25 February 2022

STANAG-5066 over MIL 188-110A: SK AF messaging

Slovakian AF communications spotted on Monday at 6343.0 KHz/usb, rather unusual frequency given the previous logs (actually first time heard on this qrg) and no more heard since last monday 21. The usual paradigm is used: ie, 188-141 2G-ALE handshake (S1L caller, P10 called) that is followed by the data forward by means of 188-110A ST modem and STANAG-5066 as datalink protocol.

Fig. 1 - STANAG-5066 bitstream

No transport protocol is used since STANAG-5066 assumes the burden of message integrity within the HF network: indeed, the email file are compressed and then transferred from one SMTP server to another by using HBFTP (Basic File Transfer Protocol) as per Annex F of STANAG-5066. BFTP implements a very simple end-to-end file transfer protocol based on the ZMODEM protocol and shall be provided by STANAG-5066 implementations: in this case, the initial "H" could stand for Harris implementation. It's to be noticed that BFTP is connected to the RCOP (Reliable-Connection-Oriented Protocol) socket interface.
HSMTP (likely Harris SMTP, Simple Mail Transfer Protocol) routing shows that the recipient node is at 1-hop distance (DP and NP values).
The email addresses and other terms reveal that the messaging system software, and most likely the connected radios, are provided by Harris Corporation, almost surely the Harris RF-67x0W Wireless Gateway suite. 

Fig. 2

about users:
ALE callsign P10 (Stanag-5066 address: 10.000.000.005) is "prezovvzs", Prezov VzS
ALE callsign S1L(Stanag-5066 address: 10.000.000.004) is "sliacvzs", Sliac VzS  
("Vzdušné Sily" is the Slovakian for Air Force)
It must be noted that for "domestic" traffic they do not use their S-5066 Regional Assignee range 6.42.y.z but rather 10.x.y.z.
Also interesting is the use of ESET Smart Security, database version 8756 (20130902), to protect the systems against virus and malware. 

https://disk.yandex.com/d/5kVfxb1Y95_R2Q

No comments:

Post a Comment