Covert Antenna Placement In Residential Radio Communications Stations or Listening Posts #sigint #comint #diy

If you already haven’t been there, check out our social media presences on Twitter and Facebook.


You can also get a look at the history of Cybertek and read some of the earlier issues at I don’t run that site, and the guy that did is an idiot despite his high technical skill level, but it’s still nice to see someone decided to put it all online. All of that material is now public domain. Copy, fold, spindle, mutilate, make derivatives, write fanfic, set up a mirror, have fun, enjoy!

The site was hosted by Joe Loritz/GBPPR who I have no connection with, and with whom I disagree with sociopolitically. Considering his legal issues, it won’t be up forever and I’m surprised this mirror still exists. Anyway, please do what you will with it, and tell me about any derivatives which I’ll then promote and mention on cybertekzine.com.

In a previous post, I mentioned how good intelligence collection and analysis can help you with ferreting out deceptive information whether it’s from some some troll living in his friend’s basement, or a professional operation setting up a honeypot, perhaps in the hopes of catching a bunch of a particular special interest group with something like an IMSI catcher. To that end, links to a couple of nice intelligence and counterintelligence manuals from archive.org were posted up.

One of the nicer means of collecting information to be turned into intelligence is communications monitoring. The discipline is broadly known as Signals Intelligence (SIGINT), and for our purposes we concentrate on a subset of SIGINT known as COMINT or Communications Intelligence. COMINT can help confirm or deny a lot of data you come across on the internet.

DIY hobbyist COMINT has been a thing since the 1990s, and there is a plethoria of information out there. I first wrote about it in 1991, and have since written many subsequent articles. This article puts a more covert, security-oriented spin on things.

In the United States, it is currently legal to monitor non-broadcast radio communications as long as they are not encrypted. Other countries are less fortunate in this regard. However, even in this country you might decide to enhance your level of discretion.

In this picture, there are two antennas on the roof of this house. The lower one is a VHF vertical dipole element often used for land mobile radio stations. When mounted on a mast like this, it is broadly directional in the direction the antenna is pointing. The antenna on top is a 2 Meter Amateur Radio horizontal loop used in VHF weak signal (SSB/CW as opposed to FM) operations. It is obvious looking at this installation that the resident is a ham radio operator with more than a casual interest in VHF operation. A discone antenna would present a different appearance and send a different message to an observer, as they are often used by individuals engaged in communications monitoring due to their broadband non-directional characteristics. In certain situations this level of advertising may not be optimal for some people. More realistically speaking, mounting a mast on the roof with antennas is a bit of an undertaking some may not be quite up to accomplishing yet (if at all).

Here is the same antenna mounted in an attic. To simulate a mast and put the signal lobe in the desired direction, it was mounted on a piece of scrap 1/2″ copper pipe. Functionality is not seriously compromised compared to a rooftop installation. From a security standpoint, there is no external indication of a communications station in the structure, and also no way an observer can determine the frequency band in use by estimating the length of the antenna.

Lest anyone think that using antennas is anything new, here is an example on HF (Shortwave) from the communications chapter of the old US Army Special Forces Field Manual. It’s just easier to do on VHF and UHF.

From a communications monitoring standpoint, you might have multiple receivers to hook up to a single antenna. In that case, you will need a signal splitter. Consumer grade TV splitters will work fine. You just need adapters to go from the F connector to whatever your receiver uses. You may also come across an LMR grade splitter. This one splits the input into four outputs. It’s spec’d for VHF high-band, but works fine elsewhere in the bands too.

By getting a proper antenna in your attic, you’ll see increased signal gain from the added elevation and noise reduction from getting away from all those consumer electronic devices on the same floor as you. You can also enjoy the fact of having a super secret squirrel listening post that your neighbors and random people passing by are unaware of. Extra style points if you have a Brill Lyle lab tucked away in a closet.

Mucho bonus points if you have one of these in there.



Wildflower’s Favorite Crystal Radio Book


This one was his favorite, and the one he would usually reference when building sets. He liked it so much, he used to print out copies and give them to his techie friends.


Communications Monitoring Workbook V2.0 now available for download.


Changed the formatting to landscape and added a couple more fields for user/agency identification. enjoy!


A Connecticut Yankee Talks About COVID-19 – #3 – Guns and Police Scanners


It comes as no surprise that gun and ammunition sales are up. Here in Connecticut, potential first-time owners are stymied because of a combination of shutdowns and the requirement to first possess a permit in order to exercise a fundamental civil right. So, for those of you who up until now didn’t think you needed a gun, and can’t get one because the process to get a Certificate of Eligibility is on hold, remember that come Election Day.

For the rest of you, I’m going to assume you have not owned a firearm before, and just want to get something for a little piece of mind. Congratulations, you have made a step towards self-reliance, preparedness, and self-determination. Now under normal circumstances, I’d tell you to start with a handgun, and get some training in how to use it for self-defense. However, in many places, handguns are more difficult to rapidly acquire compared to long guns (ie. rifles and shotguns), and require time to become proficient in their use. Long guns, especially in the Northeast, have less restrictions on purchase and/or ownership, and are easier to learn how to safely handle and shoot well.


My recommendation is to get a shotgun, specifically a short, double-barrel side-by-side known as a Coach Gun. If you are of smaller stature, get a 20 gauge, otherwise go with 12 gauge. For ammunition, get a few boxes of buckshot. You are set. In most states, you can simply walk in, buy a shotgun, and leave with it that day assuming your background check goes through OK.

This is probably the safest, most effective home defense firearm for a beginner. It is very easy to check its status (loaded/unloaded) and make safe. Open it up, and look at the chambers. You will either see two shells in them, or not. Since you are a novice, you will want to keep it unloaded until you need to use it, in which case, it only takes a second to insert two shells when the need arises. If you maintain proper situational awareness and security at home, you will have plenty of time to make your shotgun ready if you need to. Finally, those two large diameter barrels are often intimidating enough to fix most problems without firing a shot.

There’s my 11th+ hour gun advice. As always you should check your local/state laws regarding self-defense, castle doctrine, reasonable force, duty to retreat, et al and consult a proper lawyer (not some Internet expert) if you have any serious legal questions.


Police Scanners

There has been a fair amount of discussion, mostly private, regarding an earlier post on National Guard communications monitoring. Based upon the information received, National Guard units are using dedicated talkgroups on their state’s trunked radio system, old-fashioned analog FM the VHF-Low band frequency ranges of 40-42 & 46.6-47.0 MHz, and P25 on 380-400 MHz. So, lacking any other open source information to supplement this data, those are the frequency ranges I would concentrate on.

Now, being that solitary outside activity such as hiking is still considered an acceptable activity in most states during the Coronapocalypse . If I knew of a temporary installation set up somewhere, and there was an open space with hiking trails and few to no people within a 1/4-1/2 mile of said installation, I might go for a hike with a Spectrum Sweeper to see what I could hear. Google Maps is your friend.

Whistler TRX-2

Since states are getting on the trunked P25 bandwagon, it makes sense to get a scanner that has that capability as your first receiver acquisition. My recommendation would be either the Whistler TRX-1 or TRX-2. They are a handheld and desktop scanner, respectively, with P25 and trunking capability. Other than their different form factors, they are the same radio. Which one to get would depend on how you’re going to use it. The desktop has better ergonomics and audio, and if it was going to stay on a desk and never leave home I would go with the desktop version. If you are going to run it in your vehicle, go hiking with it, listen to it in the back yard while working on stuff, et al then get the portable.

Whistler TRX-1


Communications Monitoring During The COVID-19 Emergency – National Guard

Frequency Ranges, Spacing, and Modes

30-88 MHz., FM and FHSS (Frequency Hopping Spread Spectrum), Usually 25 KHz. spacing, but can be as low as 5 KHz. Often encrypted. Unencrypted FM will have PL tone of 150 Hz. (Will decode as 151.4 Hz.) The usual frequencies in this range are:

138.000-144.000 MHz.
148.000-150.775 MHz.
AM (aircraft), FM, P25 Modes. Encryption possible, esp with P25

162.000-174.000 MHz.
Shared with other Federal agencies. FM and 25. Encryption possible.

225-380 MHz.
Military aviation (AM) and SATCOM (FM). FHSS and encryption possible.

380-400 MHz. – FM and P25. Possibly some aviation activity on AM. Encryption possible.

406-420 MHz. – Shared with other Federal agencies. FM and 25. Encryption possible.

Additionally you may see National Guard units on their state’s trunked radio system, interoperability, and DHS/OEM frequencies.

My initial advice would be to first sector search the listed sub-bands in the 30-88 MHz. spectrum, 138-144 MHz., and 148-150.775 MHz.

REFERENCE: https://lvassembly.files.wordpress.com/2018/07/consolidatedfreqs.pdf


Communications Monitoring, COMINT, and the COVID-19 Emergency

So many of you are home and have broken out those police scanners and shortwave receivers in a decision to listen for information on the current COVID-19 emergency.

You should concentrate on the VHF/UHF scanner frequencies, because that’s where all the emergency workers with their boots on the ground will be operating. Sites such as Intercept Radio (http://www.interceptradio.com/) and Radio Reference (https://www.radioreference.com/) are your best bet for information.

There have been lists of shortwave (HF) frequencies circulating certain prepper sites and blogs. The lists are 10+ years old, and may have incorrect data, especially for Federal government agencies. Federal government radio license data, as opposed to State/County/Local agency (and non-government) license data, is deemed unclassified but sensitive, and exempt from the FOIA laws. That determination was made in the 1980s, so much of what you see online is that old, and just copied from data that Grove Communications managed to get before it became restricted.

Something to think about is when you have a whole host of communications system capabilities like HF, VHF/UHF, landline, satellite phone, Internet, why would you use (HF) radio for communications when you can, at present, pick up a phone and make a call? The answers are:

  1. Radio is used for group communications (base/HQ->mobile/field units) that are not practical to do via telephone.
  2. HF is a backup for when your other systems are down, or when the communications range exceeds that of your VHF/UHF system.
  3. When you are doing daily/weekly/monthly radio system tests to make sure everything still works.

There are hobbyist web sites that I have mentioned previously where listeners have been doing an excellent job collecting data, https://www.hfunderground.com/ and http://www.udxf.nl/ are two that I like. And with that, I’m going to give you a warning: these are international sites for worldwide SWL hobbyists who specialize in a particular aspect of the hobby: non-broadcast (aka utility or “ute”) communications on the HF bands. Many, perhaps even most of them, don’t give a shit about American prepper stuff. So, if you follow Dean Ing’s (and mine for that matter) advice about treating this like a hobby, you’ll be just fine. If you act like certain members of a few prepper-oriented FB groups I monitor, you’re probably going to get your ass kicked off the site, and lose a potentially good source of information.

Now, with that said, you might not find what you’re looking for if other hobbyists haven’t found it, or aren’t particularly interested in the same service/agency as you. That leaves you to do your own research. In this instance, the FCC is a useful resource.

Regardless of whether the frequency is HF, VHF, or UHF, a state department of homeland security/emergency management agency will still need a license to legally operate on a particular frequency. There might be an exception for a primarily Federal interoperability system, but I don’t know and those who really do aren’t going to say anything publicly because they like their job. Yes Virginia, when I worked in the LMR biz my fellow employees and I were flat out told that disclosing radio system information, even if it was just commenting on publicly available information would be grounds for termination, and we were more or less encouraged to spread disinformation.

Anyway… I went over to the FCC General Menu Reports Site/Market/Frequency Menu to see what I could find. I searched for Private Land Mobile – Public Safety Pool, Conventional (PW) licenses from 2-30 MHz. in the Northeast US, specifically Pennsylvania, New Jersey, New York, Connecticut, Massachusetts, New Hampshire, Vermont, and Maine. When I found a particular license, I further examined the details to see if it was for the state’s department of homeland security/emergency management. Here is what I found:

Freq. (MHz.)States
















So we have some data here, and know it is factual in that this frequencies are currently licensed to the states listed. We also see that some frequencies have multiple states licensed to them, while others only have one or two. It would be safe to assume (although one might still be incorrect) that the former might be used for interstate communications and the later for intra-state. Listening to them would help prove or disprove what right not is onlt a theory.

This data is only for the Northeast US, but you can put together your own information by visiting https://fjallfoss.fcc.gov/General_Menu_Reports/engineering_search.cfm?accessible=NO&wild_select=on.

For those of you who might want to look for stuff that’s not licensed by the FCC, a sector search will be useful. Allocation data is available from https://transition.fcc.gov/oet/spectrum/table/fcctable.pdf, and by examining that table, we find the following ranges of interest. (Frequency ranges are in KHz.):

2000-2065, 2107-2170, 2194-2495, 2505-2750, 3155-3230, 3230-3400
4000-4063, 4438-4650, 4750-4995, 5005-5450, 5730-5900, 6765-7000
7400-8195, 9040-9400, 9900-9995, 10150-11175, 11400-11600, 12100-12230
13410-13570, 13870-1400, 14350-14990, 15800-16360, 17410-17480
18030-18068, 18168-18780, 19020-19680, 19800-19990, 20010-21000
21850-21924, 22855-23200, 23350-24890, 25330-25550, 26480-26950
27540-28000, 29890-29910

Under normal circumstances, HF frequencies below 7 MHz. best work at night, those above 15 MHz. work best during the day, and 7-15 MHz. is good 24 hours a day. This is not a hard and fast rule, but instead a good guideline to go by.

Like I said previously, any activity having to do with this COVID-19 thing is probably going to be on VHF/UHF, but moniotoring that traffic is simply a matter of programming your scanner and letting it run. There is less hard data available for HF systems, so those of you looking for a challenge or who are out of the affected area and want to see if you can hear something have the frequencies below 30 MHz. to try. Those of you in the Northeast have a list of frequencies to try, and the rest of you have some information on where to start looking.

Should you feel the need to share your findings, please send me an email to ticom.new.england@gmail.com. Your contributions are much appreciated!