Tuesday, February 2, 2016

What is Wardriving ?


Nowadays we use wireless networks almost everywhere starting from home, restaurants, cafeteria to various organizations. Because of convenience of using the wireless internet, we sometimes connect to the Wi-Fi networks without passwords or encryption. And, that gave rise to another threat of wireless networks – wardriving.









What is wardriving ?


Wardriving indicates scanning and connecting to a wireless network illegitimately for malicious purposes. Attackers often do it to steal sensitive information, spread malware or other nefarious activities. They normally scan a neighborhood for less secure wireless networks and connect to them with malicious purposes.


How is wardriving done ?


It is fairly simple for wardrivers to do wardriving. A moving car, a laptop or other mobile device, a GPS and an omnidirectional antenna often solve the purpose. There are a number of software available that the attackers normally use for finding out wireless access points.

Attackers normally do wardriving in the following manner :

  • They place a laptop and GPS inside their car and mount the omnidirectional antenna on top of their cars.
  • They select their target area. Normally, a densely populated area with good household income is targeted.
  • They start roaming in the locality in their car and scan for available wireless networks using some specialized software.
  • After they have collected the data, they place the location of obtained wireless networks access points in a map.
  • Now, the wardrivers are free to upload the data in their websites, which they can later use for making more attacks.


Can we detect wardrivers ?


We can detect wardrivers with a system and a software like Kismet. The following steps might be taken to detect wardrivers :

  • Setup a stationary computer a wireless LAN card.
  • Run the software.
  • Wardrivers normally emit a packet of data after detecting a wireless access point. This packet of data can be used as a signature. The software can scan for the signature and report if found any.


How to prevent wardriving ?


We can always take a couple of steps to prevent wardriving of our wireless networks.

  • Turn off your wireless network when you are not at home.
  • Make sure to change the default password of the router.
  • Keep a strong administrative password for your router.
  • Make sure your router is using an up-to-date encryption. Old routers normally use WEP or Wired Equivalent Privacy encryption. But, this encryption is known to be considerably weak. Instead you may prefer to use WPA or Wireless Protected Access with Advanced Encryption Standard or WPA2.
  • You can hide your network name or SSID or Service Set Identifiers for better protection. This will prevent the wardrivers from finding out your wireless network, unless they know the exact network name.
  • It is always a good practice to configure firewalls in your system to prevent network intrusions.



No comments:

Post a Comment