Kismet Wireless

Kismet Forums

 

Posted by:Bert
Subject:FC4 NC8230 centrio Fatal Error monitor
Date:17:29:24 15/03/2006

heh sounds like current directory permissions.

what happens is like this

1 kismet starts
2 kismet drops uid to user say 500
3 kismet goes to write log files in current directory

if the current directory is say /root
well user 500 can not write files to this dir so thats why you get that error.

start kismet from /tmp or set the correct permissions for directory :)


Hope that helps.

> > > FATAL: Failed to set monitor mode: Invalid argument. This usually means your drivers either do not support monitor mode, or use a different mechanism for getting to it. Make sure you have a version of your drivers that support monitor mode, and consult the troubleshooting section of the README.
> > >
> > >
> > > This is the error that I am getting. I will be upfront. I am ok with linux but a noob with kismet...I have ran it on macos X but now I am running it at work as well. I just need list of steps to fix this error.
> >
> > Install a version of the ipw driver capable of rfmon, or fix your installation to include rfmon if your distribution turned it off.
> >
> >
>
> I went though and followed a guide I found online to compile the drivers from intel. works great now this is what I am getting:
>
> Server options: none
> Client options: none
> Starting server...
> Waiting for server to start before starting UI...
> Will drop privs to k1llm3kwik (500) gid 500
> No specific sources given to be enabled, all will be enabled.
> Enabling channel hopping.
> Disabling channel splitting.
> Source 0 (k1llm3kwik): Enabling monitor mode for ipw2200 source interface eth1 channel 6...
> Source 0 (k1llm3kwik): Opening ipw2200 source interface eth1...
> Spawned channelc control process 3533
> Dropped privs to k1llm3kwik (500) gid 500
> Allowing clients to fetch WEP keys.
> WARNING: Disabling GPS logging.
> Logging networks to Kismet-Mar-15-2006-1.network
> Logging networks in CSV format to Kismet-Mar-15-2006-1.csv
> Logging networks in XML format to Kismet-Mar-15-2006-1.xml
> Logging cryptographically weak packets to Kismet-Mar-15-2006-1.weak
> Logging cisco product information to Kismet-Mar-15-2006-1.cisco
> Logging data to Kismet-Mar-15-2006-1.dump
> Writing data files to disk every 300 seconds.
> Mangling encrypted and fuzzy data packets.
> Tracking probe responses and associating probe networks.
> Reading AP manufacturer data and defaults from /usr/local/etc/ap_manuf
> Reading client manufacturer data and defaults from /usr/local/etc/client_manuf
> Using network-classifier based data encryption detection
> FATAL: Dump file error: Unable to open dump file Kismet-Mar-15-2006-1.dump (Permission denied)
> Sending termination request to channel control child 3533...
> WARNING: Sometimes cards don't always come out of monitor mode
> cleanly. If your card is not fully working, you may need to
> restart or reconfigure it for normal operation.
> Waiting for channel control child 3533 to exit...
> Kismet exiting.
>
> (I have a feeling that I am messing up my kismet.conf, so here it is)
>
> # Kismet config file
> # Most of the "static" configs have been moved to here -- the command line
> # config was getting way too crowded and cryptic. We want functionality,
> # not continually reading --help!
>
> # Version of Kismet config
> version=2005.06.R1
>
> # Name of server (Purely for organizational purposes)
> servername=Kismet
>
> # User to setid to (should be your normal user)
> suiduser=k1llm3kwik
>
> # Sources are defined as:
> # source=sourcetype,interface,name[,initialchannel]
> # Source types and required drivers are listed in the README under the
> # CAPTURE SOURCES section.
> # The initial channel is optional, if hopping is not enabled it can be used
> # to set the channel the interface listens on.
> # YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
> source=eth0,ipw2200,addme
>
> # Comma-separated list of sources to enable. This is only needed if you defined
> # multiple sources and only want to enable some of them. By default, all defined
> # sources are enabled.
> # For example:
> # enablesources=prismsource,ciscosource
>
> # Do we channelhop?
> channelhop=true
>
> # How many channels per second do we hop? (1-10)
> channelvelocity=5
>
> # By setting the dwell time for channel hopping we override the channelvelocity
> # setting above and dwell on each channel for the given number of seconds.
> #channeldwell=10
>
> # Do we split channels between cards on the same spectrum? This means if
> # multiple 802.11b capture sources are defined, they will be offset to cover
> # the most possible spectrum at a given time. This also controls splitting
> # fine-tuned sourcechannels lines which cover multiple interfaces (see below)
> channelsplit=true
>
> # Basic channel hopping control:
> # These define the channels the cards hop through for various frequency ranges
> # supported by Kismet. More finegrain control is available via the
> # "sourcechannels" configuration option.
> #
> # Don't change the IEEE80211<x> identifiers or channel hopping won't work.
>
> # Users outside the US might want to use this list:
> # defaultchannels=IEEE80211b:1,7,13,2,8,3,14,9,4,10,5,11,6,12
> defaultchannels=IEEE80211b:1,6,11,2,7,3,8,4,9,5,10
>
> # 802.11g uses the same channels as 802.11b...
> defaultchannels=IEEE80211g:1,6,11,2,7,3,8,4,9,5,10
>
> # 802.11a channels are non-overlapping so sequential is fine. You may want to
> # adjust the list depending on the channels your card actually supports.
> # defaultchannels=IEEE80211a:36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,149,153,157,161,184,188,192,196,200,204,208,212,216
> defaultchannels=IEEE80211a:36,40,44,48,52,56,60,64
>
> # Combo cards like Atheros use both 'a' and 'b/g' channels. Of course, you
> # can also explicitly override a given source. You can use the script
> # extras/listchan.pl to extract all the channels your card supports.
> defaultchannels=IEEE80211ab:1,6,11,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64
>
> # Fine-tuning channel hopping control:
> # The sourcechannels option can be used to set the channel hopping for
> # specific interfaces, and to control what interfaces share a list of
> # channels for split hopping. This can also be used to easily lock
> # one card on a single channel while hopping with other cards.
> # Any card without a sourcechannel definition will use the standard hopping
> # list.
> # sourcechannels=sourcename[,sourcename]:ch1,ch2,ch3,...chN
>
> # ie, for us channels on the source 'prism2source' (same as normal channel
> # hopping behavior):
> # sourcechannels=prism2source:1,6,11,2,7,3,8,4,9,5,10
>
> # Given two capture sources, "prism2a" and "prism2b", we want prism2a to stay
> # on channel 6 and prism2b to hop normally. By not setting a sourcechannels
> # line for prism2b, it will use the standard hopping.
> # sourcechannels=prism2a:6
>
> # To assign the same custom hop channel to multiple sources, or to split the
> # same custom hop channel over two sources (if splitchannels is true), list
> # them all on the same sourcechannels line:
> # sourcechannels=prism2a,prism2b,prism2c:1,6,11
>
> # Port to serve GUI data
> tcpport=2501
> # People allowed to connect, comma seperated IP addresses or network/mask
> # blocks. Netmasks can be expressed as dotted quad (/255.255.255.0) or as
> # numbers (/24)
> allowedhosts=127.0.0.1
> # Address to bind to. Should be an address already configured already on
> # this host, reverts to INADDR_ANY if specified incorrectly.
> bindaddress=127.0.0.1
> # Maximum number of concurrent GUI's
> maxclients=5
>
> # Do we have a GPS?
> gps=true
> # Host:port that GPSD is running on. This can be localhost OR remote!
> gpshost=localhost:2947
> # Do we lock the mode? This overrides coordinates of lock "0", which will
> # generate some bad information until you get a GPS lock, but it will
> # fix problems with GPS units with broken NMEA that report lock 0
> gpsmodelock=false
>
> # Packet filtering options:
> # filter_tracker - Packets filtered from the tracker are not processed or
> # recorded in any way.
> # filter_dump - Packets filtered at the dump level are tracked, displayed,
> # and written to the csv/xml/network/etc files, but not
> # recorded in the packet dump
> # filter_export - Controls what packets influence the exported CSV, network,
> # xml, gps, etc files.
> # All filtering options take arguments containing the type of address and
> # addresses to be filtered. Valid address types are 'ANY', 'BSSID',
> # 'SOURCE', and 'DEST'. Filtering can be inverted by the use of '!' before
> # the address. For example,
> # filter_tracker=ANY(!00:00:DE:AD:BE:EF)
> # has the same effect as the previous mac_filter config file option.
> # filter_tracker=...
> # filter_dump=...
> # filter_export=...
>
> # Alerts to be reported and the throttling rates.
> # alert=name,throttle/unit,burst/unit
> # The throttle/unit describes the number of alerts of this type that are
> # sent per time unit. Valid time units are second, minute, hour, and day.
> # Burst rates control the number of packets sent at a time
> # For example:
> # alert=FOO,10/min,5/sec
> # Would allow 5 alerts per second, and 10 alerts total per minute.
> # A throttle rate of 0 disables throttling of the alert.
> # See the README for a list of alert types.
> alert=NETSTUMBLER,10/min,1/sec
> alert=WELLENREITER,10/min,1/sec
> alert=LUCENTTEST,10/min,1/sec
> alert=DEAUTHFLOOD,10/min,2/sec
> alert=BCASTDISCON,10/min,2/sec
> alert=CHANCHANGE,5/min,1/sec
> alert=AIRJACKSSID,5/min,1/sec
> alert=PROBENOJOIN,10/min,1/sec
> alert=DISASSOCTRAFFIC,10/min,1/sec
> alert=NULLPROBERESP,10/min,1/sec
> alert=BSSTIMESTAMP,10/min,1/sec
>
> # Known WEP keys to decrypt, bssid,hexkey. This is only for networks where
> # the keys are already known, and it may impact throughput on slower hardware.
> # Multiple wepkey lines may be used for multiple BSSIDs.
> # wepkey=00:DE:AD:C0:DE:00,FEEDFACEDEADBEEF01020304050607080900
>
> # Is transmission of the keys to the client allowed? This may be a security
> # risk for some. If you disable this, you will not be able to query keys from
> # a client.
> allowkeytransmit=true
>
> # How often (in seconds) do we write all our data files (0 to disable)
> writeinterval=300
>
> # Do we use sound?
> # Not to be confused with GUI sound parameter, this controls wether or not the
> # server itself will play sound. Primarily for headless or automated systems.
> sound=false
> # Path to sound player
> soundplay=/usr/bin/play
> # Optional parameters to pass to the player
> # soundopts=--volume=.3
> # New network found
> sound_new=/usr/share/kismet/wav/new_network.wav
> # Wepped new network
> # sound_new_wep=/usr/com/kismet/wav/new_wep_network.wav
> # Network traffic sound
> sound_traffic=/usr/share/kismet/wav/traffic.wav
> # Network junk traffic found
> sound_junktraffic=/usr/share/kismet/wav/junk_traffic.wav
> # GPS lock aquired sound
> # sound_gpslock=/usr/share/kismet/wav/foo.wav
> # GPS lock lost sound
> # sound_gpslost=/usr/share/kismet/wav/bar.wav
> # Alert sound
> sound_alert=/usr/share/kismet/wav/alert.wav
>
> # Does the server have speech? (Again, not to be confused with the GUI's speech)
> speech=false
> # Server's path to Festival
> festival=/usr/bin/festival
> # Are we using festival lite? If so, set the above "festival" path to also
> # point to the "flite" binary
> flite=false
> # How do we speak? Valid options:
> # speech Normal speech
> # nato NATO spellings (alpha, bravo, charlie)
> # spell Spell the letters out (aye, bee, sea)
> speech_type=nato
> # speech_encrypted and speech_unencrypted - Speech templates
> # Similar to the logtemplate option, this lets you customize the speech output.
> # speech_encrypted is used for an encrypted network spoken string
> # speech_unencrypted is used for an unencrypted network spoken string
> #
> # %b is replaced by the BSSID (MAC) of the network
> # %s is replaced by the SSID (name) of the network
> # %c is replaced by the CHANNEL of the network
> # %r is replaced by the MAX RATE of the network
> speech_encrypted=New network detected, s.s.i.d. %s, channel %c, network encrypted.
> speech_unencrypted=New network detected, s.s.i.d. %s, channel %c, network open.
>
> # Where do we get our manufacturer fingerprints from? Assumed to be in the
> # default config directory if an absolute path is not given.
> ap_manuf=ap_manuf
> client_manuf=client_manuf
>
> # Use metric measurements in the output?
> metric=false
>
> # Do we write waypoints for gpsdrive to load? Note: This is NOT related to
> # recent versions of GPSDrive's native support of Kismet.
> waypoints=false
> # GPSDrive waypoint file. This WILL be truncated.
> waypointdata=%h/.gpsdrive/way_kismet.txt
> # Do we want ESSID or BSSID as the waypoint name ?
> waypoint_essid=false
>
> # How many alerts do we backlog for new clients? Only change this if you have
> # a -very- low memory system and need those extra bytes, or if you have a high
> # memory system and a huge number of alert conditions.
> alertbacklog=50
>
> # File types to log, comma seperated
> # dump - raw packet dump
> # network - plaintext detected networks
> # csv - plaintext detected networks in CSV format
> # xml - XML formatted network and cisco log
> # weak - weak packets (in airsnort format)
> # cisco - cisco equipment CDP broadcasts
> # gps - gps coordinates
> logtypes=dump,network,csv,xml,weak,cisco,gps
>
> # Do we track probe responses and merge probe networks into their owners?
> # This isn't always desireable, depending on the type of monitoring you're
> # trying to do.
> trackprobenets=true
>
> # Do we log "noise" packets that we can't decipher? I tend to not, since
> # they don't have anything interesting at all in them.
> noiselog=false
>
> # Do we log corrupt packets? Corrupt packets have enough header information
> # to see what they are, but someting is wrong with them that prevents us from
> # completely dissecting them. Logging these is usually not a bad idea.
> corruptlog=true
>
> # Do we log beacon packets or do we filter them out of the dumpfile
> beaconlog=true
>
> # Do we log PHY layer packets or do we filter them out of the dumpfile
> phylog=true
>
> # Do we mangle packets if we can decrypt them or if they're fuzzy-detected
> mangledatalog=true
>
> # Do we do "fuzzy" crypt detection? (byte-based detection instead of 802.11
> # frame headers)
> # valid option: Comma seperated list of card types to perform fuzzy detection
> # on, or 'all'
> fuzzycrypt=wtapfile,wlanng,wlanng_legacy,wlanng_avs,hostap,wlanng_wext,ipw2200,ipw2915
>
> # Do we use network-classifier fuzzy-crypt detection? This means we expect
> # packets that are associated with an encrypted network to be encrypted too,
> # and we process them by the same fuzzy compare.
> # This essentially replaces the fuzzycrypt per-source option.
> netfuzzycrypt=true
>
> # What type of dump do we generate?
> # valid option: "wiretap"
> dumptype=wiretap
> # Do we limit the size of dump logs? Sometimes ethereal can't handle big ones.
> # 0 = No limit
> # Anything else = Max number of packets to log to a single file before closing
> # and opening a new one.
> dumplimit=0
>
> # Do we write data packets to a FIFO for an external data-IDS (such as Snort)?
> # See the docs before enabling this.
> #fifo=/tmp/kismet_dump
>
> # Default log title
> logdefault=Kismet
>
> # logtemplate - Filename logging template.
> # This is, at first glance, really nasty and ugly, but you'll hardly ever
> # have to touch it so don't complain too much.
> #
> # %n is replaced by the logging instance name
> # %d is replaced by the current date as Mon-DD-YYYY
> # %D is replaced by the current date as YYYYMMDD
> # %t is replaced by the starting log time
> # %i is replaced by the increment log in the case of multiple logs
> # %l is replaced by the log type (dump, status, crypt, etc)
> # %h is replaced by the home directory
> # ie, "netlogs/%n-%d-%i.dump" called with a logging name of "Pok" could expand
> # to something like "netlogs/Pok-Dec-20-01-1.dump" for the first instance and
> # "netlogs/Pok-Dec-20-01-2.%l" for the second logfile generated.
> # %h/netlots/%n-%d-%i.dump could expand to
> # /home/foo/netlogs/Pok-Dec-20-01-2.dump
> #
> # Other possibilities: Sorting by directory
> # logtemplate=%l/%n-%d-%i
> # Would expand to, for example,
> # dump/Pok-Dec-20-01-1
> # crypt/Pok-Dec-20-01-1
> # and so on. The "dump", "crypt", etc, dirs must exist before kismet is run
> # in this case.
> logtemplate=%n-%d-%i.%l
>
> # Where do we store the pid file of the server?
> piddir=/var/run/
>
> # Where state info, etc, is stored. You shouldnt ever need to change this.
> # This is a directory.
> configdir=%h/.kismet/
>
> # cloaked SSID file. You shouldn't ever need to change this.
> ssidmap=ssid_map
>
> # Group map file. You shouldn't ever need to change this.
> groupmap=group_map
>
> # IP range map file. You shouldn't ever need to change this.
> ipmap=ip_map


Reply to this message