Article by Rick Leinecker, May 3, 2007
Last week, my friend Tina asked if her wireless Internet connection was safe. It's a good question to ask because you don't want private information getting into the wrong hands. It's not the easiest question to answer, though. So I collected my thoughts in order to share my own experiences and give you some guidelines.
Several years ago I left my house in the car with my laptop turned on. As I drove past a neighbor's house, the laptop got an Internet connection through a wireless router from the house I was driving by. It dawned on me that anyone with a laptop and a wireless network card could use their wireless Internet connection.
Several years back I was in Medford, Oregon at a Motel 6. These motels are very economical and not known for their amenities. As you might expect, one of the amenities missing was wireless Internet access. And for me, not having this amenity is a major disappointment. But walking right outside of my room allowed me to pick up a connection from the motel next door. Then I could easily check my email.
There's a relatively new practice in the hacking community known as wardriving. It's where hackers ride around with a laptop that's equipped with a wireless network card looking for wireless networks. Once they find a wireless network they might get free Internet time, access to a network, and possibly confidential information such as credit card numbers. If you have a wireless network it's not necessarily safe.
Antennas can extend the range of a wireless connection so that the hackers can stay at a safe distance. There are lots of antennas for sale at electronics stores or through the Internet. And there are dozens of plans that show how to build your own antenna. Some Yagi antennas can extend the wireless range to several hundred feet - plenty of distance to remain unnoticed.
Many of the wardrivers plug Global Positioning System (GPS) devices into their laptops. This way, the latitude and longitude of detected wireless signals can be recorded. An entire database of connection points can then be created for later use.
There is special software that can be downloaded from the Internet for wardriving. Most of it doesn't cost anything and is fairly easy to use. It manages the entire process. It alerts you when it detects a signal that's strong enough to use. It records GPS coordinates if a GPS device is attached. It can attempt to crack any encryption that's used. It can scan for passwords and other information for networks that aren't encrypted. If you are interested, you can go to a page on wardriving.com that lists most of the available software.
There are several basic steps you can take to protect yourself from the wardrivers. The first is to turn on your wireless router's encryption. To do this, just go to the setup page and look for the encryption settings. Most wireless encryption can be cracked with some time and effort, but it usually takes several days - more time than most hackers will take. You should also change the Service Set Identifier (SSID) to something that can't be easily guessed. And the third recommendation is to turn the SSID broadcast off. While these steps won't completely eliminate the threat, you're much safer than before.
It's best not to transmit sensitive or confidential information over a wireless connection. Most home networks have wireless connections for laptops, and at least one computer that is tied into the network with a network cable. Use the computer with the network cable whenever possible when privacy matters.
Those are the basics of wardriving.