Kismet Wireless

Kismet Forums


Posted by:dragorn
Subject:monitor single MAC address
Date:20:44:48 21/11/2006

> When I do that, it discards all packets to and from that address and logs all others. I'm using a Cisco 350 card with the following source line if that helps any:

Filters are "positive-pass": anything matched by the filter is passed and
all else is excluded.

Filtering can be done on address types (ANY, SOURCE, DEST, and BSSID).

To exclude a network with the BSSID AA:BB:CC:DD:EE:FF, the filter would be:

MAC addresses can be masked in the same fashion as IP netmasks. To
match all networks of a certian manufacturer, restrict to the OUI:

Multiple MAC addresses can be used on the same filter line. To filter
out two known networks from being considered:
Which is to say, all traffic not from 00..55 and not from 00..66 will
be considered.

So to exclude traffic from any network other than 00:00:00:AB:CD:EF



Reply to this message