The Victim Comes Into Focus
While combing through the results of this most recent war-driving jaunt, Joan and Fred noticed a dozen networks that all had a similar naming schemes in their Service Set Identifier (SSID) field. Every wireless LAN access point has an SSID, which is a string of characters that acts as the name of the wireless LAN. Fred and Joan noticed that twelve interesting access points all had their SSID configured to the value of "DF N", where N represented a number between 1 and 20. These access points were broadcasting their names to anyone who cared to listen in. All twelve of these interesting access points were located in an area of about ten city blocks.
Many wireless access points on this target network were configured to broadcast their SSIDs. While SSIDs provide no real level of security, broadcasting them can certainly get an attacker's attention. Some wireless access points offer a configuration option that doesn't broadcast the SSID. An organization's wireless security policy and guidelines should include explicit directions for disabling the broadcast of SSIDs from all access points.
To gather more wireless information about their target, Fred and Joan decided to visit the physical region identified by their GPS for the mysterious DF access points. By consulting their NetStumbler logs, they determined the geographic locale of all of the DF access points on their map.
They visited the closest DF access point. As they approached the building, they saw the huge sign beckoning them: "Diversified Financials: Secure Your Securities!" Both Joan and Fred instantly recognized that their DF SSID was an abbreviation for Diversified Financials. They had found a very juicy target!