News:

PD.com: Worse than that time when I conjured a handkerchief from that deaf kid's ear.

Main Menu

WiFi Scannings

Started by Triple Zero, December 04, 2009, 09:31:18 AM

Previous topic - Next topic

Triple Zero

moved to a separate thread cause I wanna get you guys feedback on this without jacking BAI's thread:

my current personal pet project is mapping the WiFi signals all over town, here. basically whenever I have to go somewhere in town, I start NetStumbler and config my netbook so it doesn't shut down as you close the lid. and then it starts recording whatever networks it comes across as I'm on my bike. and there's a fucking shitload of them. and no it doesn't log in or crak any of them (NetStumbler doesn't do that, it's a diagnostic tool), it just logs the time, MAC, SSID, signal strength and flags (mostly whether it's encrypted or not) whenever it catches a packet or something.

Currently I got about 1500 different network routers in about 100k datapoints. I wonder how much I could get if I would actually bike criss-cross all over town, since these are just the routes I normally ride, which must be less than 10% of the area.

of course I'm going about it entirely the wrong way. see my netbook doesn't have any kind of GPS in it. my friends and everybody wonder why I'm wasting my time with this (answer: it's FUN damnit), cause there's phones that have both WiFi and GPS and it would be a lot more useful to use something like that. It's true, I could create a proper "heat map" of the WiFi networks in this city.

but alas, my netbook does not have GPS so I can't. instead of that, I just have a series of timestamps, MAC addresses and signal strengths to play with, and I'm writing Python scripts to crunch the numbers and see if I can plot graphs of those things that make any (spatial) sense.

I mean, on my bike, I usually travel in a straight line, at a relatively constant speed. And two networks I got signal from within the same couple of seconds should be near eachother, right? So from that I should potentially be able to deduce some kinds of spatial relationships between the networks. Add to that some of the SSIDs people have named conveniently to their street address, and I could pin those on a map, and sort of fit the others around it.

So I fed a rough approximation of what I supposed could be some kind of distance measure into a funky tool called GraphViz which is a powerful commandline thing to turn textfiles describing graphs (nodes and edges) into SVG or JPG other images. And it even came with two physics spring-based models, which is what I was planning to do myself (spring attraction between networks that are "near" eachother, and repulsion for all the others).

Unfortunately what came out was a huge jumbled mess of networks. It looked extremely cool, but the complexity of the resulting SVG nearly brought my computer to its knees and it didn't really make a whole lot of sense.

Except that, apparently, there are no "Islands". Nearly all networks, save no more than ~5 lone ones or tiny clusters of 2-3, all networks could potentially "see" eachother via-via! So that means that thing about "Internet2" in the other thread, if you'd reprogram the firmware of all the wifi routers in town to be all sweet and route traffic to eachother in P2P kind of fashion, they would actually form a city-wide wireless network and you wouldn't even need any ISP for that connectivity.

add a few beamers and dishes and soon you'd have all the major cities in NL in a custom-made, completely free, decentralized and independent network.

but that's just fantasy. but also about the only cool thing I found out via all this data, that it is in theory possible :-)

So right now I'm playing with all sorts of ways to filter and process that data. Unfortunately the signal-strength numbers are as good as useless. I have no idea what unit they are in, it doesn't seem like dBmW. I guess it's still logarithmic, but I'm assuming dBmW times an arbitrary scale for now. Which makes any kind of inverse-square law distance estimation kinda impossible.
In addition to that, it's not very accurate, noises up and down a lot, and I have the feeling (but not checked properly yet) that it doesn't even roughly "fade in" and "fade out" the way you'd expect if you ride past a wifi router. Once I get around to plotting some proper "whoosh" graphs, of networks whooshing by, and I notice the signal strength doesn't go up and down like it should I'm just gonna ignore that part of the data and go purely with timing intervals when networks are picked up relative to eachother.

which is another weird thing, aside from the signal strength, if you're closer to a network, you also get more packets per second from that network. so that's two different things to measure proximity. I'm not entirely sure on how to combine the two, except just multiply or add them or something and see what happens. for instance what would be up with a network with high signal strength but only a few packets per minute? or a constant stream of low signal packets? of course it remains to be seen if those situations actually occur in my dataset.

anyway, funky graph plotting and matplotlib FTW :)
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Triple Zero

Quote from: BAI on December 04, 2009, 09:55:21 AM
hmm. I'm sure that there is a way to get your netbook to have a gps input for cheap as fuck. What model cell phone do you have? I know a couple of warrenty killing tricks for cell phones and gps. failing that, you could (if you wanted) fit a tomtom (I think that's the European cheap assed sat nav system) to a bike dynamo, hook that bad boy into yer notebook and  :P lol sortaGPS. I'm currently getting into alternative power supplys like dynamos, cranks and panels, I guess its the hippy rubbing off like.

Hm I don't have a phone with GPS either :) My gf has a TomTom but I'm not sure if she would let me play with it. I could try though, it has a simple mini-USB jack, if that and some special software is all it takes to get a GPS reading she probably won't mind [as long as I don't need to take it apart, you know?].
It would make the project a whole lot easier. Plus I'd get to pick a nice sunny winter day to bike all over town and scan EVERYTHING :D

Quotedo you use a magnet on the netbook to stop it shutting down or config?  I go for magnet, thats what i'm using to jam the lid swich in the old compaq  :P

No it's just a setting in Windows XP. Rightclick on the battery icon in the systray, properties, advanced tab, and there you get to select what it should do when the laptop closes: shutdown, sleep or nothing.
Good thing too, I was messing with putting a towel or something between the laptop to keep it just-open, but it was all shaky and not really conductive to the lifetime of the netbook :)

Quotealso, have you considered using a "wokfi*" type interface and trying to see how many you can pick up from out your window? 1500 :P hehehehe wow. bet you snagged all the local ones anyhow. lol

* currently testing for stepdaughers interweb, as her rl dad is a cheap cunt, and won't pay for internets, and lives just out of range of our router. bought a couple o hong kong specials and am currently messin aboot trying to boost the range of our network and the pick up on her junker lappy :P I have far too much spare time.

I assume this is when you fabricate a custom dish to amplify/directionalify a wifi signal to boost range?

And uh hong kong special is takeout food that comes in handy metal packings that can easily be crafted into something proper dish like? Advice, next time you order, just ask them to bring a couple of extra packaging things and give them a few bucks for it. It hardly costs them shit and you get clean ones, and a lot of them so you can cut them apart and mess up a few before you get it right.

The other solution would be to just use some alu foil and cardboard? Sounds easier?

Like on this website I saw this awesome PDF, you should print it, and then paste alu foil on a piece of cardboard, then paste the printout over the foil, and then cut along the lines fold across the dotted lines etc, stick two of those long cocktail sticks through marked spots and VOILA you have a sweet ass parabolic directional dish :D -- kind of. I lost the link, but I think I must have posted it something like 1 or 2 years ago back when Cain was having issues with having only real shitty real slow stolen wireless internets.

Quote
Quoteadd a few beamers and dishes and soon you'd have all the major cities in NL in a custom-made, completely free, decentralized and independent network.

but that's just fantasy. but also about the only cool thing I found out via all this data, that it is in theory possible

I fucking love this.

This is, well, the spirit of discovery!

Indeed. But to get it working I'd have to develop and unleash some kind of wireless firmware hacking reprogramming virus, because otherwise no way I'm gonna get enough coverage :evil:

QuoteLIES!  wink You don't need a tonne of money for this, honest.

oh I wasnt worrying about the price, more that I had to get all sorts of gadgetry and wires and spectrometers and interocitors and shit.

QuoteAll you'd need is a cheap radio scanner that could pick up the 137MHZ band, I think in the UK you could get one second hand for about 20 quid, I paid 40$ for mine to spy on the local coppers (as the ones in mendocino county are still analogue hehe) and ended up using it for this instead :P

Mines an http://www.rigpix.com/bearcat/bc550a.jpg from the 90's, only goes up to 650Mhz ish and skips the 400mhz band .. bummmer.

maybe I should check out the local electronic store. I need to go Sinterklaas shopping today anyhow.

Quotethe ariel is a butchered pair of rabbit ears stuck onto a "rubber ducky" car roof ground plain, attatched to our roof via duck tape.

Uh the what is a butchered what now stuck onto a what? (I'm a complete n00b here)

Quotewxtoimg software (basic) is free, and my wonderful wife is getting me the software key for xmas (of which I will gladly share :P ) which does all sorts of weather sat piccy decoding. and since you live in europe, you can get the eurosats too :P they dont fly over here

whoaa bitches, I'll kick their lazy asses they better damn well visit you.

they probably miss you anyhows.

Quote
QuoteSo right now I'm playing with all sorts of ways to filter and process that data.

this is the fun I am having.

I like your project :P if you don't mind, when I buy that Hello Kitty netbook, I'm gonna try this around our town :P

Yup, it's fun alright.

The signal strength numbers don't seem too useless, though. Check it, I plotted all the measurements into a histogram:



Looks like a nice kind of bell-curvy distribution don't it? To me that says the numbers can't be completely bogus, otherwise I'd expect some strange ragged semi-uniform random crap.

Just that, the numbers really SUCK. they range from about 6 to 67, with a resolution of nearly 2, meaning up to 46 you get only even numbers, 47 is the first odd one with one occurance, after that the odd numbers increase in frequency, until 60 is the last even number [you don't see this in the histogram btw, because I picked the bins large enough to get a smooth distribution]. If you follow me, you can guess what this means, that these numbers were SCALED and subjected to horrible ROUNDOFF somewhere along the road before they got into my data file.
I still have to see if this is the fault of NetStumbler (it's not that hi-tech of a tool, after all), or whether my network wifi card throws away all that juicy data. I hope it's netstumbler cause then I can grab the wifi data more accurately with another tool maybe.

Aaaaaanyway, if you wanna try this, give me a shout and I will post you the python scripts I wrote to read and analyze the NetStumbler output log files. Should save you some time. And I dunno but if you ever worked with MATLAB, then Python's Matplotlib should not be much of a problem for you, if you wanna draw pretty graphs and shit.

Quote
Quotefor instance what would be up with a network with high signal strength but only a few packets per minute? or a constant stream of low signal packets?

I could shark the network across the road for ya, and see , as they have a nice strength but they only have a good signal when their motion cams go off and start DVRing. lol.

Yeah but I have to see what it means for the networks I got here.

IT JUST MEANS I HAVE TO DRAW MORE PRETTY GRAPHS

see? :lulz:
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Triple Zero

Oh and on a completely different but related manner. Once I figure out what kind of household appliance I can use for this, I'm gonna make EVEN PRETTIER PICTURES.

cause except for my laptop I have also a USB WiFi network stick. And you can put that on the end of one of those handy USB extension cables.

now, beare with me.

see you know WiFi signal has very different kinds of strengths even depending on the angle of your antenna relative to the source, and I dunno furniture and your dog and whatever might be messing with the signal, right?

now imagine.

you have this USB WiFi stick, at a fixed point in the room. and it rotates, veeeeeeeery sloooooooowly, it rotates over two axes even (no idea how I'm gonna make that work, but visualize), so now, you got two angles, phi and theta. and I get about 8 networks here from my own and the neighbours.

NOW WHAT DO YOU DO IS THIS you plot the average signal strength for a network in a certain angle/direction as pixels on the screen and you take a different colour for all the networks and you sort of alpha blend mash them together and then you get some kind of PRETTY XRAY VISION WARPED RADAR IMAGE OF YOUR ROOM OR SOMETHING

I mean, you'd be lucky if you could even distinguish the window or your aquarium or car or something, vaguely, but I bet it would look pretty as fuck!
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Rumckle

#3
Apart from saying that this is awesome, and that I really want to try it.

I just wanted to say that the first thing that came to mind when I saw that graph was the blackbody radiation curve.

ETA: That is probably not what it is, but what I am getting at is you are right, the graph looks natural enough to be correct in some regard
It's not trolling, it's just satire.

Telarus

Telarus, KSC,
.__.  Keeper of the Contradictory Cephalopod, Zenarchist Swordsman,
(0o)  Tender to the Edible Zen Garden, Ratcheting Metallic Sex Doll of The End Times,
/||\   Episkopos of the Amorphous Dreams Cabal

Join the Doll Underground! Experience the Phantasmagorical Safari!

Remington

#5
I did something similar to this for my Wireless Networking Course; wherein I mapped out the College's network coverage and radiation patterns.

I used this:
http://www.visiwave.com/index.php/ScrInfoProducts.html?sid=9srk3by71qXL77GY

It's an awesomely useful and intuitive mapping tool, I used it to write a research report and generate a College Wireless Coverage map.
Excerpt for my report:

QuoteThe concept of VisiWave is simple and effective. At the beginning of the survey, a map is uploaded (any image file is accepted). All data and coverage overlays will be displayed over this map, and will visually display the detected wireless networks.

Surveying can be done in four different ways: point-by-point, continuous straight-line walking, GPS-assisted, or with a custom dead-reckoning device. When the data is collected, it is used to generate a "heatmap" overlay that lies on top of the map provided.


A graph of the RDCPublicInternet network coverage, overlaid on a map of the campus.

Each small dot is a datapoint, collected by the laptop's wireless card then assigned a position on the map by the user. When complete, the heatmap can display estimated AP locations, SSID names, security status, and coverage (either for a single AP, for a number of combined APs, or for entire networks). Custom reports displaying SNR ratio graphs, error rates, and other network metrics can also be produced from the raw survey data. Surveying is very easy and intuitive.

QuoteFor such an easy-to-use program, VisiWave collects a startling amount of data. On its default "Wi-Fi" setting, it collects the signal strength, MAC address, and wireless channel of every access point (802.11 a,b,g, or n) within your laptop's range.

The exact way that Visiwave sorts and organizes survey data depends on which mode you are using. All of the modes have the same basic principle though: the software analyzes all available network traffic (through the network adapter) for a split second and records the "event" as a collection of data which is then assigned a position on the map. VisiWave can collect Wi-Fi information through a laptop network card, or spectrum information through a Wi-Spy add-on.

In the Point by Point capture mode, the data is collected in a single brief event, triggered by the user's click. This data is then assigned a position on the map by the user, appearing on the overlay as a single data point. Continuous capture mode collects data (you guessed it) continuously, as the user walks along a straight line from one point to the other. When the user signals that the straight line has been completed, VisiWave takes all data collected and evenly distributes it along the line in a series of data points.

Once all this data is collected, VisiWave can use it to produce visual overlays of the signal strength of the access point/network. These overlays can be produced for a single access point, or for several at once.

Best of all, these displays are produced almost instantly and can be accessed in the same window as the survey map and the survey data points.

The simplicity of VisiWave is reflected in its computer requirements. It needs only an 800MHz Pentium III, Windows XP/Vista, 128MB of RAM, and a suitable wireless network card. This ensures that any relatively recent computer (pretty much anything newer than 6 or 7 years old) will be able to run the software. Additional requirements include Internet access (to download the program and access advanced Help features) and a PDF reader to view the reports VisiWave produces. Also recommended (although certainly not required) is a utility cart to carry the laptop while surveying.
Might want to try it for your mapping project, the software comes as a free demo (time-limited to 30 days, but none of the functionality is limited). It is very, very fun to use.
Is it plugged in?

Remington



Also worth noting: after I made this map, I thought it was odd that it had a dead zone near the intersection. I moved over to a table in the area, and promptly lost wireless access. I was impressed.
Is it plugged in?

Reginald Ret

Quote from: Triple Zero on December 04, 2009, 09:31:18 AM
Except that, apparently, there are no "Islands". Nearly all networks, save no more than ~5 lone ones or tiny clusters of 2-3, all networks could potentially "see" eachother via-via! So that means that thing about "Internet2" in the other thread, if you'd reprogram the firmware of all the wifi routers in town to be all sweet and route traffic to eachother in P2P kind of fashion, they would actually form a city-wide wireless network and you wouldn't even need any ISP for that connectivity.

add a few beamers and dishes and soon you'd have all the major cities in NL in a custom-made, completely free, decentralized and independent network.

but that's just fantasy. but also about the only cool thing I found out via all this data, that it is in theory possible :-)


This is the kind of thing to start small, with a few friends that live close together.
or with willing neighbours.
i see this happening in poor neighbourhoods
Lord Byron: "Those who will not reason, are bigots, those who cannot, are fools, and those who dare not, are slaves."

Nigel saying the wisest words ever uttered: "It's just a suffix."

"The worst forum ever" "The most mediocre forum on the internet" "The dumbest forum on the internet" "The most retarded forum on the internet" "The lamest forum on the internet" "The coolest forum on the internet"

Triple Zero

Oh my god, SR3, that is almost exactly what I was trying to build!! Awesome, I shall have to check out this app :D
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Remington

#9
Quote from: Triple Zero on December 29, 2009, 09:16:50 AM
Oh my god, SR3, that is almost exactly what I was trying to build!! Awesome, I shall have to check out this app :D
Have a buddy drive around town slowly (~5 kmph if possible) and exploit the straight-line capture mode from a laptop in the back seat. Remember to stop capturing when the car stops (and only to capture when you're moving in a straight line) and you're golden. You could probably survey an entire neighborhood in under 5 minutes. The map could then be refined by getting a utility cart from someone and working the pedestrian paths.

I'll send you a PM with my full report on the tool, plus a zipped folder. The folder contains:
-VisiWave v2.1.1
-VisiWave Adapter Check (run this one first, it's a simple program that checks your WiFi adapter for compatibility)
-VisiWave User Guide
-Sample survey folder:
---Campus map in PNG
---PDF report summarizing survey
---.VSW file (native file for VisiWave)
Is it plugged in?

Triple Zero

yeah, that would work!

also, if I had bothered marking the straight lines in my current readings I would have been well on my way on creating a similar looking map.

I'm probably making things way too complicated for myself by insisting on being able to do it with minimal location information.

Still, you know, given the guesstimate that most of my readings are in straight lines, and that I have readings from multilpe SSIDs at most points, should enable me to *somehow* puzzle together those into relative positions?

hmm puzzling .. that sounds like a possibility, if I cut up my timeline in short pieces, most of them can be assumed to be straight. most of the readings were while I was on my bike, which means long stretches of pretty much constant speed [yeah even in the city, cause we have bike lanes]

so I should model the (X,Y) locations as "something possible to do by bike", meaning a maximum speed and some limit on curvature.

actually just maximum speed should perhaps do it. I know I didn't do any by car, except a few of the early ones which I choose to throw away anyway.

say I will pick one randomly. just some squiggly curly curvy line.

given those (X, Y) locations I can calculate the convex hull of each SSID and take the area [perhaps taking into account signal strength readings]. these should be minimized, because if the squiggly line is wrong it means it will probably get one reading for an SSID on one end of the map and another reading for the same SSID on the other end, resulting in a huge area for the convex hull.

so I can "score" a certain random squiggly line using the sum of the areas for each SSID, probably subtract a little penalty for curvature [straighter is better, because that's the more likely routes I took by bike].

with random configurations and scores I can do a numerical approximation using Simulated Annealing [similar to a Genetic Optimalization with a population of 1].

sorry if this makes no sense to anybody but this is the first time I've come up with something that is just slightly likely to come up with a decent solution so I just had to write it down.

if I can efficiently calculate the area of the SSID's convex hull, I am all set. and since I just got my book on Computational Geometry back from a friend I can probably find a nice convex hull algo.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.