Posted by:dragorn
Subject:Proximity Detection Expectations
Date:21:01:43 11/05/2017

> I'm working on a Raspberry Pi with a Pi-Fi adapter with Kismet to detect the presence of our phones (or not).
> I've filtered just our two MAC addresses in the kismet.conf file, and it sorta works.
> The problem is that it can take anywhere from 30 to 600 seconds to detect either phone. I'd like to get this reliably under 60 seconds. I turn off Dwell as well, but that didn't seem to help.
> As the plan is to use it to enable/disable a motion detector when we are away/home, respectively.
> I've been banging my head against this for a couple of days now and not finding any joy.
> Are my expectations unrealistic? Or can someone point me in the right direction for getting the detection resolution I'm after?
> Thanks.

I suspect your expectations are unrealistic - mobile devices in particular are going to be fairly conservative about the traffic they send; I would expect it to be nearly entirely silent except when it is actually busy doing something - and even then, modern iOS and Android both severely limit the amount of background work apps can do when the phone screen is off.

The best way to test that you're at least seeing traffic would be to stream youtube or something to the phone - force it into known activity.

You've got a few things working against you: You're trying to sniff something which is deliberately not sending very many packets, and you're hopping channels, making it even less likely that you'll be on the channel you need to be on.

You could try to increase your chances by simply locking to a single channel: Devices which are looking for a network will send a probe on each channel, so you ought to see the phone when it searches for networks to join; unfortunately for you, this will only happen when the phone is actually looking to join a network: Most phones will only do this when the screen gets turned on, so you may need to mess around with joining/leaving networks and turning the phone screen on and off to get it to send probes for networks - assuming it doesn't just do passive network detection from beacons, w/out ever sending a probe!

Hopefully that steers you towards the right path, but it's likely going to be a fairly sporadic timeframe for seeing the first packets from a phone.

