Kismet is one of the ultra modern wireless sniffers. It can and should be used in together with others such as aircrack-ng, airodump, airdecap, airreplay and others. I view these applications as complementary rather than competing. Windows users have netstumbler which in my view may not exactly match up with the above tools especially if they are all used together. Kismet works on any NIC (at least I think) that supports raw monitoring (rfmon). It should not have any problems with IEEE 802.11a, b, g ,n traffic.
sudo apt-get install kismet
sudo aptitude install kismet
Then comes the configuration which may be simple for others and a hair pulling experience for others. Mine was a mixture of both; After installing kismet, You will have to make configurations to the kismet.conf file which if you installed using the sudo apt-get install kismet method, should be somehere here; /etc/kismet/kismet.conf.
cp -v /etc/kismet/kismet.conf /etc/kismet/kismet.conf.backup OR
cp -v /etc/kismet/kismet.conf /etc/kismet/kismet.conf~
That's incase you screw things up in that file.
Then there are primarily two things that you have to change; i.e.
#suiduser=your_user_here
Uncomment that line and enter your username where the "your_user_here" section is. If you are unsure of your username (yea, it happens), on shell type shell$ whoami and the shell will tell you who you are!
The second section mainly deals with how to configure the source/ interface that kismet will use for monitoring the wireless signals.
Next search for this section
# YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
source=none,none,addme
The first none is the driver that is used by your wireless card hardware. If you are not sure, you can use this command to determine it, sudo lshw -C network. This is an example output of the above command;
*-network
description: Wireless interface
product: AR9285 Wireless Network Adapter (PCI-Express)
vendor: Atheros Communications Inc.
physical id: 0
bus info: pci@0000:03:00.0
logical name: wlan0
version: 01
serial: 1c:4b:d6:55:da:5f
width: 64 bits
clock: 33MHz
capabilities: pm msi pciexpress bus_master cap_list logical wireless
configuration: broadcast=yes driver=ath9k latency=0 multicast=yes promiscuous=yes wireless=IEEE 802.11bgn
resources: irq:17 memory:feaf0000-feafffff
The important section in this verbose output is the driver section (in bold) i.e driver=ath9k
The output above is from an Atheros AR9285 Wireless NIC. It clearly displays the driver as ath9k. However this is interesting because kismet does not like that particular driver. It prefers ath5k. ath9k uses the same capture code as ath5k (I think, just wondering why it shouldn't be used).
Anyhow, if your driver is ath9k, it won't work with kismet (as of now 2010-10-07) unless you pull something incredible off. You should instead use ath5k (that is only if your driver is ath9k) but any other driver as reported by lshw -C network command should work without any hiccups.
Then the second none in source=none,none,addme is the name that your OS uses for the wireless card.
Trying iwconfig should return your wireless card's nickname eg. wlan0
I installed kismet from ubuntu software repository. Using this method of installation makes kismet love user "root". It will hate anyone else who is not root.
So to fire up kismet, type, sudo kismet and you are "good to go-go" (Spyro Gyra) It will start reporting which wireless networks are available.
Remember, you can get the help menu by typing 'h'. However you can get to the help menu only if you first get rid of the welcome message. If kismet displays a welcome message, you can get rid of that message by pressing the space bar (Just once can do).
ONE IMPORTANT NOTE IS THAT YOU WIRELESS CARD WILL IMMEDIATELY ENTER MONITORING MODE AND WILL DISSOCIATE FROM ANY APs IT HAD EARLIER ASSOCIATED WITH.
So you cannot connect to a wireless network when your card is in monitoring mode.
One small nuance is that after you quit kismet (using the Capital Q), kismet's dumb enough to leave your wireless NIC in monitoring mode (not the clean managed mode it was in before you fired kismet up).
However, don't despair. Restarting your machine is one option. But another quick option is using doing this;
sudo iwconfig wlan0 mode managed
sudo ifconfig wlan0 up
That should sort things out.
If you are interested in listening from the horse's mouth, just go direct to the source
Have a nice day!!!!!
