Kismet
is an 802.11 layer2 wireless network detector, sniffer, and
intrusion detection system. Kismet will work with any wireless card which
supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and
802.11g traffic.
Kismet identifies networks by passively collecting packets and detecting
standard named networks, detecting (and given time, decloaking) hidden
networks, and inferring the presence of nonbeaconing networks via data
traffic.
kismet
supports logging to the wtapfile packet format (readable by tcpdump and
ethereal) and saves detected network informat as plaintext, CSV, and XML.
kismet
is capable of using any GPS supported by
gpsd
and logs and plots network data.
kismet
is divided into three basic programs,
kismet_serverkismet_client
and
gpsmap
USAGE
kismet
handles automatically starting kismet_server and kismet_client.
kismet
is not installed as suid-root by default on Debian. It will require superuser privs
to operate
as expected. This is a compile time option at this time and is safer disabled on
multi-user systems.
KISMET_SERVER
kismet_server
captures, dissects, and logs packets and GPS data. It is capable of running in
`headless' mode with no display. Multiple clients (on multiple computers) can
be connected to a single server.
-I
Set the initial channel for a channel source (source:channel)
-x
Forcibly enable the channel hopper
-X
Forcibly disable the channel hopper
-t
Set the title used for the %t field of the logfile template (Default: Kismet)
-n
Disable all logging
-f
Use an alternate config file
-c
Override capture source lines (type,interface,name). Refer to kismet.conf(5) for more information. Multiple capture source options can be specified for multiple sources. All sources provided here are automatically enabled unless an enable list is also supplied.
-C
Comma-separated list to override what capture sources are enabled.
