war walking … a student experiment. agenda project goal wifi basics war walk conclusion &...
Post on 22-Dec-2015
215 views
TRANSCRIPT
Our Goal
• Walk around downtown Seattle
• Locate private wireless networks on a PDA
• Record network names and addresses
• Attempt to gain access to these networks
• Determine wireless network security levels
• Stay only in public areas to ensure no trespassing laws were violated
Wireless Network Basics
• Wireless networks operate on two different frequency bands (2.4 & 5.4 GHz)
• Wi-Fi, also known as 802.11b, is the most popular broadband wireless networking. • There is also 802.11a and 802.11g
• Wi-Fi shares the same broadcast spectrum as some cordless phones, microwave ovens, and Bluetooth short-range wireless
• Network density is becoming an issue and will force private Wi-Fi networks to be secure
The World of Wi-Fi
• Wi-Fi is relatively easy to install• Provides broadband Internet access to specially outfitted
wireless devices within a few hundred feet of a Wi-Fi base station
• Avoids the time and cost of hard-wiring• Found in homes, hotels, airports, restaurants, coffee shops,
corporations, and shopping malls• North American business users account for 90% of Wi-Fi
users worldwide• By 2005 95% of new laptops will come WiFi enabled
War Walk - Location
• Downtown Seattle business district
• Between 6th and 4th Avenues
• Between Union and Madison Streets
• Hotels, retail stores, and business offices
• 9:15 to 10:15 pm
War Walk - Equipment
• Compaq iPAQ Pocket PC 2003
• Cisco 802.11b Wi-Fi Card
• HudsonMobile IPDashboard
• Our feet
War Walk - Results
1. ENET2. CNXT-FRLAN013. CD-WIRELESS4. ENET5. DEFAULT6. TAAIRPORT7. WMAOFFICE
NETWORK8. WIRELESS9. LYNKSYS10. MKA 32SW
11. CD-WIRELESS12. MKA 33SW13. NOSID14. MKA 33SE15. MKA 32SE16. LYNKSYS17. PANAMBIC18. DEFAULT19. WIRELESS20. JDDS
War Walk - Results (continued)
21. MYNEWWIRELESS-NETWORK
22. SEATAL23. MC24. VPK25. ALX26. DADCO27. DSOFFICE28. WLANNAI29. LYNKSYS30. CNET
31. WIRELESS.COM32. RNI33. RAINIER34. DEFAULT35. ACCESSTOGO36. BARTLETT37. MKA 33SE38. ELECTRICARROW39. MUSACORPHIN40. ROUTER41. NAKAMURA
War Walk – Results (continued)
• In addition to 41 network names• We were issued IP addresses and were able to get IP
addresses of the infrastructure of several companies • Gateway, DHCP server, WINS server, DNS naming, etc
• We were able to access and “surf” on several networks
• The majority of the networks were secure and required authentication
• We did not record all of the Starbucks T-Mobile Hot Spots that we encountered
Conclusions
• Downtown Seattle has high density of wireless networks
• There was high concentration of networks near large high rises
• The wireless networks located downtown may be secured to reduce “tripping into” other neighbor networks
• We did not attempt to enter any networks that required authentication. Passwords could potentially still be set at default
Lessons Learned
• WAP in highly congested areas more likely to be secured• Commercial networks in rural areas less likely to be secured• Home networks are less likely to be secured
• WAP signals bleed a great distance from high-rise buildings• Companies should turnoff SSID broadcasts to make their networks
more stealthy• There are websites like www.seattlewireless.net/index.cgi/
WarDrivingResults that have a lot of the networks already sniffed out• Companies need to be concerned about unauthorized WiFi Networks
in their buildings• Employee built• Industrial espionage• Privacy Invasion (802.11 cameras)