SweetSecurity Flooding Logs

[booth-f]

So I've got a 2 box setup working where I have a sensor install on one machine and the web index on another and it appears to be working?

My only issue is at the moment SweetSecurity is absolutely flooding its log file and generating too much noise.

Tailing the SweetSecurity logfile and I see this

2018-06-29 09:00:17,815: Error spoofing device: 'NoneType' object has no attribute 'getitem' 2018-06-29 09:00:17,817: Error spoofing device: 'NoneType' object has no attribute 'getitem' 2018-06-29 09:00:17,819: Error spoofing device: 'NoneType' object has no attribute 'getitem' 2018-06-29 09:00:17,821: Error spoofing device: 'NoneType' object has no attribute 'getitem' 2018-06-29 09:00:17,824: Error spoofing device: 'NoneType' object has no attribute 'getitem' 2018-06-29 09:00:17,826: Error spoofing device: 'NoneType' object has no attribute 'getitem' 2018-06-29 09:00:17,828: Error spoofing device: 'NoneType' object has no attribute 'getitem' 2018-06-29 09:00:17,830: Error spoofing device: 'NoneType' object has no attribute 'getitem'

not really sure what is going on and my own attempts to find where the problem is haven't turned up anything yet.

[juniperz]

I had the same problem as you did. I ended up disabling spoofing to see if everything else worked. After fixing this issue https://github.com/TravisFSmith/SweetSecurity/issues/47 I re-enabled spoofing and the problem wen away for me. So maybe you have a Mac Vendor on your network that has a single quote in the name?

You can look in /opt/sweetsecurity/client/nmap_scans/pingSweep.xml to see all your vendor names. Look for one with ' in the name.