War drivers are in the company of finding wireless access points, documenting them uploading their locations to the internet. Why would someone do so, nicely for Many reasons:
They need free online access. Next they could only be war forcing as a hobby; finally they might be targeting your network for monetary gain.
One of the most asked questions is how can you stop hackers from trying to hack wireless lan and the way to capture them in the action.
1. Use directional antennas: Among the most under mentioned applications of directional antennas are the way they keep your wireless signal inside your region of functioning. If you’re using a Omni directional antenna that is causing half of the sign to travel beyond of your building, you get a major safety problem. Additionally while using your own wireless directional antenna turndown transmit power to lower your signal power if you can.
2. Blend your wireless antennas in your buildings architecture or keep them low profile. This is not expensive, the entire point is not allowing your antennas stand out like a sore thumb so anybody driving doesn’t saywow they still have a wireless community. Once more the best method to stop people from attempting to hack your wireless system is to keep it hidden.
3. Use Kismet or Airsnort – Create a cheap wireless Intrusion detection system. Utilize an old desktop computer install Linux, install a USB wireless adapter or PCI wireless adapter and prosper you’ve got your wireless warfare driver stopper. Both Kismet along with airsnort will alert you if wireless customers are probing your network. If a wireless client is still using netstumber rather than connecting networks they’ll be located by Kismet. Their wireless adapters MAC address will be stored and other details of their operating system. Most of the time that these may be false strikes but should you see a pattern of the same MAC address probing networks you could have hacker issues.
4. Security Cameras – Regardless of how hard you strive not to have your sign bleed outside your operations place it will. . .to a point. Probe your own network as if you have been a wardriver. Don’t only use a typical wireless adapter to find out where you still can detect your system. You might want to use an extremely directional antenna to observe how far off you can detect your own network. Once you understand your weak points setup several inexpensive security cameras to track those regions.
5. Setup a Honey Pot – Provide the Wardriver what they need, a system to hack on. Take an entry point link into a standalone switch with a different junk computer attached to that change. Name the SSID something Feeling significant like server WLAN and title the computer Database. Eventually use a weak password or simply abandon the access point without any security. Script kiddies who state that they”hack networks” really are linking to receptive wireless lans with no security. If you provide them a”Important sounding SSID using a”database to hack” this can help keep them occupied until you’re able to track them down. There are many honeypot apps free and commercial which will simulate servers or networks but are actually only recording all the hackers’ data and types of attacks.
6. Use a RADIUS Server – RADIUS servers need Wireless clients to authenticate using a username and password not only just with a PSK (Pre- Shared Key). With out a RADIUS server you really don’t know who is on your WLAN. With a RADIUS server you understand who’s accessing your WLAN and when they obtained it. Additionally a RADIUS server gives you the capacity of producing policies for occasions your WLAN may be accessed along with other essential security features that the wireless clients must have enabled their own computers.
Now let us put this all together to grab our hacker. First you are going through your everyday routine of checking logs on your Kismet IDS server and you also observe the same MAC address probing networks but not linking. Next you assess your help tickets and notice that in one area of the construction customers were having trouble connecting to the wireless community or they had trouble staying connected.
Flags go up on your head, which means you go over to your honeypot machine and confirm that. You notice it was accessed around exactly the same time of the Kismet logs revealed a client probing the system. The honey pot recorded the MAC address of this WAR driver and the operating system along with the name.
Next you check your security cameras for this time but don’t really detect anything. So for the next few days you continue monitoring your honey pot machine and observe the hacker attempt to crack on the WLAN and the database server. The entire process of dividing wireless security is in fact two steps. Step one is gathering enough packets for your cracking program to decode. This entire process of gathering sufficient packs may takes days or weeks not 5 minutes. Now once you do have sufficient bundles 64 bit WEP encryption can be broken in less that five minutes. 128 bit encryption can take several times longer, WPA using TKIP and AES encryption may takes months to decode.
My entire point is that you have some opportunity to grab your hacker since he will be back several times, assuming you have the simple security features in place.
Now as soon as you have all of your logs compiled and your honey pot information you must have a fantastic idea how the hacker behaves. Assess your security cameras and you likely notice the exact same car or individual in the region around that time. Just take that advice for your in house security and tell them to watch for that car or person and telephone law enforcement.
If you are lucky security or police will spot him apprehend him. Convicting him or her may be demanding but with your videos that are compiled and movie you should have a great deal of evidence to assist your situation.