# Kismet config file # Most of the "static" configs have been moved to here -- the command line # config was getting way too crowded and cryptic. We want functionality, # not continually reading --help! # # Default config by Mike Kershaw # Version of Kismet config version=2.2 # MAC addresses to filter, comma seperated. Hex MUST BE in all caps! macfilter=DE:AD:BE:EF:00:00 # Port to serve GUI data tcpport=2501 # People allowed to connect, comma seperated, IPs allowedhosts=127.0.0.1 # Maximum number of concurrent GUI's maxclients=5 # captype - Packet capture type. # valid options: "prism2" "pcap" "generic" captype=prism2 # capinterface - Wireless device name. # Required for all capture types. capinterface=eth0 # Do we have a GPS? gps=false # Host:port that GPSD is running on. This can be localhost OR remote! gpshost=localhost:2947 # Do we use sound? # Not to be confused with GUI sound parameter, this controls wether or not the # server itself will play sound. Primarily for headless or automated systems. sound=false # Path to sound player soundplay=/usr/bin/play # New network found sound_new=/usr/local/share/kismet/wav/new_network.wav # Network traffic sound sound_traffic=/usr/local/share/kismet/wav/traffic.wav # Network junk traffic found sound_junktraffic=/usr/local/share/kismet/wav/junk_traffic.wav # GPS lock aquired sound # sound_gpslock=/usr/local/share/kismet/wav/foo.wav # GPS lock lost sound # sound_gpslost=/usr/local/share/kismet/wav/bar.wav # Does the server have speech? (Again, not to be confused with the GUI's speech) speech=false # Server's path to Festival festival=/usr/bin/festival # Use metric measurements in the output? metric=false # File types to log, comma seperated # dump - raw packet dump # network - plaintext detected networks # csv - plaintext detected networks in CSV format # xml - XML formatted network and cisco log # weak - weak packets (in airsnort format) # cisco - cisco equipment CDP broadcasts # gps - gps coordinates logtypes=dump,network,csv,xml,weak,cisco # Do we log "noise" packets that we can't decipher? I tend to not, since # they don't have anything interesting at all in them. noiselog=false # Do we do "fuzzy" crypt detection? (byte-based detection instead of 802.11 # frame headers) # valid option: Comma seperated list of packetsources to perform fuzzy detection # on, or 'all' fuzzycrypt=prism2,wtapfile # What type of dump do we generate? # valid option: "wiretap" dumptype=wiretap # Do we limit the size of dump logs? Sometimes ethereal can't handle big ones. # 0 = No limit # Anything else = Max number of packets to log to a single file before closing # and opening a new one. dumplimit=0 # Default log title logdefault=Kismet # logtemplate - Filename logging template. # This is, at first glance, really nasty and ugly, but you'll hardly ever # have to touch it so don't complain too much. # # %n is replaced by the logging instance name # %d is replaced by the current date # %t is replaced by the starting log time # %i is replaced by the increment log in the case of multiple logs # %l is replaced by the log type (dump, status, crypt, etc) # %h is replaced by the home directory # ie, "netlogs/%n-%d-%i.dump" called with a logging name of "Pok" could expand # to something like "netlogs/Pok-Dec-20-01-1.dump" for the first instance and # "netlogs/Pok-Dec-20-01-2.%l" for the second logfile generated. # %h/netlots/%n-%d-%i.dump could expand to # /home/foo/netlogs/Pok-Dec-20-01-2.dump # # Other possibilities: Sorting by directory # logtemplate=%l/%n-%d-%i # Would expand to, for example, # dump/Pok-Dec-20-01-1 # crypt/Pok-Dec-20-01-1 # and so on. The "dump", "crypt", etc, dirs must exist before kismet is run # in this case. logtemplate=%n-%d-%i.%l # Where state info, etc, is stored. You shouldnt ever need to change this. # This is a directory. configdir=/home/root/.kismet/ # cloaked SSID file. You shouldn't ever need to change this. ssidmap=ssid_map # Group map file. You shouldn't ever need to change this. groupmap=group_map