Slashdot Mirror
Worldwide WarDrive Aftermath
wardriver writes "The event took place on August 31st 2002, people from around the world took part in the effort to document and make known wireless access points as a group. Some people go WarDriving everyday, so this was just like an normal day for many who attended any of the world wide events as documented on the results page. Hardware ranged from laptops, to car mounted computer systems, to handhelds all equipped with GPS devices to accurately map the spots. Cars were marked with )(WarDriver stickers and people were sporting their wardriving is not a crime t-shirts. All in all the event went well and with enough pressure and requests to chris it may happen again." And in a related story, Dr_Marvin_Monroe writes "Wardrivers be warned---- A Practical Approach to
Identifying and Tracking
Unauthorized 802.11 Cards
and Access Points includes information on locating rogue access points and intruders."
An ounce of prevention shows up in the ledgers, but they never see the cost of the avoided pound of cure.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
Most cards have Linux drivers that allow them to be put into "RF Monitor" mode, which is completely passive. This is the default mode of operation for Kismet (http://www.kismetwireless.net/)
Supported cards include:
Prism2 with the linux-wlan-ng drivers
Orinoco cards with a slightly patched driver from http://airsnort.shmoo.net/
SOME Cisco cards. While they all happily go into RF Monitor mode when asked, SOME OF THEM KEEP BROADCASTING.
So all in all, if you *absolutely* don't want to be detected, Cisco is the least safe choice for wardriving. Orinoco is probably the best bet, even though you will have to downgrade your Orinoco firmware for compatibility (8.10 is severely broken for RFMon usage). Prism2s have the best compatibility, but are generally known for crappy receivers and most don't allow external antennas. Almost all Orinoco-based cards have much better receivers and support external antennas. The Cisco hardware is the best (100 mW transmit, not like that matters if you're trying to stay silent, some have dual MMCX jacks for diversity antennas), but you can't trust it to stay silent in RF Monitor mode.
retrorocket.o not found, launch anyway?
Wireless
Access
Recon
DRIVING
does NOT? Mean anything. Man, And to think that I thought of that on my own, cause it was all that made sence.
www.oobersworld.com - For those that ride.
I take offense at this. I am one of those "idiot administrators" of whom you speak--I run an unsecured wireless access point (two, actually). I do so by choice--my home network is for my use, and that of my guests; setting up individual permissions for every guest is a pain. Additionally, I'm happy to share the bandwidth with my neighbors. I keep an eye on my logs, and so far (1.5 years), I've not seen anything that concerns me. My other network is also open to the public. I follow the same security procedures as the wired network to which it connects: if you can plug in, you can get access. With the abundance of public ports, and unsupervised ports, my wireless hub does not affect security in any way. It does, however, add convenience. If you're ever in the pilot lounge at Westheimer Airport (Norman, OK), and notice you have 802.11b connectivity, stop by my office and say hi--that's my hub you're using, and I hope you enjoy it. Idiot sysadmin? No, try generous--there are no security concerns for me, so I share, try to do everybody a favor. I'll shut down the open access when it becomes a problem; until then, enjoy the bandwidth.
Moderate drunk! It's more fun that way!