Results 1 to 10 of 20

Thread: Bluetooth Pentest

Hybrid View

  1. #1
    Member
    Join Date
    Jan 2010
    Posts
    83

    Default Bluetooth Pentest

    I am a security analyst and I work for an agency. Our ISO would like to perform a pentest of bluetooth in our building to determine possible security leaks. I have found that the USB Bluetooth device should be a CSR based chipset to perform the tests. I do not know the difference between the versions of the CSR chipsets e.g. v1-v6. And thus I have a few questions concerning Bluetooth;

    1. What is the difference between CSR chipsets v1 - v6 as for hacking/pentesting is concerned.
    2. What is meant by the term "Stack"
    3. Can you define these features located at this link;
    • BD_ADDR VID&PID
    • frontline.c
    • FTS4BT
    • VID&PID
    • Firmware
    4. Can you recommend an external USB Bluetooth dongle (that has the ability to be modded or comes with an external antenna connection)?
    5. What is the difference between "ROM" and "Firware"


    Some reference links I have found:
    http://www.holtmann.org/linux/bluetooth/features.html
    http://bluetoothsecurity.wordpress.c...cking-purposes
    http://www.dlink.com/products/support.asp?pid=34
    http://www.unstrung.com/document.asp?doc_id=121257

  2. #2
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    [QUOTE=chmod;86139]First off, let me say that I am no hacker. I am a security analyst and I work for an agency.


    I don't know about most of the regulars here, but when I see posts that start off like this, the red flags start waving and the alarms start going off.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  3. #3
    Member
    Join Date
    Jan 2010
    Posts
    83

    Default

    Why's that? lol What kind of red flags?

    Edited: That better

  4. #4
    Junior Member BlackRS's Avatar
    Join Date
    May 2008
    Posts
    45

    Default

    Most the members here understand the concept of social engineering, therefore they can usually pick up when someone is trying to do it to them. An agency?
    Information is like water...

  5. #5
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    I'd say at least half the posts in the idiots corner start off with "I'm not a hacker" or "I'm a pentester" or "My friend said I could...".
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  6. #6
    Member
    Join Date
    Jan 2010
    Posts
    83

    Default

    Well.. I do work for a state agency, but I wont say where or which one. That is not the topic. BackTrack(3) is not just used for exploitation purposes. We've used it (i.e. the tools within it) to evaluate our networks and devices, thus the pentest questions about bluetooth.

    And as I am no expert, I opted to post here thinking I would get a more mature response seperated from the norm. But I guess paranoia comes with the territory.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •