Kismet on Ubuntu 12.10

[infinitedaemon]

Hi Everyone,

I'm having issues with the configuration of Kismet on my ubuntu 12.10 laptop. I installed the application and then followed the instructions on this page to configure it for use. http://www.alonon.net/kismet-configuration-on-ubuntu/

When I ran "lshw -C network" i found the below information for my network card however when I used the driver information I got the below response

Is there anything special I'm supposed to be doing with this particular car?

*-network

description: Wireless interface

physical id: 1

bus info: usb@3:3

logical name: wlan4

serial: <removed>

capabilities: ethernet physical wireless logical

configuration: broadcast=yes driver=ath9k_htc driverversion=3.5.0-25-generic firmware=1.3 link=yes multicast=yes wireless=IEEE 802.11bgn

sudo kismet
Launching kismet_server: //usr/bin/kismet_server
Suid priv-dropping disabled. This may not be secure.
No specific sources given to be enabled, all will be enabled.
Non-RFMon VAPs will be destroyed on multi-vap interfaces (ie, madwifi-ng)
Enabling channel hopping.
Enabling channel splitting.
FATAL: Unknown capture source type 'ath9k_htc' in source 'ath9k_htc,wlan4,area51'
Done.

[barry99705]

That's for the old kismet. I don't usually configure the capture sources in my config. When you fire up kismet newcore it will tell you there are no capture sources configured, then asks if you want to configure one. Hit yes, then just tell it which adapter to use, wlan0, wlan1, whatever. If you do want to preconfigure a source do it like this;

# See the README for full information on the new source format
# ncsource=interface:options
# for example:
ncsource=wlan0
# ncsource=wifi0:type=madwifi
# ncsource=wlan0:name=intel,hop=false,channel=11

Usually kismet is pretty good at figuring out what drivers to use.

[infinitedaemon]

I removed my modifications from the config file and ran it again. I never actually get to the screen where it tells me that i don't have a device configured. It looked like below (Which is a different error than before).

Launching kismet_server: //usr/bin/kismet_server
Suid priv-dropping disabled.  This may not be secure.
No specific sources given to be enabled, all will be enabled.
Non-RFMon VAPs will be destroyed on multi-vap interfaces (ie, madwifi-ng)
Enabling channel hopping.
Enabling channel splitting.
NOTICE: Disabling channel hopping, no enabled sources are able to change channel.
Source 0 (Alpha): Enabling monitor mode for rt8180 source interface wlan4 channel 6...
Source 0 (Alpha): Opening rt8180 source interface wlan4...
Will attempt to put networkmanager to sleep...
Allowing clients to fetch WEP keys.
WARNING:  Disabling GPS logging.
Logging networks to /var/log/kismet/Kismet-Mar-03-2013-1.network
Logging networks in CSV format to /var/log/kismet/Kismet-Mar-03-2013-1.csv
Logging networks in XML format to /var/log/kismet/Kismet-Mar-03-2013-1.xml
Logging cryptographically weak packets to /var/log/kismet/Kismet-Mar-03-2013-1.weak
Logging cisco product information to /var/log/kismet/Kismet-Mar-03-2013-1.cisco
Logging data to /var/log/kismet/Kismet-Mar-03-2013-1.dump
Writing data files to disk every 300 seconds.
Mangling encrypted and fuzzy data packets.
Tracking probe responses and associating probe networks.
Reading AP manufacturer data and defaults from //etc/kismet/ap_manuf
Reading client manufacturer data and defaults from //etc/kismet/client_manuf
Using network-classifier based data encryption detection
Not tracking duplicate IVs
Putting networkmanager to sleep...
FATAL: Dump file error: Unable to open dump file /var/log/kismet/Kismet-Mar-03-2013-1.dump (No such file or directory)
WARNING: Sometimes cards don't always come out of monitor mode
         cleanly.  If your card is not fully working, you may need to
         restart or reconfigure it for normal operation.
Trying to wake networkmanager back up...
Kismet exiting.
Done.

I looked at their site and it appears their last release came out 2011-04-04. I did an apt-cache show and found the below info.

sudo apt-cache show kismet
Package: kismet
Priority: optional
Section: universe/net
Installed-Size: 2127
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Francois Gurin <matrix@debian.org>
Architecture: amd64
Version: 2008-05-R1-4.3build2
Depends: libc6 (>= 2.15), libexpat1 (>= 2.0.1), libgcc1 (>= 1:4.1.1), libgmp10, libmagickcore5 (>= 8:6.7.7.10), libncurses5 (>= 5.5-5~), libpcap0.8 (>= 0.9.8), libstdc++6 (>= 4.6), libtinfo5, zlib1g (>= 1:1.1.4), wireless-tools, wireshark-common
Suggests: wget, sox, festival, gpsd, gsfonts, libwww-perl
Filename: pool/universe/k/kismet/kismet_2008-05-R1-4.3build2_amd64.deb
Size: 904160
MD5sum: 71f3e5777e799ab3690a1eba7ec0598c
SHA1: 3f2f934c6a80fe3948afade5fe6c741636db9ee0
SHA256: 375e93f8c0dd3018bb5fa72eb67134189f0d978ac8daafe5a1e0d43785d0dfcf
Description-en: Wireless 802.11b monitoring tool
 Kismet is a 802.11b wireless network sniffer.  It is capable of sniffing
 using almost any supported wireless card using the Airo, HostAP, Wlan-NG,
 and Orinoco (with a kernel patch) drivers.
 .
 Can make use of sox and festival to play audio alarms for network events
 and speak out network summary on discovery.  Optionally works with gpsd
 to map scanning.
Description-md5: 1e09133cb5d10ea748f92040a3fbf53b
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Origin: Ubuntu

Also when looking in the config file the example was setup exactly like the page i showed earlier. (see below for my config file)

# Sources are defined as:
# source=sourcetype,interface,name[,initialchannel]
# Source types and required drivers are listed in the README under the
# CAPTURE SOURCES section.
# The initial channel is optional, if hopping is not enabled it can be used
# to set the channel the interface listens on.
# YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
source=rt8180,wlan4,Alpha

[infinitedaemon]

After doing a little more research I found that ubuntu stopped updating their repositories for Kismet. I'm updating with the official kismet repository and everything should be working.

Edited March 4, 2013 by infinitedaemon