DragonOS Focal FALCON + LTE Cell Scanner (RTLSDR, LimeSDR Mini, srsLTE)

Рет қаралды 18,670

3 жыл бұрын

In this video I show how to install FALCON - Fast Analysis of LTE Control channels. FALCON is an open-source software collection for real-time analysis of radio resources in private or commercial LTE/LTE-A networks.
It decodes the Physical Downlink Control Channel (PDCCH) of a base station and reveals the number of currently active devices including their Radio Network Temporary Identifiers (RNTIs) and their individual resource allocations.
I also show how to use the included LTE Cell Scanner in DragonOS Focal to find the necessary frequency and Cell ID for FALCON. There's various tools that can do this, but for this example I decided to use an OpenCL accelerated TDD/FDD LTE Scanner.
Hardware:
- LimeSDR Mini
- RTLSDR
Topics covered:
- Installing FALCON
* make -j8 (I meant cores, not processors)
- Using LTE Cell Scanner w/ RTLSDR
- Using the FALCON GUI w/ LimeSDR Mini
Tools:
- github.com/falkenber9/falcon
- github.com/JiaoXianjun/LTE-Ce...
Twitter: @cemaxecuter

Пікірлер: 40

@murrij 2 жыл бұрын

This is really cool!

@bennguyen1313 2 жыл бұрын

Any plans on using the TX capabilities of the LimeSDR? For example, I would love to try Portsdown for digital video transmission! BTW, how did you get started in learning about SDR.. do you have any recommended books , videos or courses?

@cemaxecuter7783 2 жыл бұрын

Actually you can use them on SDRAngel rather easy, there’s also URH. I love using the TX ability also with osmo gsm networking testing. Oh you know what else, checkout Qradiolink. All of what I mention is in DragonOS Focal, but for digital video o think SDRAngel and gnuradio would be thy go to. Hadn’t heard of portsdown.

@pashtoonlinezdakra9595 2 ай бұрын

Hello sir i want to but IMSI Catcher can you tell me about which one is best for call location tracking

@robgrimes1006 Жыл бұрын

So is the "Cell throughput" showing the amount of data sent (uplink) and amount of data received (downlink) for all RNTI's on the cell tower? Thanks!

@cemaxecuter7783 Жыл бұрын

That’s my understanding but I’d better go back and double check. I’m wanting to test it with the e200, so I’ll check it out again.

@EliasAtElijah Жыл бұрын

I am a new user to Radio Frequency software. I just bought a HackRF one H2 and wondering is there any videos using dragon OSin conjunction with This bit of kit.

@cemaxecuter7783 Жыл бұрын

Hi and welcome. You would just want to make sure you have the porta pack in pass through mode, the only other thing is that I’ve only tested everything with a hackrf loaded with the normal 2021+ firmware. Results may vary if you have the hackrf loaded with another firmware.

@EliasAtElijah Жыл бұрын

@@cemaxecuter7783 Sorry i don't mean to sound like too many questions. I am new to radio stuff. I want to play around and take it to the full limitations.. What is or do you mean by pass through mode and is it something i need to do on hackrf Porta pack to activate this feature. Thanks for your content. Look forward to more of your video's.

@EliasAtElijah Жыл бұрын

@@cemaxecuter7783 I have the latest Mahem 1.6 Version just came out.

@cemaxecuter7783 Жыл бұрын

No worries, I don’t own a porta pack but just the other day I saw someone who had one. Basically there’s an option in the menu on the porta pack to place it into a mode that’ll allow the computer to see it, which then you should be able to follow the videos I’ve posted for the hackrf. When in porta pack mode the computer wouldn’t be able to see it. The only issue I noticed was this person had a firmware loaded that I was unfamiliar with and seemed to have an issue with at least one application in DragonOS. Besides that, it looked like the other applications worked fine.

@EliasAtElijah Жыл бұрын

@@cemaxecuter7783 Mate! your a legend. Yes. I know that feature. Its called the hack RF mode. There is not any videos on the porta pack that is full comprehensive and i guess that is because there are alot of things that may or could be highly illegal which i can understand. But i do believe it is a powerful bit of kit. Cheers mate!!

@marianomonaco3623 2 жыл бұрын

Hello, I want to use FALCON Gui with RTL-SDR but is not working. Do you know why? i think it can be becouse of the hardware limitations of the RTL-SDR but i am not sure and i would like to fix it. I will appreciate your opinion and help, thank you!

@cemaxecuter7783 2 жыл бұрын

I’m sure it’s probably a couple things, but I think primarily it’s probably the bandwidth just not being enough. I’ve seen the hackrf work, but it’s bandwidth capability is much higher then the rtlsdr. You can use the lte cell scanner with the rtlsdr but it doesn’t obviously do as much or provide the info Falcon GUI can.

@cemaxecuter7783 2 жыл бұрын

From the Falcon page, so maybe dependent on the cell capability too.. “Real-time decoding of LTE signals requires a mature multicore CPU, especially when monitoring busy cells and large bandwidths (i.e. 15MHz and 20MHz cells). Large sample rates, wide FFTs, and larger search spaces make heavy use of the CPU, memory and involved buses.”

@marianomonaco3623 2 жыл бұрын

@@cemaxecuter7783 Thank you very much for the answer, is very usefull. I will be making some tests and some investigation. I will tell you if i can make it work someway! Cheers!

@robgrimes5873 Жыл бұрын

@@marianomonaco3623 hello! did you ever get it to work?

@cemaxecuter7783 Жыл бұрын

Doesn’t work with the rtlsdr if that’s what you’re asking. Depending on the cells bandwidth you’re probably looking at needing 20 or greater bandwidth ability SDR side.

@nomidaepapi 3 жыл бұрын

Hey. Loved the video! So did you use a LimeSDR Mini with this project as a transceiver? Many Thankss

@cemaxecuter7783 3 жыл бұрын

You’re welcome and yes, the LimeSDR mini was used but really only the receiver part. It actually worked pretty well with Falcon.

@chanchalsakarde2768 2 жыл бұрын

@@cemaxecuter7783 sir can we use BladeRF instead of LimeSDR

@cemaxecuter7783 2 жыл бұрын

@@chanchalsakarde2768 yes bladerf should work as well

@noobking5056 Жыл бұрын

sir i have a rtl-sdr v3 it supports frequency till 1760 mhz i couldnt find any other sdr in my area

@cemaxecuter7783 Жыл бұрын

That’ll work for the LTE Cell scanner piece, it’ll also work with grgsm. It’s a great SDR capable of doing a lot of cool things.

@noobking5056 Жыл бұрын

Can it do ads-b i actually have the fake one it also claims to support all the features like bias-t,i have ordered a lime sdr wide-band antenna for it with pre amps and filters will the fake one work ???

@cemaxecuter7783 Жыл бұрын

Adsb should work find, kismet or SDRAngel has built in adsb. There’s actually a few other ways of doing it.

@noobking5056 Жыл бұрын

@@cemaxecuter7783 thanks,i am asking this due to my old order which i couldn't connect to rtl1090 it said cannot set freq i think it was due to the wrong sdr so please help is this order correct sdr--- static-01.daraz.pk/p/79943c30174c17be2cc0e27ae6584ce3.jpg antenna For LimeSDR Telescopic SMA Male Connector Silver Alloy for Communication 40MHz-6G diy antenna RG6 Coaxial Cable TV Cable- Antenna Satellite Dish Digital Signal Audio Video Cable High Quality amplifier Levonsity High Linearity RF Broadband Low Noise Amplifier TQP3M9009 1090MHz ADS-B Aeronautical Bandwidth 14MHz SMA Interface Band-pass Filter

@noobking5056 Жыл бұрын

@@cemaxecuter7783 hello me again really sorry to disturb can i use rtl-sdr as a ismi catcher

@BobtheRoBo Жыл бұрын

Does something similar exist for 5G or will this work with 5G? Thanks!

@cemaxecuter7783 Жыл бұрын

As long as it’s on bands/freqs the SDR covers, I think it’d work.

@robgrimes5873 Жыл бұрын

hello do you know about the legality of this in the us? thanks.

@cemaxecuter7783 Жыл бұрын

Hmm. That I do not, but it’s passive and there’s no identifying info (it’d think that’d be the big concern). Best I can tell it was put together by a school/professor of some sort for the purposes of finding congestion/network issues.

@robgrimes5873 Жыл бұрын

@@cemaxecuter7783 thanks for response!