I'm trying to troubleshoot some issues with my ZStick since moving to Linux (although they now seem to be happening in Windows too). I read a few posts about malfunctioning devices flooding the network. Is there any way to sniff ZWave packets (i.e. Wireshark type tool)?
Announcement
Collapse
No announcement yet.
Sniff ZWave?
Collapse
X
-
I've ordered one of these: http://www.invictuswireless.com/ubiq...p/airview9.htm. It won't be able to decode the z-wave packets AFAIK, but should be able to pinpoint "rogue" transmitters. It should arrive in a few days and will let you know how it works out.
Cheers
AlHS 4.2.8.0: 2134 Devices 1252 Events
Z-Wave 3.0.10.0: 133 Nodes on one Z-Net
-
Here is the cheaper way to have a cheap spectrum analyzer...
Buy this:
http://www.dx.com/p/rtl2832u-r820t-m...41#.VKL3D_8TMA
Alternatively, you can find the same kind of dongle on Amazon for a few dollars more if you don't want to wait for an overseas shipment.
Go here and download SDR#.
http://www.sdrsharp.com/#download
Unzip the files and run the install.bat file, which will download the rest of the components.
In the resulting sdrsharp folder, run zadig.exe and replace the windows drivers for your dongle you bought with the 3rd party ones.
Run Sdrsharp and have fun...
You may need to watch a short Youtube video or read a short how-to page about using Sdrsharp, but it's pretty easy once you get going.
The beauty of this solution is that it is not only cheap, but the receiver will cover the frequency of any home automation transmitters that I can think of, meaning you can use it to diagnose issues with many different things.
Comment
-
Thanks - I was thinking of buying an SDR to tune in ADS-B anyway!
Just to confirm - the site posted seems to show that it stops just shy of 900Mhz, which I believe to be the Z-Wave frequency in the US. Is that accurate, or just a typo?
Also - is there no way to just write the raw output from my Aeon ZStick to the console and analyze that?
Comment
-
I have no idea about the device Sparkman posted about, but the R820T dongle I posted about will cover around 25 to 1750 MHz. I have watched my zwave network with it before. The only thing to keep in mind is that the oscillator in these R820T dongles is not very stable...I think they can drift around 100ppm. This just means that when you turn it on to use it, you need to tune it to a known transmission on a known frequency, and adjust the calibration to zero in the signal. As long as the temperature you use the dongle at is about the same, you can then always start with that figure, and then bump it up or down a few notches as needed. Hey, it's just over 10 bucks though, so you can't really complain.
Comment
-
Originally posted by Automated View PostHere is the cheaper way to have a cheap spectrum analyzer...
Buy this:
http://www.dx.com/p/rtl2832u-r820t-m...41#.VKL3D_8TMA
Cheers
AlHS 4.2.8.0: 2134 Devices 1252 Events
Z-Wave 3.0.10.0: 133 Nodes on one Z-Net
Comment
-
Originally posted by bigbrorpi View PostAlso - is there no way to just write the raw output from my Aeon ZStick to the console and analyze that?
I've seen Rich mention a z-wave analyzer: http://bugzilla.homeseer.com/bugzill...ug.cgi?id=1676 and it looks like the developer's kit has the ability: http://media.digikey.com/PDF/Data%20...Kit%20v4.x.pdf with a tool called Zniffer. Only around $3k for the developer's kit
Cheers
AlHS 4.2.8.0: 2134 Devices 1252 Events
Z-Wave 3.0.10.0: 133 Nodes on one Z-Net
Comment
-
I am interested in getting some z-wave sniffing capabilities going in my home. Of the two options presented below has anyone gotten one of these up and running? I have an errant module in my network - it is randomly transmitting an ALL ON command. I can pinpoint the timing of the errant command in the log so I am hoping that one of these sniffer options might allow me to find the source of the issue?
Comment
-
Originally posted by simonmason View PostI am interested in getting some z-wave sniffing capabilities going in my home. Of the two options presented below has anyone gotten one of these up and running? I have an errant module in my network - it is randomly transmitting an ALL ON command. I can pinpoint the timing of the errant command in the log so I am hoping that one of these sniffer options might allow me to find the source of the issue?
You can "see" the rf transmissions with both those options, but it doesn't capture nor decode the z-wave packets. I think the only way to do that is with the one from the dev kit. The Ubiquiti one does not cover EU z-wave frequency, but the SDR one covers a much larger spectrum. I have both of them running.
Cheers
AlHS 4.2.8.0: 2134 Devices 1252 Events
Z-Wave 3.0.10.0: 133 Nodes on one Z-Net
Comment
-
This may be an option for you:
https://code.google.com/p/z-force/
http://research.sensepost.com/cms/re...0Z-Wave_WP.pdf
or
https://www.blackhat.com/docs/us-14/...mmunity-WP.pdf
Cheers
AlHS 4.2.8.0: 2134 Devices 1252 Events
Z-Wave 3.0.10.0: 133 Nodes on one Z-Net
Comment
-
The z-force one would be useful, but looks like the code is not actually loaded on the Google code site. It uses this for hardware: http://www.ti.com/tool/cc1110dk-mini-868. With the SDR one, in theory it would be possible to capture and decode the packets, but no software for that exists as far as I know. Yes, I agree there would be a market for this.
Cheers
AlHS 4.2.8.0: 2134 Devices 1252 Events
Z-Wave 3.0.10.0: 133 Nodes on one Z-Net
Comment
-
I have noticed that in addition to the errant ALL ON commands I am experiencing flooding situations every now and then. Would these sniffing apps allow me to localize this? I am trying to figure out what it is exactly I would learn from employing these devices at present.
I am also going to reach out to the authors of this paper to see what happened to the software.
Comment
-
Anyone have any experience with the Leviton software:
http://www.leviton.com/OA_HTML/Secti...minisite=10251
I downloaded it and looked around the menus and it looks like it might help - although I have to order their USB stick to get it working:
http://www.leviton.com/OA_HTML/Produ...§ion=44144
Naturally there isn't much in the way of documentation and their forum is dead.
Comment
-
Originally posted by simonmason View PostI have noticed that in addition to the errant ALL ON commands I am experiencing flooding situations every now and then. Would these sniffing apps allow me to localize this?
Cheers
AlHS 4.2.8.0: 2134 Devices 1252 Events
Z-Wave 3.0.10.0: 133 Nodes on one Z-Net
Comment
Comment