radios including the RTL-SDR.

SigDigger Screenshot
SigDigger Screenshot

Like other general purpose SDR applications, SigDigger has your typical AM/FM/LSB/USB demodulation and audio playback features. However, it also has some key additional features that make it worth taking a look at if you're interested in reverse engineering, or taking a closer look at digital signals. The features include:

  • Both realtime and replay analysis modes
  • Analog audio playback (AM, FM, LSB and USB)
  • Baseband recording (full spectrum and per-channel)
  • Per-device gain presents
  • Dynamic spectrum browsing
  • ASK, FSK and PSK inspection
  • Gradient-descent SNR calculation
  • Different spectrum sources (cyclostarionary analysis, signal power…)
  • Symbol recording and visualization
  • Transition analysis

Planned features already implemented and just waiting to be exposed to the UI:

  • Parameter estimation (baudrate, constellation order…)
  • Fast symbol autocorrelation analysis
  • Automatic calculation of scrambling polynomials
  • Symbol stream codecs

Possible future features coming soon:

  • Symbol tagging (correspondence between symbols and groups of bits)
  • Automatic symbol tagging guessing
  • Automatic convolutional code detection
  • Viterbi decoding

We note that while the UI looks like GQRX, it is not based on GQRX at all. Rather BatchDrake just liked the minimal UI of GQRX. Also unlike GQRX, SigDigger is not based on GNU Radio, so it may be a bit more efficient and lightweight.

Below we've embedded a video that BatchDrake uploaded his YouTube channel which demonstrates SigDigger being used to inspect a PSK channel.

Using SigDigger to inspect a PSK channel

This software looks great, and we think it deserves some serious attention and testing, so check it out on the GitHub. Binary releases are also available, although BatchDrake notes that they are minimally tested, for x64 Linux only, and preferably for Debian-like distros. Alternatively, it can be installed from source, after installing the Sigutils and Suscan DSP library dependencies.

Перевод
Рубрики
Архивы
Август 2019
Пн Вт Ср Чт Пт Сб Вс
« Июл    
 1234
567891011
12131415161718
19202122232425
262728293031