High-gain Antennae and Wardriving Accuracy Theory.
Interesting concepts. More or less, it seems like it would work, or at least be more accurate than driving by with an omni. The mechanical problems of orienting the array aside, there would be a few other things that you may need to consider.
I would think that this would almost require you using a passive receive-only program (like Kismet). The relatively close physical proximity of the antennas to each other could easily have the radios blasting each other out if an active probe program (like Netstumbler). was transmitting. At these frequencies it's easy to have the antenna several wavelength apart, but they would still be easily desensing each other.
The antennas and pattern should be identical, of course. Your idea of keeping the directional antennas 45 degrees from the direction of travel is interesting, but keep in mind, that depending on the antenna pattern, many directional antennas can have big nulls at 45 degrees. You wouldn't want super-gain dishes or yagi stacks for a project like this. When your vehicle is physically the closet to the AP (which would be 90 degrees, straight left or right) you would have the weakest signal strength. I don't know if this would be better than the people who put directionals on their vehicle at 90 degrees or not. They would certainly be able to see the AP farther away, given equal amounts of gain.
Kismet can use multiple interfaces, and aggregate the results into one log file.
You could test this, to a certain extent by using two antennas pointing NW and SW, and drive by a known AP on that side. Try the same drive with one pointing straight 'sideways' as well, and compare results.
I would think that this would almost require you using a passive receive-only program (like Kismet). The relatively close physical proximity of the antennas to each other could easily have the radios blasting each other out if an active probe program (like Netstumbler). was transmitting. At these frequencies it's easy to have the antenna several wavelength apart, but they would still be easily desensing each other.
The antennas and pattern should be identical, of course. Your idea of keeping the directional antennas 45 degrees from the direction of travel is interesting, but keep in mind, that depending on the antenna pattern, many directional antennas can have big nulls at 45 degrees. You wouldn't want super-gain dishes or yagi stacks for a project like this. When your vehicle is physically the closet to the AP (which would be 90 degrees, straight left or right) you would have the weakest signal strength. I don't know if this would be better than the people who put directionals on their vehicle at 90 degrees or not. They would certainly be able to see the AP farther away, given equal amounts of gain.
Kismet can use multiple interfaces, and aggregate the results into one log file.
You could test this, to a certain extent by using two antennas pointing NW and SW, and drive by a known AP on that side. Try the same drive with one pointing straight 'sideways' as well, and compare results.
Oh, good point about using Kismet. I finally got something on my other laptop up and running with it (stupid picky IPW2200 cards and too-cheap me), so that's a possibility.
I think I'd be happy with antennas with big nulls at 45 degrees off axis because I think the numbers I do get ought to make up for that.
Supposing a close-to-ideal example, let's assume I'm driving northbound on a straight road and have 1/2 of my antenna array set up - the left side.. The strongest signal from antenna 1 comes from point X, and from antenna 2 the strongest signal is from point Y. My best guess at this point for Latitude is something like
(y-x)/2 + x
And for Longitude
Heh. Actually, the same calculation as lat since we're travelling straight north and we're aligning our antennas as 45 and 135 degrees off the direction of travel. I like simple cases.
You raise some interesting comparisons. IMO, using a single directional pointed out the side will certainly get you good distance, but you'll still have no idea where the AP is without at least partially circling it (which, in essence, would give you the same sorts of readings as the array we are discussing would, just not as quickly). While useful, it's still quite limited in the ability to use it while just driving from point a to point b.
I think you are right that a test is in order. Problem is, I'm a cheapskate. I supposed I'll have to make my own directional antenna. Two of them, actually, then use something like ACT in Stumbverter to get a good comparison to make sure they are about equivalent.
Let me know if you think of something else. At this point, the goal would be to get some raw numbers against a known-location AP and dump the lat/long into something like mappoint to do some good, close looking. Oh, duh. At this point, a single somewhat directional antenna could prove the usability of a technique like this with just two passes.
Oh, another issue that may pop up is that the higher the directionality of your antenna, the less likely you are to be able to grab the signal sice it passes through your peak sensitivity section more quickly. That probably ought not matter at slw speeds, but I suspect at higher speeds it could be very important.
I think I'd be happy with antennas with big nulls at 45 degrees off axis because I think the numbers I do get ought to make up for that.
Supposing a close-to-ideal example, let's assume I'm driving northbound on a straight road and have 1/2 of my antenna array set up - the left side.. The strongest signal from antenna 1 comes from point X, and from antenna 2 the strongest signal is from point Y. My best guess at this point for Latitude is something like
(y-x)/2 + x
And for Longitude
Heh. Actually, the same calculation as lat since we're travelling straight north and we're aligning our antennas as 45 and 135 degrees off the direction of travel. I like simple cases.
You raise some interesting comparisons. IMO, using a single directional pointed out the side will certainly get you good distance, but you'll still have no idea where the AP is without at least partially circling it (which, in essence, would give you the same sorts of readings as the array we are discussing would, just not as quickly). While useful, it's still quite limited in the ability to use it while just driving from point a to point b.
I think you are right that a test is in order. Problem is, I'm a cheapskate. I supposed I'll have to make my own directional antenna. Two of them, actually, then use something like ACT in Stumbverter to get a good comparison to make sure they are about equivalent.
Let me know if you think of something else. At this point, the goal would be to get some raw numbers against a known-location AP and dump the lat/long into something like mappoint to do some good, close looking. Oh, duh. At this point, a single somewhat directional antenna could prove the usability of a technique like this with just two passes.
Oh, another issue that may pop up is that the higher the directionality of your antenna, the less likely you are to be able to grab the signal sice it passes through your peak sensitivity section more quickly. That probably ought not matter at slw speeds, but I suspect at higher speeds it could be very important.
http://bcm43xx.berlios.de/since the last posted question on how to get a Broadcom chipset-based PCMCIA card to work in RF-MON mode with kismet.
I've had it working
You are forgetting that a lot of APs are high up off the ground. APs on the 3rd story of an apartment complex close to the street could get missed by the "cone" of the directional antennae.
Now imagine my driving through urban Kansas City where several 30+ story buildings are just 8 feet from the pavement. There's no way an array of directionals would do the trick.
Honestly, directionals are really good for point to point or narrow area coverage. Maybe that setup would work in rural areas and on long stretches of highway between towns. Simply hitting every little road in a neighborhood, business park, or other populated area, with the help of a good antenna and transciever is all you need.
Now imagine my driving through urban Kansas City where several 30+ story buildings are just 8 feet from the pavement. There's no way an array of directionals would do the trick.
Honestly, directionals are really good for point to point or narrow area coverage. Maybe that setup would work in rural areas and on long stretches of highway between towns. Simply hitting every little road in a neighborhood, business park, or other populated area, with the help of a good antenna and transciever is all you need.
This is an old post and looks very interesting.
Have you made any progress?
Did you make your highly directional antenna?
How were you going to specify (keep track of)which antenna were pointing a certain direction?
Could you have four drones with separate GPS's to help calibrate direction and vectors? (maybe some sort of self correction.)
The thread seemed to end with the comment about the vertical degrees of reception. I mostly see 1-2 story houses so that would not bother me.
Have you made any progress?
Did you make your highly directional antenna?
How were you going to specify (keep track of)which antenna were pointing a certain direction?
Could you have four drones with separate GPS's to help calibrate direction and vectors? (maybe some sort of self correction.)
The thread seemed to end with the comment about the vertical degrees of reception. I mostly see 1-2 story houses so that would not bother me.
Yes this is old, but it does lead to some interesting questions and really makes you think about the tech behind what you are doing.This is an old post and looks very interesting.
How were you going to specify (keep track of)which antenna were pointing a certain direction?
Could you have four drones with separate GPS's to help calibrate direction and vectors? (maybe some sort of self correction.)
The thread seemed to end with the comment about the vertical degrees of reception. I mostly see 1-2 story houses so that would not bother me.
If I were to try something like this, I'm not because my truck looks strange enough already, you would probably need a hightop van with a fiberglass roof to pull it off well. I would go with 4 - 120 degree sector antennas. There would be about 30 degrees of overlap on each panel. which would allow you to generate a bearing very easily especially when the signal is from an area with 2 adjacent antennas. The bearings could then be compiled by a single pass past the AP to generate a triangulation.
The problem I see is that your mapping/plotting software would have to know about your antenna setup to be able to compensate for it when plotting a point since it could be on either (perpendicular) side of your direction of travel and the antennas would still each receive a similar proportion of the AP's signal. You would need at least one more antenna to properly orientate the signal.
I have seen some interesting 4 omni directional receivers, but the basic $150 kit that Ramsey Electronics sells works off of received audio and compares audio power and doppler delay to do its trick. It would take some extensive work to convert it to 2.4G.
The system would have to all work off of a single GPS. The relationship the antenna locations has to be kept exact, and different gps units can report may feet of difference for the same physical spot. The relationship between the distance for each GPS running at the same spot isn't constantly the same either.
One factor the test case doesn't really cover either is what happens when the source antenna has a different polarization? You loose approximately 20dB in signal when antennas are cross polarized. In some houses Ive intentionally used this to both enhance coverage in upstairs rooms and limit outside radiation. By placing the antenna near the basement wall closest to the road but with horizontal polarization slicing the house vertically with the radiation pattern. This also limits the signal that he side neighbors see since they are off the nulls of the dipole. and depending on how far up along the wall limits the reception to the near house backyard. about the only outside people who have a chance on the signal are the ones on the upper floors of the house behind. The worst part is training people that antennas don't need to be point up to work.
Though slightly off topic, even AM stations near the border have interesting 4 antenna setups so they can modify their pattern to reduce interference with the neighboring country by delaying when the signal is sent to a given antenna so it can attenuate signal transmitted in a particular direction.
I think I'll just stick with Omni directional gain antennas and try to drive at least 120 degrees around a possible AP, at least until gas prices go up another few dollars a gallon.
I agree that wardriving the typical way is less accurate with a powerful antenna, but a powerful antenna has a very good use when wardriving.
Consider driving through a big city such as New York or Beijing. On the ground a weak antenna is going to miss most networks that are in high buildings unless you are able to go up and down every building... not very practical. And, an Omni or Yagi setup in standard methods is going to paint an inaccurate picture of the networks in the area.
Something to consider about a powerful antenna and a big city (with high buildings) is to use a Yagi with the most narrow focus you can find (as straight as possible with very little angle)... and aim it straight up when going through a city (bolt it down in a vehicle: truck bed, trunk of car, etc). You will get a very accurate 2 dimensional layout of the city's WiFi environment. Mainly you will find networks that you did not know resided at the high floors of buildings prior to trying this method.
This method works well and you would be surprised how many networks are in a high building. Just an interesting observation/test.
Consider driving through a big city such as New York or Beijing. On the ground a weak antenna is going to miss most networks that are in high buildings unless you are able to go up and down every building... not very practical. And, an Omni or Yagi setup in standard methods is going to paint an inaccurate picture of the networks in the area.
Something to consider about a powerful antenna and a big city (with high buildings) is to use a Yagi with the most narrow focus you can find (as straight as possible with very little angle)... and aim it straight up when going through a city (bolt it down in a vehicle: truck bed, trunk of car, etc). You will get a very accurate 2 dimensional layout of the city's WiFi environment. Mainly you will find networks that you did not know resided at the high floors of buildings prior to trying this method.
This method works well and you would be surprised how many networks are in a high building. Just an interesting observation/test.
Return to “Net Hugging Hardware and Software”
Who is online
Users browsing this forum: No registered users and 140 guests