Scanning in the U.K. -------------------- Written by Radio_Phreak Thursday, 20 July 2006 Hi I am radio_phreak. I am a scanner here in the UK and am going to explain a little about scanning here in the UK and how with a little bit of creativity it can aid you in your social engineering applications. A little background on myself. I have been into scanning for 2 years now and have generally avoided the scene for a number of reasons: 1. Why draw attention to yourself and your activities? 2. I find a number of people on the scene steal your ideas. 3. Why should I share my knowledge when people are going to claim it as there own? 4. I am shy I am not going to tell you exactly how to do all the techniques. My aim is more to put the idea into your head and point you in a better direction. This will allow you to discover all the information and exploit in your own way. If I were to tell you how to say, install yourself into a trunk and you did that, not only would that make you a criminal it would then make you the radio phreak equivalent of a script kiddie. Here in the UK the Police, Fire Brigade and Ambulance service can no longer be heard via a normal scanner they are all on a scheme called airwave (http://www.airwaveservice.co.uk/) it is run buy GSM mobile phone provider 02. This is basically a Tetra based system (Tetra stands for TErestrial Trunked RAdio). It is highly encrypted and so far no programme's or even solutions have come even close to cracking it. The encryption algorithm changes hourly. There are all manner of different techniques and methods you can use radios for. Here's one I tried that worked. I tried this on my own camera system and must say was surprised when it worked. Remember, if you have a hunch or a gut feeling then act on it. * If they Break I can send them back and get a replacement, saves time with a o'scope and stuff * I know it has been tested before it is released for sale therefore I know its going to work under pressure. * Sometimes I can't be arsed to sit there and play and tweak things. I lose my temper with things really easily (Which is why most of my equipment is broken) A few tip's for anyone visiting the UK and planning on scanning. After the appalling and cowardly attacks on the London Underground on the 7/7/2005 we in the U.K are in a heightened state of alert (And quite rightly so) below is a few tips for most of it is common sense but here they are anyway. * Don't walk up to any official looking person, or in fact anyone with a radio and ask "What channel are you on" because people don't take to kindly to that * If you are coming into the U.K with a scanner don't arrive with pre-programmed frequency's because scanner's will generate a lot of interest both with Customs , the Police and Special Branch (The Anti-Terrorist Branch) and they will make a note of any frequency's you may have pre-programmed. * Be ready to be searched the Police have the powers here if you are suspected as a terrorist to hold you without detention for a period of 40 days which can be extended where needed and until they see fit to release you. * Don't fiddle with anything like scanners in your coat pocket at official events or in tourist locations because I can almost guarantee you, you ARE being watched and you will be approached by the police and lets face it where terrorists are concerned its better to be safe than sorry. Remember also, the UK is a very small country, so that makes surveillance very, very easy. You Have Been Warned! A little advice. I have done this in the U.K and it might also be a good idea's for any Social Engineers to get yourself a radio amateur licence. You might think well why should I? sod the government and all that blah. Well think of it like this, if you get caught in possession of radio's and TNC's (Terminal Node Controller) and all sorts you have got a genuine reason. You are a radio ham experimenting with different ways of using your radio to the max and simply explain you are a licensed amateur and you are more than within your rights to be in possession and using the equipment. This has got me out of trouble in more than one incident I tell you and sure beats a jail sentence and a fine doesn't it? You don't have to do it, but it is an excellent way to cover your ass, it is also advisable to transmit on the Ham bands as well every now and then who knows perhaps you might even enjoy it! For more information on getting licensed go to http://www.arrl.org/.By becoming a Ham as well not only will it not raise suspicion when purchasing equipment, it also opens up equipment that is not normally available to just normal people. Remember also "illegal use" of your equipment can lead to confiscation of equipment and maybe even prosecution. A set up at home, my EGHQ (Evil Genius Headquarters as my fiance calls it) is in my home, I have all different manner of equipment I will list all them all here and there uses and covert aerial's. Scanning wise I have a Realistic Pro-2042 and a UBC278CLT both linked to a commercial desktop discone style antenna which provides coverage from 50 MHz-2000 MHz (not that I operate any lower than 140 MHz anyway).The 278 is there to listen to local traffic. I intend to modify it so that it has a discriminator output (for more information on discriminator output's go to http://www.discriminator.nl/index-en.html). I can then link it up to AIS software called "Ship plotter" and create real time marine radar. My Pro-2042 is basically used to monitor everything else. I do have plans to buy an Opto Trakker allowing me to decode DTMF, CTCSS (so I know the correct tones for when I plan to create a false radio message during a security assessment) it also decodes some Motorola trunking systems. In the very near future (as time and money allow) I intend to link the Pro-2042 to a computer so I can use a VOX recorder so I can listen into stuff while I have been away. I also have been writing a database in HTML and intend to run this on a small computer with a touch screen (available off of eBay for next to nothing). Using this alongside my scanners to allow me rapid access to my information, sure beats searching through thousands of print outs doesn't it? Transmitting wise I have 2 Jingtong handheld radio's capable of transmitting 137-174 MHz and 400 to 470 MHz linked to a small dipole hidden behind a drain pipe (which aids in keeping my EGHQ secret). I also have a marine band radio but I don't use it to transmit because those frequencies are monitored by the coastguard and they have D.F (direction finding) equipment and it's more of a hobby thing anyway. Don't forget to carry with you a good amount of mobile equipment as well because lets face it who really wants to lug a car battery around with them? Remember you are a social engineer, not a criminal and there is nothing wrong with LEGITIMATE system exploration. It's when you use your knowledge for gain that you become no better than a script kiddie. To Summarize * Always look for bargains on eBay, at ham technical sales and retail outlets. Remember commercial products are always best because they are tested and have a warranty should they decide to stop working * Be careful when learning i.e. if you have installed yourself into a trunk don't walk down to the place and start talking to them * Remember 1 of Murphy's law's if it looks to good to be true it usually is so don't get cocky. * Experiment, Experiment, Experiment by all means look for information on the net and learn it. Who knows perhaps you will discover something new. * Be prepared to share knowledge. * When asking questions in online groups, act dumb you will find people will provide more information if they think you are a newbie and remember, they are superior and you respect there knowledge, nothing like an inflated ego to make someone tell you all of there secrets (social engineering again). * Keep on buying 411 cos this mag kicks ass! For those of you who are interested I am in the process of establishing a website on geocities I only started learning code three weeks ago so you may have to bear with me. I will have one up and running with pictures, sound recording and all the other lovely things that you may or may not be interested in. Remember keep on learning, keep on discovering and keep on not getting caught also remember if it is too good to be true, it usually always is. So don't get cocky with your knowledge and don't use it for naughty things