The first full release of the new Kismet code is here, Kismet-2019-04-R1.
Some thoughts on releases
It’s easy for open source projects to fall into the “never release, just use git” cycle; egged on by the perception that a release has to be 100% perfect and complete. Kismet has certainly been guilty of this is the past.
Starting with 2019-04-R1, Kismet will attempt to move to a more frequent (monthly or bi-monthly) cycle, incorporating smaller features and improvements into more frequent releases, rather than stockpiling them for huge, but rare, releases.
Kismet-2019-04 isn’t perfect, but it’s very good, and represents years of work on the new Kismet codebase, UI, and API. Future releases will, of course, incorporate fixes, new features, new hardware, and more!
New web-based UI with searching, device notes, realtime graphs, and more.
A REST-like API
The new API for talking to Kismet is based on HTTP (or HTTPS) and JSON; It’s now easy to script against Kismet with any language which has support for HTTP and JSON. The new REST-liek API has full docs for all of the endpoints.
Expanded support for non-WiFi capture types
Kismet 2019-04 is designed to support more than Wi-Fi, from the ground up. Additional capture support at release includes Bluetooth, 433MHz sensors (like weather stations, TPMS tire pressure sensors, wireless thermometers, and more), ADSB aircraft data, AMR based power meters, wireless keyboards and mice built on the nRF chipset, and more. Capturing from non-WiFi sources of course requires the requisite hardware, with Kismet now working with the rtl-sdr, nRF Mousejack hardware, blue-z Bluetooth, and more.
New remote capture
Kismet now has a new, extremely light-weight remote capture system, which can support massive numbers of remote radios (tested with over 50 connected to a single server), and which supports remote capture from any of the supported hardware types.
Massive data set support
As WiFi has become ubiquitous the number of devices has exploded. Kismet now handles enormous data sets gracefully, scaling to over 300,000 devices in a single session on a server with 16 gig of RAM.
New KismetDB logs
The new kismetdb log format combines device records, packet data, non-packet data (like sensor readings), system health, location, console messages, and more into a single log file. Kismetdb logs can be converted to JSON records for device information, pcap files, Wigle CSV, and more. When enabled, kismetdb logs also allow for access to historic data via the REST interface, making it simple to extract packets around alert events and other anomalies.
Kismet will now take advantage of multi-core systems, both on large servers, and on small systems like the Raspberry Pi;
Live packet export
Packets can now be streamed live via the export endpoints, as a pcapng stream of all packets or with live filtering by data source, device, and more.
Alerts can be defined (and triggered) via REST endpoints
More to come
Expect more write-ups about features to come!