Wireless Hacks

Hack 32 Running Kismet on Mac OS X

Run Kismet natively on OS X using the Viha AirPort driver.

When I wrote the Kismet Hack [Hack #31], the Kismet crew was still looking for someone to work on making the Viha AirPort driver for OS X work with Kismet. Interestingly enough, support for OS X has just been introduced into the CVS tree of Kismet and works quite well. Note that as of this writing, Kismet works with the original AirPort cards, but not with the new AirPort Extreme cards. I'm sure it will support them once an appropriate driver is available. Here is what you need to do to get Kismet running under OS X.

First, you need the Viha AirPort driver from http://www.dopesquad.net/security/. Download the 0.0.1a binary, unpack it, and install the driver:

root@caligula:~# tar zxf Viha-0.0.1a.tar.gz
root@caligula:~# mv Viha-0.0.1a/WiFi.framework/ /Library/Frameworks/

If you have ever run KisMAC [Hack #24], then it has already installed the driver for you, and you can skip this step.

Next, download the Kismet source from http://www.kismetwireless.net/download.shtml. You can either use cvs to grab a current copy of the source tree, or use the handy patch at http://www.kismetwireless.net/code/kismet-devel.diff.gz to bring an existing 2.8.1 tree up to the CVS revision. (This is one way to do it if you don't feel like fiddling with CVS.) Assuming that the kismet-2.8.1.tar.gz archive and the kismet-devel.diff patch are in your home directory:

root@caligula:~# tar zxf kismet-2.8.1.tar.gz 
root@caligula:~# cd kismet-2.8.1
root@caligula:~/kismet-2.8.1# patch -p1 < ../kismet-devel.diff
patching file CHANGELOG
patching file CVS/Entries
patching file CVS/Root
patching file FAQ
...

Now build the code, explicitly turning on Viha support and turning off pcap support. Kismet will take some time to build, so be patient.

root@caligula:~/kismet-2.8.1# ./configure --disable-pcap --enable-viha; make

If all goes well, then install Kismet.

root@caligula:~/kismet-2.8.1# make install

You need to edit both kismet.conf and kismet_ui.conf (both of which are kept in /usr/local/etc/). In kismet.conf, set suiduser to your normal OS X login name (I use rob, for example). Also define a capture source line for the AirPort card:

source=viha,en1,AirPort

Finally, in kismet_ui.conf, disable APM support (unless you don't mind a ridiculously inaccurate battery meter at the bottom of your display):

apm=false

For some reason, Kismet likes a terminal with 26 rows in it when running on OS X, so make sure your terminal is at least that long. If you want color in your terminal (highly recommended), set the TERM to xterm-color:

rob@caligula:~$  export TERM=xterm-color

or if you are using tcsh:

[caligula:~] rob% set term=xterm-color

Now simply run kismet as your normal user (type Kismet in the Terminal window), and away you go. Kismet automatically unloads the AirPort driver and fires up the Viha driver (during which time your AirPort menu bar monitor goes away, so don't panic). When you quit Kismet (capital Q), it unloads the Viha driver and starts up the AirPort driver again. I have noticed that it will occasionally fail to reload the AirPort driver. If it does, you can either start and stop Kismet again, or manually kill the Viha driver:

root@caligula:~# /Library/Frameworks/WiFi.framework/Resources/driver.sh stop

For more details on what you can do with Kismet when it is actually running, see [Hack #31]. It appears that channel hopping is now controlled by kismet itself, so it isn't necessary to run kismet_hopper externally. Kismet is under very active development, so I expect that there will be even more features and simpler operation by the time this book goes to press.