JimmyPopAli

If I had to guess, it would be you don't have pcap installed.
http://www.tcpdump.org/

How many weak packets are you finding, using Kismet I haven't seen a single one.

lincomatic

same here. even after sending 500MB back & forth across my network as well as when stumbling with kismet. seems to me that cracking WEP isn't as easy as it's cracked up to be.

__________________
~lincomatic

rambopfc

well, i got pcap and followed your HOWTO and got it installed, (even got monitor mode running, very cool)
but... when i go to run it, i can't connect to the GUI server. i know you said that soething had to be changed but i don't understand what to change in the .conf file? here is the error i get when i try to run kismet.

[root@localhost bin]# kismet
Server options: none
Client options: none
Starting server...
Using pcap to capture packets from eth1
bind: Network is down
Starting UI...
FATAL: Could not connect to localhost:2501.
/usr/local/bin/kismet: kill: (6848) - No such process
Terminating...
[root@localhost bin]#

what line in the conf file do i have to change so it will listen on the right port?

RAMBO

mentat

Any chance of posting hermes.o, orinoco.o, and orinoco_cs.o for common distributions such as RH 7.2 and 7.3? If someone has them built please PM me, particularly 7.3. I've had no luck building wlan-ng from scratch so I'm using the RPMS from http://prism2.unixguru.raleigh.nc.us Perhaps he'd even be willing to make a modded package to save people the trouble. That would be way too cool.

JimmyPopAli

That's a mistake you don't have to change anything in the config.

Rambo type "ifconfig -a" and see what 'lo' says if the first word in the second line says LOOPBACK type
"ifconfig lo 127.0.0.1" it should then say 'inet addr: 127.0.0.1'

If you don't have a 'lo' then you'll have to add it to the /etc/hosts file.

JimmyPopAli

The hermes.o, orinoco.o and orinoco_cs.o are in the pcmcia-cs source. Just untar it to /usr/src/ switch to the directory and run the patch and type "./configure" then cd to the wireless directory and type "make".

mentat

I've used the standard RPMs to build everything, I don't have the source with the matching patches currently. I was just wondering if anyone had built it with the RedHat source and patches for 7.3 and had the files handy.

rambopfc

did what you said... still not working..
this is what i get when i do "ifconfig -a"
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)

i was just thinking, do i have to change it w/ the "ifconfig lo 127.0.0.1" after i put it in monitor mode, or does it not make a difference...

RAMBO

JimmyPopAli

The problem is the bind:Network is down so try “ifconfig eth1 up”

You don’t have to worry about the ‘ifconfig lo 127.0.0.1’ because yours is set up correct.

rambopfc

WOOHOO!!!! that last command got it working.. i'm lookin at it running right now! !!!!!!

thanks Jimmy, you've been a HUGE help!
thanks again,

RAMBO

mentat

Here's much shorter and to the point HOWTO for RedHat 7.3 which I might post as a seperate thread once comments are made here. (I still have at least one question)

1. Install RH Linux 7.3 for "Laptop".

2. When selecting packages, select Software Development (at least), I also selected GNOME and Games ().

3. Then select the "choose individual packages option." (on the same page)

4. Unselect ImageMagick, ImageMagick-c++, ImageMagick-devel, and ImageMagick-c++-devel.

5. Select kernel-source.

6. Proceed with the installation.

7. Configure your Internet connections, download the orinoco-0.12 driver (http://www.ozlabs.com/people/dgibson...co-0.12.tar.gz) and the RF_MON patch (http://airsnort.shmoo.com/orinoco-0.12-patch.diff) and the orinoco_hopper program (http://airsnort.shmoo.com/orinoco_hopper.c) to /usr/src.

8. cd /usr/src; tar zxvf orinoco-0.12.tar.gz; cd orinoco-0.12; patch -p 1 < ../orinoco-0.12-patch.diff; make; make install; cd ..; gcc -o orinoco_hopper orinoco_hopper.c; cp orinoco_hopper /usr/local/bin

9. /etc/rc.d/init.d/pcmcia restart

10 Download the Kismet source (http://www.kismetwireless.net/code/kismet-2.2.2.tar.gz) to /usr/src

11. cd /usr/src; tar zxvf kismet-2.2.2.tar.gz; cd kismet-2.2.2; ./configure; make dep; make; make install

12. iwpriv eth<n> monitor 1 6

13. orinoco_hopper eth<n> -p

14. ifconfig eth<n> up

15. kismet -i eth<n>

16. Look at all the pretty networks

In the above <n> is the number (0,1,2,...) of the orinoco card as it is assigned by pcmcia.

This is the shortest line to a working kismet. This does not include gps or the mapping functionalities. I will update this with those steps in the near future as well as making the installation of RH more specific.

My main question is, on the installation, choosing kernel-source puts the correct source in /usr/src. Everything works peachy. Installing the SRPM with rpm -ivh does not work. What options is the installation using to put the source there?

rambopfc

hmm, i will really have to try this one too. eventhough the one by jimmy did work (kinda) (sorry jim, it did get it running but i wan't picking up any networks even though i was sitting right next to the AP, literarly..) this one in combination w/ jim's seems like it might do the trick.
good show!

RAMBO

lincomatic

this is the part that was really pissing me off...took me longer to figure out than the whole rest of the installation! my memory is kind of foggy at the moment, but after the -ivh it created a .spec file. then i did

rpm -ba /usr/src/redhat/SPEC/kernel-2.4.spec

i think it was either -ba or -bs which did the trick. afterwards it creates a file in the /usr/src/redhat/RPMS dir...kernel-source-xxxx-.rpm or something like that (my wife's using my computer right now so i can't check it)...then u extract the source from THAT. thing that makes me so mad is the redhat docs for extracting the kernel src are completely outdated and wrong.

__________________
~lincomatic

mentat

Changed above to reflect necessity of -p argument to orinoco_hopper.

trs004

Only works if F*ckin' RH 7.3 will actually boot (you know what issue I'm having!)

Seriously though, if you want to enable all the bells and whistles;

Install 7.3 - laptop - select individual packages - GNOME
GRAB kernel source
WHACK ALL ImageMagick packages

Download libpcap/tcpdump/ethereal from http://tcpdump.org
Download orinoco-12 driver & patch from http://airsnort.shmoo.com/orinocoinfo.html
Download ImageMagick from http://imagemagick.sourceforge.net/http/
Download GpsDrive from http://www.kraftvoll.at/software/
( Has a Festival build as well for talking Kismet )

Read the README files for ALL of the above!
Compile/install all of the above.

Then make sure your drivers are working!
Easiest way;
iwpriv eth(x) monitor 1 1
ifconfig eth(x) should show a long MAC address w/ bunch zeros @ the end. If you get errors or no monitor try again.

When you're confident all is well download/compile/install Kismet 2.4.
Edit your config files for your card. READ the docs, and enjoy!
The new kismet_hopper works VERY well so no need to download orinoco_hopper (if using an Orinoco card).