1

Topic: Kismet one network data log

Greetings. I finaly got kismet working, but when I capture data with "d" into a dump file, traffic from all networks that are in range is recorded. Is there a way I can set it up to capture only one network at a time?

2

Re: Kismet one network data log

Kismet is an IDS (Intrusion Detection System) and a stumbler. The application you probably want to use is called Wireshark (traffic analysis), where you are able to use different kinds of filters to filter out the traffic you don't need to capture/see.
As far as I know, kismet can only lock on to a single channel, but no further filtering is possible.

3

Re: Kismet one network data log

Yes, I do analyze the data captured by kismet in Wireshark, but I need to filter-out everything but one network :)

4

Re: Kismet one network data log

Well, then you just filter-out the MAC addresses that are not in the network plus use a protocol filter (see sniffing and data analysis) in Wireshark.

5

Re: Kismet one network data log

Thank you for patience. I don't have problems with filters in Wireshark. I wanted to know if it can be filtered in Kismet.

6

Re: Kismet one network data log

Finally I found a way to do it. Sort your networks (sort first), select the network and pres Shift+L.
Channelhopping can be turned off in config or with the -X parameter, but I don't know how to set the channel. Default is 6.

-I, --initial-channel <n:c>  Initial channel to monitor on (default: 6) Format capname:channel

But I don't know what capname is.

7

Re: Kismet one network data log

Capname is probably capture session name . I told you how to lock on to a channel.

8 (edited by mar33s 2008-06-21 15:52:10)

Re: Kismet one network data log

yes :) ..currently, I dono't have much time, so I'm slowly discovering new things.