Go to Advice start page

Beware The Honeypot

When WiFi was first developed, nobody cared about freeloading. If you had a WiFi AP, you connected it to your Internet service, and left it open. Anybody wandering by was welcome to "set a spell, and borrow the connection". Then freeloading got serious - people like Walter Nowakowski, in Toronto, became common.

People would protect themselves, and WEP was developed. And people learned to crack WEP.

Some of the more ingenious WiFi owners became devious.

If I have a WiFi AP that's protected, and my neighbour has an AP not protected, any wardrivers will be using my neighbours, right? Nobody is going to go after a protected AP, when there's an unprotected one nearby?
and continued with...
OK, if a wardriver sees 2 APs, he can't tell that's not two different people. I'll setup an unprotected AP, and wardrivers can use that.
Yet there was more.
Why should I let folks use my connection, to download kiddie porn? The police will notify my ISP, and I'll lose my service. OK, disconnect the Internet from the open AP.

and the open AP became a Honey Pot. You can connect, but you aren't going anywhere.

Some WiFi security experts even laugh about the wanna-be wardrivers. Maybe even keep logs by MAC address. The ones who really have idle time to kill might even use NetStumbler or similar software to seek out, by triangulating, the hapless wardriver, maybe take his picture or taunt him otherwise.

The really nasty ones might attach a computer, with a spoofing DNS server, and let you think (initially) that you are connecting to "www.google.com". Then they will try to serve you the hack of the week, from their computer. An old 486 laying around would be perfect for this task. Who cares if it takes 5 minutes to respond? That wardriver isn't going anywhere. Who cares if he gives up?

So, if you are using WiFi, and you're attached to an easy and seemingly available AP that you don't know about, use common sense. Think.

▲ Top