SignallyCurious2 Posted March 24 Report Posted March 24 5 minutes ago, markskjerve said: You show the center as 462.53188, that a whole lot closer to the standard FCC spacing of 462.53125 than 462.5325. Close enough for margin of error on most radios. I know you talked to Deltacom who has a repeater less than 7 miles away on 462.53125, running trucked radios (probably Motorola's) and they said it wasn't them but what's the hurt in confirming it? They might have a lobe of the antenna pointing line of site that is bouncing off big metal object such as the water tower. You know what the traffic looks like, try parking under their tower confirm it is not them. The delta com radio administrator and I talk on the phone 2-3 times a day, everyday. we are beyond certain. He has keyed up each repeater on the frequencies while I watch on the waterfall. Isn’t them. also he is only running 25 watts on these systems Quote
MarkInTampa Posted March 24 Report Posted March 24 1 minute ago, SignallyCurious2 said: The delta com radio administrator and I talk on the phone 2-3 times a day, everyday. we are beyond certain. He has keyed up each repeater on the frequencies while I watch on the waterfall. Isn’t them. Do you actually see their transmission on the waterfall? You SHOULD and pretty much right where you are looking. Better yet, can you receive anything from them monitoring 462.53125? You are close enough you should hear it and how does it align with the interference? It should be almost on top of it. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 The modulation is different, the signal is weak, and they’re centered on the freqs they use. When I say this thing is strong, it would take ALOT for my man to blast the front end out of my SDR on low gain, inside my 1st floor townhouse, with a rubber duck antenna not near a window, from Southfield. Im a disabled combat vet, this is not my first foray into hunting down signals, what is so difficult is how many antennas and how much industrial businesses are in the area of interest The next step is DSD+ Fastlane, it has better NXDN decoders than SDRTrunk, if I’m unable to extrapolate who it is / what they’re talking about, delta com and myself are going halfsies on a KrakenSDR and finding the signal for good. By the time you purchase the SDR, their 5 antennas, a raspberry Pi 4 and an android tablet is about $1k, but having the setup and being able to track any signal moving forward is worth the investment. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 The gold star is the water tower, and the signal is strongest within 1/4 mile radius of the star. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 The other thing that just crossed my mind - what if this is a residential based signal and it’s just someone who bought a cheapo repeater from alibaba. Quote
MarkInTampa Posted March 24 Report Posted March 24 7 minutes ago, SignallyCurious2 said: The gold star is the water tower, and the signal is strongest within 1/4 mile radius of the star. If you have it narrowed down that close, you should be able to hear it with no antenna attached to the SDR if you are within 100-200ft of the transmitter. I run a program called Spektrum (cheesy spectrum analyzer for SDR's) to test my HT's or base for 2nd and 3rd harmonics at 5 watts with no antenna connected to the RSP1B at all to keep from overloading it. With no antenna connected about the only signal the SDR can receive is pretty much what is within 100ft it. If you have a radio (even analog) to bring along that can tune the the frequency at the same time just to monitor when it is transmitting or use it with no antenna and the SDR with one. A handheld frequency counter helps as well. We used to do fox hunts every weekend back in the mid 80's in the CB radio days, used to be quite good at winning it. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 2 minutes ago, markskjerve said: If you have it narrowed down that close, you should be able to hear it with no antenna attached to the SDR if you are within 100-200ft of the transmitter. I run a program called Spektrum (cheesy spectrum analyzer for SDR's) to test my HT's or base for 2nd and 3rd harmonics at 5 watts with no antenna connected to the RSP1B at all to keep from overloading it. With no antenna connected about the only signal the SDR can receive is pretty much what is within 100ft it. If you have a radio (even analog) to bring along that can tune the the frequency at the same time just to monitor when it is transmitting or use it with no antenna and the SDR with one. A handheld frequency counter helps as well. We used to do fox hunts every weekend back in the mid 80's in the CB radio days, used to be quite good at winning it. That’s the thing, There’s SO MUCH in the area and the signal is so random it’s just not possible. I have a HT but again, the freq they’re on isn’t centered so using anything it will sort of pick it up but it’s just interference between multiple channels unless you can tune inbetween channels. Anyone who wants to go check it out in person will see what I mean, there is so much vehicle traffic and so very little place to just stop and wait for the next one. It might be 2 hours in between bursts. im organizing the data logs and will post them shortly. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 This is what I’ve captured so far plain_decodes.pdf Quote
SignallyCurious2 Posted March 24 Report Posted March 24 This is the amount of message blocks, not necessarily calls from the above data Quote
SignallyCurious2 Posted March 24 Report Posted March 24 I created a catch-all talkgroup recording setting in SDRTrunk, got this back so far. Which is the same result as I’ve been getting, im hopeful I can catch some sort of bit or piece from it. 2024-03-24_122737_2-DMR_-_Signal Find_Signal Find.mp3 Quote
Lscott Posted March 24 Report Posted March 24 1 hour ago, SignallyCurious2 said: I have a HT but again, the freq they’re on isn’t centered so using anything it will sort of pick it up but it’s just interference between multiple channels unless you can tune inbetween channels. If it’s really a transmitter you can only program in fixed step sizes unless it has a “true” VFO. The common usual step sizes I’m aware of by are 2.5, 3.125, 6.25, 12.5, 20 and 25 KHz. The frequency you’re measuring is likely a combination of the frequency error of both the SDR dongle and the transmitter’s reference oscillator. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 21 minutes ago, Lscott said: If it’s really a transmitter you can only program in fixed step sizes unless it has a “true” VFO. The common usual step sizes I’m aware of by are 2.5, 3.125, 6.25, 12.5, 20 and 25 KHz. The frequency you’re measuring is likely a combination of the frequency error of both the SDR dongle and the transmitter’s reference oscillator. The frequency I’m measuring is the transmitter as I have confirmed multiple times through this process by adjusting the PPM of the oscillator via software used against stable, confirmed signals in the same band. The SDR is not part of the equation as I’ve done multiple controlled tests to rule it out. Not to mention it’s a RSP1A, not some cheapo China boy. What we are left with is a transmitter that is inbetween those channels. That’s what I’m here to figure out. Quote
MarkInTampa Posted March 24 Report Posted March 24 I still don't see how you are not receiving Deltacom's repeater of 462.531.25 on 462.531.880 (the center of your interference). I've got a DMR HT that allows me to to program 462.531.880 so I did. Tested as DMR simplex on 462.531.880 on low power with no antenna on the radio using SDR# with my RSP1B on a discone on both frequencies. It's so close a radio on ether frequency would work together. I'm not saying it's Deltacom but more likely something on 462.53125 since it's a standard offset. My Icom won't even let me program 462.531.880, it auto jumps to 462.531.25 but my MD-380 HT allows it for some reason. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 Here are 10 calls decoded from sdrtrunk - with message blocks saying it’s encrypted Trunking Recorder_Site-Signal Find_Signal Find_Calls-1-9_2024-03-24_163128.mp3 Quote
SignallyCurious2 Posted March 24 Report Posted March 24 5 minutes ago, markskjerve said: I still don't see how you are not receiving Deltacom's repeater of 462.531.25 on 462.531.880 (the center of your interference). I've got a DMR HT that allows me to to program 462.531.880 so I did. Tested as DMR simplex on 462.531.880 on low power with no antenna on the radio using SDR# with my RSP1B on a discone on both frequencies. It's so close a radio on ether frequency would work together. I'm not saying it's Deltacom but more likely something on 462.53125 since it's a standard offset. My Icom won't even let me program 462.531.880, it auto jumps to 462.531.25 but my MD-380 HT allows it for some reason. I know it isn’t delta com because he keyed up those two frequencies, separately, from three different repeaters so we could get a read on them and rule them out. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 3 minutes ago, SignallyCurious2 said: I know it isn’t delta com because he keyed up those two frequencies, separately, from three different repeaters so we could get a read on them and rule them out. And it’s possible I don’t understand what you’re asking too, this has been a whirlwind of information. Quote
Lscott Posted March 24 Report Posted March 24 3 hours ago, SignallyCurious2 said: The frequency I’m measuring is the transmitter as I have confirmed multiple times through this process by adjusting the PPM of the oscillator via software used against stable, confirmed signals in the same band. The SDR is not part of the equation as I’ve done multiple controlled tests to rule it out. Not to mention it’s a RSP1A, not some cheapo China boy. What we are left with is a transmitter that is inbetween those channels. That’s what I’m here to figure out. Microprocessor crystals are not that accurate compared to communication grade TCXO’s. Quote
SignallyCurious2 Posted March 24 Report Posted March 24 2 minutes ago, WRXB215 said: It's not RF. It's demonic. This is the calls using a nxdn decoder. I have samples of encrypted P25 traffic from MPSCS system that sound just like that, I’m hoping the dsd+ fast lane decoders will work better. Quote
Lscott Posted March 24 Report Posted March 24 This looks like it’s going off the rails. I would quit looking at what’s coming out of the packet decoders until with 100 percent certainly the mode is positively identified. For the various modes the RF has some very characteristic features. For example DMR, P25 Phase-2 and Tetra are all TDMA based with particular bandwidths of the signal and slot timing. P25 Phase-1 is like NXDN, both are ONLY FDMA based. But, NXDN has two bandwidths, narrow and very narrow that are used. Once there is zero doubt about the mode then worry what’s coming out of the decoders. For now it looks like garbage mostly. Even if the voice payload is encrypted the headers are not. It’s has to be this way for the state machine in the radio’s firmware to figure out what type of packet it is and what to do with it. If you’re getting good decodes then at least the packet type should be identifiable even if the payload is encrypted. Assuming it’s a Motorola system then the encryption is likely one of several types, basic - enhanced - AES/DES. The basic mode used on Motorola radios is a low bit count scrambler type proprietary to Motorola. It’s available on many of their digital radios. The enhanced encryption is usually RC4, a 40 bit stream encryption, available on many radios besides Motorola. I have it on several of my Kenwood NX-1300DUK5’s. https://forums.mygmrs.com/gallery/image/290-nx-1300duk5/?context=new The AES/DES encryption is available on the higher end Motorola radios only, I believe, and on other manufacturers as well. It’s also on my Anytone D878 and D578 too at no extra cost. Currently you’re not likely to find much in the way of decryption software since the FCC rules now make it clear it’s against the law to decode encrypted transmissions you’re not authorized to receive. The guys doing the SDR software have said they won’t touch it for that reason. WRXB215 1 Quote
Lscott Posted March 25 Report Posted March 25 I’ve attached one of the DMR standards documents I have on file. Starting in section 10 the RF specifications start. That covers permissible frequency errors, slot timing etc. Elsewhere the various types and headers are covered. The are about 7 documents for the base DMR protocol. When reading the document “BS” is read as Base Station and “MS” as Mobile Station. ETSI TS 102 361-1 V2.5.1.pdf WRXB215 1 Quote
SignallyCurious2 Posted March 25 Report Posted March 25 14 hours ago, Lscott said: This looks like it’s going off the rails. I would quit looking at what’s coming out of the packet decoders until with 100 percent certainly the mode is positively identified. For the various modes the RF has some very characteristic features. For example DMR, P25 Phase-2 and Tetra are all TDMA based with particular bandwidths of the signal and slot timing. P25 Phase-1 is like NXDN, both are ONLY FDMA based. But, NXDN has two bandwidths, narrow and very narrow that are used. Once there is zero doubt about the mode then worry what’s coming out of the decoders. For now it looks like garbage mostly. Even if the voice payload is encrypted the headers are not. It’s has to be this way for the state machine in the radio’s firmware to figure out what type of packet it is and what to do with it. If you’re getting good decodes then at least the packet type should be identifiable even if the payload is encrypted. Assuming it’s a Motorola system then the encryption is likely one of several types, basic - enhanced - AES/DES. The basic mode used on Motorola radios is a low bit count scrambler type proprietary to Motorola. It’s available on many of their digital radios. The enhanced encryption is usually RC4, a 40 bit stream encryption, available on many radios besides Motorola. I have it on several of my Kenwood NX-1300DUK5’s. https://forums.mygmrs.com/gallery/image/290-nx-1300duk5/?context=new The AES/DES encryption is available on the higher end Motorola radios only, I believe, and on other manufacturers as well. It’s also on my Anytone D878 and D578 too at no extra cost. Currently you’re not likely to find much in the way of decryption software since the FCC rules now make it clear it’s against the law to decode encrypted transmissions you’re not authorized to receive. The guys doing the SDR software have said they won’t touch it for that reason. DSD Fastlane decoders are working - I got 3 voice calls clear as day. Now we listen in for the details. Quote
MarkInTampa Posted March 25 Report Posted March 25 8 minutes ago, SignallyCurious2 said: DSD Fastlane decoders are working - I got 3 voice calls clear as day. Now we listen in for the details. Since it appears they are using Nexedge 48, take a look at Bare Snow and Landscaping around 1000ft from the water tower. Just keep in mind that they are a Deltacom customer (DEC code 680) and Deltacom is about the only major player for NXDN in the area. Quote
SignallyCurious2 Posted March 25 Report Posted March 25 14 minutes ago, markskjerve said: Since it appears they are using Nexedge 48, take a look at Bare Snow and Landscaping around 1000ft from the water tower. Just keep in mind that they are a Deltacom customer (DEC code 680) and Deltacom is about the only major player for NXDN in the area. I’m waiting to hear back from delta com now its 100% a landscaping company - couple dozen calls so far. Unable to determine who it is yet - still doesn’t add up to being a deltacom customer because there is no repeater in this area. We’re gonna see though! Quote
Recommended Posts
Join the conversation
You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.