WAR-DRIVING

Rather than physically connect computers with cables to form a network, many companies and individuals are turning to a wireless network standard known as 802.11b or Wi-Fi (wireless fidelity) instead. The idea is simple. You just plug in a device known as an access point as part of your network, and that access point relays signals from your network to any computer with a wireless network interface card (NIC), which can then access that network as if it were physically connected through a cable. If you use an AirPort card with a Macintosh computer, you're using an 802.11b wireless network.

Every computer with a wireless card can access a wireless network. Unfortunately, that means that a wireless card plugged into a hacker's laptop computer across the street can also access that same network. A wireless network is essentially the equivalent of a normal wired network with cables sticking out of every window of the building, and anyone can plug in and access your network at any time without your knowledge.

To prevent unauthorized users from accessing a wireless network, most wireless networks use encryption (dubbed WEP for wired equivalent privacy) and authentication. WEP encryption hides the data passing through the airwaves and authentication only allows pre-defined computer access to the wireless network. Like most security measures, these two methods can stop some, but not all, hackers from getting on a network. WEP encryption is relatively weak and can be cracked easily. Only allowing pre-defined computers access to a wireless network can stop most hackers, but many people don't bother turning on this feature. Even if this feature is turned on, hackers simply trick a computer that they are actually authorized to use the wireless network.

Hackers can scan for wireless networks by driving around any neighborhood with a laptop computer, a wireless network interface card, an antenna to pick up the signals broadcast by the network, and a scanning program to detect the presence of the wireless network (see Figure 11-5). Sometimes hackers also include a global positioning system (GPS) for mapping out the exact location of a wireless network. This whole process of driving around scanning for wireless networks is called war-driving, and with so many corporations and individuals setting up wireless networks, it is fairly easy to find one. (There is also war-strolling, war-flying, and war-boating, but the main idea is the same: Cruise a neighborhood and search for wireless networks.)

Figure 11-5: A North American map showing the location of all known wireless networks found by the NetStumbler program.

For more information about the different techniques, hardware, software, and news about war-driving, visit the WarDriving.com site (http://www.wardriving.com). To read "The Definitive Guide To Wireless WarX'ing," visit http://www.kraix.com/downloads/TDGTW-WarXing.txt. For more information about Wi-Fi networks, pick up a copy of The Book of Wi-Fi by John Ross, published by No Starch Press.

The key to finding a wireless network is a wireless sniffer program as shown in Figure 11-6. Some of the more popular ones include NetStumbler (http://www.stumbler.net) for Windows, MiniStumbler (http://www.netstumbler.com) for Pocket PC, Kismet (http://www.kismetwireless.net) for Linux, and MacStumbler (http://www.macstumbler.com) for the Mac OS.

Figure 11-6: A wireless sniffer program can help you find and identify wireless networks nearby.

To make finding a wireless network even easier, hackers have adopted the techniques of the hobos, who used to carve or draw marks on trees or buildings to alert other hobos to unfriendly towns, sympathetic households, or good places to hop on a passing train. Similarly, war-chalking (http://www.warchalking.org) involves drawing marks in a neighborhood to identify the location and features of a particular wireless network, as shown in Figure 11-7.

Figure 11-7: War-chalking symbols identify the location and status of a wireless network.

Once that first hacker discovers a wireless network and leaves behind a war-chalking mark, other hackers will likely explore that same wireless network. With so many unwanted intruders poking around a network, it's only a matter of time before one of them accidentally or purposely disrupts, deletes, or alters some important files.