Wardrive attempts to find unsecured wireless networks

The Annual Worldwide Wardrive will commence this year on Oct. 26 and run through Nov. 2.

Wardrive is the name given to an effort to map all unsecured IEEE 802.11x networks worldwide.

The group that runs the www.worldwidewardrive.org Web site leaves its own identity secret but does offer numerous links to other like-minded organizations as well as giving a somewhat cryptic e-mail address, roamer@worldwidewardrive.org, for those interested in organizing their own local efforts.

Wardrive appears to be an offshoot of warchalking, another tactic intended to disclose unsecured wireless networks.

Warchalking derives its name from the custom of "beggars and hobos" to indicate with chalk marks "if a place was good for handouts or a place to stay away from," according to a definition provided at the site.

Although the warchalking site, www.warchalking.org, makes no apology for revealing open and closed wireless networks that could be used in either a somewhat benign fashion to simply gain free access to the Web to a more scurrilous use for hacking into corporate networks, the wardrive efforts appear to be targeted at making companies aware of their own security lapses.

One security expert said that to call wardrive a service may be going too far, but the effort does serve a good purpose.

"It is a guide to help people understand if there are issues [with their wireless network]," said Guy Denton, principal manager in the security and consulting practice at IBM Corp., in Raleigh, N.C.

Denton, a member of an IBM internal organization known as the Ethical Hackers Group, said if nothing else it could serve to embarrass network managers into creating more secure networks.

"The problem is the right people aren't reading the site," Denton added.

Denton also said about 30 percent of all corporate networks are not secured. The Ethical Hackers do not attempt to breach the security of networks unless invited to do so, Denton said.

Denton warned that even when secured, network managers can inadvertently expose their wireless networks to attack by simply hitting the reset button when an access point goes down.

"Default is no security settings. If you reboot there is a good chance you are resetting and clearing out any configuration setting you might have added," Denton said.

The last wardriving effort located a total of 9,374 sites.

Join the newsletter!

Error: Please check your email address.

More about IBM AustraliaIEEE

Show Comments