Kismet Another common product for conducting wardriving attacks is Kismet (www.
kismetwireless.net), written by Mike Kershaw. This product is free and runs on Linux, BSD
UNIX , Mac OS X, and even Linux PDAs. The software is advertised as being more than
just a wireless network detector. Kismet is also a sniffer and an intrusion detection system
(IDS, covered in Chapter 13) and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic.
It offers the following features:
-
Wireshark- and Tcpdump-compatible data logging -
Compatible with AirSnort and AirCrack (covered later in -
“Tools of the Trade”)
Network IP range -
Detection of hidden network SSIDs -
Graphical mapping of networks -
Client/server architecture that allows multiple clients to view a-single Kismet server at
the same time -
Manufacturer and model identification of APs and clients -
Detection of known default AP configurations -
-
-
Unlike NetStumbler and
iwScanner , which rely on an AP to send out a beacon, Kismet is a
passive scanner, so it can detect even hidden network SSIDs. Kismet can be used to conduct
wardriving , but it can also be used to detect rogue APs on a company’s network. If you need
GPS support, the BackTrack DVD includes several tools that work with Kismet, such as the
GPS daemon (GPSD), GISKismet, and Kisgearth, that can come in handy for accurate AP
geopositioning . When Kismet is configured to use GPSD, the output displays coordinates
pinpointing the location of the AP being scanned. This coordinate data can then be fed into
Google Earth to create maps.
Kismet Another common product for conducting wardriving attacks is Kismet (www.
kismetwireless.net), written by Mike Kershaw. This product is free and runs on Linux, BSD
UNIX , Mac OS X, and even Linux PDAs. The software is advertised as being more than
just a wireless network detector. Kismet is also a sniffer and an intrusion detection system
(IDS, covered in Chapter 13) and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic.
It offers the following features:
-
Wireshark- and Tcpdump-compatible data logging -
Compatible with AirSnort and AirCrack (covered laterin -
“Tools of the Trade”)
Network IP range -
Detection of hidden network SSIDs -
Graphical mapping of networks -
Client/server architecture that allows multiple clients to view a-single Kismet server at the same time -
Manufacturer and model identification of APs and clients -
Detection of known default AP configurations -
Detection of hidden network SSIDs
Graphical mapping of networks
Client/server architecture that allows multiple clients to view a-single Kismet server at the same time
Manufacturer and model identification of APs and clients
Detection of known default AP configurations
-
-
Unlike NetStumbler and
iwScanner , which rely on an AP to send out a beacon, Kismet is a passive scanner, so it can detect even hidden network SSIDs. Kismet can be used to conductwardriving , but it can also be used to detect rogue APs on a company’s network. If you need GPS support, the BackTrack DVD includes several tools that work with Kismet, such as the GPS daemon (GPSD), GISKismet, and Kisgearth, that can come in handy for accurate APgeopositioning . When Kismet is configured to use GPSD, the output displays coordinates pinpointing the location of the AP being scanned. This coordinate data can then be fed into Google Earth to create maps.
-
Unlike NetStumbler and
Excellent post. well done!
ReplyDeleteExcellent post. well done!
ReplyDelete