Scribd
Upload
263 views19 pages

Understanding Wardriving Legality

Wardriving involves driving around with a wireless-enabled device to map open wireless networks. A wardriving experiment in Seattle found 29 available networks in 2 hours, with only 3 requiring security. Wardriving is legal but can enable illegal access if networks are hacked. It reveals how many networks have inadequate security like missing encryption. While informative, it also raises privacy and security risks if misused to access networks without permission.

Uploaded by

Riux Mendoza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
263 views19 pages

Understanding Wardriving Legality

Wardriving involves driving around with a wireless-enabled device to map open wireless networks. A wardriving experiment in Seattle found 29 available networks in 2 hours, with only 3 requiring security. Wardriving is legal but can enable illegal access if networks are hacked. It reveals how many networks have inadequate security like missing encryption. While informative, it also raises privacy and security risks if misused to access networks without permission.

Uploaded by

Riux Mendoza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Wardriving

7/29/2004

The Bad Karma Gang


Agenda

Introduction to Wardriving

The Tools of Wardriving

Wardriving Green Lake


What is War Driving?
Definition:
Driving through a neighborhood with a wireless-
enabled notebook computer in search for wireless
access points (APs)

Purpose:
Analyze Wireless LANs & show which APs are open

Product:
Wireless Access Point Map

Origin:
War dialing
Some Results of War Driving
Wireless Access Point Maps
Wireless Internet Security Awareness
-152 networks audited-

unprotected 67.8%
netw orks

protected 32.2%
netw orks

0.0% 20.0% 40.0% 60.0% 80.0%

Nowel & Budge


-Source: [Link]-

WWWD4 (World Wide War Drive) Access point

June 12-19 , 2004 Nuis House


300,000 APs submitted worldwide

WiGLE
-[Link]-
Legal Background
Activity Legality Law

Scan access points Not illegal

Computer Fraud and


Intentional access of a computer Illegal
Abuse Act
without authorization

Electronic
Alteration of communication on
Illegal Communications
ISP network without authorization
Protection Act
Interception of communications
Illegal
as theyre going through the air Wiretap Act
Anatomy of a Hack
(Hacking Exposed 4th Edition)
War driving Process

Footprinting Scanning Enumeration Gaining Access


Address range, Find promising Find user accounts Informed attempts
namespace acquisition points of entry and poorly protected shares to access target

Escalating Privilege Pilfering Covering Tracks Creating Back Doors


Gain complete Gain access to Ensure ability to
Hide system privileges
control of system trusted systems regain access at will

Denial of Service
Create ability to disable target
Legal Illegal
Possible Risks

War driving = not illegal

Beyond war driving = illegal


Encryption key cracking

Free internet access

Identity exposure and theft

Network resource utilization


Availability Confidentiality
Data theft

Denial-of-service Integrity
Other hacking activities
Typical Wardriving Setup
GPS
Mouse

Notebook
computer

802.11 network
sniffing software (e.g. GPS
Netstumbler) Software
Display

Text to speech software


"new network found. ssid is thd-
wireless. channel 6. network open."

Power
Cable
Netstumbler Screenshot
For the thrifty and adventurous wardriver
Build a Cantenna
[Link]
Protection of Wireless Networks

Use Wired Equivalency Privacy (WEP)


Network card encrypts payload using RC4 cipher
Receiving station decrypts upon arrival
Only works between 802.11 stations.
No longer applies once payload enters wired side of network
Users should change default password and Service Set Identifier
Users should change keys often

Physically locate access point to avoid spilling signal off premises

Install hardware or software firewall

Use passwords for sensitive folders and files

Users should perform wardriving test


Experiment: War Driving Seattle

* Doonesbury, December, 2002.


Wardriving: Been there, done that?

* War Kayaking, Summer, 2003.


War Driving Experiments
Experiment 1: Open door
Opened SBG1000
wireless Internet
gateway
Meant to disable 16
bit encryption
Discovered traffic in
logs when home
computers off
Experiment 2: Tools of the trade

+ + = Access
Results: Access Gained

My house
Results
29 Available networks Only 3 required a key
in 2 short hours of any kind
All available from
parked car on
crowded streets
Colorful names for
wireless routers
hotstuff, red libre,
eatshitanddie
most use
manufacturer name
Discussion

The Bad Karma Gang


-Social Engineer Alumni Relations-

You might also like