War Driving No Game to IT Managers

Cruising the streets with a laptop to scan for unsecure wireless connections is one of the latest techie crazes. But the growing popularity of 'war driving' underscores the security problems facing networks that have gone wireless.

By Sharon Gaudin | Posted Nov 26, 2003
Page 1 of 2
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

A couple of buddies get in their car on a Saturday morning. They've got steaming coffees and a laptop. As the passenger boots up the computer, the driver pulls out and banks a left onto a busy downtown Boston street. But in this scenario, it doesn't have to be Boston; it could be Chicago, New York, Duluth, Portland, or any other location across the country. In other words, what happens next could happen anywhere.

As they drive around town, passing major banks, investment firms, and upscale retailers, the laptop comes to life beeping excitedly. The buddies laugh victoriously, taking notes and plotting points on a map. These guys are called war drivers — and they could be a security or IT manager's best friend or their worst nightmare. It all depends on how secure the company's wireless network is and what the war drivers' intentions are.

War drivers, often using freely downloaded software, are roaming streets around the country scanning for unsecured wireless connections. Think of it as a live-action, high-adrenalin version of the old video game, Pac Man. They're driving around trying to find, or 'gobble up,' as many unsecured connections as they can. The more they find, the better they're doing.

To the war driver, it's a sport or a game. It's a lot more serious, however, to the IT manager or security administrator running those networks.

War drivers using NetStumbler, a wireless LAN discovery tool that can be downloaded for free, can submit their network findings to the NetStumbler.com Web site. Those findings can be added to a national map of wireless networks. Recent reports noted that the map showed more than 100,000 access points across the country. But Wayne Slavin, founder of NetStumbler.com, says that number is out of date. So many new access points have been plotted out that he can't even keep track of them all at this point.

"War drivers are independent security vigilantes almost," says Slavin, who earns his living as a sales engineer with Lindows.com. "This is about security. It's about letting people know there's this fantastic new technology out there, and it will revolutionize networking. But be aware of what comes with that. Be aware that you might deploy a wireless network that's open to anybody who drives by with a laptop computer. Be aware that you need to protect your data. This is a tool to see how secure you are."

Most Wireless Networks Unsecure

The problem is that most companies using Wi-Fi connections still are not aware of the risks. Or if they are aware, they haven't had the time or the budget to secure their wireless connections. Slavin estimates that 80 to 85 percent of wireless connections are unsecured today. That's just a little higher than many analyst estimates, which put the figure around 70 percent.

Whether it's 80 percent or 70 percent, that's still a lot of unsecured networks.

And that's a big problem.

An unsecured wireless network doesn't just mean that someone could sit down on a bench across the street from a mortgage company and hitchhike on the wireless connection to email her mother or order a new L.L. Bean backpack online. It means the person sitting on that bench or in a car parked across the street or in an office building next door could enter the mortgage company's network. She could be one giant step closer to critical financial information. She could be one giant step closer to wreaking havoc on an unsuspecting company.

Page 2: 'Crunchy on the Outside, Chewy on the Inside'

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter