Apps & Packages

Kismet – Wireless Sniffer & Monitor (part 2)

In this, the second part of the article, we continue to examine Kismet which is a Wireless Sniffer & Monitor. We look at the remaining screens & features of the tool.

In part 1 of this article we introduced Kismet by understanding what it is, how the tool is started, and walked-through the main features of the Home page. In this article, part 2, we continue the walk-through and take a look at the remaining screens.

To recap, Kismet is described as follows:

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (Wireless Intrusion Detection System) framework.
Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

Walk-through continued…

All the following examples are using a wireless adapter (wlan0). Sections 2-6 are accessible via the ‘hamburger’ menu at the top left of the Home screen.

1) Home screen

See part 1 of this article by clicking here.

2) Settings

The Settings screen is divided into six pages with the menu options on the left side and the contents of the selected page on the right:

a) Device List Columns

This screen lists the columns shown within the Devices section of the Home screen. Each field can be shown/hidden and the order can be changed:

b) Device Row Highlighting

This screen lists the types of devices and whether its row is highlighted or not plus the associated color:

c) Units & Measurements

This screen allows the unit or measurement for Distance, Speed and Temperature to be chosen:

d) Plugins

This screen lists the plugins that are available, unfortunately our installation did not have any.

e) Login & Password

This screen allows the Server Login information to be modified:

f) API Keys

This screen allows API Keys to be specified and maintained:

3) Data Sources

This screen shows a list of available data sources, which in our case is the wireless adapter wlan0, and there is a real-time detection graphic at the top:

Each data source can be expanded to provide further information with the following being modifiable:

  • Active – can be set to Running or Close.
  • Channel Options – can be set to Lock or Hop.
  • Channels – can be set to All or individual ones can be turned on/off.

4) Memory Monitor

This screen shows the ‘memory use’ by the Kismet tool. It displays the last 60 minutes on the horizontal axis and a dual purpose set of numbers on the vertical axis i.e. Mb or Devices#. There are two plotted lines for Devices (detected) and Memory (used by Kismet itself). In the top right the current number of devices being detected and current amount memory being used:

5) Packet Rates

This screen is divided into two tabs:

a) Processing Queue

This tab shows a graph over the last hour with multiple lines plotted every minute:

b) Per Datasource

This tab shows a graph over the Past Minute, Past Hour or Past Day for each Data Source and can be switched between showing Packets or Data (Kb):

6) Channel Coverage

This screen is divided into two tabs:

a) Channel Coverage

This tab shows the frequencies (channels) along the horizontal axis and which ones are covered by each data source on the vertical axis:

b) Estimated Hopping

This tab shows each data source performing a scan across the channels in real-time:

Further Information

Have you used Kismet for wireless monitoring? If so please share your experiences in the comments below.

Leave a Reply