Bots parking on 6519.5 and 5440.5 (8897) khz USB?

Since May two bots are almost always here (mostly) on these frequencies. When I ban them, they will back from another IP. Most of cases from Opera VPN addresses. And what is the interesting on these freqs? Sometimes parking on 8897 usb instead of 5440.5.

Almost always 2 bots here. Sometimes only 1 on 6519.5

I don't know, what they are monitoring but sometimes they occupying the 2 WF channels on 8 CH mode.


  • 8897 — military frequency. Russian Air Force.

    In addition to ordinary users, it can be different spy curators from different countries. Most of them are always hidden behind vpn, tor and non-public proxies. Also seen scanning frequencies from ENIGMA2000. I have fewer questions for them if they don't bother me. 

    They don't care about your sdr's, your users. Instead of writing to admin why they need so much time and channels, they just change ip addresses.

  • Thanks for this answer. So maybe I helping someone to investigate war crimes?

    I'll tolerate it :)

  • edited October 2022

    I doubt. Spying can also be directed against your country. My long observation of these spies led me to the following thoughts: they will exploit your receiver, including for bad purposes; and harmless schoolchildren will occupy all channels for a long time, broadcasting YOUR broadcast to friends in THEIR (!) applications. They don't respect your work. Also, they don't respect other users. If you do not check the receivers, they will occupy all channels. 

  • I'd not tolerate it by assuming they are benign or altruistic in nature. Here I realised there might be some information to be be gathered from military HF comms as a base is some 20 miles away. I had just enough doubt about the motivation to block it, assuming they would move on.

    Not running a public Kiwi right now (for months) but my firewall logs for common kiwi ports show about 14000 connection attempts in the last week, many of those entries are "last messages repeated 3,5 or 7 times" 5600 for port 8073 alone, with again repeats up to seven times.

    It is not some individual, it is not somebody who cares that port scanning is illegal. If they want to take advantage of the brilliant features of the Kiwi and software buy some, install them where they want to use them, pay for the bandwidth.

  • +1. PERMANENT scanning should be discussed with kiwisdr owners. Listening to military radio networks and those indirectly connected to them should be limited. It doesn't matter which spy is hiding behind the next VPN. Now is a very difficult time. They apparently don't understand this. I would not want my receivers to be used with bad intentions.

  • I'm pretty sure very little of any political, military or tactical value or other similar information can be obtained by semi-casual monitoring of traffic on these frequencies, or indeed any others on the Short Wave bands.

    An internet search will usually be much more revealing than spending hours listening to static on a rarely used frequency or trying to decode highly encrypted data.

    The bots are more of a nuisance than anything, by tying up valuable receiver channels for hours on end they deny use by others.

    Maybe just block the problematic frequencies for a while, by using the DX tag masking function ? Alternatively perhaps use a smaller value for the Inactivity time limit ?

  • edited October 2022

    Short waves have their own specific propagation. Even because of the silence zones, they will use other receivers. At the frequencies of "zenith" communications, in principle, long-range reception is impossible. Yes, they have their receivers. But the missing information can always be obtained by connecting to remote websdr. All information, at first glance, not necessary, complements the overall situation. Various news agency are well aware of kiwisdr. Apparently, you are in a region that they are not interested in. Subnets analysis shows that these are not always ordinary users. I will not write details. There is another category: they listen to diplomatic stations, different encryptions. I don't have much information on this category.

    They use VPN either to hide their activity, or because they are already tired of everyone with their scannings.

    Regarding blocking frequencies: yes, this is the solution. We have been using this for a long time. At our request, John added this function.

  • many thanks for these answers... So there is a new question..

Sign In or Register to comment.