Académique Documents
Professionnel Documents
Culture Documents
Issues,Threats and
Consequences
Presented by:
Ankush Hans.
208
MCA 2nd sem.
BLUETOOTH
INTRODUCTION
♦ Wire replacement technology
♦ Low power
♦ Short range 10m - 100m
♦ 2.4 GHz
♦ 1 Mb/s data rate
What Is BlueTooth?
♦ A unique new wireless technology specifically for:
♦ Short range
10 - 100 meters typically
♦ Modest performance
(780Kbps)
♦ Dynamically configurable
ad hoc networking/ roaming
♦ Low power
Well suited to handheld
applications
♦ Support for both voice and data
BlueTooth - What is the Technology ?
♦ Uses 2.4 GHZ unlicensed ISM band
♦ Frequency hopping spread spectrum radio for
higher interference immunity.
♦ Supports point to point and point to multipoint
connection with single radio link.
♦ Designed to provide low cost, robust, efficient,
high capacity voice and data networking.
♦ Uses a combination of circuit and packet
switching.
Why BlueTooth?
♦ Simple to install and expand
♦ Need not be in line of sight
♦ Low Cost
♦ Perfect for File transfer and printing
application
♦ Simultaneous handling of data and voice on
the same channel
Application Of BlueTooth
♦ PC and Peripheral networking
♦ Hidden Computing
♦ Data synchronization for Address book and
calendars
♦ Cellphone acting as a modem for PDA or Laptop
♦ Personal Area Networking (PAN)
– Enabling a collection of YOUR personal
devices to cooperatively work together
Bluetooth in the Home - No Wires
Digital Camera
Computer
Scanner
Inkjet
Printer
xDSL
Access Point
PDA
Cell Phone
Headset
Pay Phone
& Access Point
MP3
Player
Laptop
Hotel Phone
& Access Point
BLUETOOTH NETWORKS
♦ PICONET
♦ SACTTERNET
BLUETOOTH PICONET
♦ Bluetooth devices create a piconet
♦ One master per piconet
♦ Up to seven active slaves
♦ Over 200 passive members are
possible
♦ Master sets the hopping sequence
♦ Transfer rates of 721 Kbit/sec
♦ Bluetooth 1.2 and EDR (aka 2.0)
♦ Adaptive Frequency Hopping
♦ Transfer rates up to 2.1 Mbit/sec
BLUETOOTH SCATTERNET
♦ Connected piconets create a
scatternet
♦ Master in one and slave in
another piconet
♦ Slave in two different piconets
♦ Only master in one piconet
♦ Scatternet support is optional
Scatternet
D
F H
G M N
A
B
O P
E K
J L
I
C Q
Inquiry (Discovering Who’s Out There)
Note that a device can
be “Undiscoverable”
D
F N
H
G M
A P
B
O
E
J K
L
I Q
C
Paging (Creating a Piconet)
D
F N
H
G M
A B P
O
E
K
J L
I Q
10 meters C
Parking
D F H N
G M
A B P
O
E K
J L
I Q
C
10 meters
SECURITY ISSUES AND
ATTACKS UNVEILED
AGENDA
♦ Issues and Origin
♦ Threat Sources
♦ Risks
♦ Demonstration
A COMMON
MISCONCEPTION
♦ No practical Bluetooth vulnerabilities
♦ The core bluetooth protocol has maintained
its integrity
♦ A corectly implemented Bluetooth stack
should have no vulnerabilities
MYTHS DEBUNKED
♦ Bluetooth needs pairing
♦ Short Range(1.7miles achieved)
♦ Only mobile devices affected
♦ Non-Discoverable saves me
♦ Secure as Encryption is Used
SECURITY MODES
♦ Security mode 1
♦ No active security enforcement
♦ Security mode 2
♦ Service level security
♦ On device level no difference to mode
1
♦ Security mode 3
♦ Device level security
♦ Enforce security for every low-level
connection
VULNERABILITY ORIGINS
♦ Bad coding practices when developing
RFCOMM services
♦ Lack of knowledge regarding Bluetooth or
other security protocols
♦ Re-Use of older services for different
protocols
♦ “Bluetooth is secure”-just plug in and go
Who is Vulnerable
♦ Both individuals and corporations
♦ Owners of various popular phones.nokia
6310,Ericsson T series
♦ PC owners,Laptop users and other pocket
PC owners
♦ Symbion device owners
♦ Embedded devices,Bluetooth heating
systems etc
THREATS
♦ Am I vulnerable?
♦ Who is a threat?
♦ What is the impact?
Who is a threat?
♦ Large scale scammers
♦ Advertisers
♦ Dedicated Crackers
♦ Groups/Individuals with precise goals
What is Possible?
♦ Theft of Information,personal,or corporate
♦ Device DoS
♦ Remote Code execution
♦ Corporate espionage
♦ Airborn viruses or worms
ATTACKS IDENTIFIED
♦ June 2003 Ollie Whitehouse releases
RedFang
♦ Pentest Ltd release btscanner
♦ Nov 2003 BLUEJACKING comes to open
♦ Jan 2004 BLUESNARFING unveilled
VARIOUS ATTACKS