Re: blind demodulation - sound card - lucent winmodem

[Evrim ULU <evrim () envy com tr>]

Greg wrote:
> Well an older FSK 300 baud job, no problem at all. Do it with just a sound
> card and a poor gain tap. But modern 56k QAM with all the jiggery-pokerey,
> no doubt possible but not very practical for those without unaccountable
> public funding.
Heh:-) I obviously do not have funding like $70K. The machine that does this job 
was $70K or something.

> Now demodulating the RFI from the serial cable/controller/modem interface,
> if you're close enough would be a lot easier.
>
> sorry

The limit on a normal phone line is 64K. But when there is noise on the line 
(this is the usual case in fact) one bit is dropped and result is simply 56K 
(53.3K says modem-howto of linux).

But i'm insisting on this.heh:-)

PCM says that there are 256(8 bits) different signals at a sampling rate of 8000 
per second. 56K Modems uses amplitude modulation. Although modems do lots of 
tricks like crc checking/data compression, there must be a way to demodulate the 
traffic since it's a simple analog one. One can setup a test line & two test 
modems which are not doing any compression for simple analysis. I'm not very 
experienced with ADC's (only used adc0832/04/08 etc. before) but using an opamp 
or so, max 48Volts can be scaled to 5V range and using a fast adc, one can 
distinguish these signals. Then using the software and cpu power, i don't think 
it will be a hard job to demodulate the traffic. In fact, i can employ a cluster 
system for this since here i've lots of dual linux machines waiting to run mpich.

In addition to these, adc's of sound cards can be used since their sampling rate 
is enough. (44khz or so) (btw, i don't know if a 64 bit sound blaster really 
have a 64bit adc, somebody said they work differently than normal adc's)

My final thought about these theories and assumptions: Why one uses adc or 
external devices? I know that there are soft modems that do not know anything 
about crcs/compression. They are just adc circuits made specially for this 
purpose. I think one may alter the kernel driver of lucent modem to gather 
digital data of the analog line , then decrunch it to a certain level. Finally 
of course, this data must be fed to pppd (modified) then dump the traffic using 
tcpdump or so:-)


Ehe,warning: this message was full dreaming:-) But i'm going to continue to look 
for alternative solutions. Any suggestions?

Thnx.
--
Evrim ULU
evrim () envy com tr / evrim () core gen tr
sysadm
http://www.core.gen.tr


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/