Hi, does anyone know of a product that will detect and point me in the direction of any 802.11a/b/g transmissions? Most of the detectors I've seen are geared for finding broadcasting AP's. I need to be able to track down laptops/PDA's with a wireless device thats enabled, regardless of whether or not they're running in infrastructure or adhoc mode, associated with an AP or not.
Any other non-802.11a/b/g wireless signal detection, like cell phones, would be a nice bonus, but not required.
-Don
Let's get the buzzwords nailed first. Detect, identify, and direction find are separate functions.
Detect can be done with a simple RF detector as in a "bug finder", which simply rectifies any RF it picks up, and provides an indication. It has no way to distinguish the manner of modulation or identify the source. Another name for this is a "sniffer" which is useful for finding the exact location of the transmitter when you're very close. I tired to modify a microwave oven detector with an external antenna but could only get a few feet of range.
Identify is done with the Netstumbler, Kismet, or other wireless sniffing tools. These will extract the MAC Address, SSID, and other interesting information from a transmission. However, they will not distinguish between Bluetooth, wireless video, 802.11, microwave ovens, cordless phones, and such. To the best of my knowledge, there is no single appliance short of a military ELINT system that will do this today.
Methinks direction finding is best done with a rotating directional antenna and a spectrum analyzer. I've scribbled on the topic before in alt.internet.wireless. Search Google Groups for my name and "direction finder". |
It's fairly difficult to direction find with a handheld dish, radio, and laptop, or perhaps handheld dish and spectrum analyzer. The signal strength indication from the most non-modified radios is just too slow to perform reasonable sweeps. They also fail to distinguish easily between multiple sources of RF and/or multiple 802.11 sources.
Direction finding client radios is even worse as you're likely to find them among other client radios which will interfere with an accurate bearing. They also tend to be indoors which are major sources of reflections.
I'm not too sure what to recommend. The typical client radio goes into "power save" mode when not in use. In effect, it doesn't radiate any RF to direction find. If associated with an access point, it does have keep alives and beacon transmissions which can be detected. When I tried direction finding on these occasional transmissions with my Proxim 7400 based spectrum analyzer, I found that the transmissions were so few and far between, that the SA would only occasionally si something.
I don't know of any off the shelf product that will do that, but can easily speculate on how it might be designed (translation: I don't know if it will work). I need to know the level of accuracy and range you're expecting. Also, whether this is to be a human operated or automatic system, one unit or many, details, etc.
If you wanna roll your own, I suggest using a dish antenna, MMDS downconverter, 500MHz spectrum analyzer, and a fiberglass pole. The stock MMDS receiver works on 2.6GHz and can be fairly easily convinced to function at 2.4GHz.
There are such things for cell phones. I've tinkered with the Zetron
510 unit, which is just a fancy RF detector. It was screwing up badly with false indications from 800/900MHz trunking handheld radios. It also had sensitivity problems with CDMA phones.
Ooooh. I want one.... Just one problem. $3,999 list price.
If you like spending money: |
For real entertainment value, drive to a mountain top with a spectrum analyzer, connect an antenna, and wonder why you bothered. Without filtering and some clue as to what I'm looking for, I usually just see garbage on top of garbage.
The right way(tm) to do this is to demodulate the signal and try to determine the modulation methods from the baseband data instead of from the RF spectra. An SDR (software defined radio) is fully capeable of doing that. It would "lock" onto the signal, and try each demodulator one at a time. Kinda like an ELINT system.
One problem with using a spectrum analyzer with spread spectrum is that the sensitivities tend to be terrible because the spectrum analyzer cannot take advantage of the 10dB processing gain and the ability to synchronize the transmitter and receiver. I'll post some video clips of what the screen looks like (when I have time).
Try these video clips to see how a dedicated spectrum analyzer looks. It doesn't get much better than this. See the links near the bottom of this page. |
Replies so far, although VERY incisive, may be an overkill for your WiFi needs. How about just a USB adaptor, Netstumbler & parabolic cookware dish! The mad Kiwis at =>
Came across this the other day
I made a video clip that shows the problem:
(Yeah, I know the AVI file is out of focus and jittery. I can't find my tripod and promise to make a better movie when I find it.)
The ppt presentation makes it seem quite good
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.