Kismet basic guide - Network Security

chroniccommand

[Intro]
This tutorial will focus on the (awesome) tool, Kismet. What is Kismet?

said:

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT.

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

Basically it's a detector, sniffer and detection system. It's quite powerful and I prefer it over many programs.

[Installing]
You can't install Kismet through aptitude, because if you do you'll get the older crappier 2008 version. We want to 2010 version. You can download the tar.gz from HERE

Once you download it, cd to the folder where you downloaded kismet. Untar it with the command:

tar zxvf kismet-2010-07-R1&#46;tar&#46;gz

cd kismet-2010-07-RI&#46;tar&#46;gz

Now type

&#46;/configure

You may get some errors. Read the errors and see what they say and see if you can fix it. You may need to install 1 or 2 programs to get it working.
Then type

make dep

Then:

make suidinstall

Optionally, you can make install instead of suidinstall, but regular users won't be able to run it unless you edit some stuff. I find it safer to run make suidinstall.
After that's finished just type:

make install

This will finalize the installation process and put kismet on your box.

[Setting up]
Kismet is quite customizable. The config file is located in:
/usr/local/etc/kismet.conf

We need to edit this file. So type:

sudo nano /usr/local/etc/kismet&#46;conf

Look at the config file and see if there's anything you may want to change. You're probably going to have to change some settings if you get any errors while running kismet.
NOTE:You may need to edit your source. This looks like:


# See the README for full information on the new source format
# ncsource=interface&#58;options
# for example&#58;
# ncsource=wlan0
# ncsource=wifi0&#58;type=madwifi
# ncsource=wlan0&#58;name=intel,hop=false,channel=11

Just see the README for further info.

[Running]
Running kismet is easy. Just type kismet :P
This will bring up the terminal screen for kismet which should be self-explanatory. Just edit settings to your liking. You may need to add sources etc. But other than that you should be good for network sniffing. The bottom box shows debug info you will most likely need. Good luck.

--Chroniccommand
This was a basic guide I wrote in a hurry so its not the best but you should be able to get kismet running. For any help, read the man pages and the documents on the kismet site.

Sh3llc0d3

Nice basic guide to setup etc :)

Quick note to all the non-linux savvy user's, for downloading files you can use the wget command, so using the above example for kismet. In a shell, navigate to the folder you want, then type the below in, then carry on to un-tar.

Replace hxxps with https

wget hxxps://www.kismetwireless.net/code/kis ... -R1.tar.gz

Saves you going to the website to download :)

Bursihido

Great guide bro Thanks.

Sh3llc0d3

-Thread Moved-
Network Security -> Tutorials

Just noticed it's not in the right section, please remember guys that all but 4 of the 'Security' subforums have tutorial sections. Wrong forum posting is warnable.

Howdy, Stranger!

Top Posters

Who's Online (1)