by Marc André Léger, DESS, MASc (MIS), PhD (Candidate)
    Professor, Champlain College (Saint Lambert)
    Lecturer, University of Sherbrooke - Longueuil

Summary

On Sunday, April 5th, 2009 from 9:00a.m. to 13:00, students from the Wireless Networking program at Champlain College Saint-Lambert under the supervision of their professor, Marc-André Léger, performed a wireless network security audit in the streets of Montreal, Quebec, Canada as an educational activity. This document presents an overview of what was done and a summary of the results.

Audit objectives

This was primarily intended as an educational activity inspired by media reports and documentaries on the vulnerabilities of home wireless networks. Similar activities had taken place in the city of Saint Lambert in the sping of 2007, in the city of Montreal in the fall of 2007 and again in the winter of 2008 with previous cohorts of students from the same program. As before, the principal objective from an educational point of view was to provide the students with hands-on experience in performing a wireless network audit). The general objective was to perform a partial area Wireless LAN audit and map the wireless networks (either home or business) that where found. This would give the students an idea of the current situation of wireless networks in the Montreal region.

As in the previous exercises, to respect the right to privacy of residents, students where instructed to only observed IEEE 802.11x data packets and signals present outside the limits of private property, never trespassing. Students had been strictly advised that all activities where being performed on public propriety as a community service activity. No attempt to access computer facilities, files or resources was to be undertaken by students. This was also done to respect Art. 342.1 of the Criminal Code of Canada.

Activity logistics

Twelve (12) students participated from the WLAN Fundamentals course. The students where divided in 7 teams of 2 or 3 students. Each team was assigned an area in various areas in the Montreal region. These where located in the cities and nighborhoods known as Brossard, Laprairie, Saint-Laurent, Westmount, Lasalle and Montreal (Plateau Mont-Royal and Hochelaga-Maisonneuve districts). These areas where selectedto be convieient to students, based on their area of residence. Students who participated in the exercise where required to have a laptop per team, equipped with a wireless (802.11b, g or n) network adapter and open source software (netstumbler). Students who did not have this equipment had one supplied by the College. As well, the teacher provided GPS devices to students.

War driving or WLAN Security audit ?

War driving is the act of driving around an area searching using a laptop computer or a portable device (PDA, Scanner), to detect networks. The name War driving comes from war dialling, which has been popularized in the 1983 movie WarGames. As for the previous exercise, it was decided to call the exercise a WLAN Security Audit as War Drive has negative connotations.

War driving is possible because users of wireless networks, due to lack of knowledge, lack of adequate information, ignorance or laziness leave their wireless access points unsecured. In many cases the devices are unsecured because the default configuration that was in place when the device was purchased is still being used.

Findings

During the war drive a total of 14840 devices where found. For this article 8780 devices where used to form the sample (n=8780). These where devices captured by students that used Netstumbler, the remaining devices where identified using a version of the software under Microsoft Vista.

Based on the data, there has been a lot improvement in the last year. Of the devices included in the 2009 sample, 12.6% where unencrypted. This is much better that the 22.7%  from 2008, the 24% from the Fall 2007 exercise and the 31% from the Winter 2007 exercise.

As in the previous exercises, the potential problem of the close proximity of multiple wireless devices using channel 6 was found. However, there seems to be improvement here as well, as the use of other channels, channel 1 and 11, has increased. These are distant enough (4 channels minimum) to avoid, or significantly reduce, interference.

Conclusion

Overall the students seemed quite pleased by the experience as per previous years, allowing them to visualise some of the theoretical concepts seen in class. Compared to previous years the data shows a lot of improvement in wireless network security. While the results from 2007 and 2008 where far from being an ideal situation, the current results indicate that users of wireless networks are taking secucurity more seriously, perhaps in part the result of IT security awareness campaigns that took place in Québec in the last year and of numerous news reports and documentaries on Information Security.

Bibliography

Léger, Marc-André (2008) Class presentation for the course WLAN Fundamentals, available on www.leger.ca