Kismet

Der Aspire One braucht den madwifi-Treiber.

kismet muss als madwifi_g konfiguriert werden: /etc/kismet/kismet.conf:

source=madwifi_g,wifi0,madwifi

(madwifi_g, nicht madwifi_ng)

Problem: unter iwconfig findet man ath0. Kismet braucht aber beim madwifi_ng aber wifi0

Zum Anlegen eines ath0 im Monitor-Mode würde ich folgendes empfehlen:

ifconfig ath0 down
wlanconfig ath0 destroy
wlanconfig ath0 create wlandev wifi0 wlanmode monitor
ifconfig ath0 up

airmon-ng geht auch:

 It depends on which driver you are using. For all drivers except madwifi-ng:

 airmon-ng stop <interface name>

For madwifi-ng, first stop ALL interfaces:

 airmon-ng stop athX

Where X is 0, 1, 2 etc. Do a stop for each interface that iwconfig lists.

Then:

wlanconfig ath create wlandev wifi0 wlanmode sta
kismet -c madwifi_g,wifi0,madwifi

Sources:

 Source type     Cards               OS          Driver
    --------------- ------------------- ----------- -------------------------
    acx100          TI ACX100           Linux       ACX100
                    http://acx100.sourceforge.net/
                    ACX100 drivers handle the 22mbit cards branded by D-Link
                     and others.

    admtek          ADMTek              Linux       ADMTek
                    http://www.latinsud.com/adm8211/        (Patches)
                    http://aluminum.sourmilk.net/adm8211/   (GPL driver)
                    ADMTek drivers used in many consumer 802.11b cards. With
                     the patches above, quasi-rfmon is possible - these cards
                     appear to be almost entirely software controlled and 
                     always in a rfmon-like state.  This card WILL BROADCAST
                     while in rfmon, rendering the sniffer visible.
                    The fully GPL drivers are supported, in addition to the 
                     hacks to the non-free drivers.

    airpcap         Airpcap USB         cygwin      CACE Tech
                    http://www.cacetech.com/products/airpcap.htm
                    The CACE AirPcap USB device allows native capture on
                     Win32/Cygwin.
                    The explicit airpcap source expects the Win32/Cygwin
                     interface name.  This should be used once the source
                     is identified via airpcap_ask or if multiple simultaneous
                     sources are required.

    airpcap_ask     Airpcap USB         cygwin      CACE Tech
                    http://www.cacetech.com/products/airpcap.htm
                    The CACE AirPcap USB device allows native capture on
                     Win32/Cygwin.
                    The airpcap_ask source lists available airpcap devices
                     and allows the user to pick interactively.
                    The 'capture interface' field is irrelevant and can be
                     filled with any value (for example, 'dummy')

    atmel_usb       Atmel-USB           Linux       Berlios-Atmel
                    http://at76c503a.berlios.de/
                    These drivers work ONLY on USB cards (Sorry, no PCMCIA
                     support).  Monitor mode support is limited and "faked"
                     by bypassing part of the firmware and parsing packets
                     directly, and is likely to not report all of the 
                     frames.
                    This card MAY BROADCAST while in rfmon, rendering the
                     sniffer visible.
                    It appears that this card may be only formatting the 
                     beacons as an 802.11 stream, which means you likely
                     will not see data frames, rendering most IDS functions,
                     IP discovery, and data logging unavailable.

    ath5k           Atheros             Linux       Kernel/Madwifi
                    http://madwifi.org
                    Based on the OpenBSD OpenHAL, the Ath5k drivers are the
                     future of Atheros support and will be mainlined into the
                     Linux kernel.

    ath5k_a         Atheros             Linux       Kernel/Madwifi
                    http://madwifi.org
                    Ath5k source for 11a only

    ath5k_ag        Atheros             Linux       Kernel/Madwifi
                    http://madwifi.org
                    Ath5k source for 11a/11g

    bcm43xx         Broadcom            Linux       BCM43XX
                    http://bcm43xx.berlios.de, kernel
                    Linux native broadcom drivers incorporated into modern
                     kernels. 

    b43             Broadcom            Linux
                    B43 broadcom drivers for current Broadcom devices in
                     Linux kernels

    b43legacy       Broadcom            Linux
                    B43 broadcom drivers for legacy Broadcom devices in
                     Linux kernels

    cisco           Aironet 340,350     Linux       Kernel 2.4.10 - 2.4.19
                    Standard Cisco cards in Linux.  Works only with
                     the Linux kernel drivers, not the drivers found in
                     pcmcia-cs.
                    The drivers found on the cisco.com site can be patched
                     with the files from the Kismet download site to add
                     monitor mode with channel control, HOWEVER these drivers
                     are extremely buggy for normal use and work only with
                     the 2.4 kernel tree.
                    The cisco drivers currently do not enter rfmon mode 
                     correctly, so channel control is not available.  The
                     firmware will hop to whatever channel it feels like 
                     hopping to, when it feels like hopping.

    cisco_wifix     Aironet 340,350     Linux       Kernel 2.4.20+, CVS  
                    http://sourceforge.net/projects/airo-linux/  
                    Capture interface:  'ethX:wifiX'
                    Kernel 2.4.20+ and CVS drivers use ethX for normal mode
                     and wifiX for monitor mode.  Kismet needs to know both
                     devices, which may not necessarily be the same number,
                     for example 'eth1:wifi0'.
                    Linux kernel 2.4.20 and 2.4.21 have highly unstable cisco
                     drivers and should be avoided.
                    The cisco drivers currently do not enter rfmon mode 
                     correctly, so channel control is not available.  The
                     firmware will hop to whatever channel it feels like 
                     hopping to, when it feels like hopping.

    darwin          OSX native cards    OSX/Darwin  OSX
                    Supports both Broadcom and Atheros Airport-Extreme cards.
                    When using a Broadcom based card, it may be necessary to 
                     enable rfmon on the device for the first time using another 
                     program.
                    When using an Atheros based card, 802.11a may also be supported
                     by adding a 'sourcechannels' line to kismet.conf.

    hostap          Prism/2             Linux       HostAP 0.4
                    http://hostap.epitest.fi/
                    HostAP drivers drive the Prism/2 chipset in access point
                     mode, but also can drive the cards in client and monitor
                     modes.  The HostAP drivers seem to change how they go
                     into monitor mode fairly often, but this source should 
                     manage to get them going.

    ipw2100         Intel/Centrino      Linux       ipw2100-0.44+
                    http://ipw2100.sourceforge.net/
                    The Linux IPW2100/Centrino drivers for 802.11b cards
                    now support rfmon, so here's support for them.  They act
                    more or less like any other wireless interface would.

    ipw2200         Intel/Centrino      Linux       ipw2200-1.0.4+
                    http://ipw2200.sourceforge.net/
                    The Linux IPW2200/Centrino drivers for 802.11bg cards
                    support rfmon as of 1.0.4 and firmware 2.3.  
                    Signal level reporting requires radiotap be turned on
                    in the makefile while compiling the driver.  Noise levels
                    are not reported.

    ipw2915         Intel/Centrino      Linux       ipw2200-1.0.4+
                    http://ipw2200.sourceforge.net/
                    The Linux IPW2200/Centrino drivers for 802.11bga cards
                    support rfmon as of 1.0.4 and firmware 2.3.  
                    This is the same as ipw2200 but defaults to scanning the
                    802.11a channel range in addition to 802.11b/g.
                    Signal level reporting requires radiotap be turned on
                    in the makefile while compiling the driver.  Noise levels
                    are not reported.

    ipw3945         Intel/Centrino      Linux       ipw3945
                    http://ipw3945.sourceforge.net/
                    The Linux IPW3945/Centrino drivers for Intel Core
                    802.11bga cards.

    ipwlivetap      Intel/Centrino      Linux       ipw2200/3945
                    http://ipw2200.sourceforge.net/
                    http://ipw3945.sourceforge.net/
                    The ipw3945 and patched ipw2200 drivers support a 
                    special mode which allows monitor-mode style sniffing
                    while remaining associated.  Channel hopping is not
                    possible, as the card is still associated to a 
                    specific AP, but single-channel IDS and sniffing can
                    be accomplished.  See the ipw driver mailing list
                    archives for information about patching your drivers.

    iwl3945         Intel/Centrino      Linux       iwl3945
                    Intel's new IPW drivers using the mac80211 kernel
                    layer.

    iwl4965         Intel/Centrino      Linux       iwl4965
                    Intel's new IPW drivers using the mac80211 kernel
                    layer.

    kismet_drone    n/a                 Any         n/a
                    Capture interface:  'dronehost:port'  
                    The remote drone capture source connects to a Kismet
                     drone and processes the packets.  Refer to the Remote 
                     Drone section of the README for more details about how
                     to set up a drone.

    madwifi_a       Atheros             Linux       madwifi
                    http://sourceforge.net/projects/madwifi/
                    Capture interface:  'athX'
                    Capture interface:  'wifiX' (Madwifi-NG)
                    Madwifi drivers in 802.11a-only mode. 
                    When using madwifi-ng, be sure all non-monitor VAPs have
                     been removed, otherwise madwifi will not properly report
                     most traffic.

    madwifi_b       Atheros             Linux       madwifi
                    http://sourceforge.net/projects/madwifi/
                    Capture interface:  'athX'
                    Capture interface:  'wifiX' (Madwifi-NG)
                    Madwifi drivers in 802.11b-only mode. 
                    When using madwifi-ng, be sure all non-monitor VAPs have
                     been removed, otherwise madwifi will not properly report
                     most traffic.

    madwifi_g       Atheros             Linux       madwifi
                    http://sourceforge.net/projects/madwifi/
                    Capture interface:  'athX'
                    Capture interface:  'wifiX' (Madwifi-NG)
                    Madwifi drivers in 802.11g-only mode.  This will, 
                     obviously, also see 11b networks.
                    When using madwifi-ng, be sure all non-monitor VAPs have
                     been removed, otherwise madwifi will not properly report
                     most traffic.

    madwifi_ab      Atheros             Linux       madwifi
                    http://sourceforge.net/projects/madwifi/
                    Capture interface:  'athX'
                    Capture interface:  'wifiX' (Madwifi-NG)
                    Madwifi drivers in 802.11a and 802.11b combo mode.  This
                     will seamlessly switch between bands during channel 
                     hopping.
                    When using madwifi-ng, be sure all non-monitor VAPs have
                     been removed, otherwise madwifi will not properly report
                     most traffic.

    madwifi_ag      Atheros             Linux       madwifi
                    http://sourceforge.net/projects/madwifi/
                    Capture interface:  'athX'
                    Capture interface:  'wifiX' (Madwifi-NG)
                    Madwifi drivers in 802.11a and 802.11g combo mode.  This
                     will seamlessly switch between bands during channel 
                     hopping.
                    When using madwifi-ng, be sure all non-monitor VAPs have
                     been removed, otherwise madwifi will not properly report
                     most traffic.

    madwifing_a     Atheros             Linux       madwifi-ng
    madwifing_ab    Atheros             Linux       madwifi-ng
    madwifing_ag    Atheros             Linux       madwifi-ng
    madwifing_g     Atheros             Linux       madwifi-ng
    madwifing_b     Atheros             Linux       madwifi-ng
                    http://sourceforge.net/projects/madwifi/
                    Capture interface:  'wifiX'
                    *Deprecated*.  Detection for madwifi-ng is built into
                     the standard madwifi sources.  The _ng source names
                     have been kept to allow old configs to continue
                     functioning.

    nokia770        Nokia               Linux       Nokiea
                    http://maemo.org/
                    Nokia770 capture interface.  Includes support for 
                    validating frame checksums to screen out junk 
                    packets, since the drivers pass us all data.

    nokia8x0        Nokia 800,810
                    http://maemo.org/
                    Nokia 8x0 capture interface, including support for
                    FCS validation.
                    The Nokia drivers appear to exhibit instability while
                    capturing where they stop reporting packets.  This may
                    be minimized by setting the Network Scan interval to
                    "never" in the control panel->networking section.

    orinoco         Lucent, Orinoco     Linux       Patched orinoco_cs
                    http://airsnort.shmoo.com/orinocoinfo.html
                    The Orinoco drivers which have mainlined into the Linux
                     kernel do support monitor mode, however only specific firmware
                     versions are supported and often they do not work.
                    An up-ported version of the older Orinoco drivers which more
                     reliably supported rfmon may be available at:
                     http://www.projectiwear.org/~plasmahh/orinoco.html
                    Generally, Orinoco cards are not recommended for use with
                     Kismet due to these limitations.

    orinoco_14      Lucent, Orinoco     Linux       Orinoco 0.14+
                    https://savannah.nongnu.org/projects/orinoco/
                    This source is deprecated and should only be used with
                    pre-release versions of a driver since merged into the Linux
                    kernel.

    pcapfile        n/a                 Any         n/a
                    Capture interface:  '/path/to/file' 
                    The pcapfile capture source feeds a stored 802.11-encap
                     dump file through the Kismet engine again.  This can be
                     useful for debugging or rescanning old logs for 
                     alert conditions.  Pcapfile sources are only available
                     if Kismet was compiled with libpcap support.

    prism2_openbsd  Prism/2             OpenBSD     Kernel
                    Full support for Prism2 under OpenBSD.

    prism54g        PrismGT             Linux       prism54
                    http://www.prism54.org
                    PrismGT 802.11g drivers supporting monitor mode.

    radiotap_bsd_ab Radiotap            BSD         Kernel
                    Dual-band cards with radiotap headers.

    radiotap_bsd_a Radiotap              BSD        Kernel
                    802.11a cards (or dual-band on 11a channels only) with 
                     radiotap headers. 

    radiotap_bsd_b Radiotap             BSD         Kernel
                    802.11b/g cards (or dual-band on 11b channels only) with
                     radiotap headers. 

    rt2400          Ralink 2400 11b     Linux       rt2400-gpl
                    http://rt2x00.serialmonkey.com/
                    Ralink 2400 802.11b cards using the serialmonkey GPL'd 
                     rt2x00 drivers.  Must use 1.2.2 beta 2 or newer drivers.

    rt2500          Ralink 2500 11g     Linux       rt2500-gpl
                    http://rt2x00.serialmonkey.com/
                    Ralink 2500 802.11g cards using the serialmonkey GPL'd 
                     rt2x00 drivers.  Must use 1.1.0 beta 2 or newer drivers.

    rt73            Ralink 73   11g     Linux       rt73-gpl-cvs
                    http://rt2x00.serialmonkey.com/
                    Ralink 73 802.11g USB cards using the serialmonkey GPL'd
                     rt79 drivers (tested only with CVS driver versions)

    rt8180          Realtek 8180 11b    Linux       rtl8180-sa2400
                    http://rtl8180-sa2400.sourceforge.net/
                    Realtek 8180 based cards (there seem to be an awful lot of
                     them) using the GPL drivers.

    viha            Airport             OSX         viha
                    http://www.dopesquad.net/security/
                    Monitor mode support for Airport under OSX.  Does not
                     support Airport Extreme.

    vtar5k          Atheros 802.11a     Linux       vtar5k
                    http://team.vantronix.net/ar5k/
                    vtar5k drivers handle some Atheros 802.11a cards.  Chances
                     are you'll have better luck with madwifi drivers.

    wlanng_legacy   Prism/2             Linux       wlan-ng 0.1.3 and earlier
                    http://www.linux-wlan.com/
                    Old wlan-ng drivers didn't support pcap capturing and
                     use a netlink socket to the kernel.  These are still in
                     use on some embedded systems (like the Zaurus).

    wlanng          Prism/2             Linux       wlan-ng 0.1.4 - 0.1.9
                    http://www.linux-wlan.com/
                    Wlan-ng prism2 drivers prior to the AVS headers.

    wlanng_avs      Prism/2             Linux       wlan-ng 0.2.0+
                    http://www.linux-wlan.com/
                    Newer wlan-ng drivers support a new header type and 
                     slightly different monitor commands to report wepped
                     packets.

    wrt54g          Linksys WRT54G      Linux       linksys
                    http://seattlewireless.net/index.cgi/LinksysWrt54g  
                    Capture interface:  'wlX'
                    Support for the newer firmware versions on the 
                     WRT54G/S/L devices (and any others using the broadcom
                     reference chipset).
                    Some systems generate a secondary device, prism0, while
                     in monitor mode and require special care while channel
                     hopping, it is no longer necessary to specify the prism0
                     device explicitly for Kismet.

    wsp100          NetChem WSP100      Any         n/a
                    http://networkchemistry.com/
                    Capture interface:  'host:port'
                    The WSP100 is an embedded device which reports 802.11
                     packets over UDP.  The wsp100 capture source is 
                     (generally) system agnostic, however over time it has
                     been less maintained than others.  If you'd like to
                     send me patches for this, please let me know.

    zd1211          ZyDAS USB           Linux       zd1211
                    http://zd1211.ath.cx
                    The ZD1211 drivers have had some regressions which lead to 
                     data corruption while changing channel.  Some versions 
                     work, and typically the aircrack patches resolve the
                     corruption issues if your version doesn't properly handle
                     rfmon.

    Chipsets known to NOT WORK:
     Broadcom           - No linux drivers, only useable with ndiswrapper or
                          linuxant wrappers around windows drivers.
                          *** UPDATE ***
                          See the bcm43xx source type entry.  There are
                          experimental reverse-engineered drivers which have
                          monitor mode support now under Linux!  If they don't
                          work, however, then too bad.
     Airport Extreme    - Really a Broadcom, with no rfmon in the OSX drivers.
                          *** UPDATE ***
                          See the bcm source for linux on ppc, it MAY work, it
                          may not.  Currently theres no solution for OSX but
                          I'm looking for OSX hackers interested in redoing the
                          Kismet port and looking into adding more support.
     Atmel              - There is a hack for pseudo-monitor in USB.  There is
                          currently no equivalent hack for PCMCIA.
     HermesII           - Proxim successor to the Orinoco/HermesI.  No support
                          yet in the drivers, may be available in the future.
     ndiswrapper        - Anything using ndiswrapper is using WINDOWS drivers
                          AND CAN NOT BE USED WITH KISMET.