// Setting Up Kismet and an Aironet 350 on SuSE 8.2 // // by dual_parallel // // http://www.oldskoolphreak.com Instead of ending this article with shout outs, this article will begin with shouts to bland_inquisitor. bland brought me back to the wonders of SuSE after a harrowing experience with 8.1. Back to the glory of 8.0, SuSE has done Linux (and windows) users right with a solid distro. Heavy on the multimedia and networking friendly, SuSE 8.2 can pretty much fill any desktop or server need. Regarding Kismet, SuSE 8.2 (especially the Professional edition) includes many of the pieces needed to wardrive. Using a Cisco 350 series Wi-Fi card makes the setup of Kismet even easier. So, the following text will take a laptop with a SuSE 8.2 install, a Cisco AIR-PCM 352 and Kismet 2.8.1 to make an effective wardriving box. Start by installing 8.2. Insert the Cisco NIC and start an install of 8.2. Select C/C++ Compiler and Tools and make sure to install the packages wireless-tools and ethereal (included in Pro). When faced with the Network Configuration screen, click Network Interfaces to configure the Cisco card. At the Network cards configuration screen, click the Configure... button. Choose Ethernet under Network device and 0 under Device number (1 if you have integrated Ethernet). Click the checkbox next to Wireless device and then click the Wireless settings button. At the Wireless network card configuration screen, choose Managed under Operating mode and enter "any" into the Network name (ESSID) field. You could choose Automatic for Operating mode, but that setting was not tested for this article. Click OK, then Next. Choose Automatic address setup (via DHCP) on the Network address setup screen. Click Next, then Finish and complete the installation. With your working wireless (you may have to su -c "ifup ethX"), download the latest Kismet at http://www.kismetwireless.net/download.shtml. tar -xzf and cd to the new directory. As a regular user, ./configure, make dep and make. Then su to make install. The next step is to configure /usr/local/etc/kismet.conf. From top to bottom, here are the configuration changes you need to pay attention to. First, enter the user name that Kismet will run under for suiduser. The next option, Packet sources, is important [1]. SuSE 8.2 uses kernel 2.4.20, which includes the sourceforge.net CVS driver. This driver creates the wifi0 device for raw packet capture. With these things in mind, enter the following for the source option: source=cisco_cvs,wifi0,Kismet The last value, Kismet, is the capture source that will be called when running Kismet. Configure the remaining options appropriately, or leave the defaults - they're all self-explanitory. Now it's time for the final touches. Before running Kismet, monitor mode has to be enabled for the Cisco card [2]. Enter the following commands as root: # echo 'Mode: r' > /proc/driver/aironet/ethX/Config # echo 'Mode: y' > /proc/driver/aironet/ethX/Config A script has been included at the end of this article to automate enabling of monitor mode. All that's left is to "ifconfig wifi0 up" and Kismet should be ready to run: $ kismet Make sure you're the user you defined in kismet.conf. Dated log files will be created in ~, the most useful being .network. Type h while Kismet is running to see everything that Kismet can do. To return your card to conventional use, su - and issue these commands: # /etc/init.d/pcmcia restart # ifup ethX With good friends to help and motivate you, there is no hack unachievable. If nothing else, take that away from this article. ******************** #!/bin/bash # Change ethX to your device number, ex. eth0 echo "enabling monitor mode..." echo echo 'Mode: r' > /proc/driver/aironet/ethX/Config /bin/sleep 3 echo 'Mode: y' > /proc/driver/aironet/ethX/Config /bin/sleep 3 /sbin/ifconfig wifi0 up echo "ready to wardrive" echo ******************** [1] http://www.kismetwireless.net/documentation.shtml [2] http://www.cs.umd.edu/~npetroni/airo.html And I'm gonna end with some shouts anyway... Shout Outs: StankDawg, w1nt3rmut3, Screamer, logan5, ntheory, Rax, meme, Zapper, slip, BoBB, feend, KuroiShi, C4 and the rest of the Community