Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Bluetooth security discussed: war-nibbling
Posted on 10-Oct-2003 17:28 | Filed under: News


Bluetooth security discussed: war-nibbling
@Stake published a paper (in two parts) on Bluetooth security. The author, Ollie Whitehouse, is also the developer of RedFang, a brute force attack tool exploiting known design characteristics (note that RedFang works on a range of MAC addresses, therefore the attacker has to know this information beforehand).

In this paper the author introduces the concept of "war-nibbling", very similar to war-driving, but applied to PAN (Personal Area Network) devices with short range.

Although most Bluetooth devices have a 10m range and communications are impacted by obstacles like doors and walls, new devices allow up to 100m range, creating conditions for anonymous connections (if in public, of course). In the first document the author explains how the security mechanisms implemented in the protocol work, and how users can set basic configuration items to prevent unwanted connections.

An interesting concept is the so called "Sweet-tooth", a Bluetooth Honeypot. Although still in development, the tool promisses some interesting features to trap eventual attackers to a Bluetooth enabled device.

Even with short range, Bluetooth attackers can use these communications to access services, like DUN (dial up) via a mobile phone, or piggyback into someone's else broadband network if there's a Bluetooth LAN Access Point open and vulnerable (some BT LAP have a non-PIN requirement as default setting).

If you're just interested in knowing more about this technology, or work with security in an environment where this is being deployed, it's an interesting reading.


More information: http://www.atstake.com/research/reports/#blue...
Download: http://www.atstake.com/research/tools/info_ga...







Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Trending now »

Hot discussions in our forums right now:

Help, someone else was driving my car and had an accident, am I liable?
Created by MzAliceD, last reply by DaveDog on 17-Oct-2019 12:37 (42 replies)
Pages... 2 3


SKY announce Rugby rights to 2025
Created by JPNZ, last reply by rugrat on 17-Oct-2019 01:12 (82 replies)
Pages... 4 5 6


NZ Cricket to Spark Sport
Created by JPNZ, last reply by tdgeek on 17-Oct-2019 13:21 (136 replies)
Pages... 8 9 10


PBTech and Education computers
Created by kiwifidget, last reply by gzt on 15-Oct-2019 21:46 (14 replies)

ASB Bank Cheque clearance times !!
Created by maxeon, last reply by Handle9 on 16-Oct-2019 01:25 (41 replies)
Pages... 2 3


Mercury Energy - 2 year fixed price
Created by Dulouz, last reply by richms on 17-Oct-2019 09:59 (24 replies)
Pages... 2


Anyone got any recommendations for office chairs for a 6,5 Guy?
Created by mayhemfighter, last reply by Lias on 16-Oct-2019 19:10 (12 replies)

Real World usage is it worth paying more for the Fibre + 950 MBit plans or is a 100 MBit (200 MBit in CHCH) good enough
Created by DeepBlueSky, last reply by richms on 17-Oct-2019 14:39 (35 replies)
Pages... 2 3