A War Driving Experience - Part I: The Results

By Eric Geier

January 31, 2006

Several hours driving around and some analysis provide some interesting data that show how we’re doing when it comes to Wi-Fi security.

During the last few weeks, I put the geek hat on and took to the road for some war driving. My goal was to capture a good amount of data on wireless networks residing in homes and businesses. Then, later I would export and compile the data to come up with some interesting statistics and tips to share with others.

My setup in the car was pretty straightforward, just me in the driver seat and riding shotgun was my laptop running AirMagnet’s Laptop Analyzer software. However, I had some help keeping safe. A few times my two-year-old daughter rode along in the back seat, and she often yelled, “Be careful!” especially when taking sharp turns.

My intention was to capture the data from wireless networks so I would be able to show statistics for homes and another set for businesses. This is important because I thought what I would find for each would be dramatically different. For example, I made sure I only drove through housing areas that were away from any businesses. I also used a similar approach when capturing data from businesses. I drove through downtown Dayton, here in Ohio, and several other retail and office building complexes around the area.

After the fun of driving around, the tedious process of exporting and compiling the data began as I tried to remove public hotspots from some of the data to make the statistics a bit more accurate. I also edited the data so the statistics for businesses would show a percentage based upon individual businesses instead of the number of access points (APs) captured within business locations.

For example every time I would drive past a Home Depot store, AirMagnet would capture up to 15 APs with the Service Set Identifier (SSID) of “orange.” In this case, I would include all APs as a single network. However, when passing some businesses, I would only capture one AP, which is also one network. The reason that I did this was that I wanted to show statistics of actual businesses such as the percentage of businesses that use encryption.

The Results

The first statistic I show in Figure 1 is the amount of businesses and homes that didn’t change any of the default settings on their wireless routers or access points. To find these wireless networks, I looked in the capture files for entries with a default SSID, channel, and with no encryption enabled. Using a list of default settings including the SSID and channels for each vendor, I could easily assume which networks were set up right out of the box with no configuration changes. This includes the people who either don’t pay attention to installation instructions or don’t care to make the changes.

States for Home/Biz
Figure 1:
Wireless LAN Configuration Statistics for Homes and Businesses

I then figured the percentage of homes that use their wireless router’s default channel, which is normally 6 or 11. The problem with using the default channel is that there’s a much greater chance of interfering with a neighboring AP. I didn’t show the percentage of businesses that use default channels because I didn’t think it was necessary and the findings wouldn’t be of use because most businesses have more than one AP.

When setting up wireless networks with more than one AP, you should use the non-overlapping channels 1, 6, and 11. Therefore, I didn’t find a reason to show which APs use default channels as there really shouldn’t be default channels defined for enterprise APs.

I was surprised that 62% of homes were using encryption on their wireless network. I was assuming I would find much less, around 40%, based on previous experiences. Homeowners must be getting the idea now that security is important. 25% of homeowners seemed to have not changed any default settings, though, which isn’t good either.

Finding that only 72% of businesses are using encryption isn’t the best; however, I was excepting around that number. I believe companies still need to work on educating themselves about the vulnerability of wireless networks. Security is necessary to avoid a hacker from getting access to sensitive company information.

Figure 2 shows the 802.11b/g channels I found used by businesses on their access points. You may find it a bit unusual that over 20% of the channels used were other than the non-overlapping channels of 1, 6, and 11. Wireless networks use spread spectrum technology and the wireless signals bleed to other near-by channels. Therefore, you should setup multiple APs with the non-overlapping channels.

Channels Used in Businesses
Figure 2:
Channels Used in Businesses.

Keep in mind that even if you make sure you use non-overlapping channels, always perform RF site surveys to find the best channel. This ensures nearby homes or businesses aren’t interfering with your wireless network and that your APs are placed properly.

Figure 3 shows the channels used by the homes I surveyed during the war drive. The results I found are expected since most wireless routers come loaded with channel 6 or 11 set as default. To avoid inter-access interference, these users should set their wireless routers to different channels, such as channel 1.

Channels Used In Homes
Figure 3: Channels Used in Homes.

Stay Tuned – Later in Part II we’ll compare my findings with other war drives. This will give us a good idea of the trends related to Wi-Fi network configurations and security.

Eric Geier is a computing and wireless networking author and consultant. He’s employed with Wireless-Nets, Ltd., a consulting firm focusing on the implementation of wireless mobile solutions and training. He is an author of Geeks on Call - Wireless Networking: 5-Minute Fixes and Geeks on Call - PC's: 5-Minute Fixes published by John Wiley & Sons.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.