war drivers are in the business of finding wireless access points, document them and load their positions for the web . Why would someone do this, well for several reasons:
First they want free internet access. Next could be just war driving as a hobby; Finally, they could be directed to the network for profit.
One of the most frequently asked questions is how do you stop hackers trying to hack your wireless LAN and how to catch them in the act.
wardrivers arrest:
1. Use directional antennas: One of the most stated in use of directional antennas are how they keep the wireless signal in your area of operation. If you are using omni-directional antenna that is causing the mid to travel outside the building signal, you have a serious security problem. Also while using the directional antenna preparation for wireless transmission power to reduce the signal strength, if you can.
2. blend your wireless antennas in your architecture of buildings or keep a low profile. This is not expensive, the point is not to get your antennae stick out like a sore thumb as well as the driver does not say, wow they have a wireless network. Again, the best way to stop people from trying to hack your wireless network is to keep it hidden.
3. Use Kismet or Airsnort - Making a wireless intrusion detection system at low cost. Use an older desktop computer to install Linux, install a USB wireless adapter or PCI wireless adapter and the arm you have your driver stopper war without wires. Kismet is AirSnort and will alert you when the wireless clients are investigating network. If a wireless client uses Netstumbler and not join the networks they will be found by Kismet. Their wireless adapters MAC address will be registered and other details of the operating system. Most of the time these could be false shots, but if you notice a pattern of the same MAC address probing networks you could have hacker problems.
4. Security cameras - No matter how hard we try not to have the signal bleed outside the area of operations will make it ... at a certain point . Probing your network as if you were a wardriver. Do not just use a standard wireless adapter to find out where you can still detect the network. You want to use highly directional antenna to see how far you can detect your network. Once you know the configuration weaknesses some cheap security cameras to monitor those areas.
5. Set a Honey Pot - Give wardriver what they want, hack a network. Take an access point to connect it to a standalone switch with another junk computer connected to the switch. SSID name that sounds like something important WLAN server and the name of the computer database. Finally use a weak password or just let the access point without any security. script kiddies who say "Hack networks" are really just connect to open wireless LANs without protection. If you give them a "SSID Important sound with a" database to record "this will keep them busy until you can find them. There are many free and commercial honeypot programs that will simulate networks or servers, but they are really just recording all the
hackers' information and types of attacks6. Use a RADIUS server - .. RADIUS servers require wireless clients to authenticate with a user name and password, not only with a PSK (Pre-Shared Key ) with a RADIUS server you really do not know who is on your WLAN. with a RADIUS server to know who is accessing your WLAN and when accessing it. also a RADIUS server gives you the ability to create policies for the WLAN you can be accessed and other required safety functions wireless clients must have activated their computers.
it's time to put all this together to take our hacker. first you go through your daily routine to check the logs Kismet on the IDS server and you notice the same MAC address probing networks but not to enter. Next to check tickets aid and notes that in a customer construction area were having trouble connecting to the wireless network or they had trouble staying in touch.
flags go up in your head, so you go over to the honeypot server and verify that. You notice was read around the same time of Kismet logs showed a client to probe the network. The honey pot has registered the MAC address of the driver WAR and the operating system and the computer name.
Then check the security cameras for that time, but it really does not notice anything. So for the next two days we will continue to monitor the honey pot server and watch the hackers try to break the WLAN and the database server. The whole process of cracking wireless encryption is actually two steps. The first step is the collection of a sufficient number of packages for your crack cracked program. The entire process of collecting a sufficient number of packets may take days or weeks not five minutes. Now, once you have enough of 64-bit WEP encryption packages can be cracked in less than five minutes. 128-bit encryption can take many times longer, WPA with TKIP and AES can take months to crack.
My whole point is that you have time to catch your hacker, because it will be back many times, assuming that you already have at least the basic security features in place.
Now once you've filled in all the registers and data honey pot you should have a good idea of how it behaves the hacker. Check the security cameras and probably noticed the same car or the person in the area around that time. Take this information for home security and tell them to look for that vehicle or person and call the police.
If you are lucky to security or police will find him and learn. condemns him or her will be hard, but with logs compiled and videos you should have a lot of evidence to help your case.
0 Komentar