我似乎没有让 Kismet 将我的 WiFi 天线识别为数据源。由于它是 Raspberry Pi 2,因此必须使用 2016 version。
Kismet started with no packet sources defined. None defined or all defined encountered unrecoverable errors.
控制台有信息、调试和错误消息。
INFO: No specific sources named on teh command line, sources will be read from kismet.conf
我在 kismet.conf 中没有资源,但我有一个 kismet_site.conf,如下所列。
ERROR: No sources found - Remember, Kismet recently changed the format of sources, and to make it easier to identify old configs, sources are now identified by the 'ncsource=...' config file line. Kismet CAN be started with no predefined sources, however MAKE SURE this is what you wanted!
我按照网站的指示创建了一个 monitor,应该可以解决数据源问题:
$ iw dev # get all wireless devices
phy#0 # physical ID
Interface wlan0
ifindex 3
wdev 0x1
addr 06:0c:00:0c:bd:41
type managed
txpower 0.00 dBm
iw phy phy0 info # phy0 is my physical address
Supported interface modes:
* managed
* monitor # This is the one we want!
$ sudo nano /etc/network/interfaces # let's edit this file
allow-hotplug wlan0 # wait for udev to detect the device
iface wlan0 inet manual # don't assign an ip
pre-up iw phy phy0 interface add mon1 type monitor # add a new interface to phy1 device of type monitor
pre-up iw dev wlan0 del # delete wlan0 as we don't need it for this application
pre-up ifconfig mon1 up # bring up mon1
$ sudo reboot # reboots
$ ifconfig # review network config after logging in again
mon1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
unspec 06-0C-00-0C-BD-41-30-30-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 7687 bytes 1202184 (1.1 MiB)
RX errors 0 dropped 7687 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
sudo usermod -aG kismet pi # add user pi to kismet group
sudo shutdown -r now # reboot
## kismet_site.conf
ncsource=mon1
## kismet.conf
version=2009-newcore
allowplugins=false # RF orig set to true
preferredchannels=1,6,11
channelvelocity=5
channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10
channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165
channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165
listen=tcp://127.0.0.1:2501
allowedhosts=127.0.0.1,192.168.1.4
maxclients=5
maxbacklog=5000
ouifile=/etc/manuf
ouifile=/usr/share/wireshark/wireshark/manuf
ouifile=/usr/share/wireshark/manuf
ouifile=/Applications/Wireshark.app/Contents/Resources/share/wireshark/manuf
gps=false # RF
gpstype=gpsd
gpshost=localhost:2947
gpsmodelock=false
gpsreconnect=true
tuntap_export=false
tuntap_device=kistap0
alert=ADHOCCONFLICT,5/min,1/sec
alert=AIRJACKSSID,5/min,1/sec
alert=APSPOOF,10/min,1/sec
alert=BCASTDISCON,5/min,2/sec
alert=BSSTIMESTAMP,5/min,1/sec
alert=CHANCHANGE,5/min,1/sec
alert=CRYPTODROP,5/min,1/sec
alert=DISASSOCTRAFFIC,10/min,1/sec
alert=DEAUTHFLOOD,5/min,2/sec
alert=DEAUTHCODEINVALID,5/min,1/sec
alert=DISCONCODEINVALID,5/min,1/sec
alert=DHCPNAMECHANGE,5/min,1/sec
alert=DHCPOSCHANGE,5/min,1/sec
alert=DHCPCLIENTID,5/min,1/sec
alert=DHCPCONFLICT,10/min,1/sec
alert=NETSTUMBLER,5/min,1/sec
alert=LUCENTTEST,5/min,1/sec
alert=LONGSSID,5/min,1/sec
alert=MSFBCOMSSID,5/min,1/sec
alert=MSFDLINKRATE,5/min,1/sec
alert=MSFNETGEARBEACON,5/min,1/sec
alert=NULLPROBERESP,5/min,1/sec
apspoof=Foo1:ssidregex="(?i:foobar)",validmacs=00:11:22:33:44:55
apspoof=Foo2:ssid="Foobar",validmacs="00:11:22:33:44:55,aa:bb:cc:dd:ee:ff"
allowkeytransmit=true
writeinterval=300
enablesound=false
soundbin=play
sound=newnet,true
sound=newcryptnet,true
sound=packet,true
sound=gpslock,true
sound=gpslost,true
sound=alert,true
enablespeech=false
speechbin=flite
speechtype=raw
speechencoding=nato
speech=new,"New network detected s.s.i.d. %1 channel %2"
speech=alert,"Alert %1"
speech=gpslost,"G.P.S. signal lost"
speech=gpslock,"G.P.S. signal O.K."
alertbacklog=50
logtypes=pcapdump,gpsxml,netxml,nettxt,alert
pcapdumpformat=ppi
logdefault=Kismet
logtemplate=%p%n-%D-%t-%i.%l
configdir=%h/.kismet/
## showing:
Bus 001 Device 004: ID 148f:7601 Ralink Technology, Corp. MT7601U Wireless Adapter
我该如何解决这个问题?我目前有一个无线天线正在工作,稍后我正在努力连接 GPS 天线。