With wireless access available in many urban public areas, it’s a good idea to have a tool on hand to help find those networks. On Linux, Kismet fits that niche nicely, then blows its competitors off the airwaves by offering expanded capabilities (such as picking up cloaked networks) and functionality (server and client tools, intrustion detection).

I installed Kismet on the Slackware laptop I’ve been yapping about lately, and after a minor headache patching the drivers for my Orinoco wireless card, I had it up and running. So far, I’ve been very impressed.

Our ISP offers network access to the other offices in our building, and a couple of them run wireless access points. Occasionally I would do a survey of our perimeter to be aware of potential back doors. Under Win2K on the same laptop running NetStumbler, I didn’t pick up anything from our street-level front office; I would have to move around the building before I picked anything up.

Today I fired up Kismet from the same office, and within seconds it had picked up six networks. Two are our customers in another part of the building. One is the access point put in place by a competitor, a wireless ISP (customer didn’t bother to ask us, just assumed they needed wireless Internet for their new wireless laptops — now they’re locked into an expensive contract. Oops!). The others I’m still not sure of, but they’re not on our network so I’m guessing they’re additional antennas belonging to wireless competitors, or perhaps someone running a DSL connection in the building.

And I was only scanning about half the channels.

As I mentioned, Kismet also does wireless intrusion detection. A Kismet server can be left running on a Linux box with a wireless connection and, using the provided GUI or a third-party one, the admin can connect to the server at any time and see what’s happening on the wireless network. Upon detection of certain behaviors — say an SSID brute force attempt — it will set off an alarm.

The provided GUI isn’t all that fancy. Users select ncurses- or panel-based (panel is identical to ncurses only has color and popups) in the configure file, and the GUI starts after the server does. The GUI takes a little getting used to, but it does provide all the pertinent info in one window and surprisingly easy data manipulation.

Whether you’re looking to do some network monitoring, penetration testing, or some recreational wardriving (be respectful of others’ networks!), Kismet is definitely the go-to tool on Linux.