Kismet Wireless

Kismet Forums

 

Posted by:RNewman
Subject:Newcore Drone / Server Configuration - again
Date:13:19:31 25/08/2008

> > I followed your example listed above, however once the server connects to the drone it immediately starts issuing:
> > ERROR: No frames from Kismet drone server at localhost:2502 in 20 seconds,
> > disconnecting
> > Over and over again.
> >
> > The drone, server and client are all on the same host.
> >
>
> that error means it's not connecting/negotiating.
>
> Look at loopback with tcpdump. Are you running any local input firewalls? Are you sure you're launching the newcore drone server and not the stable one from somewhere else in your path?
>
> -m
Well the storms have left good ol' Florida and only 2 feet of rain at my house.
Okay, I've installed Slackware v12.1 on my server and installed/configured kismet. I am still getting the same results with the drone.

Apparently I'm missing probably a simple configuration setting, but I can not find it.

Here are the drone startup messages...

root@WLScanner1:~# cd /home/scanner
root@WLScanner1:/home/scanner# ~/kismet/kismet_drone -f /etc/kismet/kismet_drone.conf
INFO: Reading from config file /etc/kismet/kismet_drone.conf
INFO: Setting drone connection buffer to 65535 bytes
INFO: No specific sources named, all sources defined in kismet.conf will be
enabled.
INFO: Channel hopping enabled in config file
INFO: Channel splitting enabled in config file
INFO: Source 0 (wifi): Enabling monitor mode for ath5k source interface wlan0
channel 6...
INFO: Interface 'wlan0' is already marked as being in monitor mode, leaving it
as it is.
ERROR: Failed to set channel 0 22:Invalid argument
INFO: Source 0 (wifi): Opening ath5k source interface wlan0...
INFO: Source 0 (wifi): Opened source. UUID: 0000a91a-72de-11dd-bba0-001e5895e7ee
INFO: Created Kismet drone TCP server on port 2502
INFO: Dropped privs to scanner (1000) gid 100
ERROR: Failed to open primary plugin directory (/usr/local/lib/kismet/): No
such file or directory
ERROR: Failed to find a 'configdir' path in the Kismet config file, ignoring
local plugins.
INFO: Starting GPS components...
INFO: GPS support disabled in kismet.conf
INFO: Kismet drone starting to gather packets

---------
And here are the server startup messages...

root@WLScanner1:/home/scanner# ~/kismet/kismet_server -f /etc/kismet/kismet.conf
INFO: Reading from config file /etc/kismet/kismet.conf
INFO: No 'dronemaxclients' config line defined for the Kismet drone server,
defaulting to 5 clients.
INFO: Created alert tracker...
INFO: No specific sources named, all sources defined in kismet.conf will be
enabled.
INFO: Channel hopping enabled in config file
INFO: Channel splitting enabled in config file
INFO: Created Kismet UI TCP server on port 2501
INFO: Created Kismet drone TCP server on port 3501
INFO: Dropped privs to scanner (1000) gid 100
ERROR: Failed to open primary plugin directory (/usr/local/lib/kismet/): No
such file or directory
ERROR: Failed to open user plugin directory (/home/scanner/.kismet//plugins/):
No such file or directory
INFO: Drone source 'wifi' will automatically reconnect if the connection is
lost.
INFO: Source 0 (wifi): Enabling monitor mode for drone source interface tcp://lo
calhost:2502 channel 0...
INFO: Source 0 (wifi): Opening drone source interface tcp://localhost:2502...
INFO: TcpClient connected to localhost:2502
INFO: Source 0 (wifi): Opened source. UUID: 000065e4-72df-11dd-ae62-c703f612ab06
INFO: Inserting basic packet dissectors...
INFO: Allowing Kismet frontends to view WEP keys
INFO: Starting GPS components...
INFO: GPS support disabled in kismet.conf
INFO: Creating network tracker...
INFO: Probe network tracking disabled by config file
ERROR: Netracker failed to read SSID cache file '/home/scanner/.kismet/ssid_map'
: No such file or directory
ERROR: Netracker failed to read IP cache file '/home/scanner/.kismet/ip_map':
No such file or directory
INFO: Registering dumpfiles...
INFO: Pcap log in PPI format
INFO: Opened netxml log file 'Kismet-Aug-25-2008-6.netxml'
INFO: Opened nettxt log file 'Kismet-Aug-25-2008-6.nettxt'
INFO: Opened gpsxml log file 'Kismet-Aug-25-2008-6.gpsxml'
INFO: Kismet starting to gather packets
ERROR: No frames from Kismet drone server at localhost:2502 in 20 seconds,
disconnecting
ERROR: No frames from Kismet drone server at localhost:2502 in 20 seconds,
disconnecting
ERROR: No frames from Kismet drone server at localhost:2502 in 20 seconds,
disconnecting
Shutting down log files...
INFO: Closed netxml log file 'Kismet-Aug-25-2008-6.netxml'
INFO: Closed nettxt log file 'Kismet-Aug-25-2008-6.nettxt'
INFO: Closed gpsxml log file 'Kismet-Aug-25-2008-6.gpsxml'

------------
Here is a tcpdump of the loopback interface...

15:51:53.135434 IP localhost.41131 > localhost.2502: S 2760818771:2760818771(0) win 32792 <mss 16396,sackOK,timestamp 619242 0,nop,wscale 6>
15:51:53.135457 IP localhost.2502 > localhost.41131: S 2763496844:2763496844(0) ack 2760818772 win 32768 <mss 16396,sackOK,timestamp 619242 619242,nop,wscale 6>
15:51:53.135475 IP localhost.41131 > localhost.2502: . ack 1 win 513 <nop,nop,timestamp 619242 619242>
15:51:57.022846 IP localhost.41131 > localhost.2502: F 1:1(0) ack 1 win 513 <nop,nop,timestamp 620214 619242>
15:51:57.026184 IP localhost.2502 > localhost.41131: . ack 2 win 512 <nop,nop,timestamp 620215 620214>
15:52:56.094109 IP localhost.36656 > localhost.2502: S 3745385450:3745385450(0) win 32792 <mss 16396,sackOK,timestamp 634982 0,nop,wscale 6>
15:52:56.094132 IP localhost.2502 > localhost.36656: S 3755928738:3755928738(0) ack 3745385451 win 32768 <mss 16396,sackOK,timestamp 634982 634982,nop,wscale 6>
15:52:56.094149 IP localhost.36656 > localhost.2502: . ack 1 win 513 <nop,nop,timestamp 634982 634982>
15:53:02.086170 IP localhost.36656 > localhost.2502: F 1:1(0) ack 1 win 513 <nop,nop,timestamp 636480 634982>
15:53:02.089512 IP localhost.2502 > localhost.36656: . ack 2 win 512 <nop,nop,timestamp 636481 636480>

-------
Again, the standard server collection works and collection data without any issues. The problem comes in the drone configuration.

Any help would be appreciated.
Thanks...Richard


Reply to this message