Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
kismet [2008/08/25 20:43] – angelegt gerald | kismet [2024/02/29 13:36] (aktuell) – Externe Bearbeitung 127.0.0.1 | ||
---|---|---|---|
Zeile 17: | Zeile 17: | ||
wlanconfig ath0 create wlandev wifi0 wlanmode monitor | wlanconfig ath0 create wlandev wifi0 wlanmode monitor | ||
ifconfig ath0 up</ | ifconfig ath0 up</ | ||
+ | |||
+ | airmon-ng geht auch: | ||
+ | |||
+ | < | ||
+ | |||
+ | | ||
+ | |||
+ | For madwifi-ng, first stop ALL interfaces: | ||
+ | |||
+ | | ||
+ | |||
+ | Where X is 0, 1, 2 etc. Do a stop for each interface that iwconfig lists. | ||
+ | |||
+ | Then: | ||
+ | |||
+ | wlanconfig ath create wlandev wifi0 wlanmode sta</ | ||
< | < | ||
+ | |||
+ | ---- | ||
+ | |||
+ | Sources: | ||
+ | |||
+ | < | ||
+ | --------------- ------------------- ----------- ------------------------- | ||
+ | acx100 | ||
+ | http:// | ||
+ | ACX100 drivers handle the 22mbit cards branded by D-Link | ||
+ | and others. | ||
+ | |||
+ | admtek | ||
+ | http:// | ||
+ | http:// | ||
+ | ADMTek drivers used in many consumer 802.11b cards. With | ||
+ | the patches above, quasi-rfmon is possible - these cards | ||
+ | | ||
+ | | ||
+ | while in rfmon, rendering the sniffer visible. | ||
+ | The fully GPL drivers are supported, in addition to the | ||
+ | hacks to the non-free drivers. | ||
+ | |||
+ | airpcap | ||
+ | http:// | ||
+ | The CACE AirPcap USB device allows native capture on | ||
+ | | ||
+ | The explicit airpcap source expects the Win32/ | ||
+ | | ||
+ | is identified via airpcap_ask or if multiple simultaneous | ||
+ | | ||
+ | |||
+ | airpcap_ask | ||
+ | http:// | ||
+ | The CACE AirPcap USB device allows native capture on | ||
+ | | ||
+ | The airpcap_ask source lists available airpcap devices | ||
+ | and allows the user to pick interactively. | ||
+ | The ' | ||
+ | | ||
+ | |||
+ | atmel_usb | ||
+ | http:// | ||
+ | These drivers work ONLY on USB cards (Sorry, no PCMCIA | ||
+ | | ||
+ | by bypassing part of the firmware and parsing packets | ||
+ | | ||
+ | | ||
+ | This card MAY BROADCAST while in rfmon, rendering the | ||
+ | | ||
+ | It appears that this card may be only formatting the | ||
+ | | ||
+ | will not see data frames, rendering most IDS functions, | ||
+ | IP discovery, and data logging unavailable. | ||
+ | |||
+ | ath5k | ||
+ | http:// | ||
+ | Based on the OpenBSD OpenHAL, the Ath5k drivers are the | ||
+ | | ||
+ | Linux kernel. | ||
+ | |||
+ | ath5k_a | ||
+ | http:// | ||
+ | Ath5k source for 11a only | ||
+ | |||
+ | ath5k_ag | ||
+ | http:// | ||
+ | Ath5k source for 11a/11g | ||
+ | |||
+ | bcm43xx | ||
+ | http:// | ||
+ | Linux native broadcom drivers incorporated into modern | ||
+ | | ||
+ | |||
+ | b43 | ||
+ | B43 broadcom drivers for current Broadcom devices in | ||
+ | Linux kernels | ||
+ | |||
+ | b43legacy | ||
+ | B43 broadcom drivers for legacy Broadcom devices in | ||
+ | Linux kernels | ||
+ | |||
+ | cisco | ||
+ | Standard Cisco cards in Linux. | ||
+ | the Linux kernel drivers, not the drivers found in | ||
+ | | ||
+ | The drivers found on the cisco.com site can be patched | ||
+ | with the files from the Kismet download site to add | ||
+ | | ||
+ | are extremely buggy for normal use and work only with | ||
+ | the 2.4 kernel tree. | ||
+ | The cisco drivers currently do not enter rfmon mode | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | cisco_wifix | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | Kernel 2.4.20+ and CVS drivers use ethX for normal mode | ||
+ | and wifiX for monitor mode. Kismet needs to know both | ||
+ | | ||
+ | for example ' | ||
+ | Linux kernel 2.4.20 and 2.4.21 have highly unstable cisco | ||
+ | | ||
+ | The cisco drivers currently do not enter rfmon mode | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | darwin | ||
+ | Supports both Broadcom and Atheros Airport-Extreme cards. | ||
+ | When using a Broadcom based card, it may be necessary to | ||
+ | | ||
+ | | ||
+ | When using an Atheros based card, 802.11a may also be supported | ||
+ | by adding a ' | ||
+ | |||
+ | hostap | ||
+ | http:// | ||
+ | HostAP drivers drive the Prism/2 chipset in access point | ||
+ | mode, but also can drive the cards in client and monitor | ||
+ | | ||
+ | into monitor mode fairly often, but this source should | ||
+ | | ||
+ | |||
+ | ipw2100 | ||
+ | http:// | ||
+ | The Linux IPW2100/ | ||
+ | now support rfmon, so here's support for them. They act | ||
+ | more or less like any other wireless interface would. | ||
+ | |||
+ | ipw2200 | ||
+ | http:// | ||
+ | The Linux IPW2200/ | ||
+ | support rfmon as of 1.0.4 and firmware 2.3. | ||
+ | Signal level reporting requires radiotap be turned on | ||
+ | in the makefile while compiling the driver. | ||
+ | are not reported. | ||
+ | |||
+ | ipw2915 | ||
+ | http:// | ||
+ | The Linux IPW2200/ | ||
+ | support rfmon as of 1.0.4 and firmware 2.3. | ||
+ | This is the same as ipw2200 but defaults to scanning the | ||
+ | 802.11a channel range in addition to 802.11b/g. | ||
+ | Signal level reporting requires radiotap be turned on | ||
+ | in the makefile while compiling the driver. | ||
+ | are not reported. | ||
+ | |||
+ | ipw3945 | ||
+ | http:// | ||
+ | The Linux IPW3945/ | ||
+ | 802.11bga cards. | ||
+ | |||
+ | ipwlivetap | ||
+ | http:// | ||
+ | http:// | ||
+ | The ipw3945 and patched ipw2200 drivers support a | ||
+ | special mode which allows monitor-mode style sniffing | ||
+ | while remaining associated. | ||
+ | possible, as the card is still associated to a | ||
+ | specific AP, but single-channel IDS and sniffing can | ||
+ | be accomplished. | ||
+ | archives for information about patching your drivers. | ||
+ | |||
+ | iwl3945 | ||
+ | Intel' | ||
+ | layer. | ||
+ | |||
+ | iwl4965 | ||
+ | Intel' | ||
+ | layer. | ||
+ | |||
+ | kismet_drone | ||
+ | Capture interface: | ||
+ | The remote drone capture source connects to a Kismet | ||
+ | drone and processes the packets. | ||
+ | Drone section of the README for more details about how | ||
+ | to set up a drone. | ||
+ | |||
+ | madwifi_a | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | Capture interface: | ||
+ | Madwifi drivers in 802.11a-only mode. | ||
+ | When using madwifi-ng, be sure all non-monitor VAPs have | ||
+ | been removed, otherwise madwifi will not properly report | ||
+ | most traffic. | ||
+ | |||
+ | madwifi_b | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | Capture interface: | ||
+ | Madwifi drivers in 802.11b-only mode. | ||
+ | When using madwifi-ng, be sure all non-monitor VAPs have | ||
+ | been removed, otherwise madwifi will not properly report | ||
+ | most traffic. | ||
+ | |||
+ | madwifi_g | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | Capture interface: | ||
+ | Madwifi drivers in 802.11g-only mode. This will, | ||
+ | | ||
+ | When using madwifi-ng, be sure all non-monitor VAPs have | ||
+ | been removed, otherwise madwifi will not properly report | ||
+ | most traffic. | ||
+ | |||
+ | madwifi_ab | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | Capture interface: | ||
+ | Madwifi drivers in 802.11a and 802.11b combo mode. This | ||
+ | will seamlessly switch between bands during channel | ||
+ | | ||
+ | When using madwifi-ng, be sure all non-monitor VAPs have | ||
+ | been removed, otherwise madwifi will not properly report | ||
+ | most traffic. | ||
+ | |||
+ | madwifi_ag | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | Capture interface: | ||
+ | Madwifi drivers in 802.11a and 802.11g combo mode. This | ||
+ | will seamlessly switch between bands during channel | ||
+ | | ||
+ | When using madwifi-ng, be sure all non-monitor VAPs have | ||
+ | been removed, otherwise madwifi will not properly report | ||
+ | most traffic. | ||
+ | |||
+ | madwifing_a | ||
+ | madwifing_ab | ||
+ | madwifing_ag | ||
+ | madwifing_g | ||
+ | madwifing_b | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | *Deprecated*. | ||
+ | the standard madwifi sources. | ||
+ | have been kept to allow old configs to continue | ||
+ | | ||
+ | |||
+ | nokia770 | ||
+ | http:// | ||
+ | Nokia770 capture interface. | ||
+ | validating frame checksums to screen out junk | ||
+ | packets, since the drivers pass us all data. | ||
+ | |||
+ | nokia8x0 | ||
+ | http:// | ||
+ | Nokia 8x0 capture interface, including support for | ||
+ | FCS validation. | ||
+ | The Nokia drivers appear to exhibit instability while | ||
+ | capturing where they stop reporting packets. | ||
+ | be minimized by setting the Network Scan interval to | ||
+ | " | ||
+ | |||
+ | orinoco | ||
+ | http:// | ||
+ | The Orinoco drivers which have mainlined into the Linux | ||
+ | | ||
+ | | ||
+ | An up-ported version of the older Orinoco drivers which more | ||
+ | | ||
+ | | ||
+ | Generally, Orinoco cards are not recommended for use with | ||
+ | | ||
+ | |||
+ | orinoco_14 | ||
+ | https:// | ||
+ | This source is deprecated and should only be used with | ||
+ | pre-release versions of a driver since merged into the Linux | ||
+ | kernel. | ||
+ | |||
+ | pcapfile | ||
+ | Capture interface: | ||
+ | The pcapfile capture source feeds a stored 802.11-encap | ||
+ | dump file through the Kismet engine again. | ||
+ | | ||
+ | alert conditions. | ||
+ | if Kismet was compiled with libpcap support. | ||
+ | |||
+ | prism2_openbsd | ||
+ | Full support for Prism2 under OpenBSD. | ||
+ | |||
+ | prism54g | ||
+ | http:// | ||
+ | PrismGT 802.11g drivers supporting monitor mode. | ||
+ | |||
+ | radiotap_bsd_ab Radiotap | ||
+ | Dual-band cards with radiotap headers. | ||
+ | |||
+ | radiotap_bsd_a Radiotap | ||
+ | 802.11a cards (or dual-band on 11a channels only) with | ||
+ | | ||
+ | |||
+ | radiotap_bsd_b Radiotap | ||
+ | 802.11b/g cards (or dual-band on 11b channels only) with | ||
+ | | ||
+ | |||
+ | rt2400 | ||
+ | http:// | ||
+ | Ralink 2400 802.11b cards using the serialmonkey GPL' | ||
+ | | ||
+ | |||
+ | rt2500 | ||
+ | http:// | ||
+ | Ralink 2500 802.11g cards using the serialmonkey GPL' | ||
+ | | ||
+ | |||
+ | rt73 Ralink 73 | ||
+ | http:// | ||
+ | Ralink 73 802.11g USB cards using the serialmonkey GPL'd | ||
+ | rt79 drivers (tested only with CVS driver versions) | ||
+ | |||
+ | rt8180 | ||
+ | http:// | ||
+ | Realtek 8180 based cards (there seem to be an awful lot of | ||
+ | them) using the GPL drivers. | ||
+ | |||
+ | viha Airport | ||
+ | http:// | ||
+ | Monitor mode support for Airport under OSX. Does not | ||
+ | | ||
+ | |||
+ | vtar5k | ||
+ | http:// | ||
+ | vtar5k drivers handle some Atheros 802.11a cards. | ||
+ | are you'll have better luck with madwifi drivers. | ||
+ | |||
+ | wlanng_legacy | ||
+ | http:// | ||
+ | Old wlan-ng drivers didn't support pcap capturing and | ||
+ | use a netlink socket to the kernel. | ||
+ | use on some embedded systems (like the Zaurus). | ||
+ | |||
+ | wlanng | ||
+ | http:// | ||
+ | Wlan-ng prism2 drivers prior to the AVS headers. | ||
+ | |||
+ | wlanng_avs | ||
+ | http:// | ||
+ | Newer wlan-ng drivers support a new header type and | ||
+ | | ||
+ | | ||
+ | |||
+ | wrt54g | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | Support for the newer firmware versions on the | ||
+ | | ||
+ | | ||
+ | Some systems generate a secondary device, prism0, while | ||
+ | in monitor mode and require special care while channel | ||
+ | | ||
+ | | ||
+ | |||
+ | wsp100 | ||
+ | http:// | ||
+ | Capture interface: | ||
+ | The WSP100 is an embedded device which reports 802.11 | ||
+ | | ||
+ | | ||
+ | been less maintained than others. | ||
+ | send me patches for this, please let me know. | ||
+ | |||
+ | zd1211 | ||
+ | http:// | ||
+ | The ZD1211 drivers have had some regressions which lead to | ||
+ | data corruption while changing channel. | ||
+ | work, and typically the aircrack patches resolve the | ||
+ | | ||
+ | | ||
+ | |||
+ | Chipsets known to NOT WORK: | ||
+ | | ||
+ | linuxant wrappers around windows drivers. | ||
+ | *** UPDATE *** | ||
+ | See the bcm43xx source type entry. | ||
+ | experimental reverse-engineered drivers which have | ||
+ | monitor mode support now under Linux! | ||
+ | work, however, then too bad. | ||
+ | | ||
+ | *** UPDATE *** | ||
+ | See the bcm source for linux on ppc, it MAY work, it | ||
+ | may not. Currently theres no solution for OSX but | ||
+ | I'm looking for OSX hackers interested in redoing the | ||
+ | Kismet port and looking into adding more support. | ||
+ | | ||
+ | currently no equivalent hack for PCMCIA. | ||
+ | | ||
+ | yet in the drivers, may be available in the future. | ||
+ | | ||
+ | AND CAN NOT BE USED WITH KISMET.</ | ||
+ | |||