Results 1 to 5 of 5

Thread: Viewing MAC Addresses on the network

  1. #1
    Junior Member MaxRabbit's Avatar
    Join Date
    Jan 2009
    Posts
    34

    Default Viewing MAC Addresses on the network

    Hello I just have a few brief questions about how to view the MAC
    addresses of any computers on the network.

    First off, I've heard Autoscan works for this purpose. However, I would have to first connect to the network, and I'd prefer to do it without connecting. So I heard Kismet works this way. But first I have a few questions about it:

    A) First off, how can I figure out which device to use, between eth0 and ath0? I've seen somewhere that you can type something in terminal that will show descriptions of each one, but I can't seem to find it again.

    B) Do I need to enable monitoring on the wireless card? Or do anything else, for that matter, than booting from the LiveUSB and running Kismet?

    And, by the way, my network card is an Atheros 5007EG card.

    Thank you!
    max

  2. #2
    Member
    Join Date
    Jan 2010
    Posts
    140

    Default

    Quote Originally Posted by MaxRabbit View Post
    First off, I've heard Autoscan works for this purpose. However, I would have to first connect to the network, and I'd prefer to do it without connecting.
    True
    So I heard Kismet works this way. But first I have a few questions about it:
    Yes, but Kismet will only see the wireless clients. Kismet would not see any computer hooked up to the AP via a wired connection
    A) First off, how can I figure out which device to use, between eth0 and ath0? I've seen somewhere that you can type something in terminal that will show descriptions of each one, but I can't seem to find it again.
    eth0 is your wired connection and ath0 is your wireless card. Kismet will only work with your wireless card. The command you are referring to is I believe iwconfig or ifconfig. To get device information then it depends on if your card is built in or attached via usb. In that case you can run lspci or lsusb depending on which it is.
    B) Do I need to enable monitoring on the wireless card? Or do anything else, for that matter, than booting from the LiveUSB and running Kismet?
    Yes, your wireless card needs to be put into monitor mode for Kismet to work. You also need to edit /usr/local/etc/kismet.conf and change the "source=" line to work with your wireless card or, alternatively, run "start-kismet-ng" from the command line and it may set the appropriate variables for kismet.conf based on your wireless interface. Search the forums and wiki on how to put your card into monitor mode and setup kismet.conf.
    And, by the way, my network card is an Atheros 5007EG card.
    I'm not sure. I don't have an Atheros wifi card to test.

  3. #3
    Junior Member MaxRabbit's Avatar
    Join Date
    Jan 2009
    Posts
    34

    Default

    Quote Originally Posted by larryhaja View Post
    Yes, your wireless card needs to be put into monitor mode for Kismet to work. You also need to edit /usr/local/etc/kismet.conf and change the "source=" line to work with your wireless card or, alternatively, run "start-kismet-ng" from the command line and it may set the appropriate variables for kismet.conf based on your wireless interface. Search the forums on how to put your card into monitor mode and setup kismet.conf.
    Thank you for your nice reply! I will indeed try to find this information-I am familiar with monitor mode from watching Wifi cracking videos, but never seen the Kismet editing, but I'll look around

  4. #4
    Junior Member
    Join Date
    Mar 2010
    Posts
    44

    Default

    You don't need a video to edit a config file, just type
    bt3 ~#kwrite /usr/local/etc/kismet.conf and change the specified line. Cheers!

  5. #5
    Junior Member MaxRabbit's Avatar
    Join Date
    Jan 2009
    Posts
    34

    Default

    Okay, so my card is now an AR5008 atheros card.

    Would the correct command to put it into monitor mode be:
    Code:
    Atheros cards, using MadWiFi drivers:
    
    (If using the Aircrack Suite, their documentation states that Atheros based cards ought to be put into pure "b" mode first:
    
    root@pc# iwpriv ath0 mode 2 <-------------this command puts card into pure "B" only mode
    
    root@pc# iwconfig ath0 mode monitor channel XX <--------insert your channel here
    
    root@pc# ifconfig ath0 up
    Would that be it? Except it's called wifi0 in BT3 so I'd change that accordingly?

    And would this be the right thing to add to Kismet.conf?
    Code:
    source= madwifi_ag,wifi0,madwifi
    I appreciate the help!

    Bumping this up

    Okay, thanks to I-Hacked's article, the Kismet.conf is correct, but the monitor mode is different. Here's how it looks based on the article:
    Code:
    airmon-ng stop ath0;airmon-ng start wifi0
    Then this to put it back:
    Code:
    airmon-ng stop ath0
    
    wlanconfig ath create wlandev wifi0
    
    ifconfig ath0 up
    Which one might be right?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •