Wardriving: Legal or Illegal?

12 12 2011

WarDriving was invented by Peter Shipley and is now practiced by hackers, hobbyists and security analysts all over the world. It is the act of finding and exploiting wireless Local Area Network connections while driving around an area with wireless connectivity. This act is also known as access point mapping.  “To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car. Because a wireless LAN may have a range that extends beyond an office building, an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources ”[1].

Most culprits have made a sport out of WarDriving because of the ease with which they can do it. An omni directional antenna and a Geophysical Positioning System is all it takes to systematically map out the various wireless access points.

Personally up until I read up on this topic I did not even know it existed. There are probably many like myself who are unaware of attackers like these who then cost then thousands of dollars. The legal implications with regard to war driving are a bit of a grey area. Some people are of the view that is not illegal since one should be free to see what is causing problems with your local wireless network, for example congestion. In my opinion it is not the act that is illegal but it is what one does with the information that they acquire that is the problem. “The illegality is based on the extent and intent of the infringement by the war driver” [2].A WarDriver can do one of the following; dishonestly steal data, gain private information and use unauthorized resources.

An informal survey was done by Freeman to find reasons why people participate in WarDriving acts [3]. The reasons that ranked highest were;

  • To access adult websites without leaving a trail
  • To experience the thrill of being where you are not supposed to be.
  • To sell WI-FI owners security services
  • They are bored.

Once a WarDriver is connected to a network  he or she can sniff the private network and view information such as passwords and credit card numbers. A WarDriver can also make changes to the information and cause the worst outcomes.

Of late lots of cases have been reported including a case of this software company in Seattle that had several employees complaining that their pay checks had not shown up in their bank accounts. It was found that the routing numbers of the bank accounts had been diverted to bank accounts elsewhere, the money quickly loaded onto debit cards and withdrawn. When the investigations were carried out it was found that the owners of the IP addresses from which the crimes had been allegedly committed had no idea what was going on [4]

It is difficult to know and thus catch these culprits until they commit the crime in which case it is too late. How would one be able to monitor what another individual does as they drive around? They may not be the doers of the crime but more than often are the accessory to the crime where they avail that network information to people with ill intentions. As such it is better to be safe than sorry, protect your network!!

Wardrive.net suggests that you implement the following measures [5]:
Checklist from Wardrive.net
(***)
Things you can do to secure your wireless network.

  1. Change the default Admin password on your Access Point (this includes the webinterface).
  2. Check if the firmware for your Wireless Access Point and drivers for your Wireless Adapter(s) are up to date. Update if necessary. Keep checking for new releases in the future.
  3. Use a high level of encryption (WPA2/802.11i strongly preferred) — Use decent keys.
  4. Authenticate wireless users with protocols like 802.1X, RADIUS, EAP (including EAP-PAX, EAP-PSK, EAP-TLS, EAP-TTLS, EAP-FAST, EAP-POTP, EAP-IKEv2, EAP-GPSK, PEAP, and EAP-SIM). These protocols support authentication credentials that include digital certificates, usernames and passwords, secure tokens, and SIM secrets.
  5. Use strong encryption for all applications you use over the wireless network, e.g., use SSH and TLS/HTTPS.
  6. Encrypt wireless traffic using a VPN (Virtual Private Network), e.g. using IPSEC or other VPN solutions.
  7. Use WLAN Security Tools for securing the wireless network. This software is specifically designed for securing 802.11 wireless networks.
  8. Create a dedicated segment for your Wireless Network, and take additional steps to restrict access to this segment.
  9. Use a proxy with access control for outgoing requests (web proxy, and others).
  10. Regularly TEST the security of your wireless network, using the latest Wardriving Tools (the same tools the attacker will use). Don’t use these tools on other networks, and always check local laws and regulations before using any wardriving tools.
  11. Enable strict (sys)logging on all devices, and check your (wireless) log files regularly to see if your security policy is still adequate.

______________

[1]Tech target. Wardriving (Access Point Mapping).Accessed at  http://searchmobilecomputing.techtarget.com/definition/war-driving

[2]Sathu, H. 2006.WarDriving; Technical and Legal Context.http://www.wseas.us/e-library/conferences/2006istanbul/papers/520-188.pdf

[3]Houston, N., Reams, D. & Zelinsky,N. The ethical issues surrounding Wi-Fi. Accessed at http://www.ethicapublishing.com/ethical/3CH10.pdf

[4] Los Angeles Times Newspaper. Accessed at http://www.latimes.com/news/nationworld/nation/la-na-wardrivers-

[5] Wardriving/802.11 security.http://www.wardrive.net/

Advertisements