Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode and can sniff 802.11b, 802.11a, and 802.11g traffic. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of nonbeaconing networks via data traffic.
Kismet supports logging to the wtapfile packet format (readable by tcpdump and ethereal) and saves detected
network informat as plaintext, CSV, and XML. kismet is capable of using any GPS supported by gpsd and logs and
plots network data.
kismet is divided into three basic programs, kismet_server kismet_client, and gpsma.
Bugfixes and related
- The entire IO stack now uses a single thread per object (pollable, buffer, buffer dispatch, and final protocol element now share a single mutex), which should minimize the ability for multiple IO events to conflict.
- Packets are now processed by a single thread instead of a thread per CPU core; with the new views-based optimizations a packet processor can no longer hold a lock on a device while searching related devices. It’s unclear how much multi-threading the packet processing actually helped due to contention between device locks.
- TCP server now generates a unique pollable object (and associated mutex chain) for each remote datasource connection; previously it used a collective mutex for all TCP IO and processed data in the TCP server object, breaking the one-lock-per-io-object-chain model.
- Massive refactor of all methods and classes to unify a consistent naming convention w/in the code using snake_case_naming. Over the previous 20 years or so the codebase ended up with a mix of CamelCase, Upper_Case, and snake_case_names.
- Some jankiness in the UI as to how it handled channel setting datasources; it should now be much more reliable to lock a source and change channels via the UI.
- Some jankiness in the UI as to how it handled cloaked SSIDs and empty SSIDs full of spaces.
New features and improvements
- Overall less RAM used high-device-count environments thanks to new field aliasing internals that allow aliasing the last-beaconed and last-probed SSID records instead of copying the SSIDs. When handling tens of thousands of devices, every byte counts.
- Tunable buffer sizes via
tcp_buffer_kbfor extreme low-memory systems (like the Pineapple Tetra and other OpenWRT devices); this can reduce the base memory requirements from 2MB/datasource to significantly less.
- Introduction of
kismet_package.confwhich allows packagers to include platform-specific overrides without clobbering the user-controlled
- 802.11e / QBSS associated station and channel usage columns in the UI; to enable them to go to the ‘Hamburger menu’ in the top left, Settings, Device List Columns.
- Python3 packages now renamed to python3-kismetxyz instead of python-kismetxyz, and the ‘replaces’ option is flagged to automatically deprecate the old packages.
- New WIDS alert for the Qualcomm extended capability vulnerability reported at Blackhat.
- Adding a column to the device view can break being able to click on a device to get details. This can be worked around by refreshing the web page after adding the device column and saving your settings.
Copyright (C) 2017 kismetwireless