0

I bought a Alfa AWUS036NH (Ralink RT3070) for pentesting my home WAN, and I have been very happy when I found out the device is capable of ashtonishing performance, have an absurd amount of range and I could monitor all the wireless network in my block with it.

I had spent only 24€ on it, so I decided to give a try to the less cheap model, the Alfa AWUS1900 (Realtek RTL8814AU), which is described on the site as their best performing model. It also has 4 antennas instead of 1 in the 036NH.

The first minor difference i noticed, was the AWUS1900 was not as simple to install, not being p&p but requiring to install this driver from this Github rep: https://github.com/BBQ4ever/rtl8814au

When installed, I ran into some problem!

I made some tests, leaving my pc in the exactly same place, and running 

airodump-ng -w chispet.csv wlan1mon

for exactely 180 seconds.

Here the results:

Laptop integrated Ralink RT3290 (0€): 12 BSSIDs found

Alfa Network AWUS036NH (Realtek RT3070)(24€): 89 BSSIDs found

Alfa Network AWUS1900 (Realtek RTL8814AU)(53€, 5ghz capabilities): 29 BSSIDs found

At this point I'm confused. How comes the "4-antennas-more-power-better-chipset" AWUS1900 finds so little wifi networks in the same place? Maybe some config file is corrupted? How can I see where is the trouble, if there is one?

Jeff Schaller
  • 67,283
  • 35
  • 116
  • 255
Kodeeo
  • 231
  • Probably only Realtek knows what algorithms and thresholds it has implemented to determine of received BSSID quality is good enough to show them. It may well be that of 89 BSSIDs the RT3070 has found only a fraction is usable, so the RTL8814AU may not show them in the first place. Also, the RTL88xx drivers have a reputation for being crappy. The chipsets/firmware are likely not open enough to allow any real troubleshooting (but I didn't look myself). – dirkt Jun 08 '19 at 08:07

1 Answers1

3

As for the chipset capablities we have, respectively:

  1. Ralink RT3290 802.11 bgn;
  2. Ralink RT3070 802.11 abgn;
  3. RTL8814AU 802.11ac if the driver support it.

Note: the 2nd WiFi chipset is a Ralink not Realtek. Also, both the RT3070 and the RTL8814AU support the 5 GHz band, albeit the later supports more recent WiFi technology and more channels.

Supposing you are using the chipsets all in the same location, the explanation of the RTL8814AU seeing less networks could be either because of:

  • range;
  • you do not wait long enough
  • Or as I put in italics, and have just also noticed @dirkt comment, the chipset has reputation for having subpar drivers in linux.

AFAIR the RTL8814AU when listening for channels in monitor mode has to be cycled by software into each channel, while the RT3070 Ralink does not have that limitation.

The problem is not troubleshooting per se, but understanding the limitation of the hardware and tools being used.

see related Wi-Fi problems using ASUS USB-N13 adapter (realtek)

Rui F Ribeiro
  • 56,709
  • 26
  • 150
  • 232
  • But as you can see the latter model (AWUS 1900) have more and longer antennas, and the producer is the same. I can't explain why it sees less stuff, it should receive far more with 4 times the antennas! I think it could be a driver problem – Kodeeo Jun 09 '19 at 21:13
  • Maybe it is not entirely clear in the answer, that the 1900 when in monitor mode, has to be put in a particular channel and only see transmissions on that channel. The 3070 sees all channels at the same time. Hence the scanning software "cycling". Through the available channels. No driver will correct that, the monitor mode is implemented like that. I would prefer the 3070 any day. – Rui F Ribeiro Jun 10 '19 at 09:10