Posted by:jmstarcher
Subject:HTTP Traffic Details
Date:18:26:25 06/07/2015

I am new to kismet and coding as a whole. I have kismet running on an rPi2b with a wifi dongle running an Ralink RT5370 chipset. I am successfully able to monitor the wifi traffic and have a small ruby application that extracts some of the information from the packet I am interested in (i.e. MAC, manuf, signal).

I am trying to determine which packets represent an active request from person using a device versus a management request that all devices are sending regardless of device status (for instance, my Roku is not "on" but I am still seeing packets from it).

Ideally, I'd like to use kismet to monitor the wifi traffic, write an application that watches for particular types of packet requests from certain MAC's and then trigger a notification. The use case is my daughter is in her room using her iPod to visit My app sees the initial request from iPod (HTTP), matches the MAC address to my daughter and sends me a notification letting me know she is "online" and potentially where she is currently (website).

As you can tell by my question, I am new to all of this and have almost zero understanding of network layers and communication. I have opened the pcapdump file that kismet creates and tried to filter on HTTP but with no luck. It seems I am not monitoring or capturing HTTP / TCP sources... I'm pulling my hair out searching google.

Any help this forum can provide would be greatly appreciated. Thanks in advance!

