A Guide to Wardriving and Detecting Wardrivers
Name: Andrew Etter Certification: GSEC Version: 1.4b Option: 1
Table of Contents:
IIIe.y inSecanning SFo1ftware7 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
Hitting the Road
Two Methods of Detecting Wardrivers
© SANS Institute 2002, Author retains full rights.
Meanwhile, a new activity has taken form: Wardriving. Participants of this activity assemble their rigs of hardware and software with the intent of cruising streets to find your wireless access point. They share their results and plot the location of your wireless access point on a map – it’s probably listed on a web site right now. This paper will discuss the components needed to construct a wardriving rig and suggest methods for detecting wardrivers as they drive past your wireless network.
II. The Rig
Computer users have been deploying 802.11b wireless access points in homes, offices, and schools without any regard to the security of these devices. The overall coolness and convenience of wirelessly accessing the Internet from the office cafeteria or from the next bedroom in the house has distracted most users from taking measures to protect themselves against potential digital threats.
A “rig” refers to all of the hardware and software components used while wardriving. A forum on Netstumbler.com is dedicated to sharing details of your rig with others: http://forums.netstumbler.com/forumdisplay.php?s=&forumid=10. The forum is a valuaebleiresourcte=, esFp1ecially7toFnew wardrivers,Dbecause th0ey may learn4what components are effective and not effective for wardriving. This forum also allows security professionals to observe how the activity is progressing over time and may even assist in recognizing a wardriver on the road.
© SANS Institute 2002,
As part of the Information Security Reading Room.
Author retains full rights.