nstkismet

Name

nstkismet — NST script to administer kismet.

Synopsis

nstkismet [ -m TEXT | --mode TEXT ] [ --source TEXT ] [ -rd DEVICE | --ram-device DEVICE ] [ -rds SIZE | --ram-disk-size SIZE ] [ -rmp PATH | --ram-mount-point PATH ] [ -rdir DIRECTORY | --runtime-directory DIRECTORY ] [ -h [true]|false | --help [true]|false ] [ -H [true]|false | --help-long [true]|false ] [ -v [true]|false | --verbose [true]|false ] [ --version [true]|false ]

Description

The nstkismet script is used to administer kismet in a NST distribution.

Typical usage of this script involves:

  • Invoke the script with --mode setup to prepare the NST system to run kismet.

  • Edit the kismet_server configuration (/etc/kismet/kismet.conf) to match your hardware setup.

  • Start the kismet_server by invoking /etc/rc.d/init.d/kismet start.

  • Use the kismet_client to see what traffic has been detected.

  • Stop the kismet_server by invoking /etc/rc.d/init.d/kismet stop (this is optional).

  • Remove the kismet setup completely by running the script with the --mode remove option.

Here is a example of using nstkismet:


[root@probe ~]# nstkismet --mode setup -v
*** Creating a 64MByte RAM disk at mount point: "/mnt/ram4"...
/root/bin/create_ramdisk -v -s 64 -d /dev/ram4 -m /mnt/ram4

*** Mount point: "/mnt/ram4" is already in use, script: "create_ramdisk" is exiting normally...

*** (mount):
/dev/ram4 on /mnt/ram4 type ext2 (rw)

*** (df -k):
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/ram0                63461     29762     33699  47% /
none                    257536         0    257536   0% /dev/shm
/dev/scd0               395520    395520         0 100% /mnt/cdrom
/dev/ram4                63461        13     63448   1% /mnt/ram4

Created package directory: /mnt/ram4/kismet
Creating init script: /etc/rc.d/init.d/kismet

*** Kismet setup complete. Proceed as follows:
***
*** A. Edit /etc/kismet/kismet.conf
***
*** B. Bring up the server via:
***
***       /etc/rc.d/init.d/kismet start
***
***    OR - start server/client via:
***
***       (cd /mnt/ram4/kismet && kismet)
[root@probe ~]# nstkismet --mode status -v
kismet is setup under: /mnt/ram4/kismet
[root@probe ~]# nstkismet --mode location
/mnt/ram4/kismet[root@probe ~]# vi /etc/kismet/kismet.conf

... adjust kismet configuration - the 'source' is critical ...

[root@probe ~]# /etc/rc.d/init.d/kismet start
Starting kismet_server daemon:                             [  OK  ]
[root@probe ~]# kismet_client

... look at what's going on ...

[root@probe ~]# /etc/rc.d/init.d/kismet stop
Stopping kismet_server daemon:                             [  OK  ]
[root@probe ~]# nstkismet --mode remove -v
Successfully removed /mnt/ram4/kismet and the kismet user
[root@probe ~]#

Note

A web based front end to this script is available in the NST WUI.

Options

The following command line options are available:

[-m TEXT] | [--mode TEXT]

This option controls what nstkismet will do. If you specify status (the default), it will indicate whether nstkismet has been setup yet or not. If you specify setup it remove any previous instance of nstkismet and set up your NST system to run kismet_server as a service. If you specify remove it will remove the run time directory. If you specify location it will display the location of the run time directory (according to the last setup).

[--source TEXT]

This option is used in "setup" mode. It is used to specify the initial value for the "source" line in the file: "/etc/kismet.conf". You may specify a standard Kistmet source in the form: "MODULE,INTERFACE,LABEL[,INIT_CHANNEL]". For example: "ipw2200,eth1,ipw" and "madwifi_ag,wifi0,ag,11". In addition to specifying the full source, one may instead specify the keyword "auto" or "none". If "auto" is specified, the script will try to automatically determine what the source line should be by looking at the output of: "kudzu -p --class network". The kernel driver to Kismet module map is defined in the file: "/etc/nstkismet.conf". If the keywork "none" is specified then the script will NOT update the file: "/etc/conf/kismet.conf". NOTE: If this option is omitted, the script will default to the "auto" mode behavior.

[-rd DEVICE] | [--ram-device DEVICE]

Use this optional parameter to change the default RAM device that will be used for setting up the runtime environment by the script. The following RAM device names are available on NST: /dev/ram0 - /dev/ram9. A corresponding mount point path: /mnt/ram0 - /mnt/ram9 will be automatically selected for the RAM device. One can use the following optional parameter: [-rmp PATH] to change the mount point path location for the selected RAM device. If not specified, a reasonable default value for the script shall be chosen.

[-rds SIZE] | [--ram-disk-size SIZE]

Use this optional parameter to change the default RAM disk size in MegaBytes (MB) that will be used if a RAM disk is created by the nstkismet script. **Note: Use a reasonable value and make sure you to not exceed your available system RAM. The system memory utility: "free" can be used to help make your determination. If omitted, a reasonable value will be chosen by the script. The minimum value permitted is 10. The maximum value permitted is 1024.

[-rmp PATH] | [--ram-mount-point PATH]

Use this optional parameter to change the selected RAM device: [-rd DEVICE] mount point path location for the runtime environment created by the nstkismet script.

[-rdir DIRECTORY] | [--runtime-directory DIRECTORY]

One can use this optional parameter to force the nstkismet script to use an existing runtime directory on a locally attached disk drive or a mounted network file system and bypass the creation of a RAM disk. To do this, make sure the directory initially exists prior to using this option. If omitted and the -rd DEV option is omitted, then the nstkismet will make a "smart choice" as to whether to allocate a RAM disk or use a existing directory.

[-h [true]|false] | [--help [true]|false]

When this option is specified, nstkismet will display a short one line description of nstkismet, followed by a short description of each of the supported command line options. After displaying this information nstkismet will terminate.

[-H [true]|false] | [--help-long [true]|false]

This option will attempt to pull up additional nstkismet documentation within a text based web browser. You can force which browser we use setting the environment variable TEXTBROWSER, otherwise, we will search for some common ones.

[-v [true]|false] | [--verbose [true]|false]

When you set this option to true, nstkismet will produce additional output. This is typically used for diagnostic purposes to help track down when things go wrong.

[--version [true]|false]

If this option is specified, the version number of the script is displayed.

Files

/etc/rc.d/init.d/kismet

This script is used to start/stop the kismet_server as a system service. This script is created when nstkismet is invoked with the --mode setup option and removed when nstkismet is invoked with the --mode remove option.

/mnt/ram4/kismet

This is the default directory which will be used to store information collected by the kismet_server when the NST is in its default state after booting off of a CD.

/var/nst/kismet

This is the default directory which will be used to store information collected by the kismet_server when the NST is in its default state after booting off of a hard disk.

/etc/nstkismet.conf

This file contains the kernel driver to Kismet source mappings used when trying to auto-configure wireless cards. Values found in this file will have precendence over the "factory defaults" found in the file: "/usr/share/local/share/nstkismet/nstkismet.conf". NOTE: The project has a limited amount of wireless hardware availabe for testing. If your hardware is not auto-detected, and you are able to determine a new entry that should appear in this table, please report the new entry as a "Feature Request" at the project's web site (http://sourceforge.net/projects/nst).

/usr/share/local/share/nstkismet/nstkismet.conf

The script reads this file PRIOR to reading configuration information contained in the file: "/etc/nstkismet.conf" (if it exists). Think of this as the "factory defaults". If one needs to customize the configuration, they should copy this file to: "/etc/nstkismet.conf" and make their modifications there.

/mnt/ram4/kismet

This is the default directory which will be used to store information collected by the kismet_server.

/usr/local/share/nstkismet

Directory containing resource files used by nstkismet.

Environment

TEXTBROWSER

This controls what text based browser is used to display help information about the script. If not set, we will search your system for available text-based browsers (Ex: elinks, lynx ...).

Authors

Paul Blankenbaker created initial version.

See Also

kismet(1), kismet, Network Security Toolkit