With wardriving being around for some time, so there has been opportunities for new, innovative approaches of wardriving to develop. With the ultimate purpose of creating an accurate map of wireless networks, wardriving techniques have developed along with new technologies. This section explores the mechanics of wardriving, new developments in the technique, and ways to protect against modern wardriving.
Wardriving as a phrase sounds a lot cooler than the reality, but it is still an important cybersecurity technique that has garnered popularity among hackers and cybersecurity professionals. The idea is simple. Equip a vehicle with a wireless network scanner and drive it through the ever-expanding field of Wi-Fi
network access points. However, the execution is not as simple since a number of innovative wardriving methods have been developed over the years. This section explores the basics of wardriving, some creative examples of wardriving’s evolution, and how an organization can protect their network from wardrivers.To begin, the attacker needs a computer with wireless capabilities. This could take the form of Linux, macOS, Windows, iPhone, and Android devices. Mobile devices are emerging as the primary wardriving device of choice for many practical reasons. For one, they have built-in location tracking features and are easily transportable. Additionally, wardriving apps are easily accessible through their respective app stores. Kismet is the primary tool for network detection in a Linux environment. NetStumbler and KisMAC are the most popular tools on Windows and macOS, respectively. Wi-Fi-Where on iOS and G-MoN
on Android have wardriving features for mobile platforms. Once enabled, these programs will detect and log any and all wireless networks within range. The attacker may move the transceiver across the entirety of the organization in order to gather a complete wireless profile. Some tools, such as Kismet, are designed for cracking and bypassing wireless passwords in WEP and WPA-2 encryption. With this, wardriving can be used by the attacker as a means to infiltrate networks. The core function of wardriving is to produce a detailed, accurate map of wireless networks.Innovative techniques for wardriving
have developed out of professional and enthusiastic endeavors to create maps of wireless networks. Wardriving computers have been installed on unmanned aircraft in what is dubbed “warflying”, and wireless drones have been equipped for similar purposes. Mobile devices have facilitated the ease and accessibility of wardriving through freely available applications, but desktop wardriving applications such as Kismet come installed with more advanced features. Some wardriving applications may pass traffic between hosts in a way that can be detected by network administrators. Active scanning can be detected by network administrators within the organization. Passive scanning, which involves only gathering public, broadcasted information is more difficult to detect. The most practical application of wardriving is infiltration and penetration testing. The simplest way to protect against wardriving is to disable the broadcast of your SSID. Your SSID
, or Service Set Identifier, is the name of your access point that appears on mobile devices. Organizations can access their router settings through a web browser and disable SSID broadcasting. This may create problems in daily use of the access point, so encryption may be the primary method of wardriving defense. Lastly, creating a filtered list of allowed MAC addresses ensures that only pre-approved devices can connect to the network.In short, wardriving has developed from a way of creating wireless maps to a widespread, accessible cybersecurity tool. Network detection is a feature required by devices that discover and connect to wireless devices. The invisible infrastructure of Wi-Fi networks has grown to accommodate an increasing use and reliance on wireless access points. Cities across the world have already become completely saturated with networks that rely on these devices. The vast majority broadcast an SSID signal, most are encrypted with a password, and virtually all of them can be cracked by wireless devices running cybersecurity software.