Kismet Wireless

Kismet Forums


Posted by:dragorn
Subject:What source captured the signal?
Date:13:52:37 11/09/2008

> I replied to an older post but I wanted to bump the original in case it was burried and never saw the light of day:

> The issue I'm having is that I cannot distinguish or deduce by what drone or source an SSID or client is captured on. Ideally, I could use that UUID you mentioned and tie that to each new discovery. Even more ideally, the log/pipe output would have the UUID/capture name/IP address of the drone associated with the entry being sent. All this, of course, being piped into snort/written to a log then converted to a mysql database.

This is being addressed in Newcore - drones basically export the source upstream so the server sees the packets as coming from the specific source on the specific drone. Nothing super-intelligent is being done with it internally, though with the new PPI log format it should be possible to log that info, and Kismet knows internally the source that generated the packet, if that helps.

> Another issue I have is the broadcom drivers not reporting signal strength on the WRT54G's. Hopefully the B43 drivers will fix this but the Kamakazi release of OpenWRT hasn't successfully incorporated them in their release. However, deducing down to a couple or so drones where a rougue is coming from would be nice.

I've had poor luck with 2.6-anything on the WRT (something has changed in the internal device mgmt which throttles it down to about 2mbit throughput).

> Like the original OP said, cycling the kismet server and drones would be a huge pain.

Newcore drones are dynamic - you can add/remove them runtime.

Newcore hasn't had a release but it's definitely usable at this point if you grab it from SVN.


Reply to this message