Wardriving is the practice of physically searching for unsecured wireless networks or networks that can easily be compromised. It is also known as access point mapping as the goal is to identify potential access points from which to connect to WiFi networks. According to tech-fan.com, the term originates from the movie War Games where attempts were made to locate random phone lines connected to a modem in order to gain network access.
However, war drivers have not completely dropped the use of WNIC-based software as it is still relevant in modern programs. Ethical War Drivers. The malicious use of war driving has given a bad name to the entire practice. The prevalence in network attacks have many questioning the motivation behind the so-called 'ethical war drivers.' Wardriving is an activity in which a person drives around the streets in order to track Wi-Fi networks in that area. The data can be collected using a device running a wardriving software.
What is Wardriving?
Wardriving is commonly perpetrated by individuals driving around in a vehicle while using software and hardware that assists them in locating unsecured networks. The use of a vehicle is not required, and wardrivers can also scan for networks to attack when on foot, on a bicycle, or even by using aircraft. Whatever method of transportation is used, the goal is to secretly penetrate WiFI networks.
Taking the original idea from War Games and naming it wardriving is credited to computer security consultant Peter Shipley. He developed Perl scripts in 2000 which interacted with a GPS to automate the procedure that was to become wardriving.
The ability to plot WiFi access points on a map allowed networks to be found without the need to keep track of the driver’s physical location. He found that among the networks that he identified, only about 15% were protected by encryption. The vast majority of WiFi networks were unprotected and offered unscrupulous individuals the opportunity to access and compromise them and their attached computers and devices.
The simple act of surveying the area and gathering data on wireless networks is, in itself, not considered illegal in the U.S. Actually accessing networks that are not intended for public use does expose the wardriver to potential criminal prosecution. The charges will be determined by the locale in which the unauthorized access occurred as well as the intent of the network intruders.
Wardrivers who are successful in gaining access to your network may be interested in stealing your passwords, banking information, and other sensitive data. They may use their entry into your network to install malware that can use your computer for purposes which are not in your control and could put you at risk of legal consequences.
Hardware and Software Tools for Wardriving
In order to perform WiFi driving successfully, you need to use some specialized software or hardware. There are no hard and fast rules regarding what type of devices or software are used by your friendly neighborhood wardrivers. Let’s take a look at some of the tools that are used in wardriving.
Hardware Tools for Wardriving
There are several hardware components that are required in order to practice wardriving.
- A mobile device
You need a mobile computing platform in order to conduct wardriving activities. This includes laptops, tablets, smartphones, and other devices such as the Raspberry Pi. These perform overall management of the process and are used to subvert encryption.
- Wireless network card and antenna
These are a critical part of the wardriving setup. The wardriver may use the card and antenna built into their mobile device or may opt for additional hardware in order to increase their scanning power. This component provides the ability to remotely monitor the discovered networks.
- GPS system
War Driving Software With Gps Machine
The GPS system is used to determine the exact location of the WiFi routers that have been located. Many of the mobile devices used for wardriving have built-in GPS capabilities.
Software Tools for Wardriving
The primary piece of software which is employed in wardriving is an application that will be used in an attempt to crack the passwords of WEP and WPA encrypted networks. There are many such programs available for use on whichever operating system you prefer. Here are a few of the more popular apps that are used by wardrivers to bypass network security, according to resources.infosecinstitute.com.
This is certainly not an exhaustive list of software applications that can be used to hack into a WiFi network but does give an overview of some of the more popular choices if you are considering taking up wardriving as a hobby.
Only available for the Mac platform, this tool scans networks passively and can be used to crack WEP and WPA keys through a brute force attack.
This very popular application is a wireless password cracking tool that is used worldwide. It captures and analyzes data packets in an attempt to recover passwords. It is optimized to perform WEP password attacks much more quickly than many other tools. It runs on many operating systems including OS X, Windows, and Linux.
Cain & Able
Here is another popular tool that is used to crack the passwords of WiFI networks. It works by intercepting network traffic and then attempting to discover the passwords through a brute force attack.
This tool runs on the Linux platform and is an automated tool for conducting dictionary attacks to crack WPA encrypted passwords. It is slower than some other tools and only provides a command line interface.
This tool is available for Windows, Linux, and Mac. It performs fast, automated phishing attacks on wireless networks in an attempt to steal passwords.
Protecting Your Network From Wardrivers
The overriding factor that makes a WiFi network attractive to a wardriving party is the lack of adequate security. A network that is securely protected will be impervious to these types of attack or at least make it so difficult to access that the attackers will find another, more easily compromised target.
Here are some steps that you can use to protect your network and its data from wardrivers. Failure to secure your network properly leaves you open to having intruders steal your personal information or use your devices for illegal purposes.
According to security experts at McAfee, these are some of the best ways to protect your WiFi network from the risk posed by wardrivers.
- Change your router’s administrative password – The default passwords for many routers are easily available on the web. Operating your router with the default credentials makes it a trivial exercise for a hacker to gain access to your network.
- Enable encryption – You should insist on a router that enables you to set WPA or WPA2 encryption. Use of WEP level encryption should be avoided as it is easily cracked through the use of the tools mentioned above.
- Use a firewall – A firewall monitors attempts to access your system and only allows a connection by approved sources. It can stop unauthorized users from accessing your system.
- Shut down your wireless router when not in use – If you will be gone or will not be using the network for an extended period of time, just shut it down. This will eliminate the possibility of wardrivers discovering and attacking it.
These methods of protecting your network from wardrivers are also the best practices for securing your network from any type of unauthorized access. Networks that are not encrypted are a prime target for hackers. Secure your systems and your network by always ensuring that the highest level of encryption available on your router and devices is being used.
Wardriving Software With Gps Mac Software
WiGLE (or Wireless Geographic Logging Engine) is a website for collecting information about the different wireless hotspots around the world. Users can register on the website and upload hotspot data like GPS coordinates, SSID, MAC address and the encryption type used on the hotspots discovered. In addition, cell tower data is uploaded and displayed.
By obtaining information about the encryption of the different hotspots, WiGLE tries to create an awareness of the need for security by running a wireless network.
The first recorded hotspot on WiGLE was uploaded in September 2001. By June 2017, WiGLE counted over 349 million recorded WiFi networks in its database, whereof 345 million was recorded with GPS coordinates and over 4.8 billion unique recorded observations. In addition, the database now contains 7.80 million unique cell towers including 7.75 million with GPS coordinates. By May 2019, WiGLE had a total of 551 million networks recorded.
Mentions in Books
From Hacking for Dummies  to Introduction to Neography, WiGLE is a well known resource and tool. As early as 2004, its database of 228,000 wireless networks was being used to advocate better security of Wifi. Several books mentioned the WiGLE database in 2005, including internationally, and the association with vehicles was also becoming widely known. Some associations of WiGLE have been positive, and some have been darker. By 2004, the site was sufficiently well known that the announcement of a new book quoted the co-founder, saying “This is the ‘Kama Sutra’ of wardriving literature. If you can't wardrive after reading this, nature has selected you not to. This is the first complete guide on the subject we’ve ever seen (it mentions us). Don't quote me on that.”–Bob “bobzilla” Hagemann, WiGLE.net CoFounder' and a shortened quote appeared on the book's cover.
Mentions in Academic Papers
In early days, circa 2003 the lack of mapping was criticized, and was said to force WiFi seekers to use more primitive methods. 'The most primitive method disseminated is warchalking, where mappers inscribe a symbolic markup on the physical premises to indicate the presence of a wireless network in the area.' Regarding WiGLE in particular, it was said, 'The Netstumbler map site and the Wireless Geographic Logging Engine store more detailed wardrive trace data, yet do not offer any visualization format that is particularly useful or informative.'  By 2004 others felt differently, however, and a WiFi news site said about 'the fine folks at wigle.net who have 900,000 access points in their wardriving database,' 'While the maps aren't as pretty, they're quite good, and the URLs correspond to specific locations where WiFiMaps hides the URL-to-location mapping.'  In late 2004, other authors stated, 'that war driving is now ubiquitous: a good illustration of this is provided by the WiGLE.net online database of WAPS.' They also said, 'The motherload of WAP maps is available on the Wireless Geographic Logging Engine Web site (wigle.net). Circa late September 2004, WiGLE’s database and mapping technology included over 1.6 million WAPS. If you can’t find the WAP of interest there, you can probably live without it.'  In 2005, using WiFi databases for geolocation was being discussed, and WiGLE, with approximately 2.4 million located access points in the database, was often mentioned.
Although the apps used to collect information are open sourced, the database itself is accessed and distributed under a freeware proprietary license. Commercial use of parts of the data may be bought.The Android app to collect Wi-Fi hotspots and their geographic correspondent information is available under a 3-clause BSD license.
- ^WiGLE FAQ
- ^Wigle.net: The 411 on Wireless Access Points
- ^WiGLE Statistics
- ^WiGLE Statistics (archived)
- ^Beaver, Kevin (December 16, 2015). Hacking for Dummies (5th ed.). John Wiley & Sons. pp. 372, 389. Retrieved June 28, 2017.
- ^Turner, Andrew (Dec 18, 2006). Introduction to Neography. O'Reilly Media, Inc. p. 21. Retrieved 29 June 2017.
- ^Field, Dave; Brandt, Andrew (Oct 27, 2004). How to Do Everything with Windows XP Home Networking: Keeping Your PC Safe. McGraw Hill Professional. p. 140. Retrieved 30 June 2017.
- ^Proceedings: The Twentieth National Conference on Artificial Intelligence and the Seventeenth Innovative Applications of Artificial Intelligence Conference. American Association for Artificial Intelligence AAAI Press. 2005. p. 20. Retrieved 30 June 2017.
- ^Hong, Jason I-An (2005). An Architecture for Privacy-sensitve Ubiquitous Computing. University of California, Berkeley. pp. 123–125. Retrieved 30 June 2017.
- ^Gellersen, Hans W.; Schmidt, Albrecht (Jun 23, 2005). Pervasive Computing: Third International Conference. Springer. pp. 122, 139. Retrieved 30 June 2017.
- ^Stolarz, Damien (2005). Car PC Hacks: Tips & Tools for Geeking Your Ride. O'Reilly Media, Inc. p. 293. Retrieved 30 June 2017.
- ^McClure, Stuart; Scambray, Joel; Kurtz, George (May 10, 2005). Hacking Exposed (5th ed.). McGraw Hill Professional. pp. 664, 690. Retrieved 30 June 2017.
- ^McPherson, Tara (2008). Digital youth, innovation, and the unexpected. MIT Press. pp. 85, 88, 95. Retrieved 30 June 2017.
- ^Wang, Wally (2006). Steal this Computer Book 4.0: What They Won't Tell You about the Internet. No Starch Press.
- ^'Syngress Publishing Announces the Release of 'WarDriving: Drive, Detect, Defend''. helpnetsecurity.com. Help Net Security. Retrieved 30 June 2017.
- ^Hurley, Chris (Apr 2, 2004). WarDriving: Drive, Detect, Defend: A Guide to Wireless Security (1 ed.). Syngress. p. Cover. ISBN1-931836-03-5. Retrieved 30 June 2017.
- ^Lentz, Chris; Kotz, David (June 1, 2003). '802.11b Wireless Network Visualization and Radiowave Propagation Modeling'(PDF). Dartmouth College Computer Science Department Senior Thesis. Technical Report TR2003-451: 2, 3. Retrieved 30 June 2017.
- ^Glenn, Fleishman. 'WiFiMaps Encompasses the World of Wardriving, April 27, 2004'. WNN WiFi Net News. Glenn Fleishman. Retrieved 30 June 2017.
- ^Berghel, Hal; Uecker, Jacob (December 2004). 'Wireless Infidelity II: Airjacking'(PDF). Communications of the ACM. 47 (12): 15, 19. doi:10.1145/1035134.1035149. Retrieved 30 June 2017.
- ^Roto, Virpi; Laakso, Katri (2005). 'Mobile Guides for Locating Network Hotspots'(PDF). Workshop on HCI in Mobile Guides: 2, 5.
- ^Letchner, Julia; Fox, Dieter; LaMarca, Anthony (2005). 'Large-Scale Localization from Wireless Signal Strength'(PDF). AAAI. 05: 6. Retrieved 30 June 2017.
- ^King, Thomas; Kopf, Stephan; Effelsberg, Wolfgang (June 2005). 'A Location System based on Sensor Fusion: Research Areas and Software Architecture'(PDF). Proc. of the 2. GI/ITG KuVS Fachgespräch Ortsbezogene Anwendungen und Dienste: 3, 5. Retrieved 30 June 2017.
- WiGLE Wifi Wardriving Android package at the F-Droid repository
- Wigle Wifi Wardriving on Google Play