You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I came to nzyme as a good first step to mitigate risks with denial of service attacks (DoS). I have followed the official docs to prepare nzymenzyme install-ubuntu and several topics online to clarify some things. A few things was left unclear, but from my perspective the configuration I have set up should be enough to run nzyme. The issues I faced with are:
[a] on nzyme start my wifi network (from laptop perspective) is fall down with error in logs:
[probe-loop-0] ERROR horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - org.pcap4j.core.PcapNativeException: Error occurred in pcap_next_ex(): The interface went down
full log:
[main] INFO horse.wtf.nzyme.configuration.leader.LeaderConfigurationLoader - Skipping disabled alert callback of type [email].
[main] INFO horse.wtf.nzyme.configuration.leader.LeaderConfigurationLoader - Skipping disabled alert callback of type [file].
[main] INFO horse.wtf.nzyme.dot11.networks.sentry.Sentry - Loading <0> SSIDs from database into sentry table.
[main] INFO horse.wtf.nzyme.systemstatus.SystemStatus - Set system status [RUNNING].
[main] INFO horse.wtf.nzyme.systemstatus.SystemStatus - Set system status [TRAINING].
[main] INFO horse.wtf.nzyme.NzymeLeaderImpl - Training period ends in <300> seconds.
[main] INFO horse.wtf.nzyme.NzymeLeaderImpl - Initializing nzyme version: 1.2.2 built at [<time>].
[main] INFO horse.wtf.nzyme.NzymeLeaderImpl - Active alerts: [UNEXPECTED_BSSID, UNEXPECTED_SSID, CRYPTO_CHANGE, UNEXPECTED_CHANNEL, UNEXPECTED_FINGERPRINT, BEACON_RATE_ANOMALY, MULTIPLE_SIGNAL_TRACKS, PWNAGOTCHI_ADVERTISEMENT, BANDIT_CONTACT, UNKNOWN_SSID, DEAUTH_FLOOD]
[main] INFO horse.wtf.nzyme.ouis.OUIManager - Fetching and updating list of OUIs from [http://standards-oui.ieee.org/oui/oui.txt]. This might take a moment.
[main] INFO horse.wtf.nzyme.ouis.OUIManager - Done! Now <31870> OUIs in memory. Download time <1842ms>, parsing time <4s>.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [OUIUpdater] for every <12 HOURS> with <12 HOURS> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [MeasurementsWriter] for every <1 MINUTES> with <1 MINUTES> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [MeasurementsCleaner] for every <10 MINUTES> with <0 MINUTES> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [BeaconRateWriter] for every <60 SECONDS> with <60 SECONDS> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [BeaconRateCleaner] for every <10 MINUTES> with <0 MINUTES> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [SignalIndexHistogramWriter] for every <60 SECONDS> with <60 SECONDS> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [SignalIndexHistogramCleaner] for every <10 MINUTES> with <0 MINUTES> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [ProbeStatusMonitor] for every <1 MINUTES> with <1 MINUTES> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [VersioncheckThread] for every <60 MINUTES> with <0 MINUTES> initial delay.
[periodicals-4] INFO horse.wtf.nzyme.periodicals.versioncheck.VersioncheckThread - Starting to check for most recent nzyme version.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [BeaconRateAnomalyAlertMonitor] for every <60 SECONDS> with <60 SECONDS> initial delay.
[main] INFO horse.wtf.nzyme.periodicals.PeriodicalManager - Scheduling [SignalTrackMonitor] for every <60 SECONDS> with <60 SECONDS> initial delay.
[periodicals-4] ERROR horse.wtf.nzyme.periodicals.versioncheck.VersioncheckThread - Could not check for newest nzyme version. Expected HTTP <200> but received HTTP <403>. Please consult the README.
[main] INFO horse.wtf.nzyme.NzymeLeaderImpl - Started web interface and REST API at [http://127.0.0.1:22900/]. Access it at: [http://127.0.0.1:22900/]
[probe-loop-0] INFO horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - Commencing 802.11 frame processing on [<wireless adapter name>] ... (⌐■_■)–︻╦╤─ – – pew pew
[probe-loop-0] INFO horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - Building PCAP handle on interface [<wireless adapter name>]
[probe-loop-0] INFO horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - PCAP handle for [broad-monitor-<wireless adapter name>] acquired. Cycling through channels <1,2,3,4,5,6,7,8,9,10,11>.
[probe-loop-0] ERROR horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - org.pcap4j.core.PcapNativeException: Error occurred in pcap_next_ex(): The interface went down
[probe-loop-0] INFO horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - Building PCAP handle on interface [<wireless adapter name>]
[probe-loop-0] INFO horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - PCAP handle for [broad-monitor-<wireless adapter name>] acquired. Cycling through channels <1,2,3,4,5,6,7,8,9,10,11>.
[shutdown-hook] INFO horse.wtf.nzyme.NzymeLeaderImpl - Shutting down.
[shutdown-hook] INFO horse.wtf.nzyme.systemstatus.SystemStatus - Unset system status [RUNNING].
[shutdown-hook] INFO horse.wtf.nzyme.systemstatus.SystemStatus - Set system status [SHUTTING_DOWN].
unable to sign in on server by ip 127.0.0.1:22900 with login and password defined in config file (403 code)
Things have been left unclear from off. docs is how to obtain a fingerprint of AP (currently it is left empty bssids: [{ address: <AP mac>, fingerprints: [] }]) and how to define a unique wireless adapter name as there is no file with name referenced in docs (default name is left wlp****)
Is this information enough to figure out an issue and next steps to fix it?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello,
I came to
nzyme
as a good first step to mitigate risks with denial of service attacks (DoS). I have followed the official docs to preparenzyme
nzyme install-ubuntu and several topics online to clarify some things. A few things was left unclear, but from my perspective the configuration I have set up should be enough to runnzyme
. The issues I faced with are:[probe-loop-0] ERROR horse.wtf.nzyme.dot11.probes.Dot11MonitorProbe - org.pcap4j.core.PcapNativeException: Error occurred in pcap_next_ex(): The interface went down
full log:
Things have been left unclear from off. docs is how to obtain a fingerprint of AP (currently it is left empty
bssids: [{ address: <AP mac>, fingerprints: [] }]
) and how to define a unique wireless adapter name as there is no file with name referenced in docs (default name is left wlp****)Is this information enough to figure out an issue and next steps to fix it?
Thanks!
Beta Was this translation helpful? Give feedback.
All reactions