Bluesnarfing is the identification of Bluetooth devices in "discoverable" mode to combine and steal personal data such as pictures, SMS messages, address book or IMEI of the phone. If you could be a device is turned on Bluetooth and vulnerable and "visible" to anyone within 10 meters of your device may be connected and download their 'data without their authorization for the use of easy to use.
Bluetooth is a popular way to exchange data between compatible devices regular mobile phones, PDAs, laptops, etc. Bluesnarfing a technique of abusing the Bluetooth "pairing" protocols, which recognize the nature of the technology and equipment is allowed to authenticate each other to transfer data between them.
<span class="fullpost">
It is an easy technique, even more than with conventional systems, hacking, with the advances in phone and PDA functionality and storage systems, the extent and direction of Bluesnarfing attacks will increase, and much more serious than those committed to the Address Book Paris Hilton.
The following is a summary of the three most prominent methods accepted Bluesnarfing attack:
Backdoor Attack is a method of establishing a recognized "trust" between the device "matching" mechanisms. If the device is enabled by default and does not require approval of connectivity, an attacker can connect, without being detected - unless, of course, the owner of the device is actually your screen look at the exact time of the attack. Not only can an attacker to data from the device by this attack, the other services are deployed on the device, how can modem or Internet connection, WAP and GPRS access doors without the knowledge of the owner to restore.
BlueBug attack is the technique of making a connection profile in series with the device to the AT command set protocol command. Command is obtained, once access to the AT, through the use of easy-to free software to use to start monitoring, stop or redirect calls and SMS, or connect to data services used such as the Internet (and if this happen in theory, an attacker could, in theory calls from anywhere in the world). This attack, for instance, could allow an attacker to configure the forwarding of calls to 900 numbers or the identity of the victim.
Snarfing attack technique is used to connect to a Bluetooth device without the attention of their "owners to access (and use) of a limited part of its" data using free software. This would include access to: Properties from the menu of the phone call, configuration and security option, profile, screen, ring tones, calendar and clock settings. The attack also allows access to your IMEI number (the unique number for the phone to the 'net) is identified and can be used to "clone" your number to make fraudulent calls.
Bluesnarfing is easily prevented and no reason to be sad, simple configuration changes can attacks by reducing the cost of Penetration Testing and Ethical Hacking prevent activities in this area, that is their staff, or ensure their personal device safely. Also, remember that behind every "Convenience" is a potential weakness and never leave your phone (or technology) is in default.
</span>
</span>
No comments:
Post a Comment