Listening to different devices in the wild. Kismet and wireless device monitoring.

What is Kismet?

  • Kismet is opensource software. It’s a tool to work with network protocols.
  • You can read through documentation in here https://kismetwireless.net
  • In more details it’s a Sniffer and WIDS.

Sniffer

  • Sniffs packets and traffic between devices, including devices trying to connect to WiFi access point.
  • Can be used to listen for 2,4 and 5GHz WiFi, Bluetooth, Zigbee, Radio and more.
  • Runs on Linux and macOS

WIDS (Wireless Intrusion Detection System)

  • It can detect not only network but also the devices themselves.
  • Can be used to detect trespassers, rogue sniffers or people that try to follow you. (Kismet creep detector)

How to start?

  • It’s preinstalled on Kali Linux, on Debian and Ubuntu you need to add additional sources from Kismet documentation. Each version has it’s own source.
  • Go to kismetwireless.net > Get started > Installing > Linux > Kismet packages page
  • There you will find a set of commands that will get it done.
    • First will download Kismet gpg key
    • Second will add source to your sources.list.d directory with link to Kismet source
    • Third will update sources
    • and finally install Kismet
  • Steps are the same for each distro, only package changes. It will ask you if you want to install it with suid-root. This will allow you to run Kismet as low privileged user, because running it as root is dangerous as bugs will have admin privileges. 🙂
  • After instalation let’s add our user to kismet group to be able to run it on suid.
    • sudo usermod -a -G kismet yourusername
    • or you can edit /etc/groups directly, add your username to kismet group
  • Now we can run it!
  • On first launch Kismet will ask you to create user.
  • After that’s done we are presented Kismet dashboard. In order to sniff and monitor our chosen communication.
  • First we need to add new data source. We can use our internal antenna but then we will lose our internet connection. Mode of the device will be changed to monitor and thus will not allow us to use it for anything else than sniffing but it’s totally possible to listen for a while and then come back if you don’t have any other adapter.
  • Now we will add second WiFi adapter to be able to browse internet or just communicate – ie. if we want to host Kismet on raspberry pi and access it from different machine.

Alfa Awus1900

  • We need to download and compile driver for our adapter. Let’s search for Alfa Awus1900 drivers. Alfa did really good job documenting everything and it’s really straight forward.
  • Head to Linux support page, jump to OS we are using. In my case I will go with Kali but I will show you Debian and Ubuntu as well.
  • And from here we can simply progress with installation.
    • sudo apt update (if we did it while installing kismet it isn’t necessary)
    • sudo apt install realtek-rtl8814au-dkms
    • And after that we can check if driver installation was successful.
    • find /lib/modules/uname -r/ -name "8814au.ko"
  • If output from the command is empty then we need to reboot our system so driver installation can finish and drivers be loaded to kernel space.
  • After that’s done we can switch back to Kismet and fire up our new device.
  • And with that we have one interface for monitoring and other for deauthing or watching youtube. 🙂

You can get one here.


Links to products are my referral links to my Amazon Associate Program.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.