Wednesday, May 31, 2006

Random Tips For the Wardriver

~Random Wardriving Tips~

-Beginners waste many weekends wardriving their local neighborhoods or business districts. This is probing for low-hanging fruit some say, and is a waste of valuable learning time. It's more to an individuals benefit to learn an assortment of wireless LAN penetration tools and work toward the goal of gaining useful information. Learning the correct application of tools and techniques(not to mention keeping up-to-date)takes time and hard work in a closed environment, but yields much in the way of information technology.

-The current demand for wireless-security professionals is staggering on an international level. Those who have taken the time to hone their skills in the use of available tools and the latest penetration techniques will be financially rewarded with a great career. I urge you to consider practicing, studying and reading random comments much like this from randoms like myself rather than driving around from neighborhood to neighborhood hoping to send an e-mail through someone’s cable modem. Decrypting fact from crap will become a natural tool.

-One of the tricks to getting noticed by potential customers: Commit to the notion of protecting their wireless LAN. Give them a quick demonstration of hacking tools. If they have (for example) a heavily loaded 802.11g network secured with WEP, cracking their WEP key should open their eyes very quickly. --Keep in mind that these demonstrations should ALWAYS be done with the permission of a person in authority at the client organization(see post WiFi Hazards)—- And in a closed environment. Doing otherwise can lead to criminal prosecution, defamation of your organization, and a plethora of other undesirable results.

-Many hackers don’t necessarily want to steal your information or crash your systems. They often just want to prove to themselves and their friends that they can break in. This creates a warm fuzzy feeling that makes them feel like they’re contributing to society somehow, when in fact all they are doing is impressing themselves, and their equally stupid friends. On the other hand, sometimes they attack simply to get under the administrator’s skin. Sometimes they are
seeking revenge. Hackers may want to use a system so they can attack other people’s networks under disguise. Or maybe they’re bored.. and just want tosee what information is flying through the airwaves for the taking.

-The high-end uberhackers go where the money is.. literally. These are the guys who break into online banks, e-commerce sites, and internal corporate databases for financial gain. What better way to break into these systems than through a vulnerable wireless network, making the real culprit harder to trace..One random AP or vulnerable wireless client is all it takes to get the ball rolling. However, just because you have gotten away with something does not mean you yourself have not been penetrated and tagged, no matter how good you are, there is always someone better.(Unless you are the smartest on the planet.. But what are thee odds:)

-You know what they say about secrets? Here’s a hint: It’s no secret. Have you ever lost a laptop? Have you ever lost an employee? In both cases, you should change all 3,000 keys. Otherwise someone can decrypt every message, because everybody is using the same key. And just how often do you really think administrators will change the keys?

-IEEE 802.11i defines the 'robust security network (RSN).' An access point that meets this standard will only allow RSN-capable devices to connect. RSN is the environment it seems we are evolving to because it provides the security services we require for a network.

-Basically, one can crack Wi-Fi Protected Access Pre-Shared Keys that use short passphrases based on words found in the dictionary (yes, randoms still do that). For WPA, certain short or dictionary based keys are easy to crack because an attacker can monitor a short transaction or force that transaction to occur and then perform the crack remotely. Check 'Network Sniffers' for WPA cracking tools.