Kismet Wireless

Kismet Forums

 

Posted by:ricardo
Subject:How to monitor a single client
Date:06:52:46 13/06/2009

> There isn't much point to capturing only packets from a single client.

I'm only interested in the traffic between AP and this single client. That's my point.

> You can probably kluge it out of a source and dest filter, but it'll confuse Kismet a fair bit.

Well - I'd call it "this for that". Right now, Kismet has left me confused more than a fair bit. Honestly. The filtering section in the REDME is very meagre, terse, probably wrong. I can't make any sense of it. At least fixing typos for important keywords ans some more examples would help.

filter_tracker=BSSID(AA::BB:CC:DD:EE:FF)

works somehow/a little bit as expected, at least just this network shows up in the UI, but there's still much data rubbish from other networks showing up. Even if I lock to a specific channel of this AP

filter_tracker=BSSID(!AA::BB:CC:DD:EE:FF)

Does not work as expected, this network shows up in the UI (Why?), just some packets are filtered - I'm willing to assume, these are the packets of this particular AP.

filter_tracker=BSSID(!AA::BB:CC:DD:EE:FF,!01:02:03:04:05:06)

Does not work at all, the server exits with a error message "couldn't parse filter line 'BSSID(!AA::BB:CC:DD:EE:FF,!01:02:03:04:05:06)' expected MAC address. Well - this clearly contradicts documentation.

Big mess. Improve documentation. Please.


Reply to this message