"Just wait till we cross the bridge," says Jason Edelstein, a principal consultant for Sydney-based security company Sense of Security, as he eases through the traffic. "It is going to light up like a Christmas tree."

It, is a Compaq iPaq, armed with Mini Stumbler, wireless network-sensing software tailored to handheld devices. On the roof of the car sits an unobtrusive omnidirectional antenna - we could be in any car, in any major city. We plug the antenna into the portable PC and within a matter of seconds the screen springs to life having detected five wireless networks. None carry the small padlock denoting encrypted data.

We are Wardriving in Sydney, sniffing out the telltale signals of 802.11 wireless LANs.

Edelstein explains that a unidirectional antenna would allow us to detect exactly where the signal originates, and an extra hardware/software solution enables us to log the signal's coordinated with map detail, pin pointing the locations for later use. But for the hobbyist none of this is really necessary. In fact some of the more trusting systems administrators have renamed their networks using their street addresses, or business names, which make the signals even easier to track down.

Sure enough we cross the bridge into the central business district and the list of detected networks begins to file down the screen. Within 20 minutes we have detected almost 80, and the only thing that is slowing us down is the traffic.

Many of the networks retain the name given to them by the vendor, and Cisco's Tsunami appears popular. Edelstein points out that the standard encryption which comes with such networks is readily obtainable. He singles out one of the network names which appears to refer to a major Bank.

-You can pick them up from all over the city," he says scornfully. -They must be using a very powerful signal."

He goes on to say that a combination of novelty and naivety is leading to an overly-relaxed attitude toward wireless security, with many firms not even bothering to activate standard security features such as encryption. Overall, about 40 percent of the networks we sniffed out on our expedition carried some kind of encryption, the rest had been left wide open to attack.

-The other factor is that the hardware is so readily available it may have been hooked up without the systems administrator's knowledge," Edelstein says. -Hotels are the worst offenders, they are putting in wireless systems left right and centre, and they don't realise how easy it is to pick up on."

According to IDC there are currently about 14 million wireless LANs installed around the world, a figure they expect to grow by about 60 percent over the next 12 months. Although Wired Equivalent Privacy (WEP), encryption designed specifically for wireless LANs was specified with the release of the 802.11b standard, it is notoriously breakable, and considered more of a liability than a protection.

IDC analyst for mobile communications in Australia, Peter Lemon, believes well-founded concerns surrounding security have the potential to curtail growth in the area.

-The hardware is fairly cheap, and there is a clear return on investment in an environment where people are moving around all the time," Lemon says. -However, security is the big issue, most of the concern has been focussed on the security standard which is most certainly breakable."

While Edelstein concedes breaking into a professionally protected network takes a significant effort, he says small-time nuisance hacking is disturbingly easy and increasingly common.

-Not only are many of the networks not encrypted, the wireless connection is placed inside the firewall, it is fairly simple to park alongside a building, log onto the network, and take advantage of their connection to download data from the Internet," Edelstein says. -Once you have the network name, you can log onto the systems and in many cases you will be able to automatically configure your device onto the network through the Dynamic Host Control Protocol."

Protecting your WLAN

While protecting a WLAN from Wardriver detection is a challenge, Edelstein says there are simple ways to ensure the information transfer detected with the likes of stumbler or sniffer software does not lead to a full-scale attack.

-Stronger encryption is always beneficial, although it is likely to slow down the network, and making sure the wireless access point is in a separate segment of the network from sensitive information is a simple way to make the network more secure," Edelstein says. -And don't set the signal any stronger than you need to. Having the highest signal setting might get you the best range, but it also gives hackers the best range as well."

Daniel Lewkovitz, senior consultant with IT and information security firm CMG, points out that the implementation of a wireless LAN should involve the same decision process as any IT purchase.

-The first question they have to ask is why they need the technology in the first place," Lewkovitz said. -It is important to establish what kinds of threats the technology may introduce before a new system is implemented, and what is the likelihood that the threats actually becoming a reality, so if they decide to go with wireless, they identify any potential threats and decide what level of encryption to adopt."

Chanting a mantra common in security circles, Lewkovitz points out that the first task of a systems administrator implementing any kind of network, wireless or otherwise, is to check the defaults and turn off the potential threats.

-Quite a number of laptops are shipping with wireless capabilities, which come with all the bells and whistles on by default, a laptop in your office is potentially beaming your network across the neighbourhood," Lewkovitz said. -Good security consists of several layers of defence, encrypting the data across a VPN tunnel is a good place to start, authentication is another important area, and thirdly segregating the wireless connection from the rest of the network is a good way to keep your information safe."

Edelstein heads back towards the outskirts of Sydney's CBD, and the quantity of newly detected networks drops off significantly.

-There are pockets of the city where you could sit in the car and take your pick," Edelstein says. -In fact with a unidirectional antenna I can pick up most of the city from my balcony on the outskirts of the city centre. Wireless is a great technology but people need to realise that it is not a toy, and needs to be protected."

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.