War Driving: Can War Drivers Crash Your Wifi Party?

If you find this useful please share it!

Wardriving is back in the news. It seems that the news outlets are only just now (re)discovering what wardrivers have known for ages: war driving is hot. It’s more than just the brute desire for open access to someone else’s computer network, their Internet connection, or even their personal information which drives wardriving (although these are certainly a large part of it). It’s also the thrill of the game.

Put simply, wardrivers get a cheap thrill from finding and exploiting your unprotected wifi connection – because they can. There are entire websites dedicated to mapping the fruits of wardriving, allowing their users to jack into free wifi from almost anywhere they may be.

[For those of you who are scratching your heads, wardriving is, simply put, the act of driving around a neighborhood with a wifi-enabled laptop or PDA, looking for and mapping any open wireless connections to the Internet.]

(Article continues below)
Get notified of new Internet Patrol articles for free!
Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!

Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
War Driving:  Can War Drivers Crash Your Wifi Party?

So what can you do to help secure your wireless connection, and make sure that it isn’t wardriven into the ground?

First and foremost, be sure that you have at least WEP encryption set on your router – if your router offers something even more robust then WEP, all the better. But at a minimum, your wireless router should be WEP-enabled. Also be sure to change the password your router came with, and don’t broadcast your SSID to the world.

 

Some people even recommend actually turning your wifi router off when you are not using it which, you know, isn’t necessarily a bad idea.

Whatever you do, don’t sit back complacently thinking that it can’t happen to you. Because if your wifi is unsecure, it can, it will, and it quite possibly already has.

  
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!

War Driving:  Can War Drivers Crash Your Wifi Party?

Get notified of new Internet Patrol articles!

If you find this useful please share it!

5 Replies to “War Driving: Can War Drivers Crash Your Wifi Party?”

  1. I’ve been reading alot about wireless network security. Unfortunately, you really should enable WPA (or at the very least WEP) if you are determined to deter hackers. In addition, change the default password (and even the administrator username if possible) right away. You don’t want some dude to be able to mess with your WAP settings.

    If you shut off your SSID broadcast, it will hide you from people using NetStumbler (which basically shouts every second “Hey AP, are you there?”). However, Kismet is designed to merely listen to the airwaves and so it will pick out non-broadcasted SSID’s by simply listening to any traffic between the computers and the WAP they’re talking to.

    Like the fellow above said, MAC addresses can easily be plucked out of the air and cloned. Same goes for IP addresses.

    If you are relegated to using WEP, use the very longest password you can that is a random mix of upper/lowercase letters, numbers and punctuation marks and if you can use 128 bit WEP, do it. Same goes for WPA. In fact for WPA, the only attack I’ve read about involves taking advantage of the fact that some people use passwords less than 32 bytes. It’ll take the encrypted password and run it against a dictionary. I’ve read that a password longer than 32 bytes will undermine this technique pretty well.

    In the end, if you follow all the basic steps that are recommended in the home wireless networking guides, only a more determined hacker will be able to get into your network. Hackers with that level of skill would most likely not even bother with your machine and would rather hit a corporate network or steal the bandwidth of a less secure network. Those who run corporate networks go the extra step of setting up a login system that requires you to login and prove you are who you claim to be in order to even connect to the network. In this case, the hacker may still break the crypto and listen in to the networking traffic but they’ll never be able to become part of the network, unless they know of some flaw in the login system.

  2. jay santos said:

    >>2. settign the router to ONLY allow specific MAC >>address wireless cards.

    >>I would think that in particular, #2 would stop >>anybody dead in their tracks,

    Getting and cloning your MAC ID is the easiest thing to do. Then it is easy to use your connection under your nose.

  3. WEP is so simple nowadays, any Linksys router you pick up for $50 has it, usually in both 64 and 128 bit modes. And while there is a fair chance no one will ever try to hack your home wifi, I say why not. Right now I’m running disabled SSID and WEP fulltime.
    And of course with businesses I would say the more security the better.

  4. I thought that it was simply enough to:
    1. NOT broadcast the SSID – (hiding the connection)
    2. settign the router to ONLY allow specific MAC address wireless cards.

    I would think that in particular, #2 would stop anybody dead in their tracks, even if they got past #1

    WEP just seems too much given that #1 and #2 are done right – is that not a good assessment?

    jay

  5. Thank you for the interesting article. What type of monitoring technique/software can be used to detect war driving activity on home wi-fi setups?
    Best regards,
    James Klinger
    james.klinger2@verizon.net

Leave a Reply

Your email address will not be published. Required fields are marked *