Welcome to the CSIR Meraka Institute's "COIN" Blog

Sunday, August 08, 2004

Good wireless and networking to install off the Mandrake CD's - and some install tips

1. Kismet: An 802.11 network sniffer and network detecter

Common applications Kismet is useful for:

- Wardriving: Mobile detection of wireless networks, logging and mapping
of network location, WEP, etc.
- Site survey: Monitoring and graphing signal strength and location.
- Distributed IDS: Multiple Remote Drone sniffers distributed throughout
an installation monitored by a single server, possibly combined with a
layer3 IDS like Snort.
- Rogue AP Detection: Stationary or mobile sniffers to enforce site policy
against rogue access points.

Setup tips

Make sure you set up the following in /etc/kismet.conf or they may be in /usr/local/etc/kismet.conf

1. Setup the target suiduser: eg. suiduser=djohnson
2. Setup the capture sources using the 'source' directive: eg. source=hostap_prism2,wifi0,david (this works for the SANOA cards)

Change to root
run kismet_monitor to put the wifi card into monitor mode
run kismet

When you are finished using kismet
run kismet_unmonitor to put the wifi card back into it's previous mode

2. Ethereal: A network traffic analyser - this is used to view the network packet dumps produced by Kismet

3. Etherape: A graphical network viewer

No comments: