Kismet Wireless

Kismet Forums

 

Posted by:RobF
Subject:Kismet can't detect networks - wlanctl/wlanctl-ng confusion?
Date:04:59:56 13/03/2006

I'm using a Dell TrueMobile 1180 wireless USB adapter with a Prism3 USB chipset, the specs of which are:

nic h/w: id=0x8026 1.0.0
pri f/w: id=0x15 1.1.3
sta f/w: id=0x1f 1.5.3

This device is about 3 years old, and I'm running it with a fairly recent version of the linux-wlan-ng driver, i.e. prism2_usb, v.0.2.1-pre26, packaged by Xandros 3.0.2 (a variant of Debian). The kernel is 2.6.11.

The adapter is detected on bootup, the driver module is inserted and adapter & driver work fine in managed mode, connecting me to my local AP and giving me access to the Internet.

I'd like to run the adapter in monitor mode, using Kismet v.2005.01.R1-2 (deb package).

In configuring the capture source, I tried all three of the available options:

1. source=wlanng_avs,wlan0,wlanngsource
(this is what I SHOULD use for my driver, i.e. v.0.2.0+)

2. source=wlanng,wlan0,wlanngsource
(this is what should be used for driver v.0.1.4 - 0.1.9)

Both of these failed to start up Kismet, giving me the following error message:

Server options: none
Client options: none
Starting server...
Suid priv-dropping disabled. This may not be secure.
No specific sources given to be enabled, all will be enabled.
Enabling channel hopping.
Enabling channel splitting.
Source 0 (wlanngsource): Enabling monitor mode for wlanng source interface wlan0 channel 6...
Waiting for server to start before starting UI...
Source 0 (wlanngsource): Opening wlanng source interface wlan0...
FATAL: pcap reported netlink type 1 (EN10MB) for wlan0. This probably means you're not in RFMON mode or your drivers are reporting a bad value. Make sure you have the correct drivers and that entering monitor mode succeeded.


3. source=wlanng_legacy,wlan0,source
(this is what should be used for driver v.0.1.3 and earlier)

This configuration succeeds in launching Kismet, but the Kismet main screen remains empty ... no networks are detected (there should be at least my own AP, plus two or three more).

This option produces the following messages:

# kismet
Server options: none
Client options: none
Starting server...
Suid priv-dropping disabled. This may not be secure.
No specific sources given to be enabled, all will be enabled.
Enabling channel hopping.
Enabling channel splitting.
Source 0 (wlanngsource): Enabling monitor mode for wlanng_legacy source interface wlan0 channel 6...
Waiting for server to start before starting UI...
sh: line 1: wlanctl-ng: command not found
Source 0 (wlanngsource): Opening wlanng_legacy source interface wlan0...
Allowing clients to fetch WEP keys.
WARNING: Disabling GPS logging.
Logging networks to /var/log/kismet/Kismet-Mar-12-2006-1.network
Logging networks in CSV format to /var/log/kismet/Kismet-Mar-12-2006-1.csv
Logging networks in XML format to /var/log/kismet/Kismet-Mar-12-2006-1.xml
Logging cryptographically weak packets to /var/log/kismet/Kismet-Mar-12-2006-1.weak
Logging cisco product information to /var/log/kismet/Kismet-Mar-12-2006-1.cisco
Logging data to /var/log/kismet/Kismet-Mar-12-2006-1.dump
Writing data files to disk every 300 seconds.
Mangling encrypted and fuzzy data packets.
Tracking probe responses and associating probe networks.
Reading AP manufacturer data and defaults from //etc/kismet/ap_manuf
Reading client manufacturer data and defaults from //etc/kismet/client_manuf
Dump file format: wiretap (ethereal libwiretap) dump
Crypt file format: airsnort (weak packet) dump
Kismet 2005.01.R1 (Kismet)
Logging data networks CSV XML weak cisco
Listening on port 2501.
Allowing connections from 127.0.0.1/255.255.255.255
Registering builtin client/server protocols...
Registering requested alerts...
Registering builtin timer events...
Gathering packets...
Starting UI...
Looking for startup info from localhost:2501.... found.
Connected to Kismet server 2005.01.R1 on localhost:2501
Reading AP manufacturer data and defaults from //etc/kismet/ap_manuf
Reading client manufacturer data and defaults from //etc/kismet/client_manuf

[At this point, the Kismet UI appears, without any entries. The adapter does NOT appear to be in Monitor mode since I can browse the web through the wlan0 interface while Kismet is open.]

Killing server...
Didn't detect any networks, unlinking network list.
Didn't detect any networks, unlinking CSV network list.
Didn't detect any networks, unlinking XML network list.
Didn't detect any Cisco Discovery Packets, unlinking cisco dump
Didn't capture any packets, unlinking dump file
Didn't see any weak encryption packets, unlinking weak file
WARNING: wlanngsource (wlan0) unable to exit monitor mode automatically. You may need to manually restart the device and reconfigure it for normal operation.Kismet exiting.
Kismet exited.

----------------

Re the message: sh: line 1: wlanctl-ng: command not found ...

The executables wlancfg and wlanctl are in /usr/sbin/ which is in my $PATH but there is no wlanctl-ng.

When I run "wlanctl", I get this

wlanctl-ng: - control utility for 802.11 devices
usage: wlanctl-ng interface|version|commands|mibs cmd cmdarg [cmdarg...]

where "interface" is the name of a wireless
network interface. Running 'ifconfig' will list
all network interfaces.

For a list of available commands, run 'wlanctl-ng commands'

For a list of available mib items, run 'wlanctl-ng mibs'

When I run "wlanctl-ng commands", I get this:
bash: wlanctl-ng: command not found

When I run "wlanctl commands", I get a long list of commands.

What do I need to do to get my adapter to work in monitor mode and log network specs and packets in Kismet?

TIA,

Robert


Reply to this message