By the way I don't know my neighbor, I know its a She because I searched her on Facebook using her login e-mail that I found on the dumps.
Now onto Kismet how to
What you need
- A Linux OS - in this case I use Mepis as it is already installed on my laptop
- Wireless card that is supported by Kismet check Kismet documentation
- Kismet - an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
- Tcpdump - to read the dump files, you can also use ethereal
- And finally intruder in your network using wireless
In my case I installed Kismet using apt-get as I have Mepis installed on my Laptop.
Once Kismet is installed do
And edit the following line in
Kismet configuration file - kismet.conf
You need to set the user, in my case I run it as root as it is not working for me as regular user
# User to setid to (should be your normal user)
You need to define your interface in my case the chip I have is "ipw3945", interface "eth1" and i want it named "Kismet", search the Kismet documentation for the source type of your interface
# Sources are defined as:
# Source types and required drivers are listed in the README under the
# CAPTURE SOURCES section.
# The initial channel is optional, if hopping is not enabled it can be used
# to set the channel the interface listens on.
# YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
We don't want channel hopping since we already know what channel their connecting to
# Do we channelhop?
Since we don't want channel hop I defined the channel(11) I want to sniff on for 802.11b network
# Users outside the US might want to use this list:
And for 802.11g network
# 802.11g uses the same channels as 802.11b...
you can edit the log format, the log limit or the path where you want it to log if you want.
After changing the values on the configuration files type
Once kismet is running press on the letter "s" it should select the AP it see, then type on "t" to tag that AP, now pree "d" to see dumps on your screen, press "h" for more help on other command.
Once your through sniffing go to the log files save under /var/log/kismet
Now to read your dumps issue the command
$tcpdump -vvv -XX -p tcp -nr /var/log/kismet/Kismet.date.dump
Short description of tcpdump option used above
- vvv for very verbose
- XX Print headers of each packet, print the data of each packet, including its link level header, in hex and ASCII.
- p Protcol
-n Do not resolve IP
-r Read packets from file
Thats it and enjoy sniffing.