Wardriving
 

Have you?

Would you?

Dont know what it is?

Discuss.

Assuming your definition is the same as the one I know, my answer is this:

No (other hobbies)

No (it's fun enough for me to know that you can)

Yes

Okay, I'll discuss it this way: Just because the register is open doesn't mean you should fill your pockets with the contents.

Thought about it.

Got NetStumbler. Was going to run Airsnort on a bootable copy of Linux (Knoppix), but my WiFi card doesn't come with a driver for Linux. I have to pay another $30 for the driver. I tried a Windows version of Airsnort, but I couldn't get it to recoginze my card. Couldn't get it to work with my gf's Wifi either. Oh well.

Know any good MAC spoofer programs?

Matt

Its one thing to track and map, its another to rape someones bandwidth.

That, and you would be amazed at how many people out there dont "RTFM" and secure their networks. OK, maybe you wouldnt be amazed. Its still fun to see how many open networks there are out there. Some intended for free use, and others, well... unsecure to say the least.

A friend of mine once told me how he found a open AP and the owner had an unsecured share to his c: drive... thats just plain WRONG.

P.S. NO, my friend is not in fact me.

bad deal. :(

I've seen legal offices with that same setup :eek:

Its damn scary out there...

Me, I have IPSEC with X.509 authentication over static WEP and no SSID broadcasting. That's just at my house!

Doug

I have WEP, no SSID Broadcast and a MAC address access list, at HOME.

i have a MAC card, an authentic street address, and an alarm clock.

I haven't but I would if I had the time.

I know people who have, and I find their stories rather scary (as a professional sysadmin).

I don't think the blame is entirely on the end-users. The guys who designed WEP made an almighty mess of it. Even in it's most secure configuration it can be cracked, and some of the security features actually make it LESS secure.

The manufacturers generally play down the security issues in their documentation. But that doesn't excuse users who have all the security turned off - particularly if those users are IT professionals.

I did a LOT of research before allowing WiFi access points on our network. I believe that it's sufficiently secure against the average wardriver: open,64bit encryption,hidden SSID,MAC filtering. Plus it's on a separate subnet firewalled from our LAN and only VPN connections can get through.

Phil.

....And I have 3-DES, 2048 bit RSA, AES tunneled over IPSec with RADIUS and ...... naa just kidding :D

Here's my net Sel_Net



/Sonny :cool:

I have no idea

.......but this sounds very bad for my unprotected wireless network.

For something like that, I would only be truly concerned if writing was allowed. Reading and executing may allow you the possibility to read private info (especially at a law office), but for true security reasons, writing is the only thing to be concerned of.

Reading could possibly allow you to access private info like credit card numbers, but hardly any of that info is ever stored locally. That type of info is usually held privately by web servers (where people most often use their number on the net). Executing will hardly ever get you very far.

But, then again... This is the opinion of a network moderator and web server administrator (as well as a web and graphic designer). Allowing people to read but not write is mah thang! :D

*Secure* broadcasting over wireless isn't technically possible. Their is no industry standard for encryption at this point.

"But, deruvian, what about WEP???" WEP is essentially pointless. It is a bandaid to make you think that your passwords are secure. Let's say my password is "dogpoo". If I don't use WEP, my password is broadcast as "dogpoo". If I use WEP, my password is broadcast as "646F67706F6F".

"646F67706F6F" is the hex equivalent of "dogpoo". They are both sent via plain-text. While all other things are sent via hex over wireless, if I watched your network long enough, I would see a recurring pattern of "646F67706F6F" being broadcast (most likely at equivalent time intervals, with a null packet being sent before and after). So, if I really really liked that law office, I'm sure I could get the WEP password eventually.

If you've a home wireless, don't be concerned. No one cares. If you've a business wireless, try using 4-way random WEP.

Anyway, I'm just about done now. :rolleyes:

Are you absolutely sure about this?

The WEP standard is a 40bit implementation of the RC4 encryption algorithm (although they call it 64bit). There is no doubt that it is severely flawed, but it should be a little more complex than you are describing.

Phil.

I use 128bit encryption on my WEP key and a custom SSI (though I hear that SSIs are easily cracked) and I filter for MAC address as well. I might add that my WEP key is also not the standard 1a1b 2a2b...crap WEP that most people use since it is the general standard format. By Randomising the WEP key, using 128 bit encryption, and filtering by MAC address, running a firewall, and using non-standard NAT addresses, I feel my network is as secure as I can make it (as long as packets are transmitted over the airwaves you are not truly secure).

With a 3meg cable connection and a 1meg upstream, I am not all that concerned about someone using up my bandwidth, but since my main box is still running Win9X based OS (don't ask why, it's frustrating) I am more concerned with someone accessing my drives that are shared for internal access.

Have I gone war driving? Not yet though I certainly do not exclude that from possibly happening. I really have no need to look elsewhere for highspeed access, nor do I ever plan on hacking anything and need a traceless jumping point to do so from. I have accidentally encountered unsecured networks while visiting my one office location (industrial park) and I think it might be a good business move to find some of these places run by clueless network monkeys, and offer to secure them for a small fee. I think there could be a whole market out there for such a consulting specialty.

Johnny