Gnuradio,, and Docker... Progress So Far, and Future Plans

More details on the distributed gnuradio collectors on r-pi project:

Current capabilities:

  • Image is finally small enough that it actually works on the r-pi running docker (512ish MB).
  • Gnuradio installed and working- partly from packages, partly built from source. Kalibrate as well. The terminal history couldn’t be more confusing if it were a choose-your-own-adventure. Don’t ask me how I got it working. It’s functional and in a docker image, the rest is murky history :)
  • Using for image/firmware orchestration
  • Endpoint GPS tracking
  • Scanning GSM850 and GSM900
  • Logstash/ES/Kibana for data collection and basic dashboarding

Next steps:

  • Sort out pcap funnies with tshark (using adapted version of Pedro Cabrera’s FakeBTS code)
  • Get an antenna that doesn’t suck. Because the one that ships with NooElec’s RTL-SDR dongle is positively horrid.
  • Format and ship more verbose pcap-derived information up to Logstash/ES/Kibana
  • Put a real alerting and analytics engine adjacent to Logstash/ES/Kibana. Thinking BI for security data. Pretty pictures.
  • Extend capabilities to 4G
  • Selectable modes for endpoints, using environment vars in resin so you don’t have to fuss with changing the dockerfile and merging new layers on the remote nodes
  • More secure data path for cert installation. Maybe wrap that up with implementation/orchestration, below.
  • Other detection modes (Bluetooth, WiFi, 2.4GHz personal drone, ???)
  • Publicly release all code and machine images, as well as BOM for exact hardware used. Reduce ambiguity :)
  • Package it all up using SaltStack/Vagrant (open to suggestions) and a handful of shell scripts for provisioning the infrastructure in DigitalOcean/AWS/Whatever. We want everybody setting this up and contributing, publishing results. The easier setup is, the faster results and advancements happen.

The new antenna equipment arrives today- hoping for a greater volume of scan data. I’d love to get one of these into an environment with positive scan targets. That may be the biggest challenge.