War Nibbling: Bluetooth Insecurity
Short summary:
the security of Bluetooth devices in relation to the protocol's. design and implementation flaws. News - Red Fang "Bluetooth hack" not much use" - TDK products ranging from cellular telephones to laptops, is quickly becoming ...
Long summary:
War Nibbling: Bluetooth Insecurity OCTOBER 2003 War Nibbling: Bluetooth Insecurity The Bluetooth protocol, which is deployed in millions of products ranging from cellular telephones to laptops, is quickly becoming the new standard for intra-device wireless communications. This paper examines methods of assessing the security of Bluetooth devices in relation to the protocols design and implementation flaws. We will also discuss ways to proactively approach Bluetooth security and what security professionals can do to defend their organizations against unwanted compromise. Ollie Whitehouse is a Director of Security Architecture for @stake, Inc. Mr. Whitehouses experience in IT consulting includes security architectures, systems integration and project management. He has also worked for wireless operators in the US, Europe and the Middle East, where he has provided high level architecture assessments and policy development as well as mobile-based attack & penetration testing of 2.0, 2.5g and 3g networks. Introduction The topic of this paper is War-Nibbling, the process of mapping Bluetooth devices within an organization. War-Nibbling is similar to War-Driving 1 , but deals with smaller devices that rely on close proximity to communicate. Before the concepts of War Nibbling are examined in detail, it is suggested that you have a basic understanding of Bluetooth 2 technologies. Therefore, you should keep the following information in mind. The Bluetooth specification supports transmissions up to 100m with Bluetooth transceivers operating in the 2.4 GHz, ISM band; the same band WLAN devices use. Below are the documented classes of devices: DEVICE CLASS TYPE STRENGTH RANGE (METERS) Class 1 Devices High 100 mW (20 dBm) Up to 100 Class 2 Devices Medium 2.5 mW (4 dBm) Up to 10 Class 3 Devices Low 1 mW (0 dBm) Well within 10 Currently the most common devices are Class 3 or 2. These include, but are not limited to: Cellular telephones Personal Digital Assistants Computer Peripherals (Keyboards and Mice) Audio Accessories Laptop Computers Access Points (PAN supports 8 devices with a PPP style connection) Bluetooth is based upon the idea that a user should be able to create a PAN (Personal Area Network) around them. To facilitate client privacy Bluetooth contains a number of security features within the base protocol specification 3 . This includes Authentication, Authorization and Privacy. For an overview of the Bluetooth protocol layers, refer to Exhibit A, which is a pictorial representation of the Bluetooth protocol stack. Exhibit A: Overview of ...
Source: www.rootsecure.net
Related
Bluetooth Hacking - Full Disclosure, Bluetooth Hacking Full Disclosure @ 21C3.
Blue snarfing Data Theft Calendar
Appointments Images Phone Book Names,
Addresses, Numbers PINs and other codes
Images Bluetooth Hacking Full Disclosure
...,
more
Hacking Bluetooth Enabled Mobile Phones and Beyond, Bluetooth Scatternet. All security
routines are inside the Bluetooth chip.
Bluetooth Technology Data and voice
transmission ACL data connections SCO and
eSCO voice channels Symmetric and
asymmetric connections Frequency hopping
ISM band ...,
more
An Ethical Guide to Hacking Mobile Phones, Bluetooth Hacking. Bluejack Attack OBEX
Push Bluespamming Bluetoothing Modifying a
Remote Mobile Phones Address Book Fadias
Hot Tools for Bluejacking Countermeasures,
more
