Kismet stopped working

I had kismet running fine, detecting sources. I tried it today and it's no longer working!

Code:

[user@the-one ~]$ sudo kismet
Launching kismet_server: /usr/bin/kismet_server
Will drop privs to user (500) gid 500
Non-RFMon VAPs will be destroyed on multi-vap interfaces (ie, madwifi-ng)
Enabling channel hopping.
Enabling channel splitting.
NOTICE: Disabling channel hopping, no enabled sources are able to change channel.
Source 0 (madwifi): Enabling monitor mode for madwifi_ag source interface wifi0 channel 6...
ERROR:  Unable to create VAP: Invalid argument
ERROR:  Unable to create monitor-mode VAP
WARNING: wifi0 appears to not accept the Madwifi-NG controls. Will attempt to configure it as a standard Madwifi-old interface. If you are using madwifi-ng, be sure to set the source interface to the wifiX control interface, NOT athX
FATAL: channel get ioctl failed 22:Invalid argument
Done.

It's very odd as I can't think what I've changed - certainly isn't the kimet.conf.
I have updated with liveupdate to the latest patches - there was a wireless driver one not long ago - could this be the culprit?

I use the following script to enable / disable monitoring:

Code:

#!/bin/sh
if [ $# -eq 0 ]
then
        echo "madwifi WLAN control - bring atheros interfaces in or out of monitor mode"
        echo "By Buzh - [url]http://paranoia.no[/url] - All rites reversed"
        echo "Usage: `basename $0` "
        echo "Valid commands are:"
        echo "mon - Enter monitor mode"
        echo "reg - Revert to normal mode"
        exit 65
fi

if [ $1 = "mon" ]
then
        echo "Trying to make interface go in monitor mode.."

        IW_INTERFACES=$(/sbin/iwconfig | grep 802.11 | awk '{print $1}')

        for i in $IW_INTERFACES
        do
                echo Destroying existing VAPs:
                /usr/local/bin/wlanconfig $i destroy
        done

        echo Done destroying VAPs, creating new:

        /usr/local/bin/wlanconfig ath0 create wlandev wifi0 wlanmode monitor

        echo Done!

fi

if [ $1 = "reg" ]
then
        echo "Trying to return to normal operation:"
        #/sbin/rmmod ath_pci && /sbin/modprobe ath_pci
        /usr/local/bin/wlanconfig ath0 destroy wifi0 & /usr/local/bin/wlanconfig ath0 create wlandev wifi0 wlanmode sta
        echo "Done"

Any ideas? It's driving me crazy!

 

My /etc/kismet/kismet.conf

Code:

 servername=Kismet
    suiduser=user
    networkmanagersleep=true
    source=madwifi_ag,wifi0,madwifi
    enablesources=madwifi
    vapdestroy=true
    channelhop=true
    channelvelocity=5
    channelsplit=true

    defaultchannels=IEEE80211b:1,6,11,2,7,3,8,4,9,5,10
    defaultchannels=IEEE80211g:1,6,11,2,7,3,8,4,9,5,10
    defaultchannels=IEEE80211a:36,40,44,48,52,56,60,64
    defaultchannels=IEEE80211ab:1,6,11,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64
    tcpport=2501
    allowedhosts=127.0.0.1
    bindaddress=127.0.0.1
    maxclients=5

    gps=false
    gpshost=localhost:2947
    gpsmodelock=false

    alert=NETSTUMBLER,10/min,1/sec
    alert=WELLENREITER,10/min,1/sec
    alert=LUCENTTEST,10/min,1/sec
    alert=DEAUTHFLOOD,10/min,2/sec
    alert=BCASTDISCON,10/min,2/sec
    alert=CHANCHANGE,5/min,1/sec
    alert=AIRJACKSSID,5/min,1/sec
    alert=PROBENOJOIN,10/min,1/sec
    alert=DISASSOCTRAFFIC,10/min,1/sec
    alert=NULLPROBERESP,10/min,1/sec
    alert=BSSTIMESTAMP,10/min,1/sec
    alert=MSFBCOMSSID,10/min,1/sec
    alert=LONGSSID,10/min,1/sec
    alert=MSFDLINKRATE,10/min,1/sec
    alert=MSFNETGEARBEACON,10/min,1/sec
    alert=DISCONCODEINVALID,10/min,1/sec
    alert=DEAUTHCODEINVALID,10/min,1/sec

    allowkeytransmit=true
    writeinterval=300
    trackivs=false
    sound=false
    soundplay=/usr/bin/play
    sound_new=/usr/share/kismet/wav/new_network.wav
    sound_traffic=/usr/share/kismet/wav/traffic.wav
    sound_junktraffic=/usr/share/kismet/wav/junk_traffic.wav
    sound_alert=/usr/share/kismet/wav/alert.wav
    speech=false
    festival=/usr/bin/festival
    flite=false
    darwinsay=false
    speech_voice=default
    speech_type=nato
    speech_encrypted=New network detected, s.s.i.d. %s, channel %c, network encrypted.
    speech_unencrypted=New network detected, s.s.i.d. %s, channel %c, network open.
    ap_manuf=ap_manuf
    client_manuf=client_manuf
    metric=false
    waypoints=false
    waypointdata=%h/.gpsdrive/way_kismet.txt
    waypoint_essid=false
    alertbacklog=50
    logtypes=dump,network,csv,xml,weak,cisco,gps
    trackprobenets=true
    noiselog=false
    corruptlog=true
    beaconlog=true
    phylog=true
    mangledatalog=true
    fuzzycrypt=wtapfile,wlanng,wlanng_legacy,wlanng_avs,hostap,wlanng_wext,ipw2200,ipw2915
    fuzzydecode=wtapfile,radiotap_bsd_a,radiotap_bsd_g,radiotap_bsd_bg,radiotap_bsd_b,pcapfile
    netfuzzycrypt=true
    dumptype=wiretap
    dumplimit=0
    logdefault=Kismet
    logtemplate=/var/log/kismet/%n-%d-%i.%l
    piddir=/var/run/
    configdir=%h/
    ssidmap=ssid_map
    groupmap=group_map
    ipmap=ip_map

 

try this command

Code:

kismet -c madwifi_g,wifi0,Atheros

or this command

Code:

kismet -c madwifi_g,wifi0,madwifi

 

Nope. No luck with either command.

Can anyone confirm they've got this working with latest patch revisions and Bios 3305?

What do you use to stick the card into monitor and can anyone post a working config?

 

Bump.

C'mon. Absolutely no-one on here uses kismet eh?

 

I do. What does

Code:

modprobe | grep ath

say? I'm wondering if during the update process you've been switched over to the ath5k driver...

Perry
www.kidpub.com

 

I do, but I'm running Ubuntu 8.10 and the ath5k wifi drivers. I had to fiddle with the sources line, but this is what finally worked for me:
source=ath5k,wlan0,ath5k

 

Code:

modprobe -l | grep madwifi

Returns all the madwifi details as expected - nothing for ath5k...

Any more ideas people?