The default configuration of Kismet, the de facto 802.11 wireless network sniffer for UNIX and UNIX-like operating systems, comes with a “safe set” of channels known to work with most 802.11abg radios out there.
If you, like me, have a non-American 802.11abg radio the standard
kismet.conf file is not quite enough for using your radio to the full potential.
To come across this you first need to find out which channels your 802.11abg radio actually supports. Under FreeBSD this is easily accomplished by running
ifconfig IFACE list chan (or
ifconfig IFACE list active if you have limited the number of channels in your configuration).
Example output from my Intel PRO/Wireless 2915ABG:
$ ifconfig iwi0 list chan Channel 1 : 2412 Mhz 11g Channel 36 : 5180 Mhz 11a Channel 2 : 2417 Mhz 11g Channel 40 : 5200 Mhz 11a Channel 3 : 2422 Mhz 11g Channel 44 : 5220 Mhz 11a Channel 4 : 2427 Mhz 11g Channel 48 : 5240 Mhz 11a Channel 5 : 2432 Mhz 11g Channel 52 : 5260 Mhz 11a Channel 6 : 2437 Mhz 11g Channel 56 : 5280 Mhz 11a Channel 7 : 2442 Mhz 11g Channel 60 : 5300 Mhz 11a Channel 8 : 2447 Mhz 11g Channel 64 : 5320 Mhz 11a Channel 9 : 2452 Mhz 11g Channel 149 : 5745 Mhz 11a Channel 10 : 2457 Mhz 11g Channel 153 : 5765 Mhz 11a Channel 11 : 2462 Mhz 11g Channel 157 : 5785 Mhz 11a Channel 12 : 2467 Mhz 11g Channel 161 : 5805 Mhz 11a Channel 13 : 2472 Mhz 11g Channel 165 : 5825 Mhz 11a
To use the full set of channels in Kismet you will need to modify the existing
kismet.conf to read something like this:
defaultchannels=IEEE80211b:1,7,13,2,8,3,14,9,4,10,5,11,6,12 defaultchannels=IEEE80211g:1,7,13,2,8,3,14,9,4,10,5,11,6,12 defaultchannels=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165 defaultchannels=IEEE80211ab:1,7,13,2,8,3,14,9,4,10,5,11,6,12,36,40,44,48,52,56,60,64,149,153,157,161,165
While this will make kismet scan all the available channels, this is hardly ever what you want (no need for scanning 802.11a channels when you know the network you’re debugging is on 802.11g). To deal with this you can add the following lines to
source=radiotap_bsd_ab,iwi0,ABG source=radiotap_bsd_b,iwi0,BG source=radiotap_bsd_a,iwi0,A enablesources=BG
This will cause Kismet to channelhop on the previously defined 802.11bg channels by default, but still allow selecting only e.g. 802.11a channels by starting Kismet with
kismet -C A.