Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.

Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

Common applications Kismet is useful for:

• Wardriving: Mobile detection of wireless networks, logging and mapping of network location, WEP, etc
• Site survey: Monitoring and graphing signal strength and location
• Distributed IDS: Multiple Remote Drone sniffers distributed throughout an installation monitored by a single server, possibly combined with a layer3 IDS like Snort
• Rogue AP Detection: Stationary or mobile sniffers to enforce site policy against rogue access points

Kismet

License GNU GPL Developer Mike Kershaw Website www.kismetwireless.net Requirements Libpcap GPSD Imagemagick Expat GMP Optional: DBUS Support: Kismet Documentation, Blog, Forums Selected Reviews:

Features include:

• Ethereal/Tcpdump compatible data logging
• Airsnort compatible weak-iv packet logging
• Network IP range detection
• Built-in channel hopping and multicard split channel hopping
• Hidden network SSID decloaking
• Graphical mapping of networks
• Client/Server architecture allows multiple clients to view a single Kismet server simultaneously
• Manufacturer and model identification of access points and clients
• Detection of known default access point configurations
• Runtime decoding of WEP packets for known networks
• Named pipe output for integration with other tools, such as a layer3 IDS like Snort
• Multiplexing of multiple simultaneous capture sources on a single Kismet instance
• Distributed remote drone sniffing
• XML output
• Over 20 supported card types
  

Last Updated Sunday, March 04 2012 @ 12:34 PM EST