Kismet Wireless

Kismet Forums

 

Posted by:stomponthis
Subject:Kismet Drone - cross compile OpenWRT Backfire
Date:03:49:37 08/05/2010

Hi Mike =P (though I would address it personally, you pretty much maintain everything to do with Kismet!)

First of all, big thanks for your efforts with developing and maintaining the Kismet application. Its an awesome tool! Have used it for several years, and have just started delving deeper into the more advanced capabilities as I am conducting some research for one of my university papers. Basically trying to advance practical research into 802.11 forensic investigation methodologies.

So I have set up a 'distributed wireless forensic readiness system' using Kismet's server/drone architecture. Using a fon-like wireless router (Accton MR3201a) running Kismet drone on OpenWRT Backfire, which is connected to a Forensic Server running Kismet server and client. I cross compiled the latest Kismet svn (3028) for OpenWRT Backfire using the following instructions as a guide (http://redlinesec.blogspot.com/2009/08/kismet-newcore-openwrt-cross-compile.html). I have managed to flash the wireless router and connect to the Kismet server. Have also done some configurations and everything seems to be working great. Can capture packets and log all the needed log files and dumps! Also have Snort-wireless running on the same router to extend IDS capabilities, which will hopefully correlate to the Kismet pcap dumps.

My real question is I am wondering if you could possibly shed some light on some errors/warnings encountered when cross compiling. An example is shown below:

In file included from packet.h:37,
from packetsource.h:31,
from kismet_drone.cc:45:
packet_ieee80211.h:248: warning: 'packed' attribute ignored
packet_ieee80211.h:253: warning: 'packed' attribute ignored
packet_ieee80211.h:273: warning: 'packed' attribute ignored

Was wondering if such an error would affect the Kismet drone functionality in any way? There are numerous appearances of this same error during different stages of cross compiling.

I was contemplating using the latest Kismet drone package provided by OpenWRT for the Backfire release, which is kismet-client_2009-06-R1-2_atheros.ipk, which seems like the first newcore drone package that has been available from their repositories. Though it seems a lot has changed since this release, for the drone application as well?

I also read your presentation from Sharkfest 09, when you mentioned a few future plans for Kismet-newcore. Was wondering if we can still expect features such as WPA-PSK and WPA-EAP decryption or more IDS functionality. Not pushing for development, just wondering as the additional features sound useful, especially for network security or forensic uses.

Hope I didn’t harp on for too long! And thanks again =P
Tom

PS. If anyone is interested in the method I used to compile the Kismet drone package for OpenWRT Backfire on the Accton MR3201a, just post a reply and I will post it somewhere. I recommend the link in my post to compile Kismet drone for the Linksys WRT54G or GL. So far have got Kismet drone compiled from 2010-01-R1 and devel (3028) source. Am also trying to get the TP Link TL-WR1043ND working with Kismet as well, for 802.11n support – Hopefully !


Reply to this message