General Wardriving Tutorial

[Maestr0]

Amen Tiger.


-Maestr0

[bballad]

Originally posted here by IKnowNot
And as far as the laws in the U.S. go, I think there is still much confusion and double standards; it is not legal for me to intercept tv satellite broadcast radio waves that enter my house without paying the broadcaster, but I can war drive?

It is not illegal for you to intercept tv/radio waves...much like wifi they are sent out to the public for you to use (this is why you don't have to pay to use your tv or radio.). As for satellite you can "intercept" the signal all you want and that is legal, but it would be illegal to descramble it. The difference here is that the satellite company is taking steps to secure their communication channel, the WAP providers are not.

[Rant]
For those of you that don't like the fact that the airwaves (and whatever we can pull off of them) are free in America...leave there are plenty of other countries where every bit of broadcast bandwidth is governmentally controlled. As it is most of our airwaves are cooperate controlled, luckily for all of us 802.11 works over the public channels (this has to do with who can broadcast, any one can receive any channel they want.) as such it is a public resource. If you have an office building with a courtyard in front, any body is free to sit and utilize that courtyard, WAP's are the same thing...don't like it, then build a wall. And yes as an old school HAM geek I am very familiar with these laws and the implementations.
[/Rant]

[Plastic]

yea... to make an analogy on that:

it's legal to intercept sattelite transmissions, but the second you decrypt them, you've crossed the line... the EXACT same way it's perfectly legal to detect the networks, but the second you connect to that network, you've crossed the line

[forn28]

Under Canadian laws, everything lies on the expectation of confidentiality. If you crypts the com line, you expect that no one will be able to listen (except the intended recipient). If someone break that expectation (unauthorized decryption), he break the law. If you speak out loud in a restaurant, you can't expect privacy... And if someone uses what you said in that restaurant, he didn't break the law.

The same apply to wireless (802.11 in our case), cellular, radio or satellite tv.

Why some of you are angry about security full disclosure? We have the right to know. Ok, script kiddies can use the information, but if I know how they proceed I will be able to stop them and/or detect them. When I detect misuse, I can report it. Sometime legal action can be taken against intruders. But... If I don't know how to stop and detect them, how I can report misuse and protect against? How IDS will work?

I don’t want to start a debate on full disclosure. Just let the information flow and chill.

[VicC]

Plus this tutorial can easily serve as a wake up call to anyone running a wireless network out there who hasn't considered the points raised by the author. Of course, if you don't change your router's default Network name, you're just asking for trouble

[mohaughn]

I found this useful information at-http://www.duntemann.com/wifi/wardrivingfaq.htm

Given that this is taken from a published book. I would assume that they took the time to have an editor check their facts. Noting where networks exist is not illegal. If at any point you get an IP from that WAP and send 1 packet of data, you have broken the law.

"The legality of wardriving hasn't been tested, but few people think that wardriving itself is illegal. What is certainly illegal is connecting to and using networks without the network owner's permission (which is what most people call "breaking into a network") and wardriving has taken some hits in the press because network crackers will sometimes use wardriving tools to locate networks to break into. It's the ancient conundrum of the uses to which tools are put: A crowbar is handy for taking apart pallets for use as firewood, but a crowbar can also be used to break into buildings. Should crowbars then be illegal? Hardly. The gotcha is that this is a very new phenomenon, and the law hasn't entirely caught up with networking as a whole, much less the peripheral issues that emerge with regularity from the seething cauldron of technology innovation.

To keep wardriving legal, it's important to 1) obey the law as it exists today, and 2) do our best to encourage journalists to draw the distinction between wardriving tools and their abuse by crackers. Public perception is extremely important. If you connect to other people's networks illegally, it's your butt in a sling and nobody else's, but if you brag about it and the press picks it up, you hurt us all."

[valhallen]

just to point out how AO and its members have changed try taking a look at -> http://www.antionline.com/showthread...hreadid=155714

I just noticed it at the bottom of this thread in the similar threads section - heh even I am guilty of the 1 line reply in it and I never got neg'd lol

now if I dont slabber on at least 5xtimes what is neccessary you can be assurd there is something wrong

v_Ln

[jinxy]

Radio waves travel at the speed of light they are also easy to pick up. If you have a wireless network and you don't secure it you must expect other people to be able to listen in. Thats a fact of life. No law is going to protect you. If you have a wireless network unincrypted and someone el's is using your bandwith thats your fault.

You have the option to secure your wireless network, if you don't, well thats your fault.

[SRX]

First of all - it's a good thing it took me a while to register (just so I could post to this topic), as it took me just enough time to cool down

There are some serious panties in a twist over this, and that saddens me. First of all, I have become curious about wardriving for a couple of reasons. The suspicion, sarcasm, and vitriol on this board toward Plastic is not warranted. For anyone that has a modicum of knowledge about law (in the USA at least) and the public airwaves, this does not even remotely fall into the realm of illegal behavior. No one is advocating stealing bandwidth or breaking into networks and stealing information.

Not only are there plenty of legit uses for this knowledge, but the tutoral is a great service to anyone not aware of how vulnerable he or she may be from someone inclined to abuse it.

I was curious to know how easy it would be to camp out in front of my house and surf the net at my expense, as well as many of my friends. Secondly, there are plenty of public access spots in the cities I visit, and I thought it would be a simple way to find them once I got in the vicinity.

OK - so, it just so happens that a guy in my office saw a mention of "Network Stumbler" on TechTV (if you want to rant, you might as well start there?) - and I pretty much executed the central theme of this tutorial three days before I saw this thread.

Now - for all of you guys that think Plastic was blowing his horn and puffing out his chest - let me first say that, what I got out of it, was merely that this is a rather easy thing to do, and that Plastic was just being conversational to keep a potentially dry subject interesting.

Now - Network Stumbler is a little piece of freeware that is a full blown Windows application. It's maybe a 190k? file that takes mere seconds to download, and another ten to install. When you launch the application, it instantly finds all the wireless access points within range of your device, lists them, and provides a variety of information to differentiate one network from another. When you close the session or the program, it asks you if you want to save the session list. I have done this merely to see if what I was picking up the second time around was the same network I picked up the first time (it was me I was detecting). Trust me, this is not genius at work. If any of you have more than two synapses connected in series, you'll be able to do this. Having already done it, you would realize just how laughable bragging about your war driving prowess really is. Next, having tried it out in my neighborhood, I figured the 60 MPH comment was just for laughs (same with the mention of the destop in the car - lighten up!).

I'm sure Plastic is a bright guy, - but this was not an endeavor that requires anyone to tax their abilities. As a matter of fact, from his tone, he's probably a fairly witty, unassuming, and friendly person. Some of the critiques on his tutorial acted like he was flaunting his mensa certificate.

As I drove around (with the laptop shielded by my car, no external antenna) it was obvious that I would have to slow down when I got a "hit" so that I didn't lose the signal. This is common sense. I think that the tutorial was merely being descriptive in what goes on when someone is war driving. Plastic is not aiding or abetting theft by merely making simple comments on intuitive behavior, and this is not the place where thieves are lurking to get their information - there are much better sources for this kind of thing - on the 'net, Barnes and Noble, the hallway at school, etc. Pesronally, I have become much more inclined to defend myself against this sort of thing reading articles like the one Plastic offered because it sensitizes the average person to relate to how easy it is, and how vulnerable one is. To that point, see Steve Gibson's article on his experience with Denial of Service attacks on GRC.com. Do you think Steve is promoting DoS attacks just because he wrote an interesting story on how his site was brought down?

As to Plastic's motivation - what in the world???? Some people on here need to read a newspaper once in a while. If this were a highly technical discussion on how to hack - that could be a concern. It's not like we were flies on the wall, reading conversations between script kiddies in a chatroom, and learning "all the tricks." It takes a lot of cynicism and anger to see Plastic as a criminal. It's the old argument of seeing the potential for abusing a legal activity as the equivalent actually being a criminal.

As to learning what to do to prevent this... I realize some people on this board may not have done any more than plug in your router and go. I know for a fact the simple, "one pager" my router came with to get me up and running mentioned how to give the system a SSID, set up the WEP, and how to access the router's parameters from a simple set up screen in my browser where all of this info was kept. Not that it wouldn't help folks intimidated by computers to get a nice "step by step" on how to protect yourself. That would be welcome. Not all quick start guides are all that well written.

I think, by reading Plastic's tutorial, one must have discovered that, at least you need to enable WEP on your router. Jeez - quit worrying about whether the "perspective" was written from the user's point of view, or the hacker's! Believe me, this was not even written at the level of hacker 101. (I am a sales guy, certainly no system admin or engineer, and it was obvious to me that this was for the non-network literate).

Simply put, if Plastic doesn't tell you how, check your network gear vendor web site. They all have 24x7 free tech support, and will talk you through it.

Plastic gave you more than enough clues to fix your systems, and made it relevant to you by demonstrating how easy it is. Face it, a real nefarous wardriver would laugh at this tutorial. I am no computer techie, and I figured it out (not a lot of figuring, really!) almost blindly. If I can do it, anyone motivated to War Drive, possessing the knowlege to use Google and read at an 8th grade level can figure this out.

Lastly - Plastic - you had one fallacy in your tutorial. Paraphrasing, you stated that more than 75% of the networks out there are set at "out of the box" defaults. This is not true from my experience. In driving around my neighborhood, I found 40 networks (5 in my driveway walking out to the car). Of those, 12 were encrypted, which means 70% were not. You were 5% off You are such an alarmist!

[Plastic]

well... at least in all the places in san antonio and tulsa where I've wardriven, about 75% of the networks were "out of the box" defaults. I can't vouch for your location, but either way, even 5% is still WAY to much.