Comments on: War Driving: Can War Drivers Crash Your Wifi Party? http://www.theinternetpatrol.com/wardriving-can-wardrivers-crash-your-wifi-party Internet Safety, Windows Updates, Internet News, and More Sat, 22 Nov 2008 04:20:27 +0000 http://wordpress.org/?v=2.6.3 By: MNB http://www.theinternetpatrol.com/wardriving-can-wardrivers-crash-your-wifi-party#comment-2489 MNB Thu, 08 Sep 2005 03:25:29 +0000 /?p=531#comment-2489 I've been reading alot about wireless network security. Unfortunately, you really should enable WPA (or at the very least WEP) if you are determined to deter hackers. In addition, change the default password (and even the administrator username if possible) right away. You don't want some dude to be able to mess with your WAP settings. If you shut off your SSID broadcast, it will hide you from people using NetStumbler (which basically shouts every second "Hey AP, are you there?"). However, Kismet is designed to merely listen to the airwaves and so it will pick out non-broadcasted SSID's by simply listening to any traffic between the computers and the WAP they're talking to. Like the fellow above said, MAC addresses can easily be plucked out of the air and cloned. Same goes for IP addresses. If you are relegated to using WEP, use the very longest password you can that is a random mix of upper/lowercase letters, numbers and punctuation marks and if you can use 128 bit WEP, do it. Same goes for WPA. In fact for WPA, the only attack I've read about involves taking advantage of the fact that some people use passwords less than 32 bytes. It'll take the encrypted password and run it against a dictionary. I've read that a password longer than 32 bytes will undermine this technique pretty well. In the end, if you follow all the basic steps that are recommended in the home wireless networking guides, only a more determined hacker will be able to get into your network. Hackers with that level of skill would most likely not even bother with your machine and would rather hit a corporate network or steal the bandwidth of a less secure network. Those who run corporate networks go the extra step of setting up a login system that requires you to login and prove you are who you claim to be in order to even connect to the network. In this case, the hacker may still break the crypto and listen in to the networking traffic but they'll never be able to become part of the network, unless they know of some flaw in the login system. I’ve been reading alot about wireless network security. Unfortunately, you really should enable WPA (or at the very least WEP) if you are determined to deter hackers. In addition, change the default password (and even the administrator username if possible) right away. You don’t want some dude to be able to mess with your WAP settings.

If you shut off your SSID broadcast, it will hide you from people using NetStumbler (which basically shouts every second “Hey AP, are you there?”). However, Kismet is designed to merely listen to the airwaves and so it will pick out non-broadcasted SSID’s by simply listening to any traffic between the computers and the WAP they’re talking to.

Like the fellow above said, MAC addresses can easily be plucked out of the air and cloned. Same goes for IP addresses.

If you are relegated to using WEP, use the very longest password you can that is a random mix of upper/lowercase letters, numbers and punctuation marks and if you can use 128 bit WEP, do it. Same goes for WPA. In fact for WPA, the only attack I’ve read about involves taking advantage of the fact that some people use passwords less than 32 bytes. It’ll take the encrypted password and run it against a dictionary. I’ve read that a password longer than 32 bytes will undermine this technique pretty well.

In the end, if you follow all the basic steps that are recommended in the home wireless networking guides, only a more determined hacker will be able to get into your network. Hackers with that level of skill would most likely not even bother with your machine and would rather hit a corporate network or steal the bandwidth of a less secure network. Those who run corporate networks go the extra step of setting up a login system that requires you to login and prove you are who you claim to be in order to even connect to the network. In this case, the hacker may still break the crypto and listen in to the networking traffic but they’ll never be able to become part of the network, unless they know of some flaw in the login system.

]]> By: Secur-IT http://www.theinternetpatrol.com/wardriving-can-wardrivers-crash-your-wifi-party#comment-1704 Secur-IT Fri, 29 Apr 2005 19:18:38 +0000 /?p=531#comment-1704 jay santos said: >>2. settign the router to ONLY allow specific MAC >>address wireless cards. >>I would think that in particular, #2 would stop >>anybody dead in their tracks, Getting and cloning your MAC ID is the easiest thing to do. Then it is easy to use your connection under your nose. jay santos said:

>>2. settign the router to ONLY allow specific MAC >>address wireless cards.

>>I would think that in particular, #2 would stop >>anybody dead in their tracks,

Getting and cloning your MAC ID is the easiest thing to do. Then it is easy to use your connection under your nose.

]]> By: dan http://www.theinternetpatrol.com/wardriving-can-wardrivers-crash-your-wifi-party#comment-1692 dan Thu, 28 Apr 2005 23:56:59 +0000 /?p=531#comment-1692 WEP is so simple nowadays, any Linksys router you pick up for $50 has it, usually in both 64 and 128 bit modes. And while there is a fair chance no one will ever try to hack your home wifi, I say why not. Right now I'm running disabled SSID and WEP fulltime. And of course with businesses I would say the more security the better. WEP is so simple nowadays, any Linksys router you pick up for $50 has it, usually in both 64 and 128 bit modes. And while there is a fair chance no one will ever try to hack your home wifi, I say why not. Right now I’m running disabled SSID and WEP fulltime.
And of course with businesses I would say the more security the better.

]]> By: jay santos http://www.theinternetpatrol.com/wardriving-can-wardrivers-crash-your-wifi-party#comment-1671 jay santos Mon, 25 Apr 2005 20:53:08 +0000 /?p=531#comment-1671 I thought that it was simply enough to: 1. NOT broadcast the SSID - (hiding the connection) 2. settign the router to ONLY allow specific MAC address wireless cards. I would think that in particular, #2 would stop anybody dead in their tracks, even if they got past #1 WEP just seems too much given that #1 and #2 are done right - is that not a good assessment? jay I thought that it was simply enough to:
1. NOT broadcast the SSID - (hiding the connection)
2. settign the router to ONLY allow specific MAC address wireless cards.

I would think that in particular, #2 would stop anybody dead in their tracks, even if they got past #1

WEP just seems too much given that #1 and #2 are done right - is that not a good assessment?

jay

]]> By: James http://www.theinternetpatrol.com/wardriving-can-wardrivers-crash-your-wifi-party#comment-1631 James Tue, 19 Apr 2005 12:52:15 +0000 /?p=531#comment-1631 Thank you for the interesting article. What type of monitoring technique/software can be used to detect war driving activity on home wi-fi setups? Best regards, James Klinger james.klinger2@verizon.net Thank you for the interesting article. What type of monitoring technique/software can be used to detect war driving activity on home wi-fi setups?
Best regards,
James Klinger
james.klinger2@verizon.net

]]>