How to Enable and Disable Monitor Mode in Kali Linux

In this tutorial, we will learn how to enable and disable monitor mode in Kali Linux.

But first, what is monitor mode in Kali Linux? Monitor mode is a setting for wireless network interface cards (NICs) that will allow to passively listen and capture all wireless traffic on a particular wireless channel. Unlike the managed mode where the NIC engages with an access point to transmit and receive data, in monitor mode, the NIC passively listens to intercept and capture packets without engaging with any access point. Monitor mode is most commonly used for network analysis, packet sniffing, security auditing, and penetration testing.

How to enable monitor mode in Kali Linux?

To enable monitor mode in Kali Linux, we will be using the tool ‘airmon-ng’. Here are the steps:

1. Open terminal with “ctrl + alt + t”

2. Next, you need to identify the wireless interfaces. Run the following command:

iwconfig

*This will list all the available wireless interfaces. Note down the name of the interface that you turn on the monitor mode on. I have 2 wireless interfaces – wlan0 and wlan1. I want to turn on the monitor mode for wlan0.

3. Switch to the root user

sudo su

4. Disable the network interface you selected earlier. Since I chose wlan0, the command for me is:

ifconfig wlan0 down

5. Kill the processes that might interfere with turning on the monitor mode for wireless interfaces

airmon-ng check kill

*The process wpa-supplicant(PID:2430) has been stopped. You will also notice that the internet has been disconnected. Do not worry as the internet will come back when we disable the monitor mode

6. Now we can use the airmon-ng to activate the monitor mode on wlan0.

airmon-ng start wlan0

7. Finally, confirm the status by running the “iwconfig” again.

*The ‘wlan0’ has been changed to ‘wlan0mon’. The mode should also be displayed as “Monitor”

How to disable monitor mode in Kali Linux?

If you want to disable the monitor mode, follow the steps below:

1. Stop the monitor mode on the wireless interface ‘wlan0mon’. “airmon-ng stop wlan0mon” will stop the monitoring activities and return back to managed mode.

    airmon-ng stop wlan0mon


    2. Restart the NetworkManager service and your internet connection will be restored.

    service NetworkManager restart