[prev in list] [next in list] [prev in thread] [next in thread] 

List:       os-sim-commits
Subject:    [Os-sim-commits] agent/etc/agent/plugins kismet.cfg,NONE,1.1
From:       Dominique Karg <dkarg () users ! sourceforge ! net>
Date:       2009-09-29 14:55:36
Message-ID: E1Mse76-0006V0-1u () 23jxhf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Update of /cvsroot/os-sim/agent/etc/agent/plugins
In directory 23jxhf1.ch3.sourceforge.com:/tmp/cvs-serv24967/plugins

Added Files:
	kismet.cfg 
Log Message:
Add new Kismet plugin, cheers Nate :-)


--- NEW FILE: kismet.cfg ---
[DEFAULT]
plugin_id=1596

[config]
type=detector
enable=yes
process=kismet_server

start=no; launch plugin process when agent starts
stop=no ; shutdown plugin process when agent stops

startup=
shutdown=

source=log
location=/var/log/kismet/kismet.log

# create log file if it does not exists,
# otherwise stop processing this plugin
create_file=true

[Suspicious Client]
event_type=event
regexp='^ALERT\s+\S+\s+(\S+\s+\S+\s+\S+\s+\S+)\sSuspicious \
client\s(\w{1,2}\:\w{1,2}\:\w{1,2}\:\w{1,2}\:\w{1,2}\:\w{1,2})' \
date={normalize_date($date)} plugin_sid=1
[Out-of-sequence BSS timestamp]
event_type=event
regexp='^ALERT\s+\S+\s+(\S+\s+\S+\s+\S+\s+\S+)\sOut-of-sequence BSS timestamp'
date={normalize_date($date)}
plugin_sid=2
[Channel Change possible AP spoofing]
event_type=event
regexp='^ALERT\s+\S+\s+(\S+\s+\S+\s+\S+\s+\S+)\sBeacon on'
date={normalize_date($date)}
plugin_sid=3
[Data within seconds of disassociate]
event_type=event
regexp='^ALERT\s+\S+\s+(\S+\s+\S+\s+\S+\s+\S+)\sSuspicious traffic'
date={normalize_date($date)}
plugin_sid=4


------------------------------------------------------------------------------
Come build with us! The BlackBerry&reg; Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9&#45;12, 2009. Register now&#33;
http://p.sf.net/sfu/devconf
_______________________________________________
Os-sim-commits mailing list
Os-sim-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-commits


[prev in list] [next in list] [prev in thread] [next in thread]