Recently I decided to do a bit of WarDriving (mapping Access Points) and bought a cheap but very easy to install GPS receiver (GlobalSat BU-353) on Amazon.com, so I put together this quick guide for wardrving. This is only one of the many ways of doing wardriving, for this article I chose Netstumbler for detecting the Access Points, but there are other tools out there, that can do the job more effectively, I personally like wifihopper, who unlike netstumbler identifies the type of encryption been used by the Access Point. Another tool for detecting AP is Kismet, but this one only works in Linux, and all of this tools mentioned have support for a GPS receiver.
A wardriver is a person who drives around detecting WAP’s and mapping them. The information captured details as to wheher the network is open or secure. Don’t be confused; a wardriver is not a hacker or cracker. The terms WarDriver and WarDriving are evolved from an old school group called WarDialers. WarDialing was the practice of using a modem attached to a computer to dial an entire exchange of telephone numbers to locate any computers with modems attached to them. The term WarDialing was introduced to the general public by Matthew Broderick’s character, David Lightman, in the 1983 movie, WarGames.
Well enough with history… First we’ll use Netstumbler and the GPS device to detect the Access Points, later we will import the saved logs .NS1 file into Knsgem to produce the kml files need for viewing the Access Points in Google Earth.
Note: Before we begin, I assume you have installed Netsumbler, Knsgem and Google Earth
Setting Up Netstumbler and GPS.
Before Netstumbler is ready to talk to the GPS we have to find what COM ports is the GPS device installed.
1- Right click My Computer —> click Properties —> Hardware —> Device Manager and look under Ports it should be COM#
2-Open Netstumbler —> View —> Options —> GPS, here select the appropiate COM# port, for the rest the default should be ok.
By now if the GPS is fixed you should be able to see Longitude and Latitude at the bottom of Netstumbler, and you’re ready to start mapping WAP’s
Converting the Logs to kml files with Knsgem.
1- Next, Once you have captured enough data with Netstumbler, save it in .NS1 format which is the default.
2- Find the Location of your save NS1 file and copy it to root of your Knsgem installation C:\knsgem folder
3- Once you have copied the Netstumbler files into C:\knsgem folder, double click knsgem.exe (located in C:\knsgem).
knsgem processing a .NS1 file:
Knsgem places the results of the processing in the C:\knsgem\KML folder:
From KNSGEM homepage:
Although KNSGEM doesn’t have a user interface it does have a configuration file “knsgem.cfg” which can be used to set various options:
1) You can set the fill and outline colours for polys, either by channel or security status.
2) You can swap the channel and security colors.
3) SSID or BSSID map labels
4) The scatter plots can be adjusted
5) Max radius, custom icons and path, GMT time offset
Viewing the Results in Google Earth.
To view the results in Google just go to the C:\knsgem\KML folder and doulbe click on the Knsgem_Master.kml file to initialize Google Earth.
knsgem shwoing Access Points information.
knsgem with range circles.