Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Bluetooth security discussed: war-nibbling
Posted on 10-Oct-2003 17:28 | Tags Filed under: News


Bluetooth security discussed: war-nibbling
@Stake published a paper (in two parts) on Bluetooth security. The author, Ollie Whitehouse, is also the developer of RedFang, a brute force attack tool exploiting known design characteristics (note that RedFang works on a range of MAC addresses, therefore the attacker has to know this information beforehand).

In this paper the author introduces the concept of "war-nibbling", very similar to war-driving, but applied to PAN (Personal Area Network) devices with short range.

Although most Bluetooth devices have a 10m range and communications are impacted by obstacles like doors and walls, new devices allow up to 100m range, creating conditions for anonymous connections (if in public, of course). In the first document the author explains how the security mechanisms implemented in the protocol work, and how users can set basic configuration items to prevent unwanted connections.

An interesting concept is the so called "Sweet-tooth", a Bluetooth Honeypot. Although still in development, the tool promisses some interesting features to trap eventual attackers to a Bluetooth enabled device.

Even with short range, Bluetooth attackers can use these communications to access services, like DUN (dial up) via a mobile phone, or piggyback into someone's else broadband network if there's a Bluetooth LAN Access Point open and vulnerable (some BT LAP have a non-PIN requirement as default setting).

If you're just interested in knowing more about this technology, or work with security in an environment where this is being deployed, it's an interesting reading.


More information: http://www.atstake.com/research/reports/#blue...
Download: http://www.atstake.com/research/tools/info_ga...

comments powered by Disqus


Trending now »

Hot discussions in our forums right now:

The President Of The USA: Donald Trump
Created by TimA, last reply by MikeB4 on 27-Mar-2017 11:34 (3677 replies)
Pages... 244 245 246


Dell laptops shipping with 10/100 ethernet adapters -Am I being ripped off?
Created by Fishfingers, last reply by networkn on 27-Mar-2017 17:54 (50 replies)
Pages... 2 3 4


TiVo Service ending on 31 October 2017
Created by Riggleby, last reply by Jaxson on 27-Mar-2017 18:47 (560 replies)
Pages... 36 37 38


Temperature Monitoring
Created by michaelmurfy, last reply by richms on 25-Mar-2017 23:38 (21 replies)
Pages... 2


Police invade your financial privacy even more often now.
Created by Geektastic, last reply by ObidiahSlope on 27-Mar-2017 02:08 (55 replies)
Pages... 2 3 4


IPv6 beta for Bigpipe
Created by JoshBigpipe, last reply by SirHumphreyAppleby on 27-Mar-2017 19:37 (17 replies)
Pages... 2


New HP Laptop help
Created by jumcc87, last reply by heavenlywild on 27-Mar-2017 19:01 (14 replies)

OSX / Safari / Base 64
Created by Fred99, last reply by jamesrt on 27-Mar-2017 09:44 (28 replies)
Pages... 2