| View previous topic :: View next topic |
| Author |
Message |
MHD
Tux's lil' helper
Joined: 18 Jun 2003
Posts: 88
|
 Posted: Wed Jul 21, 2004 12:02 am Post subject: WG511 wireless card, Kismet and Airsnort probem [SOLVED] |
 |
|
Thanks to all the great information here I have managed to start to get my wireless card running...
However I cant seem to get Kismet or Airsnort running (I am using these for testing debugging... No plans to go out around ASIO (our CIA))
First, the output from iwconfig
This is what I get when I first plug it in
| Code: |
eth1 IEEE 802.11b/g Mode:Managed Channel:3
Access Point: 00:00:00:00:00:00 Bit Rate:0kb/s Tx-Power=31 dBm
Sensitivity=20/200
Retry min limit:8 RTS thr:2347 B Fragment thr:2346 B
Encryption key:off
Link Quality:143 Signal level:0 Noise level:80
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
|
And then when I iwconfig it agaian
| Code: |
eth1 NOT READY! ESSID:off/any
Mode:Ad-Hoc Channel:11 Cell: FF:FF:FF:FF:FF:FF
Tx-Power=31 dBm Sensitivity=0/200
Retry min limit:0 RTS thr=-1 B Fragment thr=-1 B
Encryption key:off
Link Quality:143 Signal level:0 Noise level:80
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
|
I have managed to get it conected to a freinds lan ok.. (ping etc works)
Now the problems
AIRSNORT
When using both the prism orninoco mode when I press scan it says:
| Quote: | | could not set monitor mode |
and in the shell I get
| Quote: | | wlanctl-ng: Operation not supported |
Kismet
Like many people I get:
| Code: | Server options: none
Client options: none
Starting server...
Waiting for server to finish starting before startuing UI...
Will drop privs to scott (1000)
No enable sources specified, all sources will be enabled.
Source 0 ( prism2source): Using pcap to capture packets from eth1
Source 0 ( prism2source): Attempting to enter monitor mode.
Enabling monitor mode for a pcap prism2 card on eth1 channel 6
wlanctl-ng: Operation not supported
wlanctl-ng: Operation not supported
wlanctl-ng: Operation not supported
wlanctl-ng: Operation not supported
SIOCSIFFLAGS: Permission denied
SIOCSIFFLAGS: Permission denied
Source prism2source: Created child capture process 25889
Dropped privs to scott (1000)
Enabling channel hopping.
Disabling channel splitting.
Allowing clients to fetch WEP keys.
Logging networks to Kismet-Jul-21-2004-2.network
Logging networks in CSV format to Kismet-Jul-21-2004-2.csv
Logging networks in XML format to Kismet-Jul-21-2004-2.xml
Logging cryptographically weak packets to Kismet-Jul-21-2004-2.weak
Logging cisco product information to Kismet-Jul-21-2004-2.cisco
Logging gps coordinates to Kismet-Jul-21-2004-2.gps
Logging data to Kismet-Jul-21-2004-2.dump
Writing data files to disk every 300 seconds.
Mangling encrypted and fuzzy data packets.
Reading AP manufacturer data and defaults from /etc/kismet/ap_manuf
Reading client manufacturer data and defaults from /etc/kismet/client_manuf
Dump file format: wiretap (local code) dump
Crypt file format: airsnort (weak packet) dump
Kismet 3.0.1 (Kismet)
Logging data networks CSV XML weak cisco gps
GPSD cannot connect: Connection refused
Listening on port 2501.
Allowing connections from 127.0.0.1/255.255.255.255
Registering builtin client/server protocols...
Registering requested alerts...
Registering builtin timer events...
Enabling packet source 0 ( prism2source)...
Gathering packets...
Shutting down source 0 ( prism2source)...
Didn't detect any networks, unlinking network list.
Didn't detect any networks, unlinking CSV network list.
Didn't detect any networks, unlinking XML network list.
Didn't detect any Cisco Discovery Packets, unlinking cisco dump
Didn't capture any packets, unlinking dump file
Didn't see any weak encryption packets, unlinking weak file
Waiting for capture child 25889 to terminate...
Kismet exiting.
Starting UI...
FATAL: Could not connect to localhost:2501.
Client exited, terminating...
Done. Run kismet_unmonitor or eject and re-insert your card (or restart your
pcmcia services) to return your card to normal operation. |
Now I am in the right directory (user home) and the kismet server is started (/etc/init.d/kismet start
Any ideas???
If you need anyome info just yell...
How have other people gone with their wg511's?
Last edited by MHD on Sat Jul 24, 2004 2:14 pm; edited 1 time in total |
|
| Back to top |
|
 |
MHD
Tux's lil' helper
Joined: 18 Jun 2003
Posts: 88
|
| Posted: Wed Jul 21, 2004 12:10 am Post subject: |
|
|
| oops... sorry didnt meen to put it into K&H A mod might want to moove this to networking... |
|
| Back to top |
|
|
MHD
Tux's lil' helper
Joined: 18 Jun 2003
Posts: 88
|
| Posted: Wed Jul 21, 2004 12:38 am Post subject: |
|
|
Some more info....
I just check my /etc/pcmcia/config
| Code: | card "Intersil PRISM2 11 Mbps Wireless Adapter"
manfid 0x0156, 0x0002
bind "orinoco_cs"
|
Why does it bind to the Orinco drives...
and this
| Code: | [00:37:28] aspiring:pcmcia> cardctl info
PRODID_1="Intersil"
PRODID_2="ISL3890"
PRODID_3="-"
PRODID_4="-"
MANFID=000b,3890
FUNCID=254
PRODID_1=""
PRODID_2=""
PRODID_3=""
PRODID_4=""
MANFID=0000,0000
FUNCID=255
|
|
|
| Back to top |
|
|
MHD
Tux's lil' helper
Joined: 18 Jun 2003
Posts: 88
|
| Posted: Wed Jul 21, 2004 1:03 am Post subject: |
|
|
Sorry to spam my own post but here is another sign of health (which is confusing... darn airsnort/kismet...)
from dmesg
| Code: | PCI: Enabling device 0000:03:00.0 (0000 -> 0002)
eth1: prism54 driver detected card model: Netgear WG511
eth1: islpci_open()
eth1: resetting device...
eth1: uploading firmware...
eth1: firmware uploaded done, now triggering reset...
eth1: islpci_close ()
eth1: prism54_set_txpower() auto power will be implemented later.
eth1: islpci_open()
eth1: resetting device...
eth1: uploading firmware...
eth1: firmware uploaded done, now triggering reset...
eth1: islpci_close ()
eth1: islpci_open()
eth1: resetting device...
eth1: uploading firmware...
eth1: firmware uploaded done, now triggering reset...
|
|
|
| Back to top |
|
|
MHD
Tux's lil' helper
Joined: 18 Jun 2003
Posts: 88
|
| Posted: Wed Jul 21, 2004 1:35 am Post subject: |
|
|
Might have just found out whats happening in KISMET...
Looks like only the ~x86 version supports the intersill prism54 chipest...
still no idea on airsnort |
|
| Back to top |
|
|
beastmaster
Apprentice
Joined: 24 May 2004
Posts: 230
|
| Posted: Wed Jul 21, 2004 7:05 am Post subject: |
|
|
I followed up the original wg511 howto thread and found yours here  .
I got the same problem like you described for airsnort and krismet, both of them will just exit out on me. I was sort of tinkering around with it about a week ago.
I think you may wanna try to put the wireless card to "Monitor" mode first and see what'll happen... cuz it makes sense that only monitor mode will cap packets. (I haven't tried monitor mode yet...  )
Another thing to consider, I believe you need a wireless NIC that is capable of doing it  , netgear wg511's prism deute chipset doesn't work in promious mode at all or maybe it doesn't work well with it, I'm not sure though, but I too would like to find out.
worst-case scenario, buying another wireless nic 
however I love this netgear's wg511 a lot, it works really flawlessly just for my need, surfing the net. |
|
| Back to top |
|
|
Goodle
n00b
Joined: 11 Jan 2004
Posts: 20
|
| Posted: Thu Jul 22, 2004 12:13 am Post subject: |
|
|
I also have a NetGear WG511... I got airsnort working but not kismet. To get airsnort to work you have to put the card in "monitor mode" you can do with by running:
| Code: | | iwconfig ethx mode monitor |
Then when you start up airsnort -
The field where it says Network Device: type: ethx
The field where it says Card Type: choose other
Then press start at the bottom.
Note: ethx where x is a number like eth0 or eth1
I think gentoo verison of kismet didn't come with all the drivers and sources so you might have to compile it on your own. I am going to try to compile it tonight and see what happens. |
|
| Back to top |
|
|
beastmaster
Apprentice
Joined: 24 May 2004
Posts: 230
|
| Posted: Thu Jul 22, 2004 2:28 am Post subject: |
|
|
| Goodle wrote: | I also have a NetGear WG511... I got airsnort working but not kismet. To get airsnort to work you have to put the card in "monitor mode" you can do with by running:
| Code: | | iwconfig ethx mode monitor |
Then when you start up airsnort -
The field where it says Network Device: type: ethx
The field where it says Card Type: choose other
Then press start at the bottom.
Note: ethx where x is a number like eth0 or eth1
I think gentoo verison of kismet didn't come with all the drivers and sources so you might have to compile it on your own. I am going to try to compile it tonight and see what happens. |
Hi Goodle, thanks for the good info... 2 questions.
1) when you set it to monitor mode, can you still surf online? 
2) about the kismet source, you meant patching it yourself? and how specifically? can you post a wg511-kismet-how-to here later on
UPDATE: I've tried. No matter what I do, airsnort will exit with " Segmentation fault " error after I click "start" 
Recompiled airsnort several times to no avil as well... Anybody having the same problem?
Thank you. |
|
| Back to top |
|
|
MHD
Tux's lil' helper
Joined: 18 Jun 2003
Posts: 88
|
| Posted: Fri Jul 23, 2004 4:02 am Post subject: |
|
|
Thanks!
I will try this for airsnort and see... |
|
| Back to top |
|
|
Goodle
n00b
Joined: 11 Jan 2004
Posts: 20
|
| Posted: Sat Jul 24, 2004 2:36 am Post subject: |
|
|
To answer you question putting your card on monitor will not allow you to surf the web. It puts your card on a listen mode which you can only listen to traffic. When your card is on monitor you can't send, only recieve.
Could you post a copy of your | Code: | ifconfig -a
iwconfig |
while trying to run airsnort
Also what is your kernel version?
I got kismet to work with the net gear WG511. In the /etc/kismet/kismet.config edit the source section so it says
| Code: | | source=generic,ethx,generic |
Also make sure you edit this line to...
| Code: | | suiduser=<YOUR NORMAL USERNAME> |
You may also have to be in group wheel for this to work.
Set your card manually into monitor. Basicilly kismet does this with the card drivers that you specified in /etc/kismet/kismet.conf. I have not had any luck with specifing the drives.
Now you have to start the kismet server that runs on local host.
1 )Login as root
2 )run
3 )run | Code: | | iwconfig ethx mode monitor |
4 )run
5 )kismet server should just sit there running
If the server dies your card is not set up properly.
Starting Kismet itself
6 ) Open a new term as your normal user
7 ) Got to a directory which you want kismet to dump and log the packets. Mine is /home/blitz/netlogs/
8 ) run it that directory
9 ) kismet should start 
A few useful commands while in kismet:
type h will give you the help window
type a and the sort window will come up and choose something other then autofit by type on of the <letters> listed. Then you can scroll through the access points.
Having more problems~
Post them here ~
Check Kismet docs - http://www.kismetwireless.net/documentation.shtml
Howto set up WG511 - https://forums.gentoo.org/viewtopic.php?t=177446&highlight=wg511+setup&sid=db77ca871ffb8d6eb64e08a9a3c693a5
Wanting to brake WEP with kismet - http://wepattack.sourceforge.net/ |
|
| Back to top |
|
|
MHD
Tux's lil' helper
Joined: 18 Jun 2003
Posts: 88
|
| Posted: Sat Jul 24, 2004 2:14 pm Post subject: |
|
|
It all works now!!
SOLUTIONS
KISMET:
Emerge the masked version (2004blahblah) The stable version does not supprot prism54
AIRSNORT
iwconfig eth1 mode monitor
to put the device in monitor and use default setting as your card...
Been having some great fun mapping out the area.. Quite stunned the number of networks!!! |
|
| Back to top |
|
|
Goodle
n00b
Joined: 11 Jan 2004
Posts: 20
|
| Posted: Sat Jul 24, 2004 7:08 pm Post subject: |
|
|
| I will have to try the masked version then. |
|
| Back to top |
|
|
beastmaster
Apprentice
Joined: 24 May 2004
Posts: 230
|
| Posted: Sun Jul 25, 2004 9:36 am Post subject: |
|
|
Hi Goodle,
my kernel version is 2.6.5-gentoo-r1.
um... I just found out that it won't give me seg fault if I run airsnort in root.. but not in normal user any idea?
but on the bright side, it's capping data...  now what should i do with it?
By the way, thank you for the writeup, I will try krismet shortly and post the update. |
|
| Back to top |
|
|
Goodle
n00b
Joined: 11 Jan 2004
Posts: 20
|
| Posted: Wed Jul 28, 2004 2:44 am Post subject: |
|
|
| I not sure... Maybe upgrade you kernel to gentoo-2.6.7-r11 |
|
| Back to top |
|
|
danpixley
n00b
Joined: 14 Jun 2004
Posts: 66
|
| Posted: Wed Aug 04, 2004 2:21 am Post subject: Kismet 2004.04.1 problem (FIXED) |
|
|
I am having trouble getting the Kismet 2004.04.1 version running. I can get the server to run using Goodle's instructions, but the client refuses to load:
| Code: |
user $ kismet
Server options: none
Client options: none
Starting server...
Waiting for server to start before startuing UI...
Will drop privs to dan (1000) gid 100
FATAL: Unable to set up pidfile /var/run/kismet_server.pid, unlink() failed: Permission denied
|
/var/run should have the proper permissions as far as I can see:
| Code: |
user $ ls -al /var/run
total 48
drwxr-xr-x 5 root root 448 Aug 3 19:13 .
drwxr-xr-x 12 root root 336 Jun 29 22:09 ..
-rw-r--r-- 1 root root 5 Aug 3 15:27 cardmgr.pid
drwxr-xr-x 2 root root 72 Aug 3 15:29 console
-rw------- 1 root users 3 Aug 3 15:29 console.lock
-rw-r--r-- 1 root root 5 Aug 3 15:27 cron.pid
-rw-r--r-- 1 root root 5 Aug 3 19:13 dhcpcd-eth1.pid
-rw-r--r-- 1 root root 5 Aug 3 15:27 gdm.pid
-rw-r--r-- 1 root root 5 Aug 3 19:10 kismet_server.pid
-rw-r--r-- 1 root root 5 Aug 3 15:27 pcmcia-scheme
-rw------- 1 root root 512 Aug 3 15:27 random-seed
drwxr-xr-x 2 root root 48 Jul 31 23:41 samba
-rw-r--r-- 1 root root 16 Aug 3 15:27 stab
-rw------- 1 root root 5 Aug 3 15:27 syslog-ng.pid
drwxr-xr-x 2 root root 48 Aug 2 17:20 usb
-rw-rw-r-- 1 root utmp 5376 Aug 3 17:12 utmp
|
The kismet_server program runs just fine. I run it as root at the shell from /home/user/dump (where user is my setuid user), and then it drops down to the setiud user. It sees access points and everything. I just can't get the client itself to work. I use the same user to start the client as the setuiduser in kismet.conf. Any ideas as to what I am missing? I am new to Kismet, and would love to get it up and running!
Thanks in advance,
Dan
FIXED:
This new version of kismet is ran by root with one single command: kismet.
_________________
Unanswered Post Initiative:
https://forums.gentoo.org/viewtopic.php?t=119906
My site:
http://danpixley.wordpress.com |
|
| Back to top |
|
|
aminal
Apprentice
Joined: 17 Mar 2004
Posts: 170
Location: Baltimore, MD
|
| Posted: Fri Sep 17, 2004 7:28 am Post subject: |
|
|
| Shouldn't you be able to run the 'kismet' command as the suid user you put in kismet.conf? I know I could do it in FC2, but in gentoo I get the 'unable to set up pidfile' error. |
|
| Back to top |
|
|
isaidi
n00b
Joined: 02 Jan 2004
Posts: 28
Location: Canada
|
| Posted: Thu Sep 30, 2004 12:16 am Post subject: |
|
|
I was having similar errors in Kismet.
ifconfig eth1 fixed it for me
thanks guys!  |
|
| Back to top |
|
|
rek2
Guru
Joined: 05 Jan 2003
Posts: 477
Location: Boston USA/Barcelona Spain
|
| Posted: Wed Mar 08, 2006 2:12 pm Post subject: |
|
|
with the 54G prism use:
-c prism54g,eth1,prism54g
of course eth1 in my setup... change it for yours..
kismet_server as root
then from your user run
kismet_client and you wshould have it running..
now I cant get the panel to work.. only ncurses... anyone knows why?
Cheers
_________________
http://www.dailyradical.org
http://www.binaryfreedom.info
use jabber!!! sing on now, register an account:
http://jabber.binaryfreedom.info |
|
| Back to top |
|
|
|
Kernel & Hardware
