darkness

Here’s how I got Kismet to work to my satisfaction in Red Hat 9. Note that this won’t work with the mini-PCI cards AFAIK, but only because I didn’t build a driver for them below. This was done with Red Hat 9, kernel-2.4.20-20.9, and Kismet 3.0.1.

First problem: airo-linux drivers, latest (CVS) or the ones in the latest errata kernel (2.4.20-20 IIRC) don’t work right. The Kismet forums seem to indicate that the last real working airo-linux driver was the one included with 2.4.19. I grabbed the source for 2.4.19, ripped out the Airo drivers, stole the Makefile from orinoco_cs’s distributions, and made a tar of the working airo-linux drivers. To compile these you will, of course, need development tools and a kernel-source package for your current kernel. Typing make should be sufficient to build the drivers. If your card is running, stop it at this time (I like cardctl eject). Now you have two choices to go about using the drivers you just built. The first, and probably easiest way, would be to copy airo.o and airo_cs.o over the ones in /lib/modules/`uname -r`/kernel/drivers/net/wireless/ (you might want to backup the existing modules first) then depmod -a. Hopefully you don’t get any (important) errors from depmod — but I haven’t tried this method, so I have no idea if it works. The second choice, and the choice that I’ve made, is to simply insert the modules manually before I start the card. insmod ./airo.o ./airo_cs.o to insert your modules. dmesg should show some messages about them loading.

When you’ve done all of the above to install the modules, you can cardctl insert or just physically insert your card if it wasn’t already in the laptop. Hopefully you’re now using the right drivers. (You should see something like $Revision 0.2$ in dmesg I think.) Take down your card if it’s set up to associate to a network: ifdown eth1 (I’m assuming your card is eth1; change to match your setup if necessary). Set it for any SSID and no encryption with iwconfig eth1 essid any enc off.

Cisco cards have a built-in channel hopper. Mine, unfortunately, doesn’t work too well: it gets stuck on a strong channel. Several (many?) people have reported this behavior. I mainly noticed it because my Orinoco card, which requires a software hopper, was finding APs that my Cisco card was not. To get around this, I made darkyhopper. Read the comment at the beginning of the file for compilation and usage instructions. Go ahead and compile darkyhopper and start it: darkyhopper eth1 & will work nicely.

A word about Kismet configuration. Here’s a few critical lines. (Here’s my kismet.conf file.)

source=cisco,eth1,thecisco
enablesources=thecisco
channelhop=false

Now run Kismet as you would normally and you’re in business. Hopefully. When you’re all done with your card, a good cardctl eject; cardctl insert is probably in order if you actually want to use it in a normal (not Wardriving) fashion.