10 Dec WiFi study in Dubai Dmitry Bestuzhev
02 Jun SAS2010: Wardriving in Limassol, Cyprus Dmitry Bestuzhev
23 Jul War walking in Dubrovnik Dmitry Bestuzhev
04 Dec Wardriving in Copenhagen, Denmark Magnus
16 Jan Just for fun Kostya
25 May War driving and trainspotting Aleks
Join our blog
You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.
Last year when we were in Dubrovnik, Croatia, I made a WiFi study. The statistics I obtained showed quite a dangerous situation regarding security in the local WiFi networks. In many cases the network traffic wasn’t encrypted at all and susceptible to a data leak.
One year later the subject of WiFi security is even more apparent. If you remember, the Google Sniffing beta recently made their own study, and my colleague Costin Raiu wrote a blog post about it, giving important security tips to protect yourself and your network from intruders.
This year our Security Analysts Summit takes place in Limassol, Cyprus. So, I decided to see what the local WiFi security situation is, and what the Google Sniffing beta would find if they performed it right here.
Aside from the beautiful views (you can see in the picture above) we can say the following:
Last month, we were over in Dubrovnik for our 10th anniversary Virus Analyst Summit: five days of presentations, brain-storming, research and interviews. At around the same time, my colleague Christian's article on the dangers of using WiFi networks on holiday was published.
Dubrovnik was full of tourists, as well as all the summit participants and journalists we'd invited, and most people were probably checking their email, using IM, or surfing social networking sites on a regular basis. With this in mind, I decided to do a bit of war-walking to check the security of the town's networks.
A few days walking the narrow streets of the old town resulted in the following data:
It's not surprising that so many of the networks were completely open; Dubrovnik is a tourist town, so a lot of cafes and bars offer free Internet access with the aim of pulling in more customers. These open networks are a classic example of the trade-off between security and usability: although easy-to-use free Internet access seems attractive, the security risks are far higher than those associated with secure networks.
We recently went on tour with some journalists through Copenhagen, the capital of Denmark, and took a quick look at the state of WiFi networks in the city. Copenhagen lies on two islands (Zealand and Amager) and is well known for its culture and the design of the city (as well as being the 14th most expensive city in the world according to Forbes List). That is the kind of information you can find in any guidebook, but what you won't find are statistics on wireless networks. So it seemed a good idea for us to take a look!
I decided to introduce a bit of variety into my daily commute today by scanning the Wifi networks on the way to the office.
I used my Sony pcg-fxa53 laptop with a senao NL-2311CD Plus Ext2 pcmcia wifi card, an external antenna, and a garmin legend gps navigator. As for software, I used Linux SuSE OSS 10, kismet, gpsd, gpsmap and google api.
Once I'd thrown all that together (and of course I could write an article on that) I set off for work.
I live pretty close to the office, and my commute only takes about ten minutes - even in that time I was able to collect a fair bit of data which is shown in the picture below.
Overall, I detected 40 Wifi networks: the totally unprotected networks are marked with a red dot, those with WEP enabled are marked with a yellow dot, and those with WPA are marked with a green dot.
Just another little bit of data to add to our continuing research on wifi networks and encryption around the world.
War driving and trainspotting are two urban phenomena which don’t seem to have anything in common. Trainspotters can be found at stations, at engine depots, and alongside the rails themselves, noting down train and engine serial numbers. Trainspotting is most popular in the UK and the USA, although trainspotters can be found in other countries.
The point of this seemingly pointless hobby is to ‘spot’ and record the serial numbers of all engines (and, for the true enthusiast, carriages as well) currently in use. Trainspotters exchange information about routes among themselves, and trainspotting became something of a cult activity after the release of the film of the same name.
So what has this got to do with wardriving? At first glance, absolutely nothing. But while I was in London researching WiFi networks, I started to notice some similarities:
Trainspotters and wardrivers have the same goal: to collect the maximum amount of data possible, whether it’s access points or engine numbers.
They can both be found outside in any weather, at any time of the year.
They use the same tools: laptops, mobile phones and PDAs.
The only difference is that trainspotters tend to stay in one place, whereas wardrivers are in constant motion, trying to cover as big an area as possible.
While I was in London, I felt I had to go and pay my respects to these dedicated hobbyists, and travelled to the trainspotters’ Mecca: King’s Cross and St Pancras stations. The trainspotters quietly, concentratedly entered data into their PDAs, and my wardriving laptop hummed quietly in my backpack, constantly scanning the surrounding digital environment. A meeting of two very different, but very similar, worlds.
You can read more about my London wardriving here
Hello from Tianjin in China, and the AVAR 2005 conference. We're 150km from Peking, near the Bohai sea. This year's conference is the eighth annual event for virus analysts from the Asian region, and it's one of the highlights of an antivirus researcher's calendar, together with VB, CARO and EICAR.
This year attendance is good, with leading virus analysts along with IT industry people and government officials. For instance, speakers include Dmitry Gryaznov and Igor Muttik from McAfee, Vesselin Bontchev from Frisk and Eugene from...well, we know where he's from.
There are also speakers from the Chinese Ministry of the Interior, which has done a lot in the past few years to combat cyber crime.
Eugene's presentation was greeted enthusiastically and there were lots of questions. While he was speaking, I started doing a bit of research. I wanted to check out the wireless Internet connections, as well as mobile devices.
I found 3 WiFi-networks straight away. None of them encrypted traffic, but all of them had built-in DHCP servers. In short, all 3 were potentially vulnerable to war drivers. By the way, tomorrow I'm going to scan other WiFi networks in Tianjin and Peking.
Next I took a Bluetooth transmitter with a 100 meter radius and walked around the conference hall scanning for Bluetooth devices in 'visible to all' mode. I found plenty:
Overall, I found 9 mobile devices with Bluetooth 'visible to all' mode enabled, 8 of them Nokia smartphones. Yes, I know. You'd think that people attending an antivirus conference would know better. In fact, I had been hoping that I wouldn't find any at all.
The good news is that none of the phones were infected with Cabir. At least, not yet...