Wardriving is the physical act of seeking out a WiFi network with a mobile device or laptop while driving a vehicle. The original term was derived from the movie, War games, that used “war dialing” during the course of the story told in the movies. In the movie, random phone lines connected to a modem were sought out similar to a person seeking out wireless networks while driving a vehicle. Today, wardriving has evolved to the practice of mapping out WiFi networks that do not have security setup using GPs locating data.
What is Wardriving?
The act of wardriving involves using software to capture data about wireless networks and Internet usage. Although the act is classically accomplished from a vehicle, wardriving can be accomplished using any means of getting around to include walking, bicycles, or via aircraft. In the United States, the act of collecting data on available wireless networks using this method is not considered illegal. If the individual conducting the wardriving can be proven to have accessed any of the networks that are not designed for public use, he or she could be subject to criminal charges based on the locality and what the network access is used to accomplish under the Theft of Trade Secrets or Federal Computer Fraud and Abuse Statute.
Who Coined the Term “Wardriving”?
The term wardriving was first coined by computer security consultant Pete Shipley. In 2000, he was able to author Perl scripts to interface with his GPS to automate the process that became known as wardriving. The scripts that he developed were able to read the coordinate information on the GPS device and gave him the ability to plot WiFi access points on a map. This new capability eliminated the need to write down one’s physical location while driving when seeking out unsecure wireless access points. Shipley would go on to release his work and findings at Defcon which would go on to create a hobby that is still practiced to this day. At the time, Shipley was able to discover that only 15 percent of the WiFi networks in the areas that he surveyed were protected by encryption.
How Do You Guard Against Wardriving?
Since it is just about impossible to tell if a third party has recorded one’s network information, in the United States the FTC (Federal Trade Commission) and the FBI strongly recommend that consumers secure private WiFi networks. In other countries, such as Germany, the requirement to secure WiFi networks is actually required by law.
There are several options available to secure a WiFi network against wardriving or other unauthorized use. Two of the more popular options include WEP (Wired Equivalent Privacy) and WPA (WiFi Protected Access). WEP has proven over time to be susceptible to being cracked through dedicated network traffic analysis, so WPA or WPA2 have become the recommended WiFi encryption standards to implement.
Additionally, a WiFi network can be further hardened by changing the default SSID and router password. Additional steps one can take to harden a wireless network include enabling the network firewall, antivirus software, and identifying individual computing that are allowed to access the network by entering the MAC address for each device into the router configuration panel.
What is Warchalking?
The act of drawing symbols in public locations to advertise open WiFi network(s) is warchalking. The marks were created by a group of friends and publicized by Matt Jones in 2002. The symbols used in warchalking were inspired by hobo symbols and were published on a wallet-sized document that could be printed for reference in the “field.” As soon as Jones published a blog article on warchalking, it went viral across the world. In order to warchalk, a person will draw one of the special symbols that Jones published on a wall, the pavement, or a lamp post indicating the SSID and if the network is open or closed. Alternatively, a WiFi network can be advertised using the symbols depending on the preferences of the network owner or administrator.
What are the Tools Used to Wardrive?
There are a number of free software applications available for wardriving. The most well-known software program is NetStumbler. Other popular options include NetBSD, OpenBSD, Kismet, DragonFly BSD, SSIDer, and KisMac. In recent years, there have been applications developed for mobile devices that support wardriving operations. Some of the mobile apps available include WiFi for the iPhone, Road Dog for the Sony PSP, Sniff_JazzBox for the Nintendo DS, and G-MoN for Android devices. In order to extend the range of a laptop or mobile device that is being used for wardriving, an external antenna can be attached to increase the detection range of the device and increases the total number of networks detected.
Is it Illegal to Wardrive?
Despite significant debate over the past decade, there have not been any laws passed which either prohibit or permit wardriving in the United States. There are a number of local ordinances; however, that have been passed which make it illegal to gain unauthorized access to a computer network and any associated personal data. Passive wardriving does not violate the law in these cases. Semi-active wardriving where the software package sends out a probing message (Netstumbler works in this way), the temporary association with the network places the person conducting the act in a grey area with the law.
How to Setup Netstumbler
NetStumbler is one of the most downloaded applications use to wardrive on the market. The software is available for free.
Step 1 – Login to your computer with an account that has administrator access.
Step 2 – Launch the computer’s web browser and visit the NetStumbler downloads page.
Step 3 – Click the NetStumbler download link. Once the executable file has finished downloading to your computer, double click the file to begin installation.
Step 4 – Click the “Yes” and “I agree” menu options when prompted by the installer and continue to accept the default options or prompts.
Step 5 – Depending on the version of Windows installed on your computer, you may have to restart the computer before running the application.
Step 6 – Run the NetStumbler application by double clicking the program icon located on your computer’s desktop.
Step 7 – The software will launch and locate the wireless card on the computer. This information will be used to locate the availability and location of wireless locations. If the “No Wireless Card Detected” error message is displayed, the wireless card on your computer may not be supported.
Step 8 – Click the “Scan” menu button to check for available wireless connections in the proximity of the computer. Once the scan concludes, a listing of access points will be returned. If a known accept point is not returned in the results, then it is a closed WiFi access point.
Step 9 – Choose the “Auto Reconfigure” menu button from the NetStumbler menu. Use this feature to reset the settings of the program so that you can access different WiFi connections.
Using GPS Antennas with NetStumbler
Wardriving has evolved since it was first developed by Peter Shipley to the point that network administrators and engineers now use the technique to help map out network connectivity zones and diagnose network connectivity issues. In order to increase the range of the wireless card being used to wardrive, NetStumbler is designed to allow integration with either a serial or USB GPS antenna. Due to various operating system and computer driver issues with the Windows operating system, some GPS antennas will work better than others. The NetStumbler application also requires GPS units to be capable of exporting information in the NMEA GPS data format.
Embedded GPS Antennas and NetStumbler
Many of the GPS receivers on the market include embedded antennas contained within the unit. This simplifies the process of connecting the GPS device to the computer since there is only one connection required (normally USB). To start using, connect the GPS receiver to the laptop and then configure NetStumber to start using the GPS data form the device. Most Magellan and Garmin devices will work using this method; however, newer devices will require testing to ensure NetStumbler will recognize the device.
Externally Connect GPS Devices and NetStumbler
Most external GPS devices will not have a viewing screen for the data, but are configured to be mounted in a vehicle. These devices typically cost less money than buying a device with an embedded antenna and will connect directly to a laptop. Most sell with long USB cables and will typically have a waterproof case. Some of the popular models include Pharos, GlobalSat SiRF, Maretron, and Garmin antenna enclosures.
Externally Mounted Antennas for NetStumbler
An externally mounted GPS antenna combined with a high-powered GPS receiver will provide the highest rate of speed and data accuracy when conducting wardriving operations using NetStumbler. If electing for this option, any NMEA compatible GPS receiver connected to an externally mounted antenna will work with the NetStumbler application. A mounted antenna not specifically designed for use with GPS can work as well as long as it is designed to operate on the 1.57542 GHz, 1.2276 GHz and 1.17645 GHZ frequencies and is connected to either a software or hardware-based GPS decoder.