Wardriving is back in the news. It seems that the news outlets are only just now (re)discovering what wardrivers have known for ages: war driving is hot. It’s more than just the brute desire for open access to someone else’s computer network, their Internet connection, or even their personal information which drives wardriving (although these are certainly a large part of it). It’s also the thrill of the game.
Put simply, wardrivers get a cheap thrill from finding and exploiting your unprotected wifi connection – because they can. There are entire websites dedicated to mapping the fruits of wardriving, allowing their users to jack into free wifi from almost anywhere they may be.
[For those of you who are scratching your heads, wardriving is, simply put, the act of driving around a neighborhood with a wifi-enabled laptop or PDA, looking for and mapping any open wireless connections to the Internet.]
So what can you do to help secure your wireless connection, and make sure that it isn’t wardriven into the ground?
First and foremost, be sure that you have at least WEP encryption set on your router – if your router offers something even more robust then WEP, all the better. But at a minimum, your wireless router should be WEP-enabled. Also be sure to change the password your router came with, and don’t broadcast your SSID to the world.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Some people even recommend actually turning your wifi router off when you are not using it which, you know, isn’t necessarily a bad idea.
Whatever you do, don’t sit back complacently thinking that it can’t happen to you. Because if your wifi is unsecure, it can, it will, and it quite possibly already has.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
I’ve been reading alot about wireless network security. Unfortunately, you really should enable WPA (or at the very least WEP) if you are determined to deter hackers. In addition, change the default password (and even the administrator username if possible) right away. You don’t want some dude to be able to mess with your WAP settings.
If you shut off your SSID broadcast, it will hide you from people using NetStumbler (which basically shouts every second “Hey AP, are you there?”). However, Kismet is designed to merely listen to the airwaves and so it will pick out non-broadcasted SSID’s by simply listening to any traffic between the computers and the WAP they’re talking to.
Like the fellow above said, MAC addresses can easily be plucked out of the air and cloned. Same goes for IP addresses.
If you are relegated to using WEP, use the very longest password you can that is a random mix of upper/lowercase letters, numbers and punctuation marks and if you can use 128 bit WEP, do it. Same goes for WPA. In fact for WPA, the only attack I’ve read about involves taking advantage of the fact that some people use passwords less than 32 bytes. It’ll take the encrypted password and run it against a dictionary. I’ve read that a password longer than 32 bytes will undermine this technique pretty well.
In the end, if you follow all the basic steps that are recommended in the home wireless networking guides, only a more determined hacker will be able to get into your network. Hackers with that level of skill would most likely not even bother with your machine and would rather hit a corporate network or steal the bandwidth of a less secure network. Those who run corporate networks go the extra step of setting up a login system that requires you to login and prove you are who you claim to be in order to even connect to the network. In this case, the hacker may still break the crypto and listen in to the networking traffic but they’ll never be able to become part of the network, unless they know of some flaw in the login system.
jay santos said:
>>2. settign the router to ONLY allow specific MAC >>address wireless cards.
>>I would think that in particular, #2 would stop >>anybody dead in their tracks,
Getting and cloning your MAC ID is the easiest thing to do. Then it is easy to use your connection under your nose.
WEP is so simple nowadays, any Linksys router you pick up for $50 has it, usually in both 64 and 128 bit modes. And while there is a fair chance no one will ever try to hack your home wifi, I say why not. Right now I’m running disabled SSID and WEP fulltime.
And of course with businesses I would say the more security the better.
I thought that it was simply enough to:
1. NOT broadcast the SSID – (hiding the connection)
2. settign the router to ONLY allow specific MAC address wireless cards.
I would think that in particular, #2 would stop anybody dead in their tracks, even if they got past #1
WEP just seems too much given that #1 and #2 are done right – is that not a good assessment?
jay
Thank you for the interesting article. What type of monitoring technique/software can be used to detect war driving activity on home wi-fi setups?
Best regards,
James Klinger
james.klinger2@verizon.net