RF Spectrum Analysis Testing Gear
Sometimes you need to be able to test your spectrum analyzers – not for doing anything nefarious… but to be a tool to learn how to read results on your Spectrum Analyzer.
To this end, I put together a kit of devices that tend to show up with unique signatures in you SpecAn. Below is a quick list of items I use. Each of these teaching a concept or specific signature. I learned from a wise man before about RF interferers… you don’t know exactly what you have until you are able to turn it off. I’ve used these tools to learn signatures to help find and ‘turn off’ devices in my customer sites.
What do you use to learn RF signatures on your spectrum analyzer?
Keith
Narrow Band Jammer
Nice, tight, and very strong 1-watt analog signal. Proxim Wireless Power Signal Generator – PSG-1. Comes with standard ‘N’ antenna connector for use with variety of antennas
Video Transmitter
Configurable channel 1-watt digital video transmitter. Model BL-610T – removed it from a customer after finding it wreaking havoc in their WLAN.
Broadband Jammer
900MHz, 2.4GHz and 5GHz as a ‘Spy Camera Stopper’. Strong, wide-band, fairly flat response wide-band jammer. Model TG-2000C
Broadband Jammer
2.4Ghz only – very small – smaller than pack of cigarettes and battery operated. Perfect for showing what might happen when people purposely try to harm your 2.4GHz – takes out entire band for 25m-35m.
AirHorn
From Nuts about Nets – dual-band version to show what happens when standard 2.4GHz and 5GHz 802.11 firmware is ‘broken’ to become continuously transmitter. Leaves very unique signature – in small bursts hard to tell from actual Wi-Fi – must use Duty Cycle to track down.
Analog Video Cameras
2.4GHz with DIP switches to set one of 4 channels. Powered by 9v battery – classic ‘M’-style video camera plan. Various manufacturers I picked up from various trips to Fry’s
D-Link DWL-873AP
2.4GHz AP – powered by small USB Battery. For CCK and OFDM curves – one set to 802.11b only and another to 802.11g only
AirPort Express AP
Set to 5GHz 802.11n – for OFDM pattern in 5GHz. Can move to different channels in UNII-1, UNII-2, and UNII-3
Bluetooth Speaker
Can be set in ‘Discovery Mode’ for certain Frequency Hopping Pattern – then allowed to connect to show difference in Bluetooth patterns.
Bluetooth Headset
Again Discovery Mode but shows a different pattern than speaker – showing ability to discern brand based on BT discovery pattern
Microwave Oven (New)
To show 2.4Ghz channel doesn’t have to be degraded by properly constructed and not-broken Microwave.
Microwave Oven (Used)
I picked up this one from a used appliance store for $10. It definitively leaks 2.4GHz energy! But even with it’s leaking – I use it to show 60-cycle AC leaves plenty of openings when the MW is near the zero volts point and 802.11 can sneak through. Not much – but it does still work.
2.4GHz Analog Phone
To show what happens when you click the ‘change channel’ button on the phone – a very tight analog signal – and only very few jumps between channels.
2.4GHz Digital Phone
To show the frequency hopping – both used while on-hook and a different pattern while off-hook.
5GHz Analog Phone
To show 5GHz ISM band also can be interfered with using just consumer phones. Also show that it is only 5GHz in one direction, from base to handset – handset to base is still using 2.4GHz. Both move together as channel change button pressed.
5GHz Digital Phone
Showing 5GHz frequency hopping – and seeing different patterns between on-hook and off-hook. One is Pseudo-Random and the other Full-Random patterns.
2.4GHz Baby Monitor
Much like 2.4GHz digital phone patterns.
2.4GHz Digital Video
Using an 802.11 video camera, showing it doesnt’ cause any recognizable signature other than normal 802.11 traffic.
What do you use to test your Spectrum Analyzer to learn signatures?
