Essentially, it's low-tech (but very effective) high-gain antenna. There are two different varieties: one is called a Cantenna. An aluminum can is modified so that it makes a very good high-gain wireless antenna. Another version is called the WokFi. Instead of using a can, a large wok-shaped dish is used to create a high gain antenna that can help pick up low power signals coming out of the wireless access point inside the organization. Wardrivers can generally be sorted into two different categories; the benign wardriver and the malicious wardriver. Benign wardrivers aren't really concerned about actually accessing information on the network that the wireless access point is connected to. Instead, they're usually just out to log and collect information about the wireless access points that they find, logging them with a GPS or on a web map of some sort. Malicious wardrivers, on the other hand, are concerned about connecting to the internal network that the WAP is connected to and then using services without authorization or permission. This is a different type of wardriving called piggy-backing. Warchalking 6:58-8:34 There's a related attack you need to be familiar with called warchalking. Warchalking is the practice of driving around trying to find open networks just like wardriving, but instead of logging it on a map, the attacker uses a piece of chalk to draw certain symbols on a light post, on the sidewalk, or on the side of the building to advertise to other wardrivers that there is an available Wi-Fi network at that location. There's a certain set of symbols that are used to do this. The standardized set of symbols used in warchalking are shown here. The first symbol here is for an open network, one that is accessible and doesn't have any network security associated with it. We draw the two half circles opposing each with the SSID of that network shown here. A closed network, on the other hand, that isn't accessible because it uses heavy security is denoted by a closed circle and the SSID written above it. If that closed network uses WEP (meaning it's easily crackable), then the closed circle has a W inside of it, and then the SSID is written over here. If available, the key is written over on this side. If the owner doesn't care if you use the network, they may actually put the access contact over here. That's an interesting aspect of warchalking. As soon as business owners realize that people were doing this, many decide it is a great advertising opportunity and decide to
advertise their company via warchalking. Accordingly, they may have put the necessary symbols out in front of their establishment to attract people to their business. Instead of listing the key, they may specify the name of an employee who will give out the key.
- Spring '16
- Wireless Networks, Wireless network, Wireless access point