Data collected from a wardriving session would simply be incomplete without also recording the geographic location of the wireless access point. Collection of this data has been automated with the use of common GPS devices. Many GPS devices come equipped with a serial cable that can be attached to a laptop or PDA, therefore wireless network scanning software may have access to the GPS data.
© SANS Institute 2002, Author retains full rights.
Mac OS X - MacStumbler
As mentioned in the pervious section, many different operating systems may be used in a rig. I will discuss popular and free scanning software available for each of these platforms, but this will in no way be an exhaustive list. Many commercial programs are available that specialize in wireless access point detection and troubleshooting. However, most wardrivers are hobbyists and do not usually spend thousands of dollars on software targeted for wireless access point deployment in a business setting. Commercial scanning programs often do not contain certain features, GPS logging for instance, that are found in free and open source software. Security corporations have also been found to be using free and open-source scanning software rather than commercial products (Noguchi, p.8).
Any GPS device that is capable of NMEA output through the serial port will be compatible with most wireless network scanning programs (Kismet Website, p.2) (Thorn, p.2).
Key ingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Not all GPS devices are created equal. Some devices acquire GPS satellite fixes faster, while other GPS devices update their coordinates more frequently. Typically, GPS units will update the position every second and will have cold startup times ranging from 45 to 120 seconds.
The most basic of GPS devices will suit your needs for wardriving. The only function required of a GPS device is to provide the current GPS coordinates to the computer system. Inexpensive GPS devices are available that have no displays and no added functionality -- they just provide coordinates.
III. Scanning Software
MacStumbler (http://homepage.mac.com/macstumbler), authored by korben, is the most prominently used wireless network scanner available for Mac OS X. MacStumbler will only function with the proprietary Apple Airport wireless card. According to the author, it was aychallerngietwriting9aFwireless4network scanner for Mac0OS4X becaus4e, “Apple hasn't provide [sic] any information on interfacing with their airport card driver.” Korben notes that he “had to reverse engineer the functions required to actually preform [sic] the scans.”
© SANS Institute 2002,
As part of the Information Security Reading Room.
Author retains full rights.