[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kismet-wireless
Subject:    RE: [KISMET] RH72, Cisco 350 & kismet - quick howto
From:       Magnus Ullberg <UllbergM () abcbank ! com>
Date:       2002-03-31 3:16:12
[Download RAW message or body]

ahh, finally figured it out.. i downloaded the 2.4.18 kernel from redhat's
rawhide ftp site.. (im trying to stay with the rpm's since it takes
*forever* to compile on this box..)
It might have been working at this point, im not sure.. i assumed that it
didn't because it still said "Mode: ESS" after running cisco_monitor..
I recompiled the airo/airo_cs modules (from the same rawhide kernel) and
installed them.. and everything works now..
I'm pretty sure i didnt have to recompile the modules..

So after a couple of days i finally got everything working.. now all i need
is for my gps to come in.. (should be here in a couple of days..)


Thanks everybody for your help..

-----Original Message-----
From: Jerry Shenk [mailto:jas@decommunications.com]
Sent: Saturday, March 30, 2002 8:28 PM
To: Wireless@Kismetwireless. Net
Subject: RE: [KISMET] RH72, Cisco 350 & kismet - quick howto


yes, that's correct

-----Original Message-----
From: Magnus Ullberg [mailto:UllbergM@abcbank.com]
Sent: Saturday, March 30, 2002 8:01 PM
To: 'Jerry Shenk'
Subject: RE: [KISMET] RH72, Cisco 350 & kismet - quick howto


so you use the stock airo.c from the kernel?


-----Original Message-----
From: Jerry Shenk [mailto:jas@decommunications.com]
Sent: Friday, March 29, 2002 10:00 PM
To: Wireless@Kismetwireless. Net
Subject: [KISMET] RH72, Cisco 350 & kismet - quick howto


Ok, I had q bit of a problem getting this all working.....mostly it seems
'cuz I was trying to hard.  I tried tweaking some things that didn't need
tweaking and I also had some rpm issues.  These notes are partly for you and
partly for me so that I can do it again if need be.  They're a little
sketchy and they reflect the state of things as they are now (no GPS yet and
no ImageMagick yet).

Have fun - this is a very worthile tool for doing wireless demographics
studies.  Hopefully it won't go too easy and you'll learn a little something
along the way.


1 - Install RH72.  You might want to install everything or at least quite a
bit.  You're gonna end up needing a bunch of development stuff.

2 - upgrade to the 2.4.18 kernel.  You can get that from the linux kernel
archives - www.kernel.org.  I'd recommend grabbing a full version of the
source and not just patches.  That way you can leave what you've got alone
and have a totally separate source tree.  When I did mine earlier this week,
there was a line like this:
"The latest stable version of the Linux kernel is:   2.4.18  2002-02-25
19:44 UTC  F  V  VI  Changelog ".  The F is a hyperlink and it stands for
"full" - that's a full  distrubution....that's what you want.  I downloaded
the file into the /root directory.

3 - Then you'll want to uncompress it.  I did "tar -tzvf
linux-2.4.18.tar.gz".  The first switch "t" stands for test.  For your info,
the z is 'cuz it's a compressed file (.gz extention), the v means verbose
(show me what you're doing) and the f preceeds the actual file to be
extracted.  I think it's a good idea to run that to see where things are
gonna go.  If you watch the files scrolling by, you'll see that they're
being put into a directory called linux - that'll work.  Then extract the
files with "tar -xzvf linux-2.4.18.tar.gz".

4 - make your new kernel:
a) cd linux - this should put you in /root/linux
b) make menuconfig - this will take you into a menu where you can pick your
config options.  I may miss some things here but here are some things you
want:
As I'm picking these, I'm putting an asterisk for the all.  I like
everything in the kernel.  It boots faster that way.  The kernel will be too
big for a floppy but that's why I've got a hard drive...I do leave module
support built in.
* PCMCIA support - this is under General setup, PCMCIA/CardBus support -
this is a bit controversial I guess, some people say don't use this and use
pcmcia-cs instead.  I used this and it worked.  I had trouble with the other
stuff.  I also selected cardbus in here.
* The rest of the defaults under General support are probably ok - I enabled
Power Management and Advanced Power Management BIOS support (I like the
batter icon in X).  You'll want networking support also...I think that's the
default.
* You'll want to check out the "Network device support" - Under Wireless
LAN, I selected the Hermes chipse in the Wireless LAN section.  I also
selected the Hermes and Cisco/Aironet support in the Wireless Pcmcia cards
support section.  I have an Orinoco/Lucent card (Hermes chipset) as well as
the Cisco card.
* I also went into the PCMCIA network device support section (still under
Network device support off the main list) and enabled a 3c589 (I also have
one of them) and Pcmcia Wireless LAN.  Aviator/Raytheon was selected - I
don't think I need that but I left it selected.
* under File systems, I selected Ext3 - my laptop is set up with an Ext3
file system and that is not selected by default - this makes things fail to
mount quite right.  I also threw in DOS FAR, MSDOS, VFAT & NTFS support but
that really doesn't have have anything to do with kismet.  There are some
other things that are selected by default - you probably don't want to mess
with them much.
* Sound - if you want kismet to boing and bop as you do your wireless
demographic testing (aka wardriving), you might want to get that set right.
I have a Compaq laptop so I chose the ESS Maestro - pick what you need.
* Make any other changes, exit out and save your changes.
c) make dep - make dependancies
d) make bzImage - make the kernel image
e) make modules
f) make modules_install

5 - To boot your new kernel, you need to get it into the /boot directory.
This assumes you are still in /root/linux:
cd arch/i386/boot
** Think before you do this next line.  You need to get the kernel into the
/boot directory but you really don't want to screw up the working kernel
that you already have.  Check the /boot directory and see what images you've
got in there.  If this is your first kernel creation attempt, you'll just
have one but by the time I got things working, I was on 6.
cp bzImage /boot/bzImage[x] - x here is some number

6 - Your kernel is in place but it's really not bootable yet 'cuz your
system doesn't know about it.  I'll assume that you used the defaults and
installed grub:
Use whatever editor you're comfortable with if you're not man enough to use
vi.
vi /etc/grub.conf
** You'll see a section (eventually sections) that start with the word
"title".  Move your cursor to the first t in title and type "2y" and press
the down arrow.  This will yank the current line and the next two in
to memory.  Go to the last line of that section (starts with kernel) and
press "p" to past the data in memory into the next lines.  Go up to the
first section and modify the kernel image name (bzImage[x]).  You'll also
want to modify the title so you can keep track of what you're doing.
** VI notes: x deletes the current caracter, r replaces the current caracter
with the next one pressed, i goes into insert mode, esc exits the current
mode (press it twice to be safe), ":wq" writes the current file and quits.

7 - reboot on your current kernel.  If you're lucky it worked.  If not,
you'll learn a little with each new frustration.

8 - Install libpcap
a) start by removing the existing one - use "rpm -qa | grep libpcap" to see
what your current one is called.  Then use "rpm -e [name from above step]"
to erase the old libpcap.
b) download the latest libpcap from www.tcpdump.org - I got
libpcap-0.7.1.tar.gz.
c) extract libpcap - check first with "tar -txvf libpcap-0.7.1.tar.gz" and
if it looks right then use "tar -xzvf libpcap-0.7.1.tar.gz" to extract it to
a directory.
d) cd libpcap-0.7.1 (that should take you to where you belong)
e) build libpcap with ./configure, make, make install - check the README to
make sure that's still all correct.
f) cd ..

9 - install ethereal
a) download ethereal from www.ethereal.com - probably ethereal-0.9.2.tar.gz
b) extract ethereal - "tar -tzvf ethereal-0.9.2.tar.gz" and if it looks
right, "tar -xzvf ethereal-0.9.2.tar.gz"
c) cd ethereal-0.9.2 (or whatever)
d) ./configure --with-libpcap=/root/libpcap-0.7.1 (not sure where libpcap
belongs, this is where it was on my box and this worked).
e) make
f) make install
g) make install-man
h) cd ..

10 - install kismet
a) download the sourcecode (I used the development file) from
www.kismetwireless.net/download.shtml
b) extract the file (see b above, you should know the drill by now)
c) cd kismet-devel
d) ./configure
e) make
f) make install
g) edit /usr/local/kismet.conf - should probably be pretty close to right.
I don't think I changed anything but I might have.
h) cd ..

11 - run it (assuming you're in /root)
a) If you have a Cisco 350, put it into monitor mode "sh
/root/kismet-devel/scripts/cisco_monitor"
b) kismet - if you're lucking, you'll start seeing packets, some encrupted,
some not.  You'll hear some nifty sound affects and you'll see your SSID pop
up



--------------------------------------------------------------
Jerry A. Shenk - MCNE, CCNA,
GCIA (GIAC Certified Intrusion Analyst)
GCIH (GIAC Certified Intrusion Handler)
Sr. Systems Engineer - Computer Networking Services
D&E Networks, Inc.
jshenk@decommunications.com (also jas@decns.com)
1-877-433-8632 Fax via efax: (253) 323-5149 (new number 6/9/01)

my website: http://jerryslinux.dyndns.org/jas - PGP sig. file on this site

[prev in list] [next in list] [prev in thread] [next in thread]