Honours Thesis

During 2004, I undertook a study to investigate the unauthorised use of 802.11 wireless LANs. To facilitate the study, I deployed numerous honeypots around the Adelaide CBD. Each honeypot was essentially a dummy wireless LAN, made to appear like an ordinary insecure wireless LAN to a none-the-wiser wardriver.

Each intrusion to the honeypot was logged and analysed to discover the motivations, tools and methods used by wardrivers. The results are quite interesting (at least, I thought so!)

Abstract

The use of 802.11 wireless local area networks (LANs) is growing at a phenomenal rate. However, numerous flaws have been discovered in WEP, and studies have shown that many wireless LANs are installed with their default settings. These are soft targets for war drivers, who drive around with laptops and ‘cantennas’ locating insecure wireless LANs. While it is known that wireless LANs experience unauthorised connections, little is known about the nature or frequency of the connections. This study seeks to investigate the unauthorised use of 802.11 wireless LANs, and to dispel the myth that attacks on wireless LANs are simply an attempt to obtain Internet access.

The investigation was carried out by setting up three wireless honeypots to collect data about unauthorised use of wireless LANs in the Adelaide CBD. The data collected from the honeypots was then analysed for trends and evidence of malicious activity.

The results of the study show that insecure wireless LANs regularly experience unauthorised activity, ranging from harmless probes through to attempts to compromise hosts and propagate viruses.

Download