Kismet Main:
Kismet is an 802.11 layer2 wireless network detector, sniffer,
and intrusion detection system. Kismet will work with any wireless card which
supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and
802.11g traffic.
Project homepage:
www.kismetwireless.net
Installing
Kismet
Starting Kismet
Sorting Options
Kismet Options
Types of Network
To start kismet first
ensure the wireless PCMCIA card configuration in the kismet.conf file
accurately reflects the wireless card you currently have inserted:
e.g. in the below
example we are utilising an 802.11b Atheros wireless card.
#source=orinoco,eth1,orinoco
#source=hostap,wlan0,hostap
#source=madwifi_a,ath0,madwifi
source=madwifi_b,ath0,madwifi (madwifi)
#source=madwifi_b,wifi0,madwifi (madwifi-ng)
#source=madwifi_ag,ath0,madwifi
kismet (to start
kismet):
Now Kismet is up and
running. To interact with any of the displayed wireless networks we first
have to sort them 's', the main sorting options are by:
|
Sort by: |
Key: |
| Channel |
c |
| First time seen |
f |
| Latest time seen |
l |
| SSID |
s |
| Packet count |
p |
| Signal power level |
Q |
| WEP |
w |
The following Kismet
options are available from the main page:
|
Options: |
Key: |
| List Kismet servers |
e |
| Toggle fullscreen zoom on network view |
z |
| Toggle muting of sound and speech |
m |
| Tag (or untag) selected network |
t |
| Group tagged networks |
g |
| Ungroup current group |
u |
| Show clients in current network |
c |
| Lock channel hopping to current channel |
L |
| Return to normal channel hopping |
H |
| Expand/collapse groups |
+/- |
| Force a screen redraw |
^L |
| Help |
h |
| Name current network |
n |
| Detailed info about current network |
i |
| Sort network list |
s |
| Show wireless card power levels |
l |
| Dump printable strings |
d |
| Packet rate graph |
r |
| Statistics |
a |
| Dump packet type |
p |
| Follow network centre |
f |
| Track alerts |
w |
| Close popup window |
x |
| Quit |
Q |
The letter displayed
under the 'T' menu on the main page, equates to:
|
Kismet Displays: |
Network/Client Type: |
| P |
Probe request - no associated connection yet |
| A |
Access point - standard wireless network |
| H |
Ad-hoc - point to point wireless network |
| T |
Turbocell - Turbocell aka Karlnet or Lucent
Router |
| G |
Group - Group of wireless networks |
| D |
Data - Data only network with no control
packets |
The colour the discovered network is
displayed in represents:
|
Colour: |
Network/Client Type: |
| Yellow |
Unencrypted Network |
| Red |
Factory default settings in use! |
| Green |
Secure Networks (WEP, WPA etc..) |
|
Blue |
SSID cloaking on / Broadcast SSID disabled |
The letter displayed
under the 'W' menu on the main page, equate to:
|
Kismet Displays: |
Type of Encryption: |
| N |
No encryption in use |
| Y |
WEP encryption on use |
| O |
Other encryption in use (e.g. LEAP)
|
|
Linux
