Saturday, October 01, 2005
Kismet on Fedora Core 4
I was very very busy afte the conference trying to setup my laptop for the Wifi Pen Test and Wardrive. Its back to the Linux OS again. And of cos, I realized I had forgotten quite some bits of it and learn some more new stuff along the way. One of the important things encountered and I felt is better to document was the installation of Kismet on FC4. So here is it.
1. Before you start, you will need to get Fedora Core 4 installed, preferable with as much Programming and Administration tools installed as possible. I am running low on space and as such had no choice but to partial install.
2. Next, is to get Kismet. I had download it from the source and compiled it. But actually I later found out there is a RPM release for FC4. You can find it at :
But I don't know how it is with other people, I could not install it because the Kernel version did not really match. I had to download the kernerl-source package using yum as well as doing all my Fedora updates before I got the version to match.
3. Now, you need to get your PCMCIA card working. The card I was working on was the D-Link DWL-G650 so my choice of driver will be madwifi. I got it working in Linux with some driver. And I happy ran my Kismet. Got a ioctl error. Was stuck there for a few days since before the conference with no idea what when wrong. Anyway, I had changed to a Linksys WPC11 v3 card and still the same problem. Then I found out something. You CANT use the linux NORMAL driver to get Kismet working. You need a special driver for that. There are several out there including Project Evil, NDISWrapper etc. But for real rfmon action, I would suggest you go for HostAP. This you will need to get from Atrpms:
And since you are there, you can also grab hostap-utils :
And hostapd :
A note I want to say was that there are a few mode in hostap. You will only need to worry about hostap_cs.
4. Along the way, I found out that I needed some more of the modules one way or another. Among them were Perl-Net library, Pcap library and some libray, but yum handled it nicely. And if not either ATrpms or DAG has. Thanks to these 2 great site. Anyway, after installing all these. You should be able to do a ifconfig and see some weird stuff with you card now. You will get a NORMAL interface with a 6 pair hardware MAC and another one with insane among of pairs ID. That btw is the rfmon mode. You got the driver working now.
5. Kick in Kismet and I know so much about murphy law. The driver I installed from the RPM did not work. Invalid Module Format. Damn. So back to the hostap source. I rebuilded it and yes, I mean you NEED to know how to build from source. Basically, make, make install (under root). Weird that the path of the install is not the same as the RPM, hell, I just copied all the hostap*.ko into that directory. My installation is probably very dirty now. But I only needed to get it working.
6. One last shot. Another error. I can't believe it, the conf file it was looking for was somewhere inside .../updates/net/wireless... or watever. I didn't know what happened, but just copy kismet.conf there. Oh, I forgot to say something about editing the kismet.conf I guess... Even though many places will tell you WPC11 v3 is a Prism2 card, and some places will tell you to use orinoco mode in kismet. But you now got the driver working, so it will be hostap_cs instead. :)
7. Break for lunch at 3pm because I had forgotten to eat totally. And when I came back. I kick in Kismet. TA-DA. Working and capturing all my neighbours packets now. It did not capture my packets from my router. Why? I am not going to tell you. Think about it why.
Hint : WPC v3
IF you think you know, post the answer in the comments. :)