Re: How to find out client physical location?

Jammu <Jammu.32re6c@no-mx.wirelessforums.org> wrote in
news:Jammu.32re6c@no-mx.wirelessforums.org:

> We have a public wlan for visitors in our company. Now our admin guy
> says someone is downloading clearly illegal stuff and it seems this has
> been going on for some time now. He says he can easily block out this
> guy, but I would like to call cops (guess what he is up/downloading?).

What is he/she d/l'g ? And why do you want to call the cops ? Do you and
your companies' IT department want to take the time and effort to do what
would be required to (possibly) ID the location, and then take part in a
court case as well ?

> The problem is, where is this guy? We are located in a office building
> and we can see see networks from other companies and from another
> building on the other side of the street. (Our admin says there is very
> little he can do without mapping the whole area first, including the
> other building)

There's not too much you can do to pinpoint his location w/o using some
kind of triangulation method with (very) directional antenna's. The
problem is, in an indoor environment, even triangulation may not work
properly, due to RF reflections. If it's an easy straight path, then
ballparking the location (which is all you would be able to do anyway)
_may_ be possible.

But now maybe the strongest signal to this client is working off of a
reflection. This could totally kill any triangulation efforts, since when
sniffing from one location, which may or may not be a straight path, and
then sniffing from the second location, which may or may not be a
straight path, could result in coming up with 2 RF path's that never
intersect.

I'd just shut 'em down and move on, which begs the question, why didn't
IT shut it down immediately when it was first noticed ? That would have
been the smart thing to do. What would have happened was either 1) the
person would have went away or 2)someone inside your company may have
come to IT claiming that their wireless connection may have stopped
working, IT could have very easily identified this as the offender and
taken whatever steps according to it's computer use policy.