This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 1 and 3 (spanning 2 versions)
Revision 1 as of 2012-03-20 20:04:13
Size: 1647
Editor: KyleFeuz
Comment:
Revision 3 as of 2012-03-20 20:13:56
Size: 1668
Editor: KyleFeuz
Comment:
Deletions are marked like this. Additions are marked like this.
Line 6: Line 6:
Another protocol (Kismet Client/Server Protocol) is used by Kismet server for communication with Kismet clients. Another protocol ([[Kismet Client/Server Protocol]]) is used by Kismet server for communication with Kismet clients.
Line 47: Line 47:
 * [[http://www.kismetwireless.net] - Official Kismet Project Site  * [[http://www.kismetwireless.net|Kismet Homepage]] - Official Kismet Project Site

Kismet Drone/Server Protocol(KDSP)

Kismet is a wireless sniffer (and intrusion detection system) which is widely used to sniff Wireless LAN (e.g 802.11b, 802.11a, and 802.11g traffic). Kismet Drone/Server protocol is used by for communication between a Kismet drone and a Kismet server.

Another protocol (Kismet Client/Server Protocol) is used by Kismet server for communication with Kismet clients.

History

KDSPv1 - KDSP is currently at version 1. It is designed to be extendible and backwards compatible.

Protocol dependencies

  • TCP: Typically, KDSP uses TCP as its transport protocol. The well known TCP port for KDSP traffic is 2502.

Example traffic

kdsp_screenshot.png

Wireshark

The KDSP dissector is partially functional. While most of the communication is correctly dissected, not all bitmaps are translated to a readable format.

Preference Settings

None

Example capture file

Display Filter

A complete list of KDSP display filter fields can be found in the display filter reference

  • Show only the KDSP based traffic:

     kdsp 

Capture Filter

You cannot directly filter KDSP protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one.

  • Capture only the KDSP traffic over the default port (2502):

     tcp port 2502 

Discussion

KDSP (last edited 2012-03-20 20:14:57 by KyleFeuz)