Google Answers Logo
View Question
 
Q: war driving, war walking. how to. ( Answered,   7 Comments )
Question  
Subject: war driving, war walking. how to.
Category: Computers > Wireless and Mobile
Asked by: cheaptrinkets-ga
List Price: $100.00
Posted: 28 Jan 2004 07:26 PST
Expires: 27 Feb 2004 07:26 PST
Question ID: 301121
Hi!

I want to find the most powerful wifi pc card on the market and stuff
I can augment if necessary. I am looking into the following:

war driving - best equipment and how to use it.

war walking - i am located in santa monica and work near the prominade
and would like to see where i can war walk and if there are any hand
helds good for find that out.

i would like to find the baddest antenna for my notebook to be able to
do this and pick up even distant signals.

faq on all aspects of war driving and how people hack them (this is
mainly for my own home equipment and see how people hack me).

The reason for all of this is simple. I own a small business and am on
the phone and computer all day. i want to get out of my office more.
to see something new and this would be a good way to get out work
offsite wherever seems interesting.

Again, thanks for your assistance.

Request for Question Clarification by aht-ga on 01 Feb 2004 00:20 PST
cheaptrinkets-ga:

I have started working on this, and hope to be able to post an Answer
for you before the end of the weekend.

Regards,

aht-ga
Google Answers Researcher
Answer  
Subject: Re: war driving, war walking. how to.
Answered By: aht-ga on 01 Feb 2004 14:49 PST
 
cheaptrinkets-ga:

Thank you for your Question regarding wardriving/warwalking. I hope
that you find the following information useful. For the most part,
this Answer is written based on my own personal knowledge, with links
to useful resources on the Web to help broaden the perspective I am
providing. There is a lot of reading material out there on this
subject, so hopefully the view I am giving you here will help guide
you towards the most relevant information for your needs. After
reading this Answer, please let me know if there is anything you would
like clarified that would result in you giving a five-star rating to
express your complete satisfaction!


----------------------------------------------------------------------

What is WarDriving/WarWalking?

WarDriving is the art of discovering and documenting the locations of
wireless access points while driving. Warwalking is the same thing,
except that instead of walking, the warwalker uses smaller handheld
equipment while walking. A related activity is warchalking, which
involves visibly marking (often with chalk on a sidewalk or wall) the
location and status of wireless access points. With the rapid growth
of wireless networking devices, warchalking has been replaced to a
certain extent by online databases complete with maps.

The name comes from two origins: the first is the old hacker activity
called war-dialing, where a hacker would use a computer and modem to
methodically dial up every number in an exchange to see which numbers
would lead to dial-up servers on private, corporate networks. The
second origin is the concept of "wireless access revolution", the idea
that with the advent of wireless networking devices, Internet access
would become ubiquitous and free. Well, as long as someone has to pay
somewhere along the line, Internet access will never be truly free.
There are several categories of wireless access points that are
regularly discovered by wardrivers:

 - free public access hotspots, set up by individuals or organizations
explicitly for the purpose of providing free Internet access to anyone
with the proper wireless networking equipment;

- fee-based public access hotspots, set up by individuals or
organizations where users must first establish a payment relationship
before being allowed to access the Internet through the hotspot's
wireless access point(s);

- private network access points, set up by individuals or
organizations, that are not intended for public use.

Within each of these categories, different levels of security may be
in place to prevent unauthorized access and use. For example, free
public access hotspots will usually have no security whatsoever,
allowing anyone who enters the coverage area to easily get online. At
the other extreme, some private network access points will feature
multiple layers of security to prevent an unauthorized person from
discovering the access point, connecting to it, and accessing the
network resources connected to it. Unfortunately, many installations
that should fit into this latter group, do not have the necessary
security in place. As a result, the networks attached to those access
points are not secure, either, making them vulnerable to both innocent
and intentional violation. Due to this, many individuals have taken up
wardriving as an activity to try to raise awareness of the security
lapses, and to raise awareness of wireless networking itself. By
'sniffing' out the locations of access points in need of security
changes, the hope is that the operators of those access points will
step up to their responsibility to turn up the necessary security
features.

----------------------------------
Additional links:

wardriving - a searchSecurity definition
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci812927,00.html

Wireless LAN Glossary 
http://www.wireless-nets.com/glossary.htm

Computerworld: "Sniffing, war-chalking and more: A wireless vocabulary evolves"
http://www.computerworld.com/networkingtopics/networking/lanwan/story/0,10801,74321,00.html

Guardian Unlimited: "Working the web: Warchalking"
http://www.guardian.co.uk/internetnews/story/0,7369,748618,00.html

----------------------------------

At this point, it is important to discuss the legal side of
wardriving. Wireless access points operating with the 802.11 family of
protocols are, by default, configured to broadcast their service set
identifiers, or SSIDs ( http://www.webopedia.com/TERM/S/SSID.html ).
The purpose of this is to allow wireless access clients to easily
detect and connect to wireless access points. This is fine, as long as
the wireless access client is authorized to use the network that the
access point is attached to.

Current computer crime laws throughout the US classify the
unauthorized access of a private network as a crime. Due to this, many
amateur wardrivers have found themselves on the wrong side of the law
after they inadvertantly access the resources of a private network
through an unsecured wireless access point. The law and case history
for this is evolving, though, with some jurisdictions looking to
classify the lack of security for a wireless access point connected to
a private network as a form of negligence on the part of the network
operator, thus creating a defensible position for the wardriver who
stumbles across the access point and accidentally accesses the
network.

Wardrivers, in general, are able to protect themselves while
wardriving simply by disabling the TCP/IP capabilities of their laptop
or handheld computer. This prevents the laptop or handheld from
accidentally or intentionally receiving a DHCP-assigned IP address for
the network, meaning that it is not possible to access the network or
the resources within it. In such a configuration, it is still possible
to detect the wireless access point and determine whether or not any
wireless security settings have been activated. It is not, however,
possible in this mode to determine of the wireless access point is
connected to an open connection to the Internet, as any such use could
be determined to be a violation of a computer crime law for
unauthorized access to a private network.

----------------------------------
Additional links:

Wired News: "Licensed to War Drive in NH"
http://www.wired.com/news/wireless/0,1382,58651,00.html

  - note: a quick review of the current NH law at:
     http://www.gencourt.state.nh.us/rsa/html/LXII/638/638-17.htm
    shows no evidence that this proposed law has made it into the actual state law.

"The FBI takes an interest in War Chalking and War Driving"
http://www.oreillynet.com/pub/wlg/1827

----------------------------------


So, prior to proceeding on with the rest of this Answer, I must warn
you that if you decide to take up wardriving/warwalking as a hobby,
that you will need to stay up to date on the computer crime laws of
your state and municipality to ensure that what you are doing remains
legal.

----------------------------------------------------------------------

An Overview of Wireless Networking Equipment used for Wardriving/walking

The basic equipment required for wardriving includes:

 - a laptop computer 
 - a wireless access adapter that optionally supports an external antenna
 - an optional antenna for the wireless access adapter
 - a GPS receiver with PC interface
 - sniffer software on the laptop to control the wireless access adapter
 - optional mapping software to map detected access points
 - a vehicle to drive all this around in :)

---
Laptop Computer

Pretty much any laptop computer will work for wardriving, so the
features to look for are:

 - lightweight, rugged construction
 - ability to run Linux, as the vast majority of sniffer software is
designed for Linux
 - ability to run Windows XP, for compatibility with mapping software
such as MS MapPoint
 - serial and/or USB port to connect to GPS receiver (depends on GPS
unit interface)
 - PC Card slot for wireless access adapter

---
Wireless Access Adapter with External Antenna Support

Not all wireless adapters are supported by the various sniffer
software applications out there. With the recent burst of new adapter
designs on the market to support the 802.11g standard, the choice has
gotten even more difficult.

The most commonly supported cards are based on the Prism2 chipset.
However, the Prism2 chipset is also being phased out by the major
manufacturers. That said, the folks who have programmed the sniffing
software typically have not had either the funds, or the desire, to
reprogram their applications to work with the newer designs.

Of the current cards available on the market, the one I would get
myself is the Proxim ORiNOCO Gold 11b/g PC Card. There is also a
Silver version, but the Gold version is best. This card supports an
external range-extender antenna:

ORiNOCO Gold 11b/g PC Card
http://www.proxim.com/products/wifi/client/
http://www.proxim.com/products/wifi/client/11bgpccard/index.html
http://www.proxim.com/learn/library/datasheets/11bgpccard.pdf

---
Optional External Antenna

For wardriving, what you need is a good omni-directional antenna. That
way, you can drive along without needing to worry about aiming an
antenna. You are also less likely to be accused of trying to
intentionally break into a network, since there is no conscious intent
involved when using an omni-directional antenna.

A decent antenna to use on a car is the one available from Netstumbler.com:

Mobile Netstumbler Kit
http://shop.netstumbler.com/customer/product.php?productid=61&cat=4&page=1&XCARTSESSID=96a6c672ab75a6102cc274eca44b1a62

A similar antenna is available from HyperLink Technologies:

HyperGain® Range Extender 8 dBi "Range Doubler" Omni Antenna
http://www.hyperlinktech.com/web/re09u.php 

This HyperGain unit is the one that I personally would want, as it has
the higher 'gain' on the signal. However, since it is 16 inches tall,
you may want to paint it black before using it so that it isn't as
noticeable.

---
GPS Receiver with PC interface

An important consideration when choosing a GPS receiver for wardriving
use, is how the unit is powered. For use in a car, it makes best sense
that the unit be powered using a cigarette-lighter adapter. A great
unit that features this, along with a PC interface and a good antenna,
is the Garmin GPS V (V as in the roman numeral five):

Garmin:GPS V
http://www.garmin.com/products/gps5/

Accessories for GPS V
http://shop.garmin.com/accessories_for_product.jsp?sku=010-00226-00


For portable use while war-walking, you may instead wish to consider:

Garmin eTrex Vista
http://www.garmin.com/products/etrexVista/

This unit can be upgraded with a cigarette lighter adapter as well as
a PC interface cable:

Accessories for eTrex Vista
http://shop.garmin.com/accessories_for_product.jsp?sku=010-00243-00

Garmin has the reputation of making some of the best GPS receivers
available on the market, so you will not go wrong with their products.

Do not forget to purchase the serial cable required to connect either
of these units to your laptop computer. Please note that the data
cables for the two units are not interchangeable, unfortunately. Since
you have a convertible, you can probably just go with the eTrex Vista
since you have no metal roof to interfere with the GPS signal for the
eTrex.

--- 
Sniffer Software

As I previously mentioned, the majority of sniffer software is
designed for use with Linux. However, if you are just starting out, I
would recommend that you use NetStumbler, a Windows-compatible
package. This application is available for download from the
developer's website:

stumbler dot net
http://www.stumbler.net/

The current version is version 0.3.30, which has not been updated
since 2002. However, in December the developer did post a teaser to
indicate that he is finally beginning work on version 0.4 again, which
will include support for many of the newer cards. Using Windows XP
will also help a lot in getting your card to work with Netstumbler.

A listing of other software packages available can be found at:

http://www.wardrive.net/wardriving/tools

Again, note that many of these are Linux packages that require a
reasonably high level of knowledge in using Linux in order to use.

For myself, I would use Netstumbler anyway, simply to avoid the hassle
of having to set up and maintain a Linux installation on my laptop
(which I use for other purposes that require MS Office applications).
There are also some packages available for Apple Mac users, but these
are very limited.

---
Mapping Software

If you do use NetStumbler, then the best mapping package to use is
Microsoft's MapPoint software:

MapPoint Home
http://www.microsoft.com/mappoint/default.mspx

You will also need StumbVerter 1.5 to translate the NetStumbler
discovery files into a format compatible with MapPoint 2004:

StumbVerter Home
http://www.sonar-security.com/


----------------------------------
Additional Links:

Wireless LAN Security & Wardriving (802.11)
http://www.wardrive.net/

Wardriving Articles, Links, and Whitepapers
http://www.wardrive.net/wardriving/links

Wireless on the fly - CNET Asia
http://asia.cnet.com/reviews/hardware/networking/0,39001739,39129260,00.htm

----------------------------------

To use all of this hardware and software, you will need to do the following:

1. Install wireless access card in the laptop per manufacturer's requirements
2. Calibrate GPS unit per manufacturer's requirements
3. Install Netstumbler on laptop, confirm compatibility with wireless card
4. Connect GPS unit to laptop serial port, confirm compatibility with Netstumbler
5. Connect range-extender antenna to wireless access card using card's
optional antenna connector (see manufacturer's documentation)
6. Test system by driving around your neighborhood! You should be able
to detect your own network as you drive in and out of range

See the CNET article above for more information about this.

----------------------------------------------------------------------
Wardriving info for Santa Monica

Interestingly enough, Santa Monica is home to Boingo Wireless, the
self-proclaimed best/easiest-to-use network of WiFi hotspots in the
world.

Here is a list of publicly known hotspots in the Santa Monica area:

http://www.wi-fihotspotlist.com/browse/us/2000238/2050355/

Beyond these, I was able to find a reasonably detailed map containing
the results of previous wardrivers searching in the Santa Monica area:

WifiMaps.com
http://www.wifimaps.com/modules.php?name=Map&Y=34.011746005965&X=-118.49468658462&RES=0.0075890934800071

Read the FAQ first to learn how to use this system:

http://www.wifimaps.com/modules.php?name=FAQ&myfaq=yes&id_cat=4&categories=WiFiMaps.com+Documentia

Basically, use 'Browse' mode, and the Zoom-In and Zoom-Out icons under
the compass to zoom into the neighborhood you are interested in, then
use 'Query' mode and click on a symbol in the map to learn about the
wardriving results for that area. There is more information here than
I can possible begin to describe in words.

----------------------------------------------------------------------
Safeguarding Your Own Wireless Network

The final piece of this Answer, is information on threats to your own
wireless network, and steps that you can take to safeguard it.

The first and most important thing is to turn on any security features
that your access point has available. It continues to baffle me why
anyone would buy a wireless access point, plug it in, and not take the
time and trouble to configure it for security. That's the equivalent
of buying a keg of beer for the Superbowl, then leaving it on the
front lawn with a tap and a stack of beer cups so that anyone walking
by can help themself to some beer. While that may be a wonderful way
to win the friendship of your neighbors, it's also a way to attract
undesirables onto your property!

What is worse, is when someone buys a wireless access point, then does
not bother to change the administrative password from the factory
default. That's like leaving the doors to your car unlocked, AND
leaving the keys in the ignition.

Security features available on all WiFi access points includes wired
equivalent privacy (WEP), and the ability to not broadcast the SSID.
Some access points also allow MAC address filtering to only allow
pre-authorized MAC addresses to use the access point to access network
resources (such as an Internet connection). Newer access points have
implemented WiFi Protected Access (WPA). Some manufacturers have even
designed their own proprietary security protocols, such as Cisco's
Lightweight Extensible Authentication Protocol (LEAP).

Regardless of what your wireless access point has available, you have
to be religious about using it. Personally, I try to change my 128-bit
WEP key on a semi-regular basis. I also regularly review the
connection logs for my access point, to see if anyone other than me
has managed to crack my WEP key, and connect. I also semi-regularly
change the administrative password on my access point.

You can read more about how wardrivers and hackers can be kept out of
your wireless network, in the following articles:

---
Wireless LAN Security FAQ
http://www.iss.net/wireless/WLAN_FAQ.php

Links to Wireless Security Articles - Tom's Networking (<=== A Must Read!!!)
http://www.tomsnetworking.com/Weblink-req=viewlink-cid=12-orderby=dateD.php

Wi-Fi 'wartrappers' snare the drive-by hackers - ZDNet UK
http://news.zdnet.co.uk/internet/0,39020369,2123600,00.htm

---

The last article is perhaps the most interesting, the idea of setting
up honeypot access points to attract wardrivers and hackers, to
distract them from the real wireless network in your location.


----------------------------------
Additional Links:

Overview of the WPA Wireless Security Update in Windows XP
http://support.microsoft.com/?kbid=815485

802.11 Security Articles, Links, and Whitepapers
http://www.wardrive.net/security/links

802.11 Security Books
http://www.wardrive.net/security/books

Wardriving is not a crime - Reno News & Review
http://www.newsreview.com/issues/reno/2003-12-18/cover.asp

----------------------------------

----------------------------------------------------------------------

I hope that you found this Answer informative. Again, please let me
know where you would like some clarification so that you are satisfied
with this as a five-star Answer!

Best Regards,

aht-ga
Google Answers Researcher

Clarification of Answer by aht-ga on 01 Feb 2004 17:00 PST
cheaptrinkets-ga:

I just realized that I did not include any specific information about
handheld warwalking.

From the links I provided above to the software applications:

http://www.wardrive.net/wardriving/tools

You will see that there are solutions available for both Pocket PCs,
and other handhelds such as the Palm Tungsten C (with built-in
802.11b). To remain consistent with your use of Netstumbler on the
laptop, I recommend using Ministumbler on a Pocket PC handheld:

Ministumbler Home
http://stumbler.net/

You can also consider using:

AirScanner Mobile Sniffer
http://www.airscanner.com/downloads/sniffer/sniffer.html

As for an appropriate Pocket PC, this is the challenging part. Both
Ministumbler and AirScanner are designed for MS Pocket PC 2002.
Current Pocket PCs are shipping with MS Mobile 2003, with older
applications not being compatible. Your best bet is to find a used
Pocket PC with the Pocket PC 2002 operating system, such as the older
Compaq iPaqs with a PC Card expansion sleeve.

Compaq iPAQ Pocket PC H3900 Series
http://h18000.www1.hp.com/products/quickspecs/11346_na/11346_na.HTML

Best Regards,

aht-ga
Google Answers Researcher
Comments  
Subject: Re: war driving, war walking. how to.
From: aht-ga on 28 Jan 2004 09:08 PST
 
Hello again, cheaptrinkets-ga!

Prior to any Researcher posting an Answer, you may find the following
sites of interest:

http://www.wardriving.com/
http://www.netstumbler.com/
http://www.laweekly.com/ink/24/01/ether-jardin.php

Regards,

aht-ga
Google Answers Researcher
Subject: Re: war driving, war walking. how to.
From: cheaptrinkets-ga on 30 Jan 2004 09:28 PST
 
I understand and appreciate this. I am looking for someone to help and
do homework on this stuff and find the best equipment in each area.
One thing I forgot to add is that I have a convertable which will
affect how I use an antenna.

I would like to have a researcher work on this.

Thanks.
Subject: Re: war driving, war walking. how to.
From: aht-ga on 30 Jan 2004 09:41 PST
 
Hi cheaptrinkets-ga:

This is actually one of my many areas of personal interest; the main
reason I have not yet taken on this Question myself is due to time
constraints on my end. To do a proper job on your request will take at
least a full day if not more to compile all that you are asking for.
It is my hope that a fellow Researcher can take this on for you; if
this Question is still unanswered when my schedule clears up enough to
allow for the time required, I would be happy to assist you.

Regards,

aht-ga
Google Answers Researcher
Subject: Re: war driving, war walking. how to.
From: aht-ga on 30 Jan 2004 09:42 PST
 
You may also want to consider possibly splitting up the question into
several smaller questions, to increase the likelihood that a
Researcher can answer at least one of them? Just a thought.

aht-ga
Subject: Re: war driving, war walking. how to.
From: cheaptrinkets-ga on 31 Jan 2004 08:15 PST
 
when do you think your schedule will open up to allow this? is the fee
i am paying too low? if so, what do you feel like it should be?

thanks
Subject: Re: war driving, war walking. how to.
From: aht-ga on 31 Jan 2004 09:36 PST
 
Hi cheaptrinkets-ga:

Glad I happened to check this forum before heading out the door, so
that I can answer your query. I am hoping to be able to spend some
time researching this question tomorrow; however, I do not know if I
will be able to complete the answer in that time. My fiancee is a bit
of a slave-driver, when it comes to planning/prepping our wedding! I
feel it would be best that I not lock this question while I work on
it, as this allows other Researchers, who may have more time to
dedicate to a speedy answer, to work on and Answer the question.

As for the pricing on the Question, ultimately the 'correct' price to
use is the price that reflects the value of a complete and timely
Answer, to you. For some general guidance on where prices normally
fall, please check out the Google Answers Pricing Guide:
http://answers.google.com/answers/pricing.html .

The answer I envision providing you, should I end up being the
Researcher to do so, would include:

-An overview of wireless networking equipment typically used for
wardriving/walking;

-My opinion (based on web-based info and personal experience) of what
equipment I personally would use, including optional antennas, if
price were no objection;

-Any warwalking info I can find for Santa Monica;

-Additional personal testimonial and online links regarding threats to
your own home network from others warwalking/wardriving in your
neighborhood.

The real value of the Answer will depend on the quality of the
information available for warwalking in Santa Monica; I already know
(from personal experience) that there is sufficient information out
there for a good Researcher to compile the rest of the Answer. So, if
you wish for a faster Answer than I can provide, you can split the
Question up by the bullets above (realizing that the combined Answer
may not mesh as well as a single Answer would). Otherwise, I will try
my best to address this Question tomorrow if none of my fellow
Researchers have taken it on!

Regards,

aht-ga
Google Answers Researcher
Subject: Re: war driving, war walking. how to.
From: seankubin-ga on 01 Oct 2004 04:43 PDT
 
I came very near to posting a question similiar to this one.  My
comment on your question is this.  1st. you dont really want an
education on what war* is.
2nd. If you want the baddest war* you can rule out warwalking. 
Warflying would rock, and I know where a $6,000 ultralight is- but
that's probably outside your budget.  So your question really seems to
want the ultimate wardrivig vehicle.
Let me flesh out the dream you have.
One night your motor around, and gps up all the hot spots into mapmaker.
Then you plan your life around that map.  Using your vehicle to detect
distant APs, amplify their signal, then rebroadcast it to your
location.  You want a shirt that says, "If you can read this shirt,
you can get on the internet".  You want a signal so powerfull your
teeth hurt.
I have seen this solution installed in a friend's truck.  It looked
extremely custom and leet.  But he, having installed it once, would
probably sell you his stuff.  A few parts looked difficult to obtain.
Or guide your on buying the stuff he wishes he would have bought.
His home telly: 501 941 7222, name = blake.  
I am his friend, sean.  sean@kubin.net
Grocery list:
A convertible, and possibly a motor cycle would seem like the worst vehicles.
Get a Chevy truck, a 6cy. And a 600watt inverter.  buy the inverter at
a truck stop.  spend 60-80$ on it.  The truck, put a ladder rack on
it.  And install a bunch of switches that control outlets that you are
going to install behind the seat.  Make a tap for your cables to run
outside.  Hit up pawn shops for CB, and Cop scanning equipment.  Buy a
radar detector, not an omni one, just a forward looking.  Buy a radar
jammer- omni is ok.  Buy one of those bling bling green light
trickers.  they are expensive ~500$, so maybe just make one.
Weld armored plates on the side of the doors, and mount a mini gun on
the tail pipe.  Purchase a few bluetooth compatible Surface to air
missiles, and an emp detonator.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy