I am a security analyst and I work for an agency. Our ISO would like to perform a pentest of bluetooth in our building to determine possible security leaks. I have found that the USB Bluetooth device should be a CSR based chipset to perform the tests. I do not know the difference between the versions of the CSR chipsets e.g. v1-v6. And thus I have a few questions concerning Bluetooth;

1. What is the difference between CSR chipsets v1 - v6 as for hacking/pentesting is concerned.
2. What is meant by the term "Stack"
3. Can you define these features located at this link;
  • BD_ADDR VID&PID
  • frontline.c
  • FTS4BT
  • VID&PID
  • Firmware
4. Can you recommend an external USB Bluetooth dongle (that has the ability to be modded or comes with an external antenna connection)?
5. What is the difference between "ROM" and "Firware"


Some reference links I have found:
http://www.holtmann.org/linux/bluetooth/features.html
http://bluetoothsecurity.wordpress.c...cking-purposes
http://www.dlink.com/products/support.asp?pid=34
http://www.unstrung.com/document.asp?doc_id=121257