Now ones you do have enough packets, 64 bit WEP encryption can be cracked in no more than five minutes. As for 128 bit encryption, this might take a whole lot longer, since WPA with TKIP and AES encryption can takes months to crack.

My whole point is that you have some time to catch your hacker because he will be back many times, assuming that you already have at least the basic security features in place. Now once you have all your logs compiled and your honey pot data you should have a good idea how the hacker behaves. Check your security cameras and you probably notice the same car or person in the area around that time. Take that information to your in house security and tell them to watch for that vehicle or person and call the police.

If things go your way the security or police will immediately spot the culprit and apprehend him. However, convicting him is another matter and might prove to be more difficult than catching him. But with the help of your compiled logs and video you should have a lot of evidence to help your case. So brace yourself for the challenge.

Now let’s put this all together to catch our hacker. First you are going through your daily routine of checking logs on your Kismet IDS server and you notice the same MAC address probing networks but not joining. Next you check your help tickets and notice that in one area of the building clients were having trouble connecting to the wireless network or they had trouble staying connected. Flags go up in your head, so you go over to your honeypot server and check that . You notice it was accessed around the same time of the Kismet logs showed a client probing the network. The honey pot recorded the MAC address of the WAR driver and the operating system and the computer name.

Next you check your security cameras for that time but don’t really notice anything. So for the next couple days you keep monitoring your honey pot server and watch the hacker try and crack the WLAN and the database server. The whole process of cracking wireless encryption is actually two steps. The first step is gathering enough packets for your cracking program to crack. This whole process of gathering enough packets can takes days or weeks not five minutes.

Tip number five: Establish a Honey Pot. Give the Wardriver what they want, a network to hack. Take an access point connect it to a standalone switch with another junk computer connected to that switch. Name the SSID something sounding important like server WLAN and name the computer Database. Finally use a weak password or just leave the access point without any security. Script kiddies who say they “hack networks” really are only connecting to open wireless lans with no security. If you give them a “Important sounding SSID with a “database to hack” this will keep them occupied until you can track them down. There are many honeypot programs free and commercial that will simulate networks or servers but are really just recording all the hackers’ information and types of attacks.

Tip number six: Use a RADIUS Server. RADIUS servers require Wireless clients to authenticate with a username and password not just with a PSK (Pre- Shared Key). With out a RADIUS server you really don’t know who is on your WLAN. With a RADIUS server you know who is accessing your WLAN and when they accessed it. Also a RADIUS server gives you the ability of creating policies for times your WLAN can be accessed and other required security features the wireless clients must have enabled their computers.