Posted by:dragorn
Subject:How to monitor a single client
Date:14:20:33 12/06/2009

> i managed to get Kismet (2008.05.R1) running under Gentoo Linux - Intel 3945 based card.
> Now I would like to filter the traffic of only one single client (incoming and outgoing) whose MAC address I do know. Currently, I use the filter_tracker like so:
> filter_tracker=BSSID(<mac-ap>,<mac-client>)
> While I see *something* from the client - because hes going over the <mac-ap>,
> there is drawback, because I see lots of "uninteresting rubbish" from the AP, and definitely not all data from the client. Unfortunately I'm new to Kismet and the README filtering-section is a little bit terse to me. Some more examples wouldn't hurt.

There isn't much point to capturing only packets from a single client.

If you really think you only need them, filter them in wireshark later, because there isn't much kismet can do only getting data packets from one client.

You can probably kluge it out of a source and dest filter, but it'll confuse Kismet a fair bit.


