Determining Signal Strength, Direction and Noise in WiFi


(klaus) #1

Hi There,

I hope I am on the right place for this kind of question.
At my Home place I’m playing around with WiFi and I have big problems to get a stable wifi system using a Fritzbox 7490 and a Fritz Repeater 1750e in mesh mode.

What ever, during my troubleshooting I’m confused on the following problems. Is it possible to:

  1. Determine signal strength in milli Watts (mW)
  2. Determine the direction of each foreign AP (Yagi antenna?)
  3. Determine noise or interference/trouble between AP and STA

thx,
kla


(Hardeep Singh) #2
  1. You can simply convert the received signal strength (in dBm) to milli Watts using a simple online dBm to mW converter or see the table below for a rough idea compared to your RSSI.

    Power (Decibel mW) Power (milli Watts)
    0 dBm 1.000 mW
    1 dBm 1.259 mW
    10 dBm 10 mW
    20 dBm 100 mW
    30 dBm 1000 mW
    40 dBm 10000 mW
    50 dBm 100000 mW
    60 dBm 1000000 mW
    70 dBm 10000000 mW
    80 dBm 100000000 mW
    90 dBm 1000000000 mW
    100 dBm 10000000000 mW

    Keep Simple, for every 10 dBm, power increase by 10X.

By the way what tool are you using for signal strength ?

  1. Yagi is good for determining the direction. But it has a wider coverage if compared to a dish. Dish has very small signal coverage. but, is used to send or receive signals from distant locations, see your Television Dish.

    If you have a dish, or arrange one from a friend, I’d strongly suggest that for your location determination. As it will be more accurate. Otherwise, Yagi is also a very good option if you just want to just access Internet and not something weird like listening to the alien signal from neighbour galaxy :smile:

  2. I think @sipa can provide good information on that.


(klaus) #3

thank you!

I use or try different tools to determine signal strength, a Wifi Pineapple Nano (with the SignalStrength or Site Survey Module) and or kismet/airodump-ng with a ALFA AWUS036NHR. I am undecided what I should use primary/usualy - any suggestions?

Unfortunately i own no Wifi Dish and if, my daughter would use it as a doll bed or something else :wink: But i own a 3d printer and on thingiverse there are some templates to build a Yagi Antenna, i give her a try.


(Hardeep Singh) #4

If I were you, I would’ve gone with Alfa along Kismet or airodump + Yagi. Pineapple is good for multi channel monitoring due to its architecture, it allows to monitor more channels with lower packet loss.

While, on the other hand, Alfa AWUS036NH has only one antenna and can operate on a single channel at a moment. Nano uses 2, so may provide less accurate information.

I would love to see how you build a 3D printed Yagi! :smiley:


(-) #5

I wouldn’t even think about making yagi for 2.4GHz as there is Cheap yagi available.

As for the third question, there is wifi mapping software available that could help with trouble shooting. With omnidirectional antennas there might be multipathing issue where some of signal gets reflected from something and interferes with the direct path signal.
Edit: clarification


(Hardeep Singh) #6

What do you mean by ”Normal” omnidirectional antenna ?
What is the differentiating factor?


(-) #7

Yagis are directional, and true, they can be affected by multipathing, but as the cone of the transmission is narrow, the interference is way less, as the different path-lengths aren’t that wide apart.

WIth omnidirectional antenna, the path-lenghts can be much more varied, as the same signal can come in from way different directions.

say we have reflective obstacle somewhere in the middle and to the side. straight path between antennas is 5, but the reflected path is 3+4, so the signal is reflected 90 degrees and arrives somewhat lagged, if the reflected signal comes in close to multiple of 180 deg phase, then the carrier gets nulled by interference. And with 2.4 GHz’s 12cm wavelength, there can be many possible reflection points where the outlined interference happens.


(Hardeep Singh) #8

What you said is absolutely correct, but what I wanted to kn ow if there are any “special” omnidirectional antennas since you quoted the word “normal” with omnidirectional in the previous comment.

Seeing the quoted word, my mind tends to think that If there’s a normal omnidirectional then there must be a special (or at least not normal, less widely used) antenna. But seems like you intended to say Normal Antennas (omnidirectional) rather than "Normal" Omnidirectional antennas. Both imply different meaning. So, is it what you really intended to say?


(-) #9

Oh, right. I’d consider an omni directional antenna to be normal in this case, as they are way more common than directional antennas. Edited the ambiguous post accordingly.


(klaus) #10

Thank you all for your suggetions/tips/hints.

With this, i found out that the problem is not in 2,4Ghz rather in 5Ghz band.
Unfortunately i have no equipment to investigate the 5Ghz Band.

Do you habe remommendations for a wifi card like the AWUS036NHR but in the 5Ghz band?

thx


(klaus) #11

i have bought a Alfa AWUS036ACH and it seams it does the job.
After i installed the realtek-rtl88xxau-dkms package in kali and restart the network-manager the card is seen by the os and you can set up the monitor mode and do all the other things


(Hardeep Singh) #12

I haven’t used this card yet. but can you show a 5Ghz data monitor using this?

I see there is significant packet loss due to very high throughput on 802.11AC


(klaus) #13

this is a screenshot from kismet, it works on all channels

i can test the packet loss tomorrow, when i’m at home


(Hardeep Singh) #14

Good. I’d suggest you to use tcp.analysis.lost_segment in the wireshark’s search bar to identify packet lost.

or simply keep and eye on the packet numbers.


(klaus) #15

Hiho

i have tested it with wireshark, unfortunality my mac give me less information about the pyh connection.
The Network Utilitiy tells me, the alfa is connected with 5g and 868mbit/s. i’ve downloaded a 4,7GB big ISO image and the packet loss ratio was 0,1%

i watned to test the same with kali linux in hope to get more info about the pyh connection but … in contrast to the monitor mode, I was not able to establish a normal connection to one of my 2,4 or 5Ghz (Edimax / AVM).

34


(Hardeep Singh) #16

I want the wireless network in equation to be 802.11ac and not typical 802.11n

2.4Ghz or 5, doesn’t make a whole lot of difference in the test we want to perform.

See this image for speed differences. for our test we want to be in the farther end (for sniffing, not connected to network)
image
Source: Cisco

Also, you said you downloaded a file. which means a tcp connection was established and every single packet is checked for integrity of the file on the same system you ran wireshark. so packet loss being 0.1% throughout the whole transaction is understood.

What you actually need to do is: perform monitor mode packet sniffing(not connected to any network) and see how many packets you lose, for the target 802.11AC network.
Sure, to generate some traffic you can play a video on youtube from a “client”. But keep the Alfa WiFi adapter disconnected and keep only in monitor mode.

Then when you discover packet loss, I’ll explain why and the solution :slight_smile:


(klaus) #17

I’m not sure if i do it on the right way because i have no packet loss at all.

Setup:
1 (Workstation) client (hardware, mac os x)
1 (Sniffer) client (hardware mac, os x -> Kali with the Alfa Card)
2 (AP) Edimax CAP 1200 with WLAN1_5g and WLAN2_5g - autochannel

i use the names in () to explain it better

  • on the workstation i only can etablish a 802.11ac connection if i connect to the 5Ghz Wifi

  • workstation connects to WLAN1 with 802.11ac channel 36 80Mhz

  • workstation connects to WLAN2 with 802.11ac channel 100 DFS/80Mhz

  • workstation opens 5 full hd streams on different streaming provider

  • sniffer aircrack-ng check kill

  • iwconfig wlan0 mode monitor

  • depending on the Workstation connection: iwconfig wlan0 channel 36 or 100

starting wireshark and sniffing on wlan0

i have tested it 2 times a 10mins and tcp.analysis.lost_segment shows nothing

which amazes me in addition, the RX rate on channel 36 is 867 Mbit/s and on channel 100 only 88MBit/s with the same load on the Wifi, why?

44 46


(Hardeep Singh) #18

Channel 34-48 is used for Access Point because max power is 20 dBm and 100-140 is generally used for point to point connections like weather radar.

Were you in direct line of sight when using channel 100?

I am not sure but I did see a 1100+ Mbits/s TXrate on channel 100. Not quite sure what could be the case here exactly.