New release: 2022-01-R1

Kismet 2022-01-R1

Kismet 2022-01-R1 is here!

Download

You can get the 2022-01-R1 release from the Kismet downloads page, where you can get both the source and packages for several distributions.

New features

• Significantly reduced RAM requirements

  Through many tiny improvements, RAM usage is dying a death of a thousand cuts; while environments may differ, some tests are showing over 200,000 devices in a session with under 4 gig of RAM used! (Previous versions typically topped out around 25,000-30,000 devices on a 4 gig system)

• Additional packet tags

  Kismet now adds packet tags for newly advertised SSIDs, newly responded SSIDs, and packets related to alerts.

• Additional eventbus events

  The Kismet eventbus provides a push-notification service (for plugins and over the REST API); new eventbus events include newly advertised and responded SSIDS and probed SSIDs.

• New packet deduplication system

  New datasource-aware packet deduplication system which preserves datasource seen-by, multi-source signal levels for packets seen from multiple captures, and faster deduplication.

• More info in the UI

  Show more collected information in the UI, like GPS coordinates per SSID.

• Better column alignment in the UI

  Columns in the main device list are now better formatted and aligned, with right-aligned numeric columns and proper scrolling of the headers.

• Able to disable sources in the UI

  Have a datasource which is thrashing in a loop and not re-opening? Disable it from the datasources window!

• More log filtering

  Packet filtering for pcapng and ppi logfiles to match the filtering on kismetdb logs

• Direct Wigle logging

  Direct logging to Wigle CSV format.

• Wardriving mode

  A collection of new features (AP tracking only, log filtering, datasource option appending) linked into an overlay configuration to slim Kismet down to a wardriving-only style engine for collecting AP locations on small systems. Want to wardrive a busy area with a Raspberry Pi and don’t care about data, client devices, etc? This mode is for you; by reducing the RAM, CPU, and disk IO requirements, Kismet becomes much more usable on small systems.

  Since the wardriving overlay is just a standard config overlay, it can be trivially tweaked and amended for specific needs.

Changes and Fixes

Kismet 2022-01-R1 brings a slew of memory, CPU, stability, and feature improvements.

• New memory model for packet contents

  Packet contents now use shared pointers and can be referenced from other packets, allowing more correct handling of deduplication.

• New pooled memory for packet contents

  Packet contents are recycled via a memory pool to minimize alloc/free thrashing, decrease memory fragmentation, and make for faster packet creation.

• New packet data handling

  Packet data is now (mostly) zero-copy using stringviews and shared views between decapsulated component, which decreases memory and CPU load.

• New IPC & remote capture protocol

  V2 of the IPC and remote cap protocol optimizes for memory and CPU on both ends of the connection by shifting how data is encapsulated in the protobufs. Newer Kismet servers can continue to talk to older remote captures, too.

  The V2 IPC protocol removes the redundant checksum (less CPU required on both ends of the connection), and enables a zero-copy assembly of the packet content.

• New pooled memory for tracked components

  Tracked components (data later serialized to JSON) make up the majority of content in Kismet; they now use a recycle pool to reduce memory malloc/free thrash and CPU requirements.

• New dynamic element contents

  Kismet now uses a new system for dynamic entries in tracked elements, which optimizes to save RAM for each element with possible dynamic components; this adds up to a fairly significant RAM savings.

• Optimized Adler32 checksums

  The adler32 checksum routine is now much faster on small processors.

• Update robinhood hash and transition more pools to it

  The robinhood hash implementation has been updated, and more common pools have been transitioned to it for faster lookup times.

• Reworked kismetdb database writing

  The SQL calls are now serialized by the sqlite interface instead of explicit locking via sqlite sequential mode.

• Squeeze more memory out of tracked components

  More RAM usage squeezed out of tracked components by removing legacy IDs, getting a few more bytes of RAM per entity. It adds up.

  Eked a few more bytes (per field) of memory by reducing the ID from int32 to int16.

• Fix Linux monitor mode creation

  Fix monitor mode creation on Linux not properly using flock() to prevent races.

• Faster packet deduplication

  Use crc32 for packet dedupe detection.

• Better BTLE support

  Better BTLE decoding from some of the USB datasources; better handling of broken frames and restarting datasources, and better handling of some firmware variants on USB capture devices.

• Fixes for some GPS behavior

  GPSD on some GPS hardware seems to send error precision messages with no location, breaking Kismet logic. GPS locations are now better handled, with fragmented updates updating a common location.

• Better handling of proxied subdirectories

  Handle being proxied via a subdirectory better, properly forming the websocket URI

• Lots of threading fixes

  Lots of thread fixes, deadlocks removed, and general continued cleanup of the multithreading and ASIO strand model.

• Latest boost/asio/beast

  Updated the internal copies of the boost, asio, and beast libraries (the networking framework and underlying http framework used in the Kismet webserver) to 1.78

• Fixes to ADSB lookups

  Fixed a bug where an invalid ADSB record could cause future ADSB ICAO lookups to fail

Packaging

If you’re looking to package Kismet, have a look at the packaging guidelines.

Thanks

As always, a tremendous thank you to all the contributors to the code and supporters on Github Sponsors and Patreon