<< BACK TO SUMMARY

Hackers Give “Drive-by” a New Definition

War driving is the term used to describe the computer hacking technique that involves driving through a neighborhood with a wireless-enabled notebook computer and mapping houses and businesses that have wireless access points.

Wireless technology is just that – wireless. Data is freed from the confines of wire and, therefore, controlling who receives that data becomes a major problem. War driving is simply a new age form of war dialing – automatically calling thousands of telephone numbers to look for any that have a modem attached. War dialing was derived from the 1983 movie, War Games, in which Matthew Broderick portrays a teenage computer genius who hacks into the Pentagon’s defense system while war dialing to look for games and bulletin board systems. Instead, he unintentionally ends up with a direct connection to a high-level military computer that gives him control over the U.S. nuclear arsenal. Of course, this was just a movie. However, throughout the underground Internet war driving, formerly known as war dialing, seems to be of real concern to many wireless network users.

Among professional programmers, hacking has always been about proving that regardless of how well protected a system is, you are skillful enough to defeat the security features. The intention is to utilize this information to warn the public about security flaws. War driving was born of the same idea; trying to detect wireless networks as you walk around and then attempt to gain access. Nonetheless, there are those individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data. Hackers, themselves, maintain that the proper term for such individuals is cracker.

Much like Broderick’s character who used a modem to search for other computers with a modem, a person with a laptop and a wireless network card, set to promiscuous mode, can simply power up their computer and their wireless card will try to communicate with any nearby wireless access point. Similar to stealing long-distance phone service, hackers (or crackers) war drive wireless networks for anonymous and free high-speed Internet or wired network access.

As the hacker drives around in his car, a wireless network card scans for wireless access points. The computer is looking for your wireless network name, called an SSID (service set identifier). The SSID is constantly transmitted by your access point and lets other computers know of its presence. A hacker uses software to scan the airwaves for SSIDs, track various access points, and monitor signal strength. In many cases, GPS receivers are used to identify and record the coordinates of strong signals allowing the war driver to return to those locations and connect again later.

Once connected to an unencrypted network, the war driver can use the victim’s Internet access as well as explore other computers on that network. More importantly, once access to your network has been established, a war driver can sniff network traffic and view such information as passwords and credit card numbers sent over the Internet – even SSL secured data.

Protecting Your Wireless Network

According to a recent study by wireless-gateway provider 2Wire, 21 percent of home Wi-Fi users can access their neighbours' wireless networks. As many as 4 percent have "accidentally" logged on, sometimes peeking at files and surfing the Internet through a neighbor's broadband connection (Source: ABC News). Additionally, many corporate enterprises have thwarted the adoption of WLANs because of concerns over wireless network vulnerabilities.

A lack of security can be due to a number of things. Many times it is a simple matter of changing the default settings during installation of your wireless network. Here are some suggestions as to how you can protect yourself from war drivers.

• Don’t broadcast your SSID. This is the first thing a program will recognize. However, configuring your router to not broadcast your SSID only makes hacking difficult, not impossible. Some software can sniff wireless communication so if you are using your wireless network, the SSID can be revealed. Remember to change your SSID from the factory default.
  
  
• Change your router’s default password. Routers contain a factory password and many experienced hackers are familiar with the passwords used by different manufacturers.
  
  
• Encrypt your wireless communication. Enable encryption and enter a key. One of the most common ways of protecting an AP is to use an encryption method called WEP (Wired Equivalent Privacy). WEP is used to secure the information being passed between your computer and your AP by encrypting the communications with a key. However, a research team at the University of Berkeley has identified inherent flaws in the algorithm. The flaw actually enables a hacker to retrieve the key protecting your information. Most routers are only capable of WEP encryption, but if you can, use EAP encryption, it’s more secure.
  
  
• Use password protection for file sharing. You should not share files on your networked computers unless authorized user access is required. If you configure file sharing on your network, make sure it is password protected.
  
  
• Lock down your laptops and access points. Configure them so they will connect only to recognized devices, not just anything.
  
  
• Use a wireless network monitor. You can see who’s trying to sniff or access your network.
  
  
• Protect against spoofed hot spots. Make it a company policy to forbid employees from using public access points with a company pc.

This is relatively simple advice and hackers will inherently figure out new ways to break the system. If really determined, given a little time, a good hacker can get access to your network. By no means are these steps definite security measures, but it could mean the difference between someone gaining access within a few seconds or it taking days or possibly weeks.

Wireless network technology has made using computers very easy and convenient. You will do yourself a favor by being informed and understanding the equipment you plug into your network. If necessary, hire a security consultant to ensure you’re protected.

Security is a major concern and we have written about this subject before. Check out our Tech Tip on wireless security.

For more information on this subject:

http://en.wikipedia.org/wiki/War_driving

http://hacks.oreilly.com/pub/h/632

http://wifinetnews.com/archives/004129.html

Disclaimer - The Micro 2000 Tech Tip is a free service providing information only. While we use reasonable care to see that this information is correct, we do not guarantee it for accuracy, completeness or fitness for a particular purpose. Micro 2000, Inc. shall not be liable for damages of any kind in connection with the use or misuse of this information.