Kismet Wireless

Kismet Forums


Posted by:don123cole
Subject:kismet and IDS
Date:15:41:49 16/08/2008

Hi, I have been using kismet for some time now and all i can say is that it's great. I am using it as a sniffer to sniff wireless access points and clients and i really understand the whole process. The area i am a bit confused in now is using kismet as an IDS. i have a wrt54g router on which i have installed the kismet drone using openWRT, i have a desktop that i installed the kismet server. I think i followed all the instructions in the book, then when i start the drone up it awaits connections and then when i start the server on the desktop this connects fine and u can see that it scan all available access point it sees. What i want to know is as follows, 1, As an WIDS do i still have to set up the router as an acess point and then connect all my wireless devices to the router, cause this is what i have done and my wireless devices are not able to connect to the router. i gave an ssid and still i can not connect to it. 2, or do i set up the router as a client and is this how it will pick up attacks on my network? 3, As an IDS does the card have to be in monitor mode? cause i know when u are sniffing the card as to be in monitor mode but i am not sure if this applies if one is running kismet as an IDS I really want to know how to use it as an IDS, which is what i have done by installing the drone on the router and the server on my desktop. If it see netstumber it will display the message at the bottom of the screen, but it does not display any other attacks like deauthentication, which i have tried to simulate using backtrack3. Anybody with ideas pls point me in the right direction. Thanks

Reply to this message