War drivers have been in the business of locating wireless access issues, Keeping them and uploading their places to the internet. Why would anyone do this, well for several reasons:
First they need free internet access. Next they could just be war forcing as a hobby; finally they could be targeting your network for financial gain.
One of the most asked questions is how do you stop hackers from trying to hack your wireless lan and the way to catch them in the action.
1. Use directional antennas: Among the most under stated uses of vertical antennas are the way they keep your wireless signal inside your region of functioning. If you’re employing a Omni directional antenna that is causing half the sign to travel beyond of your building, you have a significant security issue. Additionally while using your own wireless directional antenna turndown transmit electricity to reduce your signal power if you can.
2. Blend your wireless antennas into your buildings architecture or maintain them low profile. This is not expensive, the entire point isn’t allowing your antennas stand out like a sore thumb so anybody driving by doesn’t state , wow they have a wireless community. Once again the best way to stop people from trying to hack wireless system will be to keep it concealed.
3. Use Kismet or Airsnort – Make a cheap wireless Intrusion detection system. Use an older desktop install Linux, put in a USB wireless adapter or PCI wireless adapter and flourish you have your wireless warfare driver stopper. The two Kismet and airsnort will alert you if wireless clients are probing your network. When a wireless client is using netstumber rather than connecting networks they will be seen by Kismet. The wireless adapters MAC address will be logged along with other specifics of this operating system. Most of the time these may be false hits but should you notice a pattern of the exact same MAC address probing networks you could have hacker issues.
4. Security Cameras – No matter how hard you strive not to have your sign bleed outside your operations place it will. . .to a stage. Probe your own network as if you have been a wardriver. Do not simply use a standard wireless adapter to find out where you can discover your network. You may want to use an extremely directional antenna to learn just how far off you can find your own network. When you understand your weak points setup some affordable security cameras to monitor those regions.
5. Installation a Honey Pot – Provide the Wardriver what they need, a network to hack on. Just take an entry point connect it to a standalone switch with another junk computer attached to this switch. Title with the SSID something sounding important like server WLAN and name the computer Database. Eventually use a weak password or only leave the access point without any security. Script kiddies who state they”hack programs” are only connecting to receptive wireless lans with no security. If you give them a”Important sounding SSID with a”database to hack” this will help keep them occupied until you’re able to track them down. There are lots of honeypot programs commercial and free that will simulate networks or servers but are actually just recording all the hackers’ information and types of strikes.
6. Utilize a RADIUS Server – RADIUS servers need Wireless clients to authenticate using a username and password not only just with a PSK (Pre- Shared Key). Together with a RADIUS server that you truly don’t know who is in your WLAN. With a RADIUS server you understand who is accessing your WLAN and when they accessed it. Additionally a RADIUS server gives you the ability of creating policies for occasions your WLAN may be retrieved along with other required security features that the wireless customers must have empowered their own computers.
Now let’s put everything together to catch our hacker. First you’re going through your everyday routine of checking logs in your own Kismet IDS server and you also notice the same MAC address probing networks but not linking. Next you assess your aid tickets and also notice that in 1 area of the construction customers were having difficulty connecting to the wireless network or else they had difficulty staying connected.
Flags go up in your mind, so you go on to a honeypot machine and verify that. You notice that it was obtained around precisely the same time of this Kismet logs showed a customer probing the network. The honey pot recorded the MAC address of this WAR driver as well as the operating system along with the personal name.
Next you assess your security cameras for this time but don’t really notice anything. So for the next couple days you keep tracking your honey pot server and observe the hacker try and crack the WLAN and the database server. The entire procedure for cracking wireless security is truly two measures. Step one is collecting enough packets for your breaking up program to crack. This whole procedure for gathering sufficient packs may takes days or weeks not five minutes. Now when you do have enough transmissions 64 bit WEP encryption can be broken in less that five minutes. 128 bit encryption can take many times longer, WPA using TKIP and AES encryption may takes weeks to decode.
My whole point is that you have some time to catch your hacker because he’ll be back many times, assuming you have the simple security features in place.
Now after you’ve got all of your logs compiled and your honey pot information you need to have a great idea how the hacker behaves. Assess your security cameras and you almost certainly observe the identical car or individual in the region throughout that time. Take that information for your in house security and let them watch for that vehicle or individual and call the police.
If you are lucky security or police will place him apprehend him. Convicting their will be tough but with your compiled logs and movie you ought to have a lot of evidence to help your situation.