Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Let the Game Begin
So, where does all of this weak wireless LAN security lead? Let's explore the very active world of wireless LAN attacks by looking at a hypothetical, (over)dramatized scenario. Sit back and relax as our intrepid acting troupe, the Counter Hack Players, performs their new play, Night of the Living Wi-Fi's. In addition to witnessing an attack scenario, we'll also get a blow-by-blow listing of the mistakes made by a hypothetical victim company we'll call "Diversified Financials." By learning from the mistakes made by Diversified Financials, we can all improve the security of our wireless LAN infrastructures.
Fred and Joan were highly inquisitive college students, attending a university located in the heart of a downtown metropolis named Gotham. To blow off steam, many college students watched TV, participated in political marches, or played Ping-Pong. Not Fred and Joan. They spent their spare time "war driving" and "war walking." They'd cruise around Gotham, either by foot or by taxi, searching for unsecured wireless access points. In their dorm rooms, they maintained wall-sized maps of Gotham, with colored pushpins indicating each of their prizes:
A red pin indicated that a wireless network was present at a given location, but Fred and Joan couldn't get access to the network behind it. In other words, red indicated that the network was secure—a bad thing from Fred and Joan's perspective.
A yellow pin identified a network to which Fred and Joan could gain access, but that had yet to be explored by our itinerant attackers. There were lots and lots of yellow pins on their maps!
Finally, a green pin highlighted a network where Fred and Joan could get complete access to the internal network through the wireless access point. While yellow outnumbered green, there were hundreds of green pins. Fred and Joan lived in a target-rich environment!
Their war-driving rig consisted of Fred's four-year-old laptop, a beat-up IBM ThinkPad whose originally clean slate-black finish was peeling off after years of being kicked around Fred's dorm room. Similar models were widely available on eBay for $300. They inserted a wireless LAN card, available for about $70, into the laptop's PCMCIA slot. This Wi-Fi card was connected to a $75 antenna to boost their signal-gathering capacity. Their setup also included a Global Positioning System (GPS) receiver, available for about $150. The laptop used the GPS unit to record the longitude and latitude of discovered access points so they could be found easily or just pinned on the map. For software, they installed Windows 2000 on their laptop to run the extremely popular (and free) NetStumbler, written by Marius Milner. They carried the whole setup inside a backpack.
Although Fred and Joan usually just walked around town to conduct their wireless LAN explorations, they'd sometimes get some extra cash to pay for a cab ride. The taxi let them war drive in style. While Joan distracted the cab driver, Fred would gingerly place the magnetized antenna on the roof of the cab. No fuss, no muss. An hour's worth of war driving through this bursting metropolis cost less than $20—about the same price as two tickets to a lame horror movie, hold the popcorn. Besides, war driving was a lot more fun than most of the fare offered at the local metroplex. In a recent hour-long war drive, Fred and Joan managed to turn up 455 wireless access points. That's a lot of pushpins!