-
August 11th, 2003, 04:23 PM
#1
Senior Member
General Wardriving Tutorial
How-to Wardrive
Wardriving: the act of locating and possibly exploiting connections
to wireless local area networks while driving around a city or
elsewhere. [techtarget.com]
With more and more people going for convenience in home networks,
or even business networks, wireless routers are seen more and more.
Some people consider "wardriving" a hobby, others do it to prove a
point (wireless just isn't secure!), and some just do it cause it's
just plain fun. Throughout the tutorial, some mere basics will be
covered on the art of wardriving.
[list=1]What You Need:[*]Wireless network card[*]Laptop (unless you feel like finding a power source for your desktop,
and you can fit it in your car.. dummy!)[*]NetStumbler (www.netstumbler.com)[*]Antenna (optional)[*]GPS reciever (optional)[/list=1]
Before You Go
NetStumbler Briefing:
When you first open NetStumbler, a window will pop-up with
a title based on the date/time. This is the window where all the
located AP's will show up. If you have more than one wireless network
card in your laptop, you'll want to go to the Device menu, and select
the one that you'll be working with. Also, if you have a GPS reciever,
go into the View menu, then Options. Go to the GPS tab, and change
the settings based on your individual reciever. I recommend leaving
all other settings where they are. Finally, the green arrow located
on the top toolbar indicates whether or not you are currently scanning
for networks or not.
Why should I have GPS?
GPS comes in VERY handy if you're wanting to return to the
networks at a later time, or if you're trying to map out all the networks
that you find. It's better than having to slow down everytime you find
an AP, and write down the exact location.
What's the big deal with antennas?
An antenna is HIGHly recommended, especially an omnidirectional
antenna. There are other tutorials out there on how to make one, cause
honestly, I don't know. Most WiFi cards have terminals to hook up an
antenna, so if you can get your hands on one, take advantage. It will
let you get a MUCH better signal on the AP's, and detect them from
further away.
Drive Boy, Drive!!
1. Place your laptop running NetStumbler somewhere in your vehicle
where it won't be a distraction. Cell phones are bad, but laptops are
definately worse!
2. If you do not have an antenna, you'll need to be a little more
cautious when driving around, because networks won't necessarily show
up if you're blazing by at 60mph. I usually go about 35-40mph until
an AP shows up, then I slow down to about 15-20mph. This helps me
pinpoint exactly which home/business is running the network.
3. You don't HAVE to keep notes, but a lot of times, it's a good idea
if you plan to return to the network... or if you don't have a GPS
reciever. Make a little .txt file where you can jot down information
about the location, address, etc. Just remember, DON'T TYPE AND DRIVE!
4. Be sure to save your .ns1 (NetStumbler) files, they contain lots
of key information if you're ever to return to the network.
5. When your battery dies, or you run out of gas... that's usually the
sign that your wardriving episode for the day is over. If it was the
battery, go home and charge it until next time. If it was the gas,
you're just plain stupid then.
Other Stuff
DiGLE (www.wigle.net), a useful mapping tool based on input from other
wardrivers nationwide.
www.wifimaps.com, another useful online tool to post or view networks
found.
Security Talk
First and foremost, this should not be done on any network unless you
have full authorized access to do so. This is merely a tutorial, and
not a lesson in taking over a network.
Wireless networking is fairly insecure, especially in the hands of Joe
Schmoe who wants to be cool with a wireless network. More than 75% of
the networks you'll find will have the default SSID, and more than
likely, the default router login. ie. Just about all Linksys routers can
be connected through via http://192.168.1.1/, leaving the username blank,
and using "admin" as the password. Also, any hacker can do his dirty
work from the street using poor Mr. Schmoes's network as his connection.
So who do they trace the deed back to? Not Mr. Hacker, but Mr. Schmoe.
.. poor poor Mr. Schmoe. If somebody is computer savvy, they'll most
likely have WEP encryption on their network, which requires a mere key to
connect. AirSnort (a tool for linux) actually with break these keys.
There's really only one secure network that I've actually seen, and it
changes its WEP key every 40 seconds using a mathematical algorithm...
why can't everybody have something like this??
De-Brief
If there are any further questions regarding WiFi or wardriving, be sure
to post them and I'll have them answered as soon as possible!!
-
August 11th, 2003, 04:36 PM
#2
Wardriving: the act of locating and possibly exploiting connections
to wireless local area networks while driving around a city or
elsewhere. [techtarget.com]
Although this kind of tutorial is informative, I would have found it much better if it had been written with a 'how do I protect myself from war driving' prespective
I don't think this does you any favours.
Security Talk
First and foremost, this should not be done on any network unless you
have full authorized access to do so. This is merely a tutorial, and
not a lesson in taking over a network.
Actually this is exactly what I read this as - a lesson in taking over a network.
So Plastic, how do I securem my wifi, what is a default SSID & how do I change it.
What can I do to stop people wardriving me?
These are the questions & answers that should be in a tut, & if I knew the answers I'd post them.
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
August 11th, 2003, 04:40 PM
#3
Maybe it's just me, but are there any legitimate purposes for this ?
War driving has always seemed to be just a little too much like port scanning the whole net.
-
August 11th, 2003, 04:41 PM
#4
Junior Member
I am curious about the legality of WarDriving? Does title 18 USC address this issue yet? Or has this issue been left up to the individual states? Does anyone know?
"It is not the horror of war the frightens me, but the unforseen horrors of peace."
Replicant
-
August 11th, 2003, 04:43 PM
#5
Senior Member
Just about every decent WiFi router out there comes with an option for WEP encryption, at the time, this is the best defense against unauthorized access. Find the option in your router setup and enable it. 64-bit is good, but if your router offers 128bit encryption, go with that. Also be sure to change your router login (an option in the router config). Enable a username, and choose a GOOD password. The ultimate security for a WiFi network at the time is not to have one at all.
What is a default SSID and how do I change it?
A default SSID is the name of the network given by your router. For Linksys routers, the default is "linksys"... "default" is a common default SSID, etc. etc. This, like WEP encryption, can be modified through the router setup screen. Be sure to change the default SSID!
-
August 11th, 2003, 04:43 PM
#6
In my opinion this guy doesn't have to be negged as it is a good tutorial but he doesn't deserve any positive either because it's written from the cracker's perspective.
The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me
www.elhalf.com
-
August 11th, 2003, 04:46 PM
#7
el-half > So why don't we write a tutorial on how to use sub 7 ? War driving is stealing bandwith that is not yours. Stealing is illegal. This guy should goto jail.
-
August 11th, 2003, 04:50 PM
#8
Senior Member
Originally posted here by The3ntropy
el-half > So why don't we write a tutorial on how to use sub 7 ? War driving is stealing bandwith that is not yours. Stealing is illegal. This guy should goto jail.
okay... I'm sorry that you guys don't understand that wardriving is the DETECTION of networks, not stealing bandwith. It's NOT illegal until you connect.
-
August 11th, 2003, 04:53 PM
#9
The3ntropy, Mmm, I guess you're right, this tutorial is not at its place here. But I think there are many members here that have read lot's of malicous tutorials, at least I did, just for the knowledge.
How else should you know how to launch DDOS attacks, deface websites etc.
The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me
www.elhalf.com
-
August 11th, 2003, 04:54 PM
#10
Yes it can be used for good purposes. Basically just securing a network. You dont have to actually jack in to the network but you could drive around find the networks that are open and then notify the admin or whoever else. Who knows you might get an incentive out of it. Wardriving (at least from my perspective) is actually only the finding of a network that spills outside of the building.
PeacE
-BoB
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|