PackageKismet

Overview of additional packages: AdditionalPackages

Kismet

From the Kismet website: http://www.kismetwireless.net/index.shtml
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

Features

• Ethereal/Tcpdump compatible data logging
• Airsnort compatible weak-iv packet logging
• Network IP range detection
• Built-in channel hopping and multicard split channel hopping
• Hidden network SSID decloaking
• Graphical mapping of networks
• Client/Server architecture allows multiple clients to view a single
• Kismet server simultaneously
• Manufacturer and model identification of access points and clients
• Detection of known default access point configurations
• Runtime decoding of WEP packets for known networks
• Named pipe output for integration with other tools, such as a layer3 IDS like Snort
• Multiplexing of multiple simultaneous capture sources on a single Kismet instance
• Distributed remote drone sniffing
• XML output
• Over 20 supported card types

Download

A pre-compiled package can be downloaded here: http://www.kismetwireless.net/code/kismet-2004-04-R1-wrt54.tar.gz
( more current revision is here: http://www.kismetwireless.net/code/kismet-2005-01-R1a-wrt54.tar.gz )
The code is compiled for use on the Linksys WRT-54g but also works on the Asus WL-500g.

Source

The source code can be downloaded here: http://www.kismetwireless.net/code/

Compiling

Some info on compiling the source should come here...

Installation

• The IP address of Kismet client needs to be enabled.

• Below is a part of the config files which should be changed:
  
  

  # User to setid to (should be your normal user
  suiduser=admin
  
  # Sources are defined as:
  # source=cardtype,interface,name[,initialchannel]
  # Card types and required drivers are listed in the README.
  # The initial channel is optional, if hopping is not enabled it can be used
  # to set the channel the interface listens on.
  source=wrt54g,eth2,wrt54gsource
  
  # Where do we store the pid file of the server?
  piddir=/var/run/
  
  # Where state info, etc, is stored. You shouldnt ever need to change this.
  # This is a directory.
  configdir=/tmp/.kismet/

Related links

Topics on Chupa.nl Forum:

• kismet or airsnort?? http://wl500g.info/showthread.php?t=273
  

Elsewhere:

• Kismet on the Linksys WAP54g http://www2.musatcha.com/musatcha/kismet_on_the_linksys_wap54g.htm
  

Known problems

• none :-)