Since most people that talk about wardriving, they talk about the tools they use, noone really talks about why it happens and what you can really do with it... So-

802.11B has 2 security features- the first is DSSS (direct sequence spread spectrum) and that puts the signal bandwidth into 14 overlapping 22-MGz channels and it spreads the transmitted signal on the channels. well that makes it hard for an unsynchronized third party to keep track of the signal

Second security feature- packet encryption scheme, WEP (Wired equivalent privacy). not much to elaborate on there, it's encryption.

Intercepting a signal from a wireless device is difficult, but third parties can connect with ease to an AP (access point)
With this interception from an AP (access point), which you can get with your own access point or NIC or something that excepts wireless B transactions, you can join a network, surf the net (free access online), and also access other computers that aren't tightly secured (you can get on the local area network, meaning 192.168.?(single diget).* (depends on type of router in use).. it doesn't mean you have root access to the computer just because you got on the AP

hope this helps for the noob wardrivers out there, drive well, and PLEASE, no drinking and driving

Hah ahhh that wouldn't really help many people...

Get a program called netstumbler it will detect wireless lans in the area and tell you if they have encryption enabled or not, they will also tell you the name of the router/access point and its manufacturer, so if you come accross a AP named linksys and the manufacturer is linksys the people havent bothered to secure it in anyway so you got 100% chance of getting in.

In my experience every open access point ive browsed onto already has DHCP enabled so you can usually use the interenet straight up.

Also in most cases i've been able to browse onto network computers with just the username administrator and no password

well, the point in this was to give noobs an intro to what it all is, not the programs used and techniques

get WarLinux on your wardriving laptop. http://www.wardriving.com should show you the hardware and such you'll need.

Wardriving, hacking wifi hotspots, basically, cannot be done in windows

netstumbler is ok for weak stupid networks

but its not good enough, does crack WEP keys etc

I know the purpose of this thread, and i know im off topic, my apologise, but this information is necessary for newbies (not noobs) in wardriving

http://teknik.ekitap.gen.tr/index.php?sayf...TW-WarXing.html

That site covers alot, from how-to, to programs needed and abit about them

As you will notice most of the programs you want, need linux. Not a linux freak ? in that case, Knoppix-STD comes with most of those utilities pre installed and ready to be used straight from the bootable cd: http://www.knoppix-std.org/

To start with, in my opinion, thats all you need... Software wise, you will need a wifi card (preferably a laptop, unless you got a nice UPS)

Also, see if your card is PRISM 2, most wifi tools need that

The best wireless assessment tool out today is Kismac and it's free at http://www.binaervarianz.de/projekte/programmieren/kismac/. New versions and features are added regularly. It supports a wide variety of pcmcia and USB wireless cards(Orinoco, Linksys, Cisco to name a few) under MacOSX. Any Mac Powerbook with a pcmcia card slot, new or old, that will run MacOS 10.3 should work fine. The features I have used in my assessments include:

- When run in passive scan mode, it is undetectable by any wireless IDS. (unlike netstumbler)

- In all scan modes it shows if encryption is in use and identifies the encryption type used by a wireless access point. Currently identifies WEP, WPA and LEAP.

- Supports BSSID filtering to remove unwanted access points during a targeted review.

- Supports brute force and dictionary attacks against the following encryption schemes:
40-bit (21-bit attack), 40 and 128 -bit weak key attack, 128-bit MD5 Attack, 128-bit Apple Airport Attack, LEAP dictionary attack, WPA TKIP dictionary attack. Attacks are altivec accelerated, which is much appreciated for the WPA attack.

- Allows use of two cards at once to support deauthentication or authentication floods and packet reinjection.

- An easy to use GUI, unlike the current wave of Linux tools. This makes it especially useful for wireless assessment newcomers.

I highly recommend this program to all security professionals performing wireless security assessments. It is also the perfect tool for someone new to wireless scanning to get their feet wet.

I found a very good manual on Wardriving for beginners. Take a look

Wardriving requires leaving my house and buying a laptop... wont be happeneing with me Once I get one though I may give it a shot... my little town doesnt have wifi though so I'll need to drive to a major city.