New release: 2022-01-R1
Kismet 2022-01-R1
Kismet 2022-01-R1 is here!
Download
You can get the 2022-01-R1 release from the Kismet downloads page, where you can get both the source and packages for several distributions.
New features
-
Significantly reduced RAM requirements
Through many tiny improvements, RAM usage is dying a death of a thousand cuts; while environments may differ, some tests are showing over 200,000 devices in a session with under 4 gig of RAM used! (Previous versions typically topped out around 25,000-30,000 devices on a 4 gig system)
-
Additional packet tags
Kismet now adds packet tags for newly advertised SSIDs, newly responded SSIDs, and packets related to alerts.
-
Additional eventbus events
The Kismet eventbus provides a push-notification service (for plugins and over the REST API); new eventbus events include newly advertised and responded SSIDS and probed SSIDs.
-
New packet deduplication system
New datasource-aware packet deduplication system which preserves datasource seen-by, multi-source signal levels for packets seen from multiple captures, and faster deduplication.
-
More info in the UI
Show more collected information in the UI, like GPS coordinates per SSID.
-
Better column alignment in the UI
Columns in the main device list are now better formatted and aligned, with right-aligned numeric columns and proper scrolling of the headers.
-
Able to disable sources in the UI
Have a datasource which is thrashing in a loop and not re-opening? Disable it from the datasources window!
-
More log filtering
Packet filtering for pcapng and ppi logfiles to match the filtering on kismetdb logs
-
Direct Wigle logging
Direct logging to Wigle CSV format.
-
Wardriving mode
A collection of new features (AP tracking only, log filtering, datasource option appending) linked into an overlay configuration to slim Kismet down to a wardriving-only style engine for collecting AP locations on small systems. Want to wardrive a busy area with a Raspberry Pi and don’t care about data, client devices, etc? This mode is for you; by reducing the RAM, CPU, and disk IO requirements, Kismet becomes much more usable on small systems.
Since the wardriving overlay is just a standard config overlay, it can be trivially tweaked and amended for specific needs.
Changes and Fixes
Kismet 2022-01-R1 brings a slew of memory, CPU, stability, and feature improvements.
-
New memory model for packet contents
Packet contents now use shared pointers and can be referenced from other packets, allowing more correct handling of deduplication.
-
New pooled memory for packet contents
Packet contents are recycled via a memory pool to minimize alloc/free thrashing, decrease memory fragmentation, and make for faster packet creation.
-
New packet data handling
Packet data is now (mostly) zero-copy using stringviews and shared views between decapsulated component, which decreases memory and CPU load.
-
New IPC & remote capture protocol
V2 of the IPC and remote cap protocol optimizes for memory and CPU on both ends of the connection by shifting how data is encapsulated in the protobufs. Newer Kismet servers can continue to talk to older remote captures, too.
The V2 IPC protocol removes the redundant checksum (less CPU required on both ends of the connection), and enables a zero-copy assembly of the packet content.
-
New pooled memory for tracked components
Tracked components (data later serialized to JSON) make up the majority of content in Kismet; they now use a recycle pool to reduce memory malloc/free thrash and CPU requirements.
-
New dynamic element contents
Kismet now uses a new system for dynamic entries in tracked elements, which optimizes to save RAM for each element with possible dynamic components; this adds up to a fairly significant RAM savings.
-
Optimized Adler32 checksums
The adler32 checksum routine is now much faster on small processors.
-
Update robinhood hash and transition more pools to it
The robinhood hash implementation has been updated, and more common pools have been transitioned to it for faster lookup times.
-
Reworked kismetdb database writing
The SQL calls are now serialized by the sqlite interface instead of explicit locking via sqlite sequential mode.
-
Squeeze more memory out of tracked components
More RAM usage squeezed out of tracked components by removing legacy IDs, getting a few more bytes of RAM per entity. It adds up.
Eked a few more bytes (per field) of memory by reducing the ID from int32 to int16.
-
Fix Linux monitor mode creation
Fix monitor mode creation on Linux not properly using flock() to prevent races.
-
Faster packet deduplication
Use crc32 for packet dedupe detection.
-
Better BTLE support
Better BTLE decoding from some of the USB datasources; better handling of broken frames and restarting datasources, and better handling of some firmware variants on USB capture devices.
-
Fixes for some GPS behavior
GPSD on some GPS hardware seems to send error precision messages with no location, breaking Kismet logic. GPS locations are now better handled, with fragmented updates updating a common location.
-
Better handling of proxied subdirectories
Handle being proxied via a subdirectory better, properly forming the websocket URI
-
Lots of threading fixes
Lots of thread fixes, deadlocks removed, and general continued cleanup of the multithreading and ASIO strand model.
-
Latest boost/asio/beast
Updated the internal copies of the boost, asio, and beast libraries (the networking framework and underlying http framework used in the Kismet webserver) to 1.78
-
Fixes to ADSB lookups
Fixed a bug where an invalid ADSB record could cause future ADSB ICAO lookups to fail
Packaging
If you’re looking to package Kismet, have a look at the packaging guidelines.
Thanks
As always, a tremendous thank you to all the contributors to the code and supporters on Github Sponsors and Patreon