MBH's Box‎ > ‎Wardriving Kuwait‎ > ‎

Announcements

Dynamic Map Enhancements

posted Jan 7, 2010, 2:21 PM by Majed B.   [ updated Jan 7, 2010, 2:24 PM ]

It's now possible to display Open or Secure, or both, access points (APs).

By default, the open ones only load. After selecting your options, move the map a bit and the options will be applied.

Dynamic Map

posted Jan 4, 2010, 2:28 PM by Majed B.

Been working on creating a dynamic map, where Access Points (APs) load only where you zoom in, making it much more flexible.

The code uses AJAX and queries a database on one of my servers, returns a list of APs and then creates the markers on the map. If there are too many APs to display, they're clustered together for enhanced viewing and faster printing on the map.

You can reach the dynamic map here. I'll keep updating both the static & dynamic maps for now. I'll leave a notice if I'm to stop updating the static one at some point of time.

New Statistics Added

posted Dec 30, 2009, 6:16 AM by Majed B.

I've added statistics for providers and the security they use by default on Access Points (APs).

I'v also added a list of top 15 commonly used names for APs, along with a link to the full list of repeated names.

Oh, and I've updated the stats.php file in the Files section.

Enjoy!

OUI and Scripts Are Public

posted Dec 29, 2009, 5:17 AM by Majed B.

I've published my scripts and the custom IEEE OUI file. You can grab them from the Files section.

The files are distributed under the GPL license. You're free to use, distribute and modify them as long as the credits remain and that you send back any modifications you make to the scripts to benefit everyone.

I'll upload the database structure after I verify the new changes that I've implemented.

History Tracking Got Better!

posted Dec 28, 2009, 2:21 PM by Majed B.

Excellent news! The developer of wardrive android, Raffaele Ragni, has kindly updated the program upon my request to include timestamps in the exported KML file. This feature is now available in version 2.11.

I've updated the database and scripts to handle the changes and changed the logic of the insertion & update script as I found a bug in it.
The conditions are (in order):
  1. AP found 250 meters away from previous known location: New record is added with new data using same MAC Address
  2. AP Name, Security or Channel changed: New record is added with new data using same MAC Address
    if noise level is worse than in DB, use old coordinates and level, else use new ones
  3. Signal Strength is better (lower noise level): Existing record is update with new coordinates & level using same MAC Address
In all cases, the version of the record is increased to reflect the fact that it's either a new record or the record has been updated.

Also, with the inclusion of timestamps now, it's possible to map a time-frame of changes, though highly dependable on when people are wardriving.

I've also decided to keep the distance checking at 250 meters instead of 50 (what I wanted to do before). I had some issues where some APs would jump back & forth due to data from multiple contributors.


So what's left?
  • More statistics
  • A highly customizable map
I don't know when I'll start with either, but I hope soon!

History Keeping: Tracking Is Possible

posted Dec 26, 2009, 4:00 PM by Majed B.

As I mentioned in a previous announcement, I've implemented a simple tracking method to track changes to an Access Point (AP).

Updates to an AP occur if one of these conditions is met (in order):
  1. Signal Strength is better (lower noise level): New record is added with new data using same MAC Address
  2. AP Name, Security or Channel changed: New record is added with new data using same MAC Address, coordinates and noise level
  3. AP found 250 meters away from previous known location: New record is added with new data using same MAC Address
Regarding number 3, I might change this to a lesser value (50 meters) in the future.

The collection of such data will allow us to track changes to an AP in terms of name and other attributes, and show if people share their APs or take them around too!

Cleaning Up Shows New Statistics

posted Dec 26, 2009, 3:53 PM by Majed B.

Apparently I've had duplications in the previous statistics that tainted the results a bit. I've cleaned up the database and the calculation methods as well, and updated the statistics page accordingly, explaining assumptions.

WPA1 grew a lot (up to almost 20%) due to the fact that I merged Mixed Mode Access Points (APs) with WPA1. Mixed Mode is when the AP provides both WPA1 & WPA2, and since we're looking at these statistics from a security point of view, it makes sense to join Mixed Mode with the weaker and more vulnerable WPA1.

Some AdHoc devices provide WEP functionality. Those used to be calculated with WEP but I've now removed them as they are not actual APs. AdHoc devices provide WEP functionality to authenticate between each other but that doesn't make them an AP.

If you believe my assumptions are incorrect, feel free to email me explaining why.

Note: Duplications can still occur if a contributor provided new data mixed with old data. There's a solution but I'm waiting for something to happen for me to implement the solution. Will update when done.

Database and History

posted Dec 25, 2009, 12:50 PM by Majed B.

Good news first:
I finally wrote a script to reformat the data and make it easy to dump it into a mysql database, which later allows me to pull complex statistics and provide extended features in the future.

I've altered the database tables to allow for historical tracking of access points (APs). Let's say I logged an AP today that was using WEP on channel 11, and tomorrow I logged it using channel 6 with WPA. Both changes are logged which allows us to track an evolution process. A time-stamp however is not provided to map the growth to a timeline.

Bad news:
Contributor "almwaysa" provided me with a couple of dumps that contained APs that I already detected causing some duplication, which I didn't check for before.
The number of duplicates is very low, but I'm working on preventing this from happening in the future.

RSS Feed Availability

posted Dec 25, 2009, 12:46 PM by Majed B.

This should make it easy to know when to check the pages and map for updates: Simply subscribe to the RSS feed.

Example for RSS Feed readers:
  • Google Reader
  • Akregator
Plenty more around. Pick whatever suits you.

1-9 of 9