Page 801 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 801

War driving is the act of using a detection tool to look for wireless
               networking signals. Often, war driving refers to someone looking for

               wireless networks they aren’t authorized to access. In a way, war
               driving is performing a site survey for possibly malicious or at least
               unauthorized purposes. The name comes from the legacy attack
               concept of war dialing, which was used to discover active computer
               modems by dialing all the numbers in a prefix or an area code.

               War driving can be performed with a dedicated handheld detector,

               with a personal electronic device (PED) or mobile device with Wi-Fi
               capabilities, or with a notebook that has a wireless network card. It can
               be performed using native features of the OS or using specialized
               scanning and detecting tools.

               Once a wireless network is detected, the next step is to determine
               whether the network is open or closed. An open network has no
               technical limitations to what devices can connect to it, whereas a

               closed network has technical limitations to prevent unauthorized
               connections. If the network is closed, an attacker may try to guess or
               crack the technologies preventing the connection. Often, the setting
               making a wireless network closed (or at least hidden) is the disabling
               of service set identifier (SSID) broadcasting. This restriction is easily
               overcome with a wireless SSID scanner. After this, the hacker
               determines whether encryption is being used, what type it is, and

               whether it can be compromised. From there, attackers can grab
               dedicated cracking tools to attempt to break into the connection or
               attempt to conduct man-in-the-middle attacks. The older and weaker
               your protections, the faster and more successful such attacks are likely
               to be.


               War Chalking

               War chalking is a type of geek graffiti that some wireless hackers used
               during the early years of wireless (1997–2002). It’s a way to physically

               mark an area with information about the presence of a wireless
               network. A closed circle indicated a closed or secured wireless
               network, and two back-to-back half circles indicated an open network.
               War chalking was often used to disclose to others the presence of a
               wireless network in order to share a discovered internet link. However,
   796   797   798   799   800   801   802   803   804   805   806