What You ll Need for Wardriving

Remember the 1983 film War Games? It's about a teenager who creates a 'dialer robot' program for his personal computer that dials phone numbers in sequence, listening for the telltale tone of a modem on the other end. He eventually gets into very serious trouble by accessing a nominally intelligent DOD computer with the power to unleash nuclear war. (Giving the computer an outside line was maybe not so intelligent.)

The movie War Games provided the inspiration for a new term, 'wardialing,' which was rapidly taken up as a pastime by every teenage goofball who could string BASIC statements together on his VIC-20. (I recall that as the start of the era in which I received five or six phone calls a day with no one on the other end of the line.) The term wardriving mutated out of wardialing, and the acronym WAR (Wireless Access Reconnaissance) was distilled afterthe-fact from wardriving.

Wardriving

Wardriving is a brand new hobby, albeit kind of a loopy one: Driving around town with your laptop and GPS receiver on the car seat beside you, mapping wireless access points (APs) that come into range. It's neither difficult nor particularly expensive, assuming you already have a laptop or PDA capable of accepting a suitable 802.11b wireless adapter card.

It works like this: You run a 'stumbler' program on your laptop or PDA. The vast majority of people use a program called NetStumbler (for your Windows laptop) or MiniStumbler (for PocketPC PDAs.) Other stumbler software exists, especially for Linux and BSD Unix. You connect a GPS receiver to your computer, configure it to emit NMEA (National Marine Electronics Association) standard positioning data, and feed that data to the computer (see Figure 18.1). The stumbler program listens for 802.11b access points, and when it finds one, it notes the current latitude and longitude and logs the position with the SSID and signal strength of the access point being logged, plus a few other odds and ends contained in the access point's beacon broadcast. Note that it doesn't attempt to connect to the database, nor does it 'sniff ' the presence of an access point that has disabled its SSID beacon.

click to expand
Figure 18.1: The Basic Wardriving Setup.

The log may be written to a file, and some stumbler utilities support the uploading of these log files to a central location, allowing the creation of a map of wireless access points, with each point contributing a spot on the map, defined by its GPS coordinates. This sounds a little scary to some people, but most stumbler utilities list only those bits of data that the access points make available in their broadcast beacon. How legal this is hasn't yet been settled (as I'll discuss in detail a little later) but few think that wardriving itself is illegal. What is certainly illegal is breaking into networks, and wardriving's role in finding networks puts it in a light gray area in some legal circles.

In this chapter I'll explain how you can put a wardriving rig together and gather data on the state of wireless networking with the best of them.

Taking the Pulse of Wireless Networking

It's certainly fair to ask, Why wardrive? Having been a wardriver for almost a year now, I'll be the first to say that (like a lot of other hobbies that seem pointless on the surface of it, like stamp collecting) wardriving is simply fun. It has the flavor of a scavenger hunt about it: How many nodes can you collect in how few miles? What's the most wirelessly connected part of town? There's always an element of surprise: Sometimes the shabbiest looking industrial area will be discovered to be a hotbed of Wi-Fi activity. You just never know.

And that's the key fact leading to wardriving's real value: It provides a way to gauge the growth of the wireless networking industry by direct inspection. Research companies have for years attempted to hang numbers on the growth of PC sales, printer sales, digital camera sales, and items like that by gathering numbers from manufacturers, interviewing consumers, and doing a lot of extrapolating from far too few data points. How much you can trust such numbers usually depends on who's paying for the research and what you're prepared to believe. With Wi-Fi, you don't have to take anybody's word for it-you can go out there and see for yourself.

An example: In my job for our very virtual publishing company, I travel to a meeting at our VP of Sales' house on a monthly basis. It's a longish trip, but I always take the same route, and I always take my wardriving rig. After each meeting I come home and compare my NetStumbler log files. It's fascinating to see the number of stations increase monthly, sometimes by 15% or 20%. A few stations disappear, but most of them remain, and the new ones, predictably, are newbie-clueless and don't enable WEP.

It's been fascinating to watch the month-by-month Wi-Fi growth at a local high school here, which seems to add one or two access points every time I go by.

As I'll explain later, you can take the pulse of the Wi-Fi industry in your area by defining a 'standard wardrive' for yourself, and taking the drive on a regular basis, weekly or monthly, keeping logs as you go.

Warmemes

I suppose it's only really 'wardriving' if you're in a car. People carrying a PDA with a Wi-Fi adapter can warwalk around downtown sniffing for networks. (This is actually the preferred way to do it in superdense surroundings like London, Paris, New York, and Washington, DC.) People standing on the balcony of a highrise apartment can use a high-gain directive antenna (like the legendary Pringle's can antenna or-much better-a genuine tin can antenna like the one I describe in Chapter 15) to warscan nearby buildings for wireless access points. People in small planes have reported logging beacons while warflying at thousands of feet above a city. Warbiking is easy and fairly common. No one has yet reported warswimming or warskating to my knowledge… but it's probably only a matter of time.

And as for warmemes, well, here's the reigning champ:



Jeff Duntemann's Drive-By Wi-Fi Guide
Jeff Duntemanns Drive-By Wi-Fi Guide
ISBN: 1932111743
EAN: 2147483647
Year: 2005
Pages: 181

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net