More details on the distributed gnuradio collectors on r-pi project:
- Image is finally small enough that it actually works on the r-pi running docker (512ish MB).
- Gnuradio installed and working- partly from packages, partly built from source. Kalibrate as well. The terminal history couldn’t be more confusing if it were a choose-your-own-adventure. Don’t ask me how I got it working. It’s functional and in a docker image, the rest is murky history :)
- Using resin.io for image/firmware orchestration
- Endpoint GPS tracking
- Scanning GSM850 and GSM900
- Logstash/ES/Kibana for data collection and basic dashboarding
- Sort out pcap funnies with tshark (using adapted version of Pedro Cabrera’s FakeBTS code)
- Get an antenna that doesn’t suck. Because the one that ships with NooElec’s RTL-SDR dongle is positively horrid.
- Format and ship more verbose pcap-derived information up to Logstash/ES/Kibana
- Put a real alerting and analytics engine adjacent to Logstash/ES/Kibana. Thinking BI for security data. Pretty pictures.
- Extend capabilities to 4G
- Selectable modes for endpoints, using environment vars in resin so you don’t have to fuss with changing the dockerfile and merging new layers on the remote nodes
- More secure data path for cert installation. Maybe wrap that up with implementation/orchestration, below.
- Other detection modes (Bluetooth, WiFi, 2.4GHz personal drone, ???)
- Publicly release all code and machine images, as well as BOM for exact hardware used. Reduce ambiguity :)
- Package it all up using SaltStack/Vagrant (open to suggestions) and a handful of shell scripts for provisioning the infrastructure in DigitalOcean/AWS/Whatever. We want everybody setting this up and contributing, publishing results. The easier setup is, the faster results and advancements happen.
The new antenna equipment arrives today- hoping for a greater volume of scan data. I’d love to get one of these into an environment with positive scan targets. That may be the biggest challenge.