Configuring Kismet

Now that you have installed Kismet and GPSD, you are ready to modify the Kismet configuration files so that Kismet will work on your system. Unlike many Windows programs (such as NetStumbler) that will work as soon as they are installed, Kismet must be tailored to your specific system.

Modifying the kismet.conf File

Before Kismet will work on your system, you need to customize the kismet.conf file (found in /usr/local/etc/) to your environment. Using your favorite text editor (vi, pico, emacs, and so on) open /usr/local/etc/kismet.conf for editing, as shown in Figure 6.13.

Figure 6.13: Editing the /usr/local/kismet.conf File

Figure 6.14 shows the kismet.conf file open for editing.

Figure 6.14: Preparing to Edit the kismet.conf file

Setting an suiduser

Unless you compiled Kismet with the “suid-root” option, which is an extremely insecure way to use Kismet, you first need to set an suiduser in the kismet.conf file, as shown in Figure 6.15. This is the user that Kismet will run as and should be a normal user account.

Figure 6.15: Setting the suiduser Variable

Enabling Support for Hermes Cards

By default, the kismet.conf file is configured for use with Cisco cards. In order to use Kismet with your ORiNOCO, or other Hermes chipset–based card, you must edit the kismet.conf file to recognize and use your ORiNOCO card. First, comment out the line for the Cisco card by placing a “#” in front of the line. Then, remove the “#” in front of the ORiNOCO line, as shown in Figure 6.16.

Figure 6.16: Editing the kismet.conf File to Use Your ORiNOCO Card

Next, you may need to change the device to be used by Kismet. By default, the ORiNOCO line is set to use eth0 as your capture device. If your system uses eth1, eth2, or a different device, this needs to be edited appropriately. Figure 6.16 shows the proper configuration for an ORiNOCO card configured as eth0.

Enabling Support for Prism 2 Cards

If you are using a Prism 2–based card, you also need to edit the kismet.conf file appropriately. First, comment out the line for the Cisco card by placing a “#” in front of the line. Then, remove the “#” in front of the Prism2 line, as shown in Figure 6.17.

Figure 6.17: Editing the kismet.conf File to Use Your Prism 2 Card

Next, you need to change the device to be used by Kismet. By default, the Prism2 line is set to use wlan0 as your capture device. If your system uses wlan1, wlan2, or a different device, this needs to be edited appropriately. Figure 6.17 shows the proper configuration for a Prism 2–card configured as wlan0.

Setting the Channel-Hopping Intervals

Next, you need to set the channel-hopping interval. This is the number of times that Kismet will force the card to monitor a different channel per second. By default, this value is set to five. To monitor more channels per second you need to increase this value. To monitor fewer channels per second, this value needs to be decreased. Figure 6.18 shows a kismet.conf file that has been configured to change channels, or “hop,” seven times per second.

Figure 6.18: Kismet is Configured to Hop Seven Channels Per Second

If you wanted to monitor only one specific channel, you should set the channelhop value to “false”, as shown in Figure 6.19.

Figure 6.19: Disabling Channel Hopping

Enabling GPS Support

The last setting you need to configure in the kismet.conf file is the GPS support. If you intend to use GPSD, as shown earlier in this chapter, then the default settings in the kismet.conf file are acceptable. As Figure 6.20 shows, by default, Kismet is configured to use a GPS device and listen on port 2947.

Figure 6.20: Kismet Is Configured to Use a GPS

If you don’t intend to use a GPS, then the “gps” value should be changed to false, as shown in Figure 6.21.

Figure 6.21: Kismet Is Configured for Use without a GPS