If not redirected, please click here https://www.thesecuritybuddy.com/bluetooth-security/what-is-blueprinting/
BluePrinting is a method for finding
out details about remote Bluetooth devices and then exploiting the
information later to hack those devices for illegitimate purposes.
How is BluePrinting perpetrated ?
There are a number of software
available for perpetrating BluePrinting. Attackers first find out the
BD_ADDR of a nearby Bluetooth device and then use those available
tools to find out information on manufacturers, model and firmware
version of the particular Bluetooth device.
BD_ADDR of a Bluetooth device is
a unique address for each Bluetooth device which consists of 6 bytes.
This address is normally hardcoded in the chipset of the device. The
first three bytes of the BD_ADDR refers to the manufacturer of the
chipset, using which the attacker can extract information on the
manufacturer of the Bluetooth device.
And, every Bluetooth device uses a
protocol named Service Discovery Protocol to service other
Bluetooth enabled devices. If a remote device sends a query, an SDP
record is sent which contains information on how to access the
service of the Bluetooth device. Attackers can exploit this method to
send query to the victim's Bluetooth device and derive information on
the model of the device.
And once the attackers get enough
information on the manufacturer and model of the Bluetooth device,
they use it to find out whether that particular Bluetooth device has
any known security vulnerabilities, which they can later use to
perpatrate the actual attacks.
How to prevent BluePrinting ?
We can take a couple of steps to
safeguard our Bluetooth devices from the attackers.
- Turn off the Bluetooth in the devices when not in use.
- Configure the Bluetooth device to use the lowest power that meets your needs. For example, Class 3 devices transmit at 1 mW which cannot communicate beyond 10 meters. And, Class 1 devices transmit at 100 mW, which cannot communicate beyond 100 meters. Adjusting power does not eliminate the possibility of outsider attack, but it can reduce the possibility to a great extent.
- Do not permanently store the pairing PIN code on Bluetooth devices.
So, beware of various security vulnerabilities of your Bluetooth devices so that you can protect your devices in a better way and stay safe, stay secured.
Read More
What is BlueSnarfing ?
What is BlueBugging ?
What is BlueSniping ?
What is BlueSmack Attack ?
What is BlueDump ?
What is BlueJacking ?
What is BlueBump Attack ?
No comments:
Post a Comment