Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Bluetooth security discussed: war-nibbling
Posted on 10-Oct-2003 17:28 | Filed under: News

Bluetooth security discussed: war-nibbling
@Stake published a paper (in two parts) on Bluetooth security. The author, Ollie Whitehouse, is also the developer of RedFang, a brute force attack tool exploiting known design characteristics (note that RedFang works on a range of MAC addresses, therefore the attacker has to know this information beforehand).

In this paper the author introduces the concept of "war-nibbling", very similar to war-driving, but applied to PAN (Personal Area Network) devices with short range.

Although most Bluetooth devices have a 10m range and communications are impacted by obstacles like doors and walls, new devices allow up to 100m range, creating conditions for anonymous connections (if in public, of course). In the first document the author explains how the security mechanisms implemented in the protocol work, and how users can set basic configuration items to prevent unwanted connections.

An interesting concept is the so called "Sweet-tooth", a Bluetooth Honeypot. Although still in development, the tool promisses some interesting features to trap eventual attackers to a Bluetooth enabled device.

Even with short range, Bluetooth attackers can use these communications to access services, like DUN (dial up) via a mobile phone, or piggyback into someone's else broadband network if there's a Bluetooth LAN Access Point open and vulnerable (some BT LAP have a non-PIN requirement as default setting).

If you're just interested in knowing more about this technology, or work with security in an environment where this is being deployed, it's an interesting reading.


More information: http://www.atstake.com/research/reports/#blue...
Download: http://www.atstake.com/research/tools/info_ga...
Trending now »

Hot discussions in our forums right now:

Warped post on 8 month old fence, who's responsible for repair?
Created by Paul1977, last reply by Paul1977 on 19-Nov-2018 12:22 (77 replies)
Pages... 4 5 6


Spark VDSL Upload Speed Issues Vigor 2860 + Troubleshooting Info
Created by bener, last reply by bener on 15-Nov-2018 12:34 (29 replies)
Pages... 2


Geekzone giveaway: Nokia 7.1 smartphone
Created by freitasm, last reply by Poll on 19-Nov-2018 11:48 (154 replies)
Pages... 9 10 11


Joining Orcon but concern about phone line
Created by super12345, last reply by super12345 on 15-Nov-2018 17:45 (11 replies)

Low voltage ac to dc rectifier
Created by hio77, last reply by SomeoneSomewhere on 19-Nov-2018 12:29 (21 replies)
Pages... 2


Why is setting yourself on fire "cool" ?
Created by xpd, last reply by networkn on 19-Nov-2018 12:19 (10 replies)

PB Tech Black Friday Sale - 16th November
Created by agent86, last reply by 1101 on 19-Nov-2018 11:39 (97 replies)
Pages... 5 6 7


You're Totally Going Have Sex In Self-Driving Cars, Scientists Predict
Created by kingdragonfly, last reply by Geektastic on 16-Nov-2018 11:26 (31 replies)
Pages... 2 3