War driving is a term used to describe the process of a hacker who, armed with a laptop and a wireless adapter card and traveling via a car, bus, subway train, or other form of mechanized transport, goes around sniffing for WLANs.
War walking refers to the same process, commonly in public areas like malls, hotels, or city streets, but using shoe leather instead of the transportation methods listed above.
The concept of war driving is simple: Using a device capable of receiving an 802.11b signal, a device capable of locating itself on a map, and software that will log data from the second when a network is detected by the first, the hacker moves from place to place, letting these devices do their job. Over time, the hacker builds up a database comprising the network name, signal strength, location, and ip/namespace in use.
Via SNMP, the hacker may even log packet samples and probe the access point for available data. The hacker may also mark the location of the vulnerable wireless network with chalk on the sidewalk or building itself. This is called war chalking, and alerts other intruders that an exposed WLAN is nearby.
Common war driving exploits find many wireless networks with WEP disabled, and using only the SSID for access control. The SSID for wireless networks can be found quickly. This vulnerability makes these networks susceptible to what's called the parking lot attack, where, at a safe distance from the building's perimeter, an attacker gains access to the target network.
Penetration testing -- Securing wireless access points
War walking and war driving
WLAN vulnerabilities, SSID issues, WEP weakness
WLAN DoS attacks, MAC address vulnerabilities
Wireless testing tools
WLAN security countermeasures
About the author
Russell Dean Vines is a bestselling author, Chief Security Advisor for Gotham Technology Group, LLC, and former President of the RDV Group. His most recent book is The CISSP and CAP Prep Guide, published by John S. Wiley and Sons.
This was first published in February 2007