Kismet Wireless

Kismet Forums

 

Posted by:laserpad
Subject:Kismet as an IDS to generate alerts
Date:19:55:58 31/01/2012

> > > > I am working on wireless network security project which needs an IDS and I am currently trying to use kismet as IDS for L2 attacks.
> > > > Can someone please tell me how to generate the various alerts mentioned on the kismet website. Right now i have only been able to perform DEAUTHFLOOD alert with the help of aireplay-ng software can some one pls tell me which software to use or how to generate the other alerts
> > >
> > > Lorcon, aircrack, karma, metasploit, reaver will generally generate what you need (as they are the tools the IDS stuff is generally written to detect). The readme lists specific attacks where possible.
> >
> > Thanks for the help and can you please tell me if it is possible to combine kismet with snort (not snort-wireless) and does it require a lot of time to learn and setup snort to generate alerts by writing rules
>
> Maybe? I don't use snort. If you can pull in syslog entries, then, yes. I don't know how one writes rules for that.

I am working on a practical on kismet and snort integration that is in the acceptance stage now. I can send it to you via email if you wish. Alternatively, there is a document located at http://www.symmetrixtech.com/articles/014-snortinstallguide292.pdf
you can follow, and all you have to do is change the monitoring interface from eth0 to kismets virtual interface (kistap0)


Reply to this message