WarDiving

tech

Ok so then has anyone gone out driving around, looking for un secure Wireless Access point and found some, ??

tck

maybe

nosmo

Well, I sometimes walk around with my laptop running, and for some reason this "kismet" progam I didn't install starts running, and I just can't stop it.
It's a strange phenomenon

Gone West

I have about 225 points mapped with oziexplorer using my gps. I use 2 wireless cards, with aerials pointing left and right of the car. roughly half are unsecured using wep. But a large amount of these supposedly open ones use a proprietory authentication system, such as nocatauth.

Its fun.

I'll be on the lookout for that car.

Rew

Iv maps (netstumbler + mag mount antenna + mag mount GPS) done from Waterford to Dublin (Lucan) and Waterford to Cork. The Cork file got corrupted though so I only have a few AP's logged...

Maps are done with Stumverter and Map Point 2004

Gone West

at first, i thought wardiving was some new exotic form of warXXX. I have warskated, warwalked, wardriven, but never wardived

Rew

Id like to try some War Flying

robfitz

My favorite is WarCycling - IPAQ running Linux and Kismet, eTrex GPS, Orinoco, 5 dBi Omni.

Jaden

I've pretty much most of Galway city and county covered.

Nocturnal

whats the point??!what do u need so many wireless points for,what can ya do with them??!sounds a little sad....

Jaden

So that we can play with your Linksys router.....

Fobia

Jaden wrote:

I've pretty much most of Galway city and county covered.

Do you have maps made out for these? If so, any chance of a copy?

Rew

Jaden wrote:

So that we can play with your Linksys router.....

Lets not feed the troll

Capt'n Midnight

nosmo wrote:

Well, I sometimes walk around with my laptop running, and for some reason this "kismet" progam I didn't install starts running, and I just can't stop it.
It's a strange phenomenon

I setup a 3com AP at home with default password. Imagine my suprise when at work my Laptop automatically associated with another AP under those settings - DHCP the works - I had to turn off the wireless card pdq because I couldn't trust their network. Maybe I should sue for entrapment

azezil

damn you >_<

*wanders off to enable 256bit encryption and hide his ssid*

Rew

azezil wrote:

damn you >_<

*wanders off to enable 256bit encryption and hide his ssid*

http://www.tomsnetworking.com/Sections-article118-page1.php

azezil

ok then, wanders off to restrict access by mac address

Rew

azezil wrote:

ok then, wanders off to restrict access by mac address

http://www.tech-faq.com/change-mac-address.shtml

madden

what ya want is AES

Rew

WPA (which uses AES) and WPA has flaws as well...

Dublin7

And what if DHCP is not active on the AP ?

Rew

Dublin7 wrote:

And what if DHCP is not active on the AP ?

Makes little diference, watching the traffic for a couple of seconds will give you the IP address range and subnet. Watching for longer will give u DHCP and default route easily as well. Download any packet sniffer and try for your self. Some apps have AP scanning and IP address identifaction all automated together.

tck

you restrict the subnet, assign an ip for the router and an ip for your box

and then make sure there are no available ip's to assign, use wpa2 as well,

then just monitor your network!

Rew

Thats over kill WPA/WPA2 with a non-dictionary PSK is grand.

dawballz

I was sitting on a train in Galway station waiting for it to move for about half an hour one night. After about 28mins I decided to turn on my lappy.
Lo and behold a lovely free internet connection for me.

Then the train started moving and I lost it

Dublin7

Rew wrote:

Makes little diference, watching the traffic for a couple of seconds will give you the IP address range and subnet. Watching for longer will give u DHCP and default route easily as well. Download any packet sniffer and try for your self. Some apps have AP scanning and IP address identifaction all automated together.

Tried that already but it seems you need to be connected to the network to be able to sniff the traffic...
Or can you detail your working solution? which software used, how to proceed?

philologos

i found 1 but it was secure lol
if ur SSID is wireless-tisrara pm me

Rew

Think I have a few mapped in Lucan...

philologos

mines locked anyhow now :P

Ajnag

Is there any way of detecting the mac addy's required for access to a router if its mac address restricted?.

Rew

Ajnag wrote:

Is there any way of detecting the mac addy's required for access to a router if its mac address restricted?.

Yes

tech

how?

Dublin7

Rew wrote:

Yes

Rew is the yes Man but he never says how to do it

Nietzschean

Rew wrote:

WPA (which uses AES) and WPA has flaws as well...

some good ole EAP(PEAP or leap) authentication imo

Rew

Dublin7 wrote:

Rew is the yes Man but he never says how to do it

Eh newbie u havn't seen 99% of my other posts!

Dublin7

Rew wrote:

Eh newbie u havn't seen 99% of my other posts!

Lol thank you for the welcoming !

Anyway if you posted 2000 message just saying "yes" (twice on that subject) that is not very useful for people asking questions...

namit_coro

I never have any joy in getting around WEP am using windows 2000 but no programs seam to work with my wireless card anyone have any help for me?

coghlac3

Do any of you use wireless locators?? Like the kensington one???

Rew

Any iv seen arn't woth it, pda is the best small device for finding wifi nets.

Sleipnir

There's loads on unsecured ones around Dublin so I don't know why anyone would bother with a cloned MAC address or try to crack the encryption key.

Yes it can be done, given you have the resources, but there's not much point unless you want to get onto that network for a particular reason. If you just need access to the web to check your email then drive on.
Crack AES algorithm while your in your car? The company you're trying to get on to will have made millions and gone out of business by the time you do.

Maps of points from Waterford to Dublin? Pretty useless too unless you *really* need to get on the net every 20 minutes while you're driving.

Rew

Sleipnir wrote:

Crack AES algorithm while your in your car? The company you're trying to get on to will have made millions and gone out of business by the time you do.

Maps of points from Waterford to Dublin? Pretty useless too unless you *really* need to get on the net every 20 minutes while you're driving.

There are specific flaws in WPA (even using AES) that let you reclaim weak PSKs.

I map AP's because Im doing reseach in to location detection. You can use the known location and unique MAC address of AP's as virtual sign posts to where you are when you don't have GPS.

Rew

Dublin7 wrote:

Tried that already but it seems you need to be connected to the network to be able to sniff the traffic...
Or can you detail your working solution? which software used, how to proceed?

(Didnt see this post till recently)

Depends on the tool your using, some cards can be put in to a monitor mode where they sniff trafic on a channel regardless of being assocated to the AP.

Only the body of 802.11 frames is encrypted when WEP is on so you will still be able to get MAC address info at all times but IP info is encrypted with WEP.

Best to use Linux as opposed to Windows. There is a whole set of tools in the link I gave to Tomshardware including ones that will report MAC addresses....

coghlac3

Is the microsoft app just as good for searching for access points or what else do you get from the other apps??? I'm a total newbie when it comes to this....

masteroftherealm

Is there much of an organised scene in Dublin?
Cause Ive been floating around solo and woth a ew mates but would be fun to organse some competitions etc?

Capt'n Midnight

coghlac3 wrote:

Is the microsoft app just as good for searching for access points or what else do you get from the other apps??? I'm a total newbie when it comes to this....

Netstumbler for Windows
If using Netstumbler a lot you could set the Wireless Zero Configuration Service to manual
Then when you want to connect to an AP with windows net start Wireless Zero Configuration to start it again

ministumbler for PDA's

Kismit for linux
- if using Knoppix 3.9 on a centrino laptop go into the root console and type
kismit -c ipw2100,eth0,ipw2100
press s and sort by when seen etc.
press h for help

Karoma

.. if MiniStumbler doesn't work then WiFiFoFum (Getting better with each release).

I'll admit to connecting to an unsecured WiFi net. as I didn't try.. I took my PDA out of my pocket to find "2 new emails" to my suprise. Heh. I wonder if I could get them in trouble ?:p
(My fault for automatically connecting to non-preferred net's and leaving the PDA on..just amusing in a geeky way when the role's reversed.)

masteroftherealm

Ive found PocketWarrior Teh best for PDA's after trying a few different ones.

rogue-entity

Wardriving? Sure I have done it for parts of waterford city and I picked up nearly 15 networks most of them unsecured, I didnt bother trying to connect to them.
I run my own wireless net at home for broadband and I have secured it, setup MAC restriction and will probably switchoff the SSID at some point.

I have stood at a certain point in the garden and detected IrishWAN-SouthEast29 or something like that, WEP encrypted but I dont know where the transmitter for it is. Does anyone know where the node is and who I contact to connect in. I know that I will probably be charged for connecting in, and will need to supply my own equipment but I could offset that by providing free internet access using my broadband connection. Just a thought :cool:

Capt'n Midnight

http://www.irishwan.org

techguy

In a nut shell WLAN isn't secure!
I drove around my small town with netstumbler(yes, I haven't a clue how to use linux!) and found about 20 AP's of which around 7 were open..

Hakko