Wardriving is an activity consisting of driving around with a laptop or a PDA in one's vehicle, detecting Wi-Fi wireless networks. It is also known (as of 2002) as WiLDing (Wireless Lan Driving), originating in the USA with the Bay Area Wireless Users Group (BAWUG). It is similar to using a scanner for radio. Most wardrivers will use GPS devices to find the exact location of the network found and log it on a website. For better range, antennas are built or bought, and vary from omnidirectional to fully directional. Software for wardriving is freely available on the internet, notably, NetStumbler http://www.netstumbler.com for Windows, MacStumbler http://www.macstumbler.com for Macintosh, and Kismet http://www.kismetwireless.net for Linux.

Wardriving shares similarities to Wardialing in name only.

While some wardrivers do engage in malicious activity, the average wardriver is typically only out to log and collect information from the Access Points (AP's) they find while driving. Even so, most Companies would not want details of their unsecured and 'open to all' WLAN posted onto the Internet for all to see (would you post details of your neighbours unsecured front door - or get upset if some-one posted details of your unsecured garage - and the serial number of your car ignition key ?)).

Less law-abiding 'wardrivers' search for open file servers from which to copy software or media files which is presumably illegal in most countries. In the USA, accessing the files on an open network is illegal, however it is not illegal to simply use the internet connection of an open wireless network (the law differs in other countries - for example in UK you would be caught by the the 'use of a computer for a purpose for which you do not have permission' clause). This is a commonly misunderstood concept. Most wardrivers do not in fact use services without authorization.

Contents

1 Ethical considerations 2 Wireless network security 3 See also 4 External links

Ethical considerations

Wardriving is frequently pointed out as an example of questionable activity. However, from a technical viewpoint, everything is working as designed: a radio is transmitting data accessible by anyone with a suitable receiver. In cases of listen-only software, such as kismet, wardriving can be likened to listening to a radio station that happens to be broadcasting in your area - however again, this may differ in other countries - for example in UK it is actually illegal to listen on some radio frequencies or to some transmissions (such as those used by the Police or Armed forces). With other types of software, such as Netstumbler, the wardriver sends probes, and the access point responds per design. Most access points, when using default settings, are intended to provide wireless access to all who request it. In this sense, those who set up access points without adding security measures are offering their connection (most likely unintentionally) to the community. In fact, when people unfamiliar to wardriving see how many unsecured access points there are and how easy it is to find them, they often want to make their own access points more secure. However, there are many wardrivers who, while securing their own networks, are delighted to offer wireless internet access to whomever wants it, with the exception of those who use too much bandwidth.

Wireless network security

More security-conscious network operators may choose from a variety of security measures to limit access to their wireless network, including:

• MAC address authentication in combination with discretionary DHCP server settings allow a user to set up an "allowed MAC address" list. Under this type of security, the access point will only give an IP Address to computers whose MAC address is on the list. Thus, the network administrator would obtain the valid MAC addresses from each of the potential clients in their network. Disadvantages to this method include the additional setup. Methods to defeat this type of security include MAC address spoofing, detailed on the MAC address page, whereby network traffic is observed, valid MACs are collected, and then used to obtain DHCP leases.
• IPsec can be used to encrypt traffic between network nodes, reducing or eliminating the amount of Plaintext information transmitted over the air. This security method addresses privacy concerns of wireless users, as it becomes much more difficult to observe their wireless activity. Difficulty of setting up IPsec is related to the brand of Access Point being used. Some access points may not offer IPsec at all, while others may require firmware updates before IPsec options are available. Methods to defeat this type of security are computationally intensive to the extent that they are infeasible using readily-available hardware, or they rely on social engineering to obtain information (keys, etc) about the IPsec installation.
• WEP can be used on many Access Points without cumbersome setup, but offers little in the way of practical security. It is cryptologically very weak, so an access key can easily be stolen (see WEP for more information). Its use is often discouraged in favor of other more robust security measures, but many users feel that any security is better than none. In practice, this may simply mean your neighbors' non-WEP networks are more accessible targets.
• Wi-Fi Protected Access or WPA is more secure than WEP but isn't very wide spread yet. Many Access Points will support WPA after a firmware update.
• VPN options such as tunnel-mode IPSec or OpenVPN http://openvpn.sourceforge.net can be the (respectively) most difficult to set up, but often provide the most flexible, extendable security, and as such are recommended for larger networks with many users.

See also

• warchalking

External links

• wardriving.com http://www.wardriving.com
• Kismet http://www.kismetwireless.net
• Site dedicated to 802.11 Security and Wardriving http://www.wardrive.net/
• WiFiMaps.com http://www.wifimaps.com Web-based global GIS database of wardriving data
• HavenWorks' Wardriving news http://www.HavenWorks.com/vocabulary/a-z/w/war-driving/
• Bay Area Wireless Users Group http://www.bawug.org/
• WiGLE.net: World wide database and mapping of war drive data http://wigle.net/
• Wardriving Group Vienna http://www.wgv.at
• World Wide War Drive http://www.worldwidewardrive.org/
• NetStumbler http://www.netstumbler.com/
• Is Wardriving Legal? (Yes!) http://ssrn.com/abstract=585867
• Tom's Hardware Guide - Warflying http://www.tomshardware.com/column/20040430/
• niquille.net networking - warboating http://www.niquille.net/index/warboating