PDA

View Full Version : [ubuntu] Kismet



andru183
February 10th, 2010, 11:30 PM
Can some one please help me set up kismet? When I try to run kismet I get: kismet will not function if no packet sources are defined in kismet.config but I don't know what info to give it to set it up, I'm using a sitecom w171 wireless card if that info is needed

chili555
February 10th, 2010, 11:46 PM
You will need to edit /etc/kismet/kismet.conf. Please see:
less /usr/share/doc/kismet/README.gzEspecially, sections 9 and 12.

Here is the relevant section of my kismet.conf:
--- snip ---
# CAPTURE SOURCES section.
# The initial channel is optional, if hopping is not enabled it can be used
# to set the channel the interface listens on.
# YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
source=ipw3945,wlan0,Intel
--- snip ---You can find the information in:
sudo lshw -C network
*-network
description: Wireless interface
product: PRO/Wireless 3945ABG [Golan] Network Connection
vendor: Intel Corporation
physical id: 0
bus info: pci@0000:03:00.0
logical name: wlan0
version: 02
serial: 99:19:d2:92:1b:99
width: 32 bits
clock: 33MHz
capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless
configuration: broadcast=yes driver=iwl3945
--- snip ---You must change these settings to match your wireless card and driver. Not all cards are supported. Have fun and post back if you get stuck.

andru183
February 11th, 2010, 12:12 AM
Man thanx so much for for helping me and that realy did but I don't think my wireless card will work with it so it's give up time, thanx tho

chili555
February 11th, 2010, 03:05 AM
Which card is it? What driver does it use?

andru183
February 11th, 2010, 01:34 PM
It's a sitecom w171 and I don't know what driver it uses to be honest....

andru183
February 11th, 2010, 02:00 PM
Oh rite you told me how to get it, I'm using internets on my phone so it's kinda hard to read some things
product: rt2561/rt61 802.11 pci
vendor Ralink
driver:rt61pci

the vendor is in the list but not the driver, I'll add this info and see if it works but I wouldn't be too sure

chili555
February 11th, 2010, 02:10 PM
You should certainly try; you never know until you try. I found this, but, in Linux years, it's a bit old: http://www.kismetwireless.net/Forum/Equipment/Messages/1201483210.8162

It says:
Your card is not supported. It contains the RT2561/RT61 PCI chipset. It might work with the RT2500 capturesourceYou might try the capture source rt2500.

andru183
February 11th, 2010, 02:47 PM
Nope the 2400 or the 2500 didn't work, a new wireless card maybe?

chili555
February 11th, 2010, 02:49 PM
If you want Kismet, yes, indeed. Please look over the README to be sure the one you buy is fully supported.

andru183
February 11th, 2010, 03:01 PM
Will do! Thanks for everything!

mark bower
April 9th, 2010, 09:21 PM
1) hardware is Netgear PCI WPN311 with ath5k driver (AR5001X+) and Linksys WRT54g router.

2) i have not modified kismet.conf capture sources. section 12, "Capture Sources" calls for "source = sourcetype, interface, name". clearly, "source type" for my setup is "ath5k", and my "interface" is wlan3. but what do i enter for "name"?

3) kismet (2008-05 R1) launched from command line begins to work, save for the packet source msg. so it looks like i am close to getting it to work.

mark

chili555
April 9th, 2010, 09:34 PM
what do i enter for "name"?I am not sure it actually matters; you might try Atheros. After you make that change and start as sudo, are there any errors or warnings?

mark bower
April 9th, 2010, 10:11 PM
@chilli555 - figured you would rtn as you keep a close eye on this site and lots of help to many.

on the unconfigured line in kismet.conf, it says "source=none, none, addme". so i decided from your previous post and some other reading to take a shot that "addme" could be any text - and it appears to be true. i entered "wlan3source" for addme (based on your model), and all works great. i have already achieved my goal of seeing a neighbors hidden SSID, more importantly the channel used, so that I could adjust my router ch as far away from surrounding chs, broadcast and hidden.

but two questions if i may: 1)when i exited out of kismet, i tried to estab reconnection via network manager, all looked o.k., but could not access the web. iwlist scan showed access points. so i rebooted to reset. how might reset be reestablished without rebooting? and 2) the list of APs at the top had my neighbors ch listed as "<no ssid>", but never posted the ch detected. instead i spotted the ch in the slow, incremental scrolling of data in the STATUS window at the bottome of the screen. is there a way once the hidden ssid, and its channel, is discovered, to see this info as static data in kismet versus a temporary observance at the bottom of the screen.

mark

chili555
April 9th, 2010, 10:41 PM
how might reset be reestablished without rebooting?Some wireless cards have difficulty emerging from Monitor mode. I do:
sudo ifconfig wlan0 down
sudo iwconfig wlan0 mode managed
sudo ifconfig wlan0 upThen Network Manager takes over and I can connect.
is there a way once the hidden ssid, and its channel, is discovered, to see this info as static data in kismet versus a temporary observance at the bottom of the screen.I am not sure; I never actually encountered a hidden network in the wild. You might sort by pressing 's' and highlight the network you are watching and press Enter. That will show the network's details statically and may give you the information you are seeking.

alexelprogramador
April 9th, 2010, 10:48 PM
Can some one please help me set up kismet? When I try to run kismet I get: kismet will not function if no packet sources are defined in kismet.config but I don't know what info to give it to set it up, I'm using a sitecom w171 wireless card if that info is needed
hello

the most important thing to use any of the auditory tools is the chipset who has the card.



sitecom w171

I dont know exactly what chipset it has, and It depends of to be on mode monitor and the efficiency of auditory tools

this sitecom device is not so famous.

The best solition is to buy a card with some atheros chipset, theare not too much expensive and you'll have lot of possibilities whith auditory toos.

mark bower
April 9th, 2010, 11:18 PM
o.k.

method which avoided need for reboot after exiting kismet. i used Ctrl-C which took me back to the terminal that i started from. then i went to the wireless icon, rtclicked and unchecked "enable", then checked "enable". web access was available.

apparently the reason the static display of the hidden SSID did not show, is that after the initial opening display and pop-up msg, one must close out the pop-up window (with the space bar). then the list of SSIDs updates. neat, but i guess i should have tried closing out the pop-up.

in summary, i purchased the Netgear WPN311 PCI card for its linux native capability (driver in kernel), simpler to rebuild a hard drive when redoing. i wanted kismet to determine surrounding channels, and i can.

and i have ordered 2 more WPN311s for my other 2 linux boxes. no big deal, at about $14 each plus shipping, that comes to less than "6 hamburgers" equivalent expense. now maybe to read just a little more on kismet features.

mark