Kismet – An 802.11 wireless network detector, sniffer, and intrusion detection system

August 26, 2009 · Monitoring, Networking ·

Sponsored Link
Kismet is a 802.11b wireless network sniffer. It is capable of sniffing using almost any supported wireless card using the Airo, HostAP, Wlan-NG, and Orinoco (with a kernel patch) drivers.
Can make use of sox and festival to play audio alarms for network events and speak out network summary on discovery. Optionally works with gpsd to map scanning.

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

Install Kismet in Jaunty

sudo apt-get install kismet

Configuring Kismet

First you need to configure kismet.conf file from your terminal use the following command to open

sudo gedit /etc/kismet/kismet.conf

Change the following options

Uncomment the line #suiduser=your_user_here and add your username that you use to login to Ubuntu.

suiduser=ruchi

Next you want to change is the “source=none,none,addme” line. This is where you will add your supported wireless card information.

Some Examples

If you are running Alfa wifi change

source=none,none,addme

to

source=rt8180,mon0,alfa

If you are running Atheros AR5001X+ card change

source=none,none,addme

to

source=madwifi_ag,wifi0,madwifi

If you are running Intel 2100 driver

source=none,none,addme

to

source=ipw2200,eth1,wifi

Useful Notes

If you don’t know your relevant network driver, view the Kismet Readme and scroll down to the section “12. Capture Sources”.

If you don’t know your interface name, use iwconfig to find your wireless interface.

Save and Exit the file

Before starting kismet, you need to put your wireless adapter into monitor mode.

Some Examples

Run alfa wifi card in monitor mode

sudo airmon-ng check kill alfa & sudo airmon-ng start alfa

Run Atheros AR5001X+ card in monitor mode

sudo wlanconfig ath0 destroy

sudo wlanconfig ath0 create wlandev wifi0 wlanmode monitor

Finally start Kismet from the terminal using the following command

sudo kismet

For more information on Kismat check official documentation from here

Sponsored Link

2 Comments to “Kismet – An 802.11 wireless network detector, sniffer, and intrusion detection system”

  1. Nathan Jeffrey Allen says:
    September 18, 2009 at 12:35 am

    how do i configure kismet with a 3com office connect wireless 54mbps 11g compact usb adapter 3crusb10075 USB ID is 0Ace:1215 driver used is zd1211rw

  2. imamsibli says:
    February 28, 2011 at 6:55 am

    i try sudo airmon & sudo kismet..like this:

    imim@imim2011:~$ sudo airmon-ng start alfa

    Found 4 processes that could cause trouble.
    If airodump-ng, aireplay-ng or airtun-ng stops working after
    a short period of time, you may want to kill (some of) them!

    PID Name
    2016 wpa_supplicant
    2544 avahi-daemon
    2551 avahi-daemon
    2586 NetworkManager

    Interface Chipset Driver

    wlan0 Unknown rtl819xSE

    imim@imim2011:~$ sudo kismet
    Launching kismet_server: //usr/bin/kismet_server
    Suid priv-dropping disabled. This may not be secure.
    No specific sources given to be enabled, all will be enabled.
    Non-RFMon VAPs will be destroyed on multi-vap interfaces (ie, madwifi-ng)
    Enabling channel hopping.
    Enabling channel splitting.
    FATAL: Unknown capture source type ‘rtl8191’ in source ‘rtl8191,wlan0,alfa’
    Done.

    how solved this problem ???? please help me. thanks.

Leave a Reply

  • Recent comments