Kismet Wireless

Kismet Forums

 

Posted by:stomponthis
Subject:2010-07 Drone Test - Still connection issue
Date:10:12:52 28/07/2010

So I conducted a test with Kismet 2010-07-R1.
Scenario: Two laptops which are both installed with Backtrack 4. The default Backtrack repository kismet package is removed (apt-get --purge remove kismet). Kismet 2010-07-R1 is then installed from source (./configure, make, make install).

As per your reccomendations for a drone not connecting:
Firewall on both machines are off, Routing is established (can ping between machines), Correct entries made in kismet.conf (on one laptop running Kismet server) and kismet_drone.conf (on the other laptop running Kismet drone). Kismet makes its own mac80211 VAP interface, so the local interface is not put into minitor mode then used in kismet config file.

So here are some config files to ensure that I have my settings correct....
Sorry if it is heaps of info, just wanted to put up enough info to check/debug. Have included kismet.conf, kismet_drone.conf, ./configure, kismet_drone command output and kismet_server command output.

Is anyone else having issues connecting to a drone using 2010-07-R1? Has anyone been able to get a drone to talk to the server using the new version?





KISMET DRONE OUTPUT (when running kismet_drone)
#################################################################################
root@bt:~/kismet-2010-07-R1# kismet_drone
ERROR: Kismet was started as root, NOT launching external control binary. This
is NOT the preferred method of starting Kismet as Kismet will continue
to run as root the entire time. Please read the README file section
about Installation & Security and be sure this is what you want to do.
INFO: Reading from config file /usr/local/etc/kismet_drone.conf
INFO: Plugin system disabled by Kismet configuration file or command line
INFO: Setting drone connection buffer to 65535 bytes
INFO: Kismet will attempt to hop channels at 5 channels per second unless
overridden by source-specific options
INFO: No specific sources named on the command line, sources will be read from
kismet.conf
INFO: Matched source type 'rtl8187' for auto-type source 'wlan1'
INFO: Using hardware channel list 1,2,3,4,5,6,7,8,9,10,11, 11 channels on
source wlan1
INFO: Created source wlan1 with UUID 507824f0-9a29-11df-9420-0d04111be301
INFO: Will attempt to reopen on source 'wlan1' if there are errors
INFO: Created TCP listener on port 3501
INFO: Starting GPS components...
INFO: GPS support disabled in kismet.conf
INFO: Kismet drone starting to gather packets
INFO: Started source 'wlan1'



KISMET SERVER OUTPUT (when running kismet_server)
#################################################################################
mfit@ForensicServer:~/trunk$ kismet_server
INFO: Not running as root - will try to launch root control binary (/usr/lo
cal/bin/kismet_capture) to control cards.
INFO: Started kismet_capture control binary successfully, pid 28363
INFO: Reading from config file /usr/local/etc/kismet.conf
debug - 28362 - child creating ipc fdfd
INFO: No 'dronelisten' config line and no command line drone-listen
argument given, Kismet drone server will not be enabled.
INFO: Created alert tracker...
ERROR: Failed to open primary plugin directory (/usr/local/lib/kismet/):
No such file or directory
ERROR: Failed to open user plugin directory (/home/mfit/.kismet//plugins/):
No such file or directory
INFO: Kismet will spend extra time on channels 1,6,11
INFO: Kismet will attempt to hop channels at 3 channels per second unless
overridden by source-specific options
INFO: No specific sources named on the command line, sources will be read
from kismet.conf
INFO: Matched source type 'drone' for auto-type source 'drone'
INFO: Using default channel list 'n/a' on source 'drone'
INFO: Created source drone with UUID 94a6d312-9a27-11df-a550-30040c171802
INFO: Disabling channel hopping on source 'drone' because it is not
capable of setting the channel.
INFO: Will attempt to reopen on source 'drone' if there are errors
INFO: Created TCP listener on port 2501
INFO: Kismet drone framework disabled, drone will not be activated.
INFO: Inserting basic packet dissectors...
INFO: Allowing Kismet frontends to view WEP keys
INFO: Starting GPS components...
INFO: GPS support disabled in kismet.conf
ERROR: Could not open OUI file '/etc/manuf': No such file or directory
ERROR: Could not open OUI file '/usr/share/wireshark/wireshark/manuf': No
such file or directory
INFO: Opened OUI file '/usr/share/wireshark/manuf
INFO: Indexing manufacturer db
INFO: Completed indexing manufacturer db, 16700 lines 334 indexes
INFO: Creating network tracker...
INFO: Creating channel tracker...
INFO: Registering dumpfiles...
INFO: Pcap log in PPI format
INFO: Opened pcapdump log file
'/home/mfit/kismet_logs/20100728-21-07-43-1.pcapdump'
INFO: Opened netxml log file
'/home/mfit/kismet_logs/20100728-21-07-43-1.netxml'
INFO: Opened alert log file
'/home/mfit/kismet_logs/20100728-21-07-43-1.alert'
INFO: Kismet starting to gather packets
INFO: Started source 'drone'
INFO: kismet_capture pid 28363 synced with Kismet server, starting service
loop
ERROR: Could not create connection to the Kismet drone server at 192.168.1.
6:3501 (Operation now in progress), will attempt to reconnect in 5
seconds



OUTPUT OF ./configure when compiling Kismet-2010-07-R1
############################################################################
root@bt:~/kismet-2010-07-R1# ./configure
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking for g++... g++
checking whether we are using the GNU C++ compiler... yes
checking whether g++ accepts -g... yes
checking for a BSD-compatible install... /usr/bin/install -c
checking whether make sets $(MAKE)... yes
checking how to run the C preprocessor... gcc -E
checking for platform-specific compiler flags... none needed
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking whether byte ordering is bigendian... no
checking errno.h usability... yes
checking errno.h presence... yes
checking for errno.h... yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking sys/socket.h usability... yes
checking sys/socket.h presence... yes
checking for sys/socket.h... yes
checking sys/time.h usability... yes
checking sys/time.h presence... yes
checking for sys/time.h... yes
checking sys/wait.h usability... yes
checking sys/wait.h presence... yes
checking for sys/wait.h... yes
checking for unistd.h... (cached) yes
checking for sys/types.h... (cached) yes
checking netdb.h usability... yes
checking netdb.h presence... yes
checking for netdb.h... yes
checking getopt.h usability... yes
checking getopt.h presence... yes
checking for getopt.h... yes
checking for an ANSI C-conforming const... yes
checking whether time.h and sys/time.h may both be included... yes
checking whether struct tm is in sys/time.h or time.h... time.h
checking for ANSI C header files... (cached) yes
checking return type of signal handlers... void
checking whether lstat dereferences a symlink specified with a trailing slash... yes
checking whether stat accepts an empty string... no
checking for gettimeofday... yes
checking for memset... yes
checking for select... yes
checking for socket... yes
checking for strcasecmp... yes
checking for strftime... yes
checking for strstr... yes
checking for system-level getopt_long()... yes
checking for stdint.h... (cached) yes
checking for accept() addrlen type... socklen_t
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... 64
checking for dlopen in -ldl... yes
checking for libm math function in std libs... no
checking for pow in -lm... yes
checking for main in -luClibc++... no
checking for main in -lstdc++... yes
checking for group 'root'... yes
checking for group 'man'... checking for initscr in -lncurses... yes
checking ncurses.h usability... yes
checking ncurses.h presence... yes
checking for ncurses.h... yes
checking for new_panel in -lpanel... yes
checking panel.h usability... yes
checking panel.h presence... yes
checking for panel.h... yes
checking for setproctitle... no
checking libutil.h usability... no
checking libutil.h presence... no
checking for libutil.h... no
checking for setproctitle in -lutil... no
checking sys/pstat.h usability... no
checking sys/pstat.h presence... no
checking for sys/pstat.h... no
checking whether __progname and __progname_full are available... yes
checking which argv replacement method to use... writeable
checking for linux/wireless.h... yes
checking that linux/wireless.h is what we expect... yes
checking can we use iw_freq.flags... yes
checking for cap_init in -lcap... no
checking sys/prctl.h usability... yes
checking sys/prctl.h presence... yes
checking for sys/prctl.h... yes
checking sys/capability.h usability... no
checking sys/capability.h presence... no
checking for sys/capability.h... no
checking for pcre_compile in -lpcre... yes
checking pcre.h usability... yes
checking pcre.h presence... yes
checking for pcre.h... yes
checking for pcap_open_live in -lpcap... yes
checking pcap.h usability... yes
checking pcap.h presence... yes
checking for pcap.h... yes
checking for pcap_setnonblock in -lpcap... yes
checking for pcap_get_selectable_fd in -lpcap... yes
checking for PPI support in libpcap... yes
configure: WARNING: Using local radiotap headers
checking for asm/types.h... yes
checking for netlink/genl/genl.h... yes
checking for netlink/genl/family.h... yes
checking for netlink/genl/ctrl.h... yes
checking for netlink/msg.h... yes
checking for netlink/attr.h... yes
checking for linux/nl80211.h... yes
checking for linux/if_arp.h... yes
checking for linux/wireless.h... (cached) yes
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for libnl20... no
checking for libnl1... yes
checking For mac80211 support in netlink library... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating Makefile.inc
config.status: WARNING: 'Makefile.inc.in' seems to ignore the --datarootdir setting
config.status: creating scripts/kismet
config.status: creating conf/kismet.conf
config.status: creating config.h

Configuration complete:
Compiling for: linux-gnu (i686)
C++ Library: stdc++
Installing as group: root
Man pages owned by: man
Installing into: /usr/local
Setuid group: kismet
Terminal Control: ncurses
Linux WEXT capture : yes
OSX/Darwin capture : n/a (only OSX/Darwin)
PCRE Regex Filters : yes
pcap capture: yes
airpcap control: n/a (only Cygwin/Win32)
PPI log format: yes
LibCapability (enhanced
privilege dropping): no
Linux Netlink: yes (mac80211 VAP creation)

Configuration complete. Run 'make dep' to generate dependencies
and 'make' followed by 'make install' to compile and install.



KISMET DRONE CONFIGURATION FILE (ON MACHINE RUNNING KISMET DRONE)
##########################################################################
# Kismet drone config file

version=newcore.1

# Name of drone server (informational)
servername=Kismet-Drone

# Drone configuration
# Protocol, interface, and port to listen on
dronelisten=tcp://127.0.0.1:3501
# Hosts allowed to connect, comma separated. May include netmasks.
# allowedhosts=127.0.0.1,10.10.10.0/255.255.255.0
droneallowedhosts=127.0.0.1,192.168.1.172
# Maximum number of drone clients
dronemaxclients=10
droneringlen=65535

# Do we have a GPS?
gps=false
# Do we use a locally serial attached GPS, or use a gpsd server?
# (Pick only one)
gpstype=gpsd
# gpstype=serial
# What serial device do we look for the GPS on?
gpsdevice=/dev/rfcomm0
# Host:port that GPSD is running on. This can be localhost OR remote!
gpshost=localhost:2947
# Do we lock the mode? This overrides coordinates of lock "0", which will
# generate some bad information until you get a GPS lock, but it will
# fix problems with GPS units with broken NMEA that report lock 0
gpsmodelock=false
# Do we try to reconnect if we lose our link to the GPS, or do we just
# let it die and be disabled?
gpsreconnect=true

# See the README for full information on the new source format
# ncsource=interface:options
#ncsource=null
# for example:
# ncsource=wlan0
# ncsource=wifi0:type=madwifi
# ncsource=wlan0:name=intel,hop=false,channel=11
ncsource=wlan1

# Special per-source options
# sourceopts=[sourcename|*]:opt1,opt2
# sourceopts=*:fuzzycrypt,weakvalidate

# Comma-separated list of sources to enable, if you don't want to enable all
# the sources you defined.
# enablesource=source1,source2

# How many channels per second do we hop? (1-10)
channelvelocity=5

# By setting the dwell time for channel hopping we override the channelvelocity
# setting above and dwell on each channel for the given number of seconds.
#channeldwell=10

# Users outside the US might want to use this list:
# channellist=IEEE80211b:1,7,13,2,8,3,14,9,4,10,5,11,6,12
channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10

# US IEEE 80211a
channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165

# Combo
channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165



KISMET CONFIGURATION FILE (ON MACHINE RUNNING KISMET SERVER)
##############################################################################
# Kismet config file
# Most of the "static" configs have been moved to here -- the command line
# config was getting way too crowded and cryptic. We want functionality,
# not continually reading --help!

# Version of Kismet config
version=2009-newcore

# Name of server (Purely for organizational purposes)
servername=Kismet_Forensic_Server

# Prefix of where we log (as used in the logtemplate later)
logprefix=/home/mfit/kismet_logs

# Do we process the contents of data frames? If this is enabled, data
# frames will be truncated to the headers only immediately after frame type
# detection. This will disable IP detection, etc, however it is likely
# safer (and definitely more polite) if monitoring networks you do not own.
# hidedata=true

# Do we allow plugins to be used? This will load plugins from the system
# and user plugin directiories when set to true (See the README for the default
# plugin locations).
allowplugins=true

# See the README for full information on the new source format
# ncsource=interface:options
# for example:
# ncsource=wlan0
# ncsource=wifi0:type=madwifi
# ncsource=wlan0:name=intel,hop=false,channel=11
ncsource=drone:host=192.168.1.6,port=3501
# ncsource=wlan1:type=rtl8187,hop=false,channel=10

# Comma-separated list of sources to enable. This is only needed if you defined
# multiple sources and only want to enable some of them. By default, all defined
# sources are enabled.
# For example, if sources with name=prismsource and name=ciscosource are defined,
# and you only want to enable those two:
# enablesources=prismsource,ciscosource

# Control which channels we like to spend more time on. By default, the list
# of channels is pulled from the driver automatically. By setting preferred channels,
# if they are present in the channel list, they'll be set with a timing delay so that
# more time is spent on them. Since 1, 6, 11 are the common default channels, it makes
# sense to spend more time monitoring them.
# For finer control, see further down in the config for the channellist= directives.
preferredchannels=1,6,11

# How many channels per second do we hop? (1-10)
channelvelocity=3

# By setting the dwell time for channel hopping we override the channelvelocity
# setting above and dwell on each channel for the given number of seconds.
#channeldwell=10

# Channels are defined as:
# channellist=name:ch1,ch2,ch3
# or
# channellist=name:range-start-end-width-offset,ch,range,ch,...
#
# Channels may be a numeric channel or a frequency
#
# Channels may specify an additional wait period. For common default channels,
# an additional wait period can be useful. Wait periods delay for that number
# of times per second - so a configuration hopping 10 times per second with a
# channel of 6:3 would delay 3/10ths of a second on channel 6.
#
# Channel lists may have up to 256 channels and ranges (combined). For power
# users scanning more than 256 channels with a single card, ranges must be used.
#
# Ranges are meant for "power users" who wish to define a very large number of
# channels. A range may specify channels or frequencies, and will automatically
# sort themselves to cover channels in a non-overlapping fashion. An example
# range for the normal 802.11b/g spectrum would be:
#
# range-1-11-3-1
#
# which indicates starting at 1, ending at 11, a channel width of 3 channels,
# incrementing by one. A frequency based definition would be:
#
# range-2412-2462-22-5
#
# since 11g channels are 22 mhz wide and 5 mhz apart.
#
# Ranges have the flaw that they cannot be shared between sources in a non-overlapping
# way, so multiple sources using the same range may hop in lockstep with each other
# and duplicate the coverage.
#
# channellist=demo:1:3,6:3,11:3,range-5000-6000-20-10

# Default channel lists
# These channel lists MUST BE PRESENT for Kismet to work properly. While it is
# possible to change these, it is not recommended. These are used when the supported
# channel list can not be found for the source; to force using these instead of
# the detected supported channels, override with channellist= in the source defintion
#
# IN GENERAL, if you think you want to modify these, what you REALLY want to do is
# copy them and use channellist= in the packet source.
channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10
channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165
channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165

# Client/server listen config
listen=tcp://127.0.0.1:2501
# People allowed to connect, comma seperated IP addresses or network/mask
# blocks. Netmasks can be expressed as dotted quad (/255.255.255.0) or as
# numbers (/24)
allowedhosts=127.0.0.1
# Maximum number of concurrent GUI's
maxclients=5
# Maximum backlog before we start throwing out or killing clients. The
# bigger this number, the more memory and the more power it will use.
maxbacklog=5000

# Server + Drone config options. To have a Kismet server export live packets
# as if it were a drone, uncomment these.
# dronelisten=tcp://127.0.0.1:3501
# droneallowedhosts=127.0.0.1
# dronemaxclients=5
# droneringlen=65535

# OUI file, expected format 00:11:22<tab>manufname
# IEEE OUI file used to look up manufacturer info. We default to the
# wireshark one since most people have that.
ouifile=/etc/manuf
ouifile=/usr/share/wireshark/wireshark/manuf
ouifile=/usr/share/wireshark/manuf

# Do we have a GPS?
gps=false
# Do we use a locally serial attached GPS, or use a gpsd server?
# (Pick only one)
gpstype=gpsd
# gpstype=serial
# What serial device do we look for the GPS on?
gpsdevice=/dev/rfcomm0
# Host:port that GPSD is running on. This can be localhost OR remote!
gpshost=localhost:2947
# Do we lock the mode? This overrides coordinates of lock "0", which will
# generate some bad information until you get a GPS lock, but it will
# fix problems with GPS units with broken NMEA that report lock 0
gpsmodelock=false
# Do we try to reconnect if we lose our link to the GPS, or do we just
# let it die and be disabled?
gpsreconnect=true

# Do we export packets over tun/tap virtual interfaces?
tuntap_export=false
# What virtual interface do we use
tuntap_device=kistap0

# Packet filtering options:
# filter_tracker - Packets filtered from the tracker are not processed or
# recorded in any way.
# filter_export - Controls what packets influence the exported CSV, network,
# xml, gps, etc files.
# All filtering options take arguments containing the type of address and
# addresses to be filtered. Valid address types are 'ANY', 'BSSID',
# 'SOURCE', and 'DEST'. Filtering can be inverted by the use of '!' before
# the address. For example,
# filter_tracker=ANY(!"00:00:DE:AD:BE:EF")
# has the same effect as the previous mac_filter config file option.
# filter_tracker=...
# filter_dump=...
# filter_export=...
# filter_netclient=...

# Alerts to be reported and the throttling rates.
# alert=name,throttle/unit,burst
# The throttle/unit describes the number of alerts of this type that are
# sent per time unit. Valid time units are second, minute, hour, and day.
# Burst describes the number of alerts sent before throttling takes place.
# For example:
# alert=FOO,10/min,5
# Would allow 5 alerts through before throttling is enabled, and will then
# limit the number of alerts to 10 per minute.
# A throttle rate of 0 disables throttling of the alert.
# See the README for a list of alert types.
alert=ADHOCCONFLICT,5/min,1/sec
alert=AIRJACKSSID,5/min,1/sec
alert=APSPOOF,10/min,1/sec
alert=BCASTDISCON,5/min,2/sec
alert=BSSTIMESTAMP,5/min,1/sec
alert=CHANCHANGE,5/min,1/sec
alert=CRYPTODROP,5/min,1/sec
alert=DISASSOCTRAFFIC,10/min,1/sec
alert=DEAUTHFLOOD,5/min,2/sec
alert=DEAUTHCODEINVALID,5/min,1/sec
alert=DISCONCODEINVALID,5/min,1/sec
alert=DHCPNAMECHANGE,5/min,1/sec
alert=DHCPOSCHANGE,5/min,1/sec
alert=DHCPCLIENTID,5/min,1/sec
alert=DHCPCONFLICT,10/min,1/sec
alert=NETSTUMBLER,5/min,1/sec
alert=LUCENTTEST,5/min,1/sec
alert=LONGSSID,5/min,1/sec
alert=MSFBCOMSSID,5/min,1/sec
alert=MSFDLINKRATE,5/min,1/sec
alert=MSFNETGEARBEACON,5/min,1/sec
alert=NULLPROBERESP,5/min,1/sec
#alert=PROBENOJOIN,5/min,1/sec

# Controls behavior of the APSPOOF alert. SSID may be a literal match (ssid=) or
# a regex (ssidregex=) if PCRE was available when kismet was built. The allowed
# MAC list must be comma-separated and enclosed in quotes if there are multiple
# MAC addresses allowed. MAC address masks are allowed.
apspoof=Foo1:ssidregex="(?i:foobar)",validmacs=00:11:22:33:44:55
apspoof=Foo2:ssid="Foobar",validmacs="00:11:22:33:44:55,aa:bb:cc:dd:ee:ff"

# Known WEP keys to decrypt, bssid,hexkey. This is only for networks where
# the keys are already known, and it may impact throughput on slower hardware.
# Multiple wepkey lines may be used for multiple BSSIDs.
# wepkey=00:DE:AD:C0:DE:00,FEEDFACEDEADBEEF01020304050607080900

# Is transmission of the keys to the client allowed? This may be a security
# risk for some. If you disable this, you will not be able to query keys from
# a client.
allowkeytransmit=true

# How often (in seconds) do we write all our data files (0 to disable)
writeinterval=15

# Do we use sound?
# Not to be confused with GUI sound parameter, this controls wether or not the
# server itself will play sound. Primarily for headless or automated systems.
enablesound=false
# Path to sound player
soundbin=play

sound=newnet,true
sound=newcryptnet,true
sound=packet,true
sound=gpslock,true
sound=gpslost,true
sound=alert,true

# Does the server have speech? (Again, not to be confused with the GUI's speech)
enablespeech=false
# Binary used for speech (if not in path, full path must be specified)
speechbin=flite
# Specify raw or festival; Flite (and anything else that doesn't need formatting
# around the string to speak) is 'raw', festival requires the string be wrapped in
# SayText("...")
speechtype=raw

# How do we speak? Valid options:
# speech Normal speech
# nato NATO spellings (alpha, bravo, charlie)
# spell Spell the letters out (aye, bee, sea)
speechencoding=nato

speech=new,"New network detected s.s.i.d. %1 channel %2"
speech=alert,"Alert %1"
speech=gpslost,"G.P.S. signal lost"
speech=gpslock,"G.P.S. signal O.K."

# How many alerts do we backlog for new clients? Only change this if you have
# a -very- low memory system and need those extra bytes, or if you have a high
# memory system and a huge number of alert conditions.
alertbacklog=50

# File types to log, comma seperated. Built-in log file types:
# alert Text file of alerts
# gpsxml XML per-packet GPS log
# nettxt Networks in text format
# netxml Networks in XML format
# pcapdump tcpdump/wireshark compatible pcap log file
# string All strings seen (increases CPU load)
logtypes=pcapdump,netxml,alert

# Format of the pcap dump (PPI or 80211)
pcapdumpformat=ppi
# pcapdumpformat=80211

# Default log title
logdefault=KFS

# logtemplate - Filename logging template.
# This is, at first glance, really nasty and ugly, but you'll hardly ever
# have to touch it so don't complain too much.
#
# %p is replaced by the logging prefix + '/'
# %n is replaced by the logging instance name
# %d is replaced by the starting date as Mon-DD-YYYY
# %D is replaced by the current date as YYYYMMDD
# %t is replaced by the starting time as HH-MM-SS
# %i is replaced by the increment log in the case of multiple logs
# %l is replaced by the log type (pcapdump, strings, etc)
# %h is replaced by the home directory

logtemplate=%p%D-%t-%i.%l

# Where state info, etc, is stored. You shouldnt ever need to change this.
# This is a directory.
configdir=%h/.kismet/


Reply to this message