Strange paging signal? Need ID Help

Status
Not open for further replies.

ScubaJungle

Active Member
Premium Subscriber
Joined
Mar 11, 2020
Messages
620
Location
West Central Florida
I've been getting this signal, which to me seems like some kind of AFSK/paging - sounds like it, and looks like it. However I cant find anything about this, there are several internet posts about this same frequency and same signal, but nobody seems to know what it is.
It wont decode in PDW. I have tried under POCSAG/FLEX, MOBITEX, and ERMES just in case. I dont think it is GOLAY either. I have no idea, but I would love to figure out what it is..

Here are other articles with it:

https://soundcloud.com/liam-crabbe%2Fodd-signal
https://www.reddit.com/r/signalidentification/comments/4mqlfo
An FCC search doesnt turn up anything:


86800

86801
 

Attachments

kruser

Active Member
Premium Subscriber
Joined
Nov 25, 2007
Messages
4,418
Location
West St Louis Cnty, MO
It sounds like some type of telemetry like one often finds used at places like water pumping stations.
We have a couple odd ones here as well but in the 450 MHz area. Constant data signals but nothing decodes them and nothing turns up with FCC searches. Some day I'm going to hunt one of them down as the signal strength is very strong all around my area when you go mobile.
 

ScubaJungle

Active Member
Premium Subscriber
Joined
Mar 11, 2020
Messages
620
Location
West Central Florida
Interesting, I wonder if it would be possible to extract any kind of information from them. Its a strange-looking signal, it has a peak that moves from side to side, forming the "stripes" and a "bar"
 

kruser

Active Member
Premium Subscriber
Joined
Nov 25, 2007
Messages
4,418
Location
West St Louis Cnty, MO
There was a sewer district lift station near my old workplace that used telemetry data years ago.
I don't recall all the specifics but do remember being able to pump the data into a simple terminal program. The data was pretty much repetitive with some of the values changing up and down slightly. I always assumed they were water levels, pressures and pump running or not running stuff.
I could see the data on a screen using one of the old terminal emulators from back in the day but without the overlay that aligned with the data being displayed, it was just a guess as to what the values all meant.
I think that one used a simple 300 or 1200 baud format that could be demodulated just like how old dial-up modems worked. Man, that was a long time ago!
 

ScubaJungle

Active Member
Premium Subscriber
Joined
Mar 11, 2020
Messages
620
Location
West Central Florida
There are 37 active licenses in Fla for 154.46375 with an emission designation of 6K00F2D.
It's possible that the signals are coming from fairly far away, as I didn't see any nearby. Does that emissions designation mean that it is telemetry or paging?
There was a sewer district lift station near my old workplace that used telemetry data years ago.
I don't recall all the specifics but do remember being able to pump the data into a simple terminal program. The data was pretty much repetitive with some of the values changing up and down slightly. I always assumed they were water levels, pressures and pump running or not running stuff.
I could see the data on a screen using one of the old terminal emulators from back in the day but without the overlay that aligned with the data being displayed, it was just a guess as to what the values all meant.
I think that one used a simple 300 or 1200 baud format that could be demodulated just like how old dial-up modems worked. Man, that was a long time ago!
Wow, thats pretty cool. There must be something that can decode this stuff, or someone that can do it. Although I guess no one really cares about getting water level and pressure data.
 

kruser

Active Member
Premium Subscriber
Joined
Nov 25, 2007
Messages
4,418
Location
West St Louis Cnty, MO
In your case it appears it is the common SCADA AFSK format used by many electrical power generating companies around the country for one. That's going by the emission type listed on all the licenses @217 found. 6K00F2D is a SCADA AFSK emission. The licenses @217 found in Florida appear to all be used for Electric Power transmission and control.
I don't know much about SCADA other than it is a two way monitoring and control system that was secure but I believe signs of compromise have been observed. This Wikipedia page SCADA - Wikipedia tells a lot about it.
I know it's been around for quite a while.

Yep, it would be cool to be able to decode it and watch the users control the stuff it controls. Kind of like being able to monitor aircraft in realtime with an SDR stick using ADSB or trains using ATCS and ships using AIS. It gets boring after a while but it's all still way cool I think!
 

217

Member
Joined
Jul 30, 2008
Messages
210
Location
North Carolina
SCADA is way above my knowledge. :) Going by the freq. your provided and remembering a conversation with a Duke power employee years ago asking about all the different antennas they use at a plant I was visiting and he said they were mostly for telemetry.
 

johneverman

Newbie
Premium Subscriber
Joined
Aug 20, 2009
Messages
1
Location
Manassas, VA
Another vote for an AFSK SCADA signal. If you've ever seen a three to five element yagi in a strange location-- maybe 10 feet above the ground and pole mounted, but no clear reason why it's there, except that the coax plunges underground near a manhole, you've seen one end of these in person before. It's low speed AFSK, and what you're hearing is a control device or sensor for a utility phoning home. If you search on the forums or on a search engine for "SCADA" or "SCADA monitoring" you can learn more. It's basically raw data from a sensor, without real context-- something even a utility signal fan would find pretty boring.
 

nd5y

Member
Joined
Dec 19, 2002
Messages
9,448
Location
Wichita Falls, TX
Does that emissions designation mean that it is telemetry or paging?
You can look up emission designators at
See Electronic Code of Federal Regulations (eCFR) for what all of the symbols mean.
6K00 is 6.00 kHz bandwidth
F is Frequency modulation
2 is A single channel containing quantized or digital information with the use of a modulating sub-carrier, excluding time-division multiplex
D is Data transmission, telemetry, telecommand
 

n5dki

Newbie
Joined
Dec 12, 2015
Messages
19
Location
waxahachie, texas
if it is actually an electric utility, the scada protocl may be DNP3 or one of its variants. There are newer ones today, but a lot of the legacy stuff is still DNP3. Water utilities typically used MODBUS or one of its variants: modbus ascii, modbus tcp, modbus rtu, etc.
because of the security risks these days, some utils have moved to private LTE networks and added ipsec tunnels for encryption. FERC and NERC have mandated a ton of security over the recent years for obvious reasons.
 

kruser

Active Member
Premium Subscriber
Joined
Nov 25, 2007
Messages
4,418
Location
West St Louis Cnty, MO
because of the security risks these days, some utils have moved to private LTE networks and added ipsec tunnels for encryption. FERC and NERC have mandated a ton of security over the recent years for obvious reasons.
Were not sensitive or critical SCADA systems supposed to be on networks that are not internet facing? I thought I recall that for things like power plants etc. I don't know if that was just a suggestion or if it is a rule by whomever regulates the utility though.
I know some SCADA systems did end up on internet facing networks and they found evidence of foreign or illegal access into some of those systems.
 

n5dki

Newbie
Joined
Dec 12, 2015
Messages
19
Location
waxahachie, texas
Were not sensitive or critical SCADA systems supposed to be on networks that are not internet facing?

exactly. private networks on LTE may not be "internet facing". most use non-routable ip address ranges and are firewalled to/from the internet. same is done in public safety in a lot of cases. the cell carriers offer custom APN configurations that allow the user to be as restricted as they want. if by chance a customer needs internet access, it can be done at the firewall or by a hairpin configuration at the enterprise network.
 
Status
Not open for further replies.
Top