kismet.conf 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304
  1. # Kismet config file
  2. # Most of the "static" configs have been moved to here -- the command line
  3. # config was getting way too crowded and cryptic. We want functionality,
  4. # not continually reading --help!
  5. # Version of Kismet config
  6. version=2009-newcore
  7. # Name of server (Purely for organizational purposes)
  8. # If commented out, defaults to host name of system
  9. # servername=Kismet Server
  10. # Prefix of where we log (as used in the logtemplate later)
  11. logprefix=/tmp
  12. # Do we process the contents of data frames? If this is enabled, data
  13. # frames will be truncated to the headers only immediately after frame type
  14. # detection. This will disable IP detection, etc, however it is likely
  15. # safer (and definitely more polite) if monitoring networks you do not own.
  16. # hidedata=true
  17. # Do we allow plugins to be used? This will load plugins from the system
  18. # and user plugin directiories when set to true (See the README for the default
  19. # plugin locations).
  20. allowplugins=false
  21. # See the README for full information on the new source format
  22. # ncsource=interface:options
  23. # for example:
  24. # ncsource=wifi0:type=madwifi
  25. # ncsource=wlan0:name=intel,hop=false,channel=11
  26. ncsource=wlan0
  27. # Comma-separated list of sources to enable. This is only needed if you defined
  28. # multiple sources and only want to enable some of them. By default, all defined
  29. # sources are enabled.
  30. # For example, if sources with name=prismsource and name=ciscosource are defined,
  31. # and you only want to enable those two:
  32. # enablesources=prismsource,ciscosource
  33. # Control which channels we like to spend more time on. By default, the list
  34. # of channels is pulled from the driver automatically. By setting preferred channels,
  35. # if they are present in the channel list, they'll be set with a timing delay so that
  36. # more time is spent on them. Since 1, 6, 11 are the common default channels, it makes
  37. # sense to spend more time monitoring them.
  38. # For finer control, see further down in the config for the channellist= directives.
  39. preferredchannels=1,6,11
  40. # How many channels per second do we hop? (1-10)
  41. channelvelocity=3
  42. # By setting the dwell time for channel hopping we override the channelvelocity
  43. # setting above and dwell on each channel for the given number of seconds.
  44. #channeldwell=10
  45. # Channels are defined as:
  46. # channellist=name:ch1,ch2,ch3
  47. # or
  48. # channellist=name:range-start-end-width-offset,ch,range,ch,...
  49. #
  50. # Channels may be a numeric channel or a frequency
  51. #
  52. # Channels may specify an additional wait period. For common default channels,
  53. # an additional wait period can be useful. Wait periods delay for that number
  54. # of times per second - so a configuration hopping 10 times per second with a
  55. # channel of 6:3 would delay 3/10ths of a second on channel 6.
  56. #
  57. # Channel lists may have up to 256 channels and ranges (combined). For power
  58. # users scanning more than 256 channels with a single card, ranges must be used.
  59. #
  60. # Ranges are meant for "power users" who wish to define a very large number of
  61. # channels. A range may specify channels or frequencies, and will automatically
  62. # sort themselves to cover channels in a non-overlapping fashion. An example
  63. # range for the normal 802.11b/g spectrum would be:
  64. #
  65. # range-1-11-3-1
  66. #
  67. # which indicates starting at 1, ending at 11, a channel width of 3 channels,
  68. # incrementing by one. A frequency based definition would be:
  69. #
  70. # range-2412-2462-22-5
  71. #
  72. # since 11g channels are 22 mhz wide and 5 mhz apart.
  73. #
  74. # Ranges have the flaw that they cannot be shared between sources in a non-overlapping
  75. # way, so multiple sources using the same range may hop in lockstep with each other
  76. # and duplicate the coverage.
  77. #
  78. # channellist=demo:1:3,6:3,11:3,range-5000-6000-20-10
  79. # Default channel lists
  80. # These channel lists MUST BE PRESENT for Kismet to work properly. While it is
  81. # possible to change these, it is not recommended. These are used when the supported
  82. # channel list can not be found for the source; to force using these instead of
  83. # the detected supported channels, override with channellist= in the source definition
  84. #
  85. # IN GENERAL, if you think you want to modify these, what you REALLY want to do is
  86. # copy them and use channellist= in the packet source.
  87. channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10
  88. channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165
  89. channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165
  90. # Client/server listen config
  91. listen=tcp://127.0.0.1:2501
  92. #listen=tcp://0.0.0.0:2501
  93. # People allowed to connect, comma separated IP addresses or network/mask
  94. # blocks. Netmasks can be expressed as dotted quad (/255.255.255.0) or as
  95. # numbers (/24)
  96. allowedhosts=127.0.0.1
  97. # Maximum number of concurrent GUI's
  98. maxclients=5
  99. # Maximum backlog before we start throwing out or killing clients. The
  100. # bigger this number, the more memory and the more power it will use.
  101. maxbacklog=5000
  102. # Server + Drone config options. To have a Kismet server export live packets
  103. # as if it were a drone, uncomment these.
  104. # dronelisten=tcp://127.0.0.1:3501
  105. # droneallowedhosts=127.0.0.1
  106. # dronemaxclients=5
  107. # droneringlen=65535
  108. # OUI file, expected format 00:11:22<tab>manufname
  109. # IEEE OUI file used to look up manufacturer info. We default to the
  110. # wireshark one since most people have that.
  111. #ouifile=/usr/share/manuf
  112. # Do we have a GPS?
  113. gps=false
  114. # Do we use a locally serial attached GPS, or use a gpsd server, or
  115. # use a fixed virtual gps?
  116. # (Pick only one)
  117. gpstype=gpsd
  118. # Host:port that GPSD is running on. This can be localhost OR remote!
  119. gpshost=localhost:2947
  120. # gpstype=serial
  121. # What serial device do we look for the GPS on?
  122. # gpsdevice=/dev/rfcomm0
  123. # gpstype=virtual
  124. # gpsposition=100,-50
  125. # gpsaltitude=1234
  126. # Do we lock the mode? This overrides coordinates of lock "0", which will
  127. # generate some bad information until you get a GPS lock, but it will
  128. # fix problems with GPS units with broken NMEA that report lock 0
  129. gpsmodelock=false
  130. # Do we try to reconnect if we lose our link to the GPS, or do we just
  131. # let it die and be disabled?
  132. gpsreconnect=true
  133. # Do we export packets over tun/tap virtual interfaces?
  134. tuntap_export=false
  135. # What virtual interface do we use
  136. tuntap_device=kistap0
  137. # Packet filtering options:
  138. # filter_tracker - Packets filtered from the tracker are not processed or
  139. # recorded in any way.
  140. # filter_export - Controls what packets influence the exported CSV, network,
  141. # xml, gps, etc files.
  142. # All filtering options take arguments containing the type of address and
  143. # addresses to be filtered. Valid address types are 'ANY', 'BSSID',
  144. # 'SOURCE', and 'DEST'. Filtering can be inverted by the use of '!' before
  145. # the address. For example,
  146. # filter_tracker=ANY(!"00:00:DE:AD:BE:EF")
  147. # has the same effect as the previous mac_filter config file option.
  148. # filter_tracker=...
  149. # filter_dump=...
  150. # filter_export=...
  151. # filter_netclient=...
  152. # Alerts to be reported and the throttling rates.
  153. # alert=name,throttle/unit,burst
  154. # The throttle/unit describes the number of alerts of this type that are
  155. # sent per time unit. Valid time units are second, minute, hour, and day.
  156. # Burst describes the number of alerts sent before throttling takes place.
  157. # For example:
  158. # alert=FOO,10/min,5
  159. # Would allow 5 alerts through before throttling is enabled, and will then
  160. # limit the number of alerts to 10 per minute.
  161. # A throttle rate of 0 disables throttling of the alert.
  162. # See the README for a list of alert types.
  163. alert=ADHOCCONFLICT,5/min,1/sec
  164. alert=AIRJACKSSID,5/min,1/sec
  165. alert=APSPOOF,10/min,1/sec
  166. alert=BCASTDISCON,5/min,2/sec
  167. alert=BSSTIMESTAMP,5/min,1/sec
  168. alert=CHANCHANGE,5/min,1/sec
  169. alert=CRYPTODROP,5/min,1/sec
  170. alert=DISASSOCTRAFFIC,10/min,1/sec
  171. alert=DEAUTHFLOOD,5/min,2/sec
  172. alert=DEAUTHCODEINVALID,5/min,1/sec
  173. alert=DISCONCODEINVALID,5/min,1/sec
  174. alert=DHCPNAMECHANGE,5/min,1/sec
  175. alert=DHCPOSCHANGE,5/min,1/sec
  176. alert=DHCPCLIENTID,5/min,1/sec
  177. alert=DHCPCONFLICT,10/min,1/sec
  178. alert=NETSTUMBLER,5/min,1/sec
  179. alert=LUCENTTEST,5/min,1/sec
  180. alert=LONGSSID,5/min,1/sec
  181. alert=MSFBCOMSSID,5/min,1/sec
  182. alert=MSFDLINKRATE,5/min,1/sec
  183. alert=MSFNETGEARBEACON,5/min,1/sec
  184. alert=NULLPROBERESP,5/min,1/sec
  185. alert=PROBENOJOIN,5/min,1/sec
  186. # Controls behavior of the APSPOOF alert. SSID may be a literal match (ssid=) or
  187. # a regex (ssidregex=) if PCRE was available when kismet was built. The allowed
  188. # MAC list must be comma-separated and enclosed in quotes if there are multiple
  189. # MAC addresses allowed. MAC address masks are allowed.
  190. #apspoof=Foo1:ssidregex="(?i:foobar)",validmacs=00:11:22:33:44:55
  191. #apspoof=Foo2:ssid="Foobar",validmacs="00:11:22:33:44:55,aa:bb:cc:dd:ee:ff"
  192. # Known WEP keys to decrypt, bssid,hexkey. This is only for networks where
  193. # the keys are already known, and it may impact throughput on slower hardware.
  194. # Multiple wepkey lines may be used for multiple BSSIDs.
  195. # wepkey=00:DE:AD:C0:DE:00,FEEDFACEDEADBEEF01020304050607080900
  196. # Is transmission of the keys to the client allowed? This may be a security
  197. # risk for some. If you disable this, you will not be able to query keys from
  198. # a client.
  199. allowkeytransmit=true
  200. # How often (in seconds) do we write all our data files (0 to disable)
  201. writeinterval=10
  202. # Do we use sound?
  203. # Not to be confused with GUI sound parameter, this controls wether or not the
  204. # server itself will play sound. Primarily for headless or automated systems.
  205. enablesound=false
  206. # Path to sound player
  207. soundbin=play
  208. sound=newnet,true
  209. sound=newcryptnet,true
  210. sound=packet,true
  211. sound=gpslock,true
  212. sound=gpslost,true
  213. sound=alert,true
  214. # Does the server have speech? (Again, not to be confused with the GUI's speech)
  215. enablespeech=false
  216. # Binary used for speech (if not in path, full path must be specified)
  217. speechbin=flite
  218. # Specify raw or festival; Flite (and anything else that doesn't need formatting
  219. # around the string to speak) is 'raw', festival requires the string be wrapped in
  220. # SayText("...")
  221. speechtype=raw
  222. # How do we speak? Valid options:
  223. # speech Normal speech
  224. # nato NATO spellings (alpha, bravo, charlie)
  225. # spell Spell the letters out (aye, bee, sea)
  226. speechencoding=nato
  227. speech=new,"New network detected s.s.i.d. %1 channel %2"
  228. speech=alert,"Alert %1"
  229. speech=gpslost,"G.P.S. signal lost"
  230. speech=gpslock,"G.P.S. signal O.K."
  231. # How many alerts do we backlog for new clients? Only change this if you have
  232. # a -very- low memory system and need those extra bytes, or if you have a high
  233. # memory system and a huge number of alert conditions.
  234. alertbacklog=50
  235. # File types to log, comma separated. Built-in log file types:
  236. # alert Text file of alerts
  237. # gpsxml XML per-packet GPS log
  238. # nettxt Networks in text format
  239. # netxml Networks in XML format
  240. # pcapdump tcpdump/wireshark compatible pcap log file
  241. # string All strings seen (increases CPU load)
  242. logtypes=pcapdump,gpsxml,netxml,alert
  243. # Format of the pcap dump (PPI or 80211)
  244. pcapdumpformat=ppi
  245. # pcapdumpformat=80211
  246. # Default log title
  247. logdefault=Kismet
  248. # logtemplate - Filename logging template.
  249. # This is, at first glance, really nasty and ugly, but you'll hardly ever
  250. # have to touch it so don't complain too much.
  251. #
  252. # %p is replaced by the logging prefix + '/'
  253. # %n is replaced by the logging instance name
  254. # %d is replaced by the starting date as Mon-DD-YYYY
  255. # %D is replaced by the current date as YYYYMMDD
  256. # %t is replaced by the starting time as HH-MM-SS
  257. # %i is replaced by the increment log in the case of multiple logs
  258. # %l is replaced by the log type (pcapdump, strings, etc)
  259. # %h is replaced by the home directory
  260. logtemplate=%p%n-%D-%t-%i.%l
  261. # Where state info, etc, is stored. You shouldn't ever need to change this.
  262. # This is a directory.
  263. configdir=%h/.kismet/