Kismet README

Git and Beta

Welcome to the new, MAJOR rewrite of Kismet! If you're using the Git and Beta versions, you'll want to do some housekeeping...
Link

Compiling quickstart

Kismet has many many configuration knobs and options, but check here for the quickest way to get Kismet working with the latest release (or git version) and what you need to compile and do the initial configuration.
Link

Official Kismet packages

Most distributions will not have the latest Kismet versions, but you can install the official Kismet packages for many common distros and platforms.
Link

Installing Kismet: SUID vs Non-SUID

Kismet can be installed and configured multiple ways; the most secure is to allow Kismet to be installed suidroot and executable by users in the kismet group only.
Link

Starting Kismet

When starting Kismet you can define multiple options on the command line, config files, or perform many operations via the web interface.
Link

Upgrading

If you're upgrading from the old Kismet legacy release, or following the new git code, you may need to do some special care and feeding of your setup when you upgrade.
Link

Debugging

As hard as we try, everything has bugs. If you're having trouble with Kismet, here's how to help with the debugging!
Link

Config Files

Kismet has a large set of options which can be configured via configuration files - and sanely managed during upgrades with kismet_site.conf
Link

Logging

Kismet has many logging options; here's how to pick which options you need.
Link

Data sources

Data sources are how Kismet gets packets (and packet-like) data; many can be automatically configured but some need special options.
Link

Wi-Fi sources

Wi-Fi (802.11) data sources capture packets from an interface in monitor mode.
Link

Bluetooth sources

Bluetooth datasources capture BT and BTLE scanning and advertised data.
Link

Pcap capture file source

Pcap datasources replay existing pcap files as if they were live data
Link

KismetDB file source

Kismetdb datasources replay kismet log files.
Link

SDR rtl433 sources

SDR-based rtl433 sources use the rtl-sdr radio to capture a wide range of sensors, thermometers, and switches.
Link

SDR rtlamr sources

SDR-based rtlamr sources use the rtl-sdr radio to capture AMR based power and water meter readings.
Link

SDR rtladsb sources

SDR-based rtladsb sources use the rtl-sdr radio to capture airplane ADSB/Mode-S location and telemetry packets.
Link

nRF Mousejack sources

nRF Mosuejack based datasources use a nRF USB device to detect many common wireless keyboards and mice.
Link

Alerts and WIDS

Kismet can also function as a WIDS (Wireless Intrusion Detection System) with configurable alerts.
Link

Remote capture

Remote network capture allows Kismet to receive packets from distributed sensors installed on other hardware, such as OpenWRT routers.
Link

Webserver

The Kismet webserver has many optional configuration values which can be tuned in the config files.
Link

GPS

Kismet can use serial, network, and USB GPS receivers to track the location where signals are seen.
Link

Performance and Memory Tuning

Tuning options for performance and memory can resolve issues when dealing with very large data sets or very small servers.
Link

Prelude SIEM

Integration with the Prelude SIEM
Link

Kismet and Wigle

Kismetdb logs can be easily exported to the wigle CSV format for uploading.
Link

Kismetdb to JSON

Kismetdb logs can be exported to JSON records describing all seen devices, making it easy to process capture history.
Link

Stripping Kismetdb packet data

Kismetdb logs typically contain packet data; sometimes you may wish to strip the packet contents while keeping the device records.
Link

Kismetdb to PCAP

Kismetdb logs can be easily converted to pcap format
Link

Kismetdb Statistics

Quick summarization of kismetdb logs, with optional JSON output for scripting an index of captured log data.
Link

Included libraries

Kismet wouldn't be possible without other open source projects and includes several open source libraries.
Link