A Crash Course in Stumbling

Net stumbling is has recently become a popular passtime for computer hobbyists. In its simplest form, stumbling is the discovery of wireless network access points using a mobile computer, such as a laptop or handheld device. While it's possible to manually discover such access points using the basic network connectivity software supplied with your hardware, there are other tools which make the job much easier and more interesting. These include:

There are several variations known as war driving (done in an automobile), war walking (done on foot) and even war pedalling (done on bicycle) and war bussing (done on public transit). I prefer the more generic term stumbling, since it implies accidental discovery more than the term war, which has particularly negative connotations these days.

Stumbling on foot and wheels

While war driving is the most popular form of net stumbling, war walking and biking have several advantages over driving and bussing:

Of course, there are a few disadvantages to war walking as well:

Stumbling techniques and locations

Though it's possible to randomly wander around picking up access points, there are a few simple techniques which can result in higher hit rates. First off, some areas are more likely than others to have wireless access points. Generally these are places with higher concentrations of people living and working, such as residential subdivisions, apartment buildings, office complexes, shopping malls, department/big-box stores, supermarkets, hospitals/clinics, industrial parks, factories, warehouses, schools, university/college campuses and residences, airports, train/bus/subway stations, libraries, hotels/motels, campgrounds, restaurants, bookstores, caf�s/coffee shops, bars/pubs/clubs, waiting rooms, etc.

Legal, moral and safety concerns

While the mere detection of wireless networks isn't illegal in most areas, gaining access to a network for the purpose of stealing internet access or searching for files almost certainly is. Don't be stupid. Be discreet in your stumbling. Look but don't touch. Keep in mind that there are many techniques to keep intruders out of a wireless network. While WEP and WPA encryption are the most common, other tricks such as MAC address filtering (allowing only pre-authorized wireless devices to connect), turning off DHCP services (so that a valid static IP address and DNS server settings must be manually configured), non-standard subnet address ranges, and not broadcasting an SSID are other common techniques to discourage casual connections. If you're surrounded by other wireless routers and access points, you only need to be a little more secure than your neighbours to make casual snoopers pass you by and look for an easier target. Conversely, an SSID that has never been changed from the manufacturer's default is a pretty good sign that the connection may be wide open. Common examples of this include linksys, netgear, default (D-Link), dlink, wlan, wireless, wavelan, msnhome, airport, tsunami (Cisco), comcomcom (3Com), and symbol.

If driving, have a passenger look after the computer, preferably in the back seat. Driving while distracted by a computer screen is illegal. If alone on bike, pay close attention to the road. Use a single earphone if employing speech notification or other audio cues so that you'll still be able to hear oncoming traffic. You don't want an accident to smash that expensive laptop in your backpack.




Return to the Russ' Home Page or send me e-mail.