Kismet Wireless

Kismet Forums

 

Posted by:HaroldCo
Subject:Need pcap file to generate alerts from kismet for final testing
Date:21:32:09 13/08/2009

Assuming alerts are sent thru same interface I'm 80% there in being able to capture a real time event and alert through my monitoring system.

Need help on generating re-occuring alerts in Kismet. Looked for pcap files on several sites, but did not see anything for wireless. Generated an airsnarf probe message from airsnort but not an alert. Suggestions?

Have succeeded in creating simple logging client for kismet server from available perl code that writes to local syslog which then forwards event to syslogd server. kismetaclient.pl connects to server and grabs STATUS: messages.

Configure syslog.conf to forward to host
This perl syslog example writes message locally.

#!/usr/bin/perl
# Write to machine syslog
# Verify syslog.conf pointing to syslogd server

use Sys::Syslog qw( :DEFAULT setlogsock);

$user = $ENV{'USER'};
setlogsock('unix');
openlog($0,'','user');
syslog('info', "$user Test KISMET message");
closelog;

Download kismetaclient.pl from http://blueskylark.org/kismetaclient/index.htm
Also download socket.ph, use Socket; also works
Look for print STDOUT "${time}$line" in kismetaclient.pl;
Add syslog code
syslog('info', ""${time}$line";");
All STATUS messages will be written to syslog


Reply to this message