Table of Contents
Table of figures2
Tools used to War Drive4
Why War Dialling?4
Legality United States6
Legality United Kingdom7
T.J. Maxx response7
Vulnerability Note VU#72375514
Table of figures
Figure 1 Albert Gonzalez4
Figure 2 Wireless Manufactures vulnerable12
The organisational security is locked down. No more false alarms at 4:00am, of an impending internet intrusion. Thanks to a well-configured firewall, you're stopping a large percentage of the causes of network breaches -- but despite the organisational security precautions. The problem is not with your firewall, these network-level security devices are designed for perimeter protection, and by definition they cannot stop attacks that originate inside your network! WAR DRIVING (access point mapping)
What is War Driving? Or access point mapping, is the act of locating and exploiting Wi-Fi connections. This is achieved by the means of driving around, until the hacker finds a wireless access point, they wish to compromise. War Driving is accomplished due to Wireless LANs that have a range that exceeds the perimeter of the organisation. Due to this an intruder may gain access to corporate information, or cause malicious intent.
The term derives from a somewhat similar approach to breaching telephone systems named War Hammering. Hammering is the act of using a modem connected to a computer running a script which allows the computer to call numbers. A War Hammering exploit would consist of the computer setup to automatically call numbers within a certain area. The modem would wait for one or two rings, since answering computers attached to modems would pick up on the first ring. If the phone rang more than once, it would simply hang up and try the next number until a connection is established. This originated in the early 80’s; the exploit was so prolific a film was made named War-Games. Within the film Hammering was re-named War Dialling and due to this, it is now known as War Dialling.
Tools used to War Drive
A portable computer, that allows a wireless Ethernet card to be set to work in promiscuous mode and an antennae attached to the wireless card. The omnidirectional antenna maybe discreetly kept inside the vehicle or mounted externally. Why War Dialling?
Wired LANs are more secure as an intruder would be required to gain access either over the internet, where more stringent security is set, this allows authorities the ability to potentially track the hacker, or they would need physical access to the building. Wireless connection allows a hacker to move around within the location of the target without being caught. A United States Hacker steals 130 million credit card details from the United States, and Europe using War Dialling, how was this achieved? T.J.Maxx Hacked
A hacker named Albert Gonzalez stole millions of credit card details from TJX, in a case to be the largest breach of consumer information. Gonzalez was charged with one of the largest identity thefts cases in history. Figure 1 Albert Gonzalez
Figure [ 1 ] Albert Gonzalez
Albert Gonzalez once worked with the U.S Secret Service. The 28-Year-old, was accused of being the mastermind behind the global scheme, he was found to be working with Russian hackers. Gonzalez and his gang of hackers, hacked retail outlets that used Wireless technologies to send information to data bases from the information systems (tills) wirelessly. Many retail outlets use this wireless informational system to update databases of stock levels in real time. Many organisations change shop layouts to incorporate new lines of stock, and due to this. Wired equivalents are not suitable. This became the vulnerability in the chain that Gonzalez and his gang compromise. Gonzalez enlisted...