Results 1 to 10 of 10

Thread: Kismet / Wireshark conflict???

  1. #1
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    12

    Default Kismet / Wireshark conflict???

    I know that this should be a question for the "Wireless" forum, but I am stuck in the Newbie Area for 3 days.

    I have been using Auditor with my Orinoco Gold card for a long time, but I recently decided to move up to a better card and a better live distro. I just received my Ubiquity SRC card and burned BT2.

    I must say, I'm loving BT2. You guys did an AWESOME job with it, but I have a small problem. Maybe someone can help. Wireshark sniffs fine unless I open Kismet. At that point, nothing I do can get Wireshark to see every TCP packet again. I'm sure I'm missing something completely stupid, but it's late.

    Any clues? Thanks in advance.
    ---------
    "Courage is resistance to fear, mastery of fear--not absence of fear. Except
    a creature be part coward, it is not a compliment to say he is brave; it is
    merely a loose misapplication of the word."
    Mark Twain

  2. #2
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by =70ny= View Post
    I know that this should be a question for the "Wireless" forum, but I am stuck in the Newbie Area for 3 days.

    I have been using Auditor with my Orinoco Gold card for a long time, but I recently decided to move up to a better card and a better live distro. I just received my Ubiquity SRC card and burned BT2.

    I must say, I'm loving BT2. You guys did an AWESOME job with it, but I have a small problem. Maybe someone can help. Wireshark sniffs fine unless I open Kismet. At that point, nothing I do can get Wireshark to see every TCP packet again. I'm sure I'm missing something completely stupid, but it's late.

    Any clues? Thanks in advance.
    Why would you need to use Wireshark and Kismet at the same time?
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  3. #3
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    have you try wireshark wifi ???
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  4. #4
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    12

    Default Thanks...

    Thanks for the quick reply. I'm not actually trying to use them simultaneously, but I can’t seem to see any TCP packets in Wireshark after I start Kismet… even after closing Kismet and restarting the card and services. I have tried running both via command line also. I must admit that I haven’t tried installing BT2 yet, but maybe I will have more logs to check once I do.

    Quote Originally Posted by theprez98 View Post
    Why would you need to use Wireshark and Kismet at the same time?
    ---------
    "Courage is resistance to fear, mastery of fear--not absence of fear. Except
    a creature be part coward, it is not a compliment to say he is brave; it is
    merely a loose misapplication of the word."
    Mark Twain

  5. #5
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by =70ny= View Post
    Thanks for the quick reply. I'm not actually trying to use them simultaneously, but I can’t seem to see any TCP packets in Wireshark after I start Kismet… even after closing Kismet and restarting the card and services. I have tried running both via command line also. I must admit that I haven’t tried installing BT2 yet, but maybe I will have more logs to check once I do.
    Sometimes when using Kismet, cards don't come out of monitor mode cleanly. You might try removing your card, reinserting it, then trying to run Wireshark again.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  6. #6
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    12

    Default

    Thanks. Sorry for the confusion. I am using Wireshark-Wifi... and, on that note, I don't actually see any noticable difference between Wireshark and Wireshark-Wifi. Is there any?

    Quote Originally Posted by shamanvirtuel View Post
    have you try wireshark wifi ???
    ---------
    "Courage is resistance to fear, mastery of fear--not absence of fear. Except
    a creature be part coward, it is not a compliment to say he is brave; it is
    merely a loose misapplication of the word."
    Mark Twain

  7. #7
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    12

    Default

    Thanks. Good thought. I'll try that. I have been rebooting. Sometimes the simplest of ideas escape me and I look to the more difficult approach, especially when troubleshooting.

    Quote Originally Posted by theprez98 View Post
    Sometimes when using Kismet, cards don't come out of monitor mode cleanly. You might try removing your card, reinserting it, then trying to run Wireshark again.
    ---------
    "Courage is resistance to fear, mastery of fear--not absence of fear. Except
    a creature be part coward, it is not a compliment to say he is brave; it is
    merely a loose misapplication of the word."
    Mark Twain

  8. #8
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    12

    Default Ah Ha!!!

    I just noticed that if I take down "kis" and "ath1" (both created by Kismet automatically), I can see TCP packets again on "ath0". Obviously more testing is needed on my part. The interesting thing is, that during the time that Kismet is running, none of my configurations seem to change on ath0 or wifi0 (automatically created for my wireless card by BT2). All seems status quo except for the addition of ath1. Since I am sniffing on ath0 and Kismet is running on wifi0/ath1, I see no reason for this to effect Wireshark, but I assume that the problem has something to do with the link between wifi0 and ath1 when Kismet creates ath1. I am not a Kismet expert, so if anyone has any ideas, I would appreciate hearing them. Enjoy the weekend.
    ---------
    "Courage is resistance to fear, mastery of fear--not absence of fear. Except
    a creature be part coward, it is not a compliment to say he is brave; it is
    merely a loose misapplication of the word."
    Mark Twain

  9. #9
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by =70ny= View Post
    Thanks. Sorry for the confusion. I am using Wireshark-Wifi... and, on that note, I don't actually see any noticable difference between Wireshark and Wireshark-Wifi. Is there any?
    The difference between Wireshark and Wireshark Wifi is that the later includes the Wifi Injection Patch which allows the user to select a packet opened with wireshark and edit it and reinject throught LORCON injection library.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  10. #10
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    12

    Default

    Awesome. I'll have to try that. Some great changes since the "old" Ethereal.

    Quote Originally Posted by theprez98 View Post
    The difference between Wireshark and Wireshark Wifi is that the later includes the Wifi Injection Patch which allows the user to select a packet opened with wireshark and edit it and reinject throught LORCON injection library.
    ---------
    "Courage is resistance to fear, mastery of fear--not absence of fear. Except
    a creature be part coward, it is not a compliment to say he is brave; it is
    merely a loose misapplication of the word."
    Mark Twain

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •