Professional Documents
Culture Documents
Issues,Threats and
Consequences
Presented by:
Abhishek Rana
1501225
CO-4
BLUETOOTH
INTRODUCTION
Wire replacement technology
Low power
Short range 10m - 100m
2.4 GHz
1 Mb/s data rate
What Is BlueTooth?
A unique new wireless technology specifically for:
Short range
10 - 100 meters typically
Modest performance
(780Kbps)
Dynamically configurable
ad hoc networking/ roaming
Low power
Well suited to handheld
applications
Support for both voice and data
BlueTooth - What is the Technology ?
Uses 2.4 GHZ unlicensed ISM band
Frequency hopping spread spectrum radio for
higher interference immunity.
Supports point to point and point to multipoint
connection with single radio link.
Designed to provide low cost, robust, efficient,
high capacity voice and data networking.
Uses a combination of circuit and packet
switching.
Why BlueTooth?
Simple to install and expand
Need not be in line of sight
Low Cost
Perfect for File transfer and printing
application
Simultaneous handling of data and voice on
the same channel
Application Of BlueTooth
PC and Peripheral networking
Hidden Computing
Data synchronization for Address book and
calendars
Cellphone acting as a modem for PDA or Laptop
Personal Area Networking (PAN)
– Enabling a collection of YOUR personal
devices to cooperatively work together
Bluetooth in the Home - No Wires
Digital Camera
Computer
Scanner
Inkjet
Printer
xDSL
Access Point
PDA
Cell Phone
Headset
Pay Phone
& Access Point
MP3
Player
Laptop
Hotel Phone
& Access Point
BLUETOOTH NETWORKS
PICONET
SACTTERNET
BLUETOOTH PICONET
Bluetooth devices create a piconet
One master per piconet
Up to seven active slaves
Over 200 passive members are possible
Master sets the hopping sequence
Transfer rates of 721 Kbit/sec
Bluetooth 1.2 and EDR (aka 2.0)
Adaptive Frequency Hopping
Transfer rates up to 2.1 Mbit/sec
BLUETOOTH SCATTERNET
Connected piconets create a scatternet
Master in one and slave in another piconet
Slave in two different piconets
Only master in one piconet
Scatternet support is optional
Scatternet
D
F H
G M N
A
B
O P
E K
J L
I
C Q
Inquiry (Discovering Who’s Out There)
Note that a device can
be “Undiscoverable”
D
F N
H
G M
A P
B
O
E
J K
L
I Q
C
Paging (Creating a Piconet)
D
F N
H
G M
A B P
O
E
K
J L
I Q
10 meters C
Parking
D F H N
G M
A B P
O
E K
J L
I Q
C
10 meters
SECURITY ISSUES AND
ATTACKS UNVEILED
AGENDA
Issues and Origin
Threat Sources
Risks
Demonstration
A COMMON
MISCONCEPTION
No practical Bluetooth vulnerabilities
The core bluetooth protocol has maintained
its integrity
A corectly implemented Bluetooth stack
should have no vulnerabilities
MYTHS DEBUNKED
Bluetooth needs pairing
Short Range(1.7miles achieved)
Only mobile devices affected
Non-Discoverable saves me
Secure as Encryption is Used
SECURITY MODES
Security mode 1
No active security enforcement
Security mode 2
Service level security
On device level no difference to mode 1
Security mode 3
Device level security
Enforce security for every low-level connection
VULNERABILITY ORIGINS
Bad coding practices when developing
RFCOMM services
Lack of knowledge regarding Bluetooth or
other security protocols
Re-Use of older services for different
protocols
“Bluetooth is secure”-just plug in and go
Who is Vulnerable
Both individuals and corporations
Owners of various popular phones.nokia
6310,Ericsson T series
PC owners,Laptop users and other pocket
PC owners
Symbion device owners
Embedded devices,Bluetooth heating
systems etc
THREATS
Am I vulnerable?
Who is a threat?
What is the impact?
Who is a threat?
Large scale scammers
Advertisers
Dedicated Crackers
Groups/Individuals with precise goals
What is Possible?
Theft of Information,personal,or corporate
Device DoS
Remote Code execution
Corporate espionage
Airborn viruses or worms
ATTACKS IDENTIFIED
June 2003 Ollie Whitehouse releases
RedFang
Pentest Ltd release btscanner
Nov 2003 BLUEJACKING comes to open
Jan 2004 BLUESNARFING unveilled
VARIOUS ATTACKS