Hello Folks, After long time, Got some time so I decided to write a new paper. Today I’m going to write about how to deny access to the most 3 important elements of data in a computer to a hacker. these three methods use free/commercial applications. its highly effective and focuses on a defensive strategy than a proactive strategy.
1.Denying access to files to an hacker
As we all know its very easy to get yourself infected with a trojan. Once a hacker gains access to your system he can basically go through all your drives & files and will have the ability to modify/delete data. in order to protect your files you can use a application called ‘Folder Lock’ its an revolutionary application that can deny access to the files you locked to any of the trojan available to the hackers. I have tested with the most widely used and popular Trojans such as Poison Ivy, Bifrost, Bandook, Nuclear RAT, Pain RAT, Shark, etc.. I infected my computer with a Trojan and tested it out. here is the results
Thursday, November 20, 2008
Creat an unbreakable password?
This tutorial will follow each way of hacking you password and eliminate it
1-Brute Force
solution:
use a random password generator with a combination of letters and Numbers and symbols if available with a min length of 8 Char can generate this password on:
http://www.goodpassword.com
Note: Avoid writing this password on a paper or storing it on the pc
2-Key Loggers:
solution:
first of all give no access to someone that could install a key logger
second check your computer ruing tasks and services each time you login your computer for any suspected keyloger names (this method may not be very effective)
third scan your computer for key loggers using Spy Bot you can download it from:
http://www.safer-networking.org/en/spybotsd/index.html
3-Password Recovery:
most people store their face book msn gmail ...... passwords on their computer saving time typing them every time you login well thats the easiest way of reaching your password so stop being lazy and memorize your password and type them in also make sure to keep an antivirus like Avira always on the run so if you antecedently left a password and someone tries to recover it you can download Avira From:
http://www.avira.com/
AND MOST IMPORTANT
4-ONE PASSWORD RULES THEM ALL:
LOL never set one password from all your accounts on the internet i know its hard to memorize a lot of passwords but it makes it easier to recover your hacked passwords for example if your facebook password is hacked you can recover it by using your email but if they are both the same password you lost your facebook and email
wish you all good luck and i hope i helped on something
1-Brute Force
solution:
use a random password generator with a combination of letters and Numbers and symbols if available with a min length of 8 Char can generate this password on:
http://www.goodpassword.com
Note: Avoid writing this password on a paper or storing it on the pc
2-Key Loggers:
solution:
first of all give no access to someone that could install a key logger
second check your computer ruing tasks and services each time you login your computer for any suspected keyloger names (this method may not be very effective)
third scan your computer for key loggers using Spy Bot you can download it from:
http://www.safer-networking.org/en/spybotsd/index.html
3-Password Recovery:
most people store their face book msn gmail ...... passwords on their computer saving time typing them every time you login well thats the easiest way of reaching your password so stop being lazy and memorize your password and type them in also make sure to keep an antivirus like Avira always on the run so if you antecedently left a password and someone tries to recover it you can download Avira From:
http://www.avira.com/
AND MOST IMPORTANT
4-ONE PASSWORD RULES THEM ALL:
LOL never set one password from all your accounts on the internet i know its hard to memorize a lot of passwords but it makes it easier to recover your hacked passwords for example if your facebook password is hacked you can recover it by using your email but if they are both the same password you lost your facebook and email
wish you all good luck and i hope i helped on something
Tuesday, November 18, 2008
Basic HTML Tags
--------------------------------------------------------------------------------
The most important tags in HTML are tags that define headings, paragraphs and line breaks.
The best way to learn HTML is to work with examples. We have created a very nice HTML editor for you. With this editor, you can edit the HTML source code if you like, and click on a test button to view the result.
--------------------------------------------------------------------------------
Headings
Headings are defined with the < h1 > to < h6 > tags. < h1 > defines the largest heading. < h6 > defines the smallest heading.
< h1 >This is a heading< /h1 >
< h2 >This is a heading< /h2 >
< h3 >This is a heading< /h3 >
< h4 >This is a heading< /h4 >
< h5 >This is a heading< /h5 >
< h6 >This is a heading< /h6 >
HTML automatically adds an extra blank line before and after a heading.
Paragraphs
Paragraphs are defined with the
The element content occurs between the start tag and the end tag
Some HTML elements have no content
Some HTML elements have no end tag
--------------------------------------------------------------------------------
Basic Notes - Useful Tips
When you write HTML text, you can never be sure how the text is displayed in another browser. Some people have large computer displays, some have small. The text will be reformatted every time the user resizes his window. Never try to format the text in your editor by adding empty lines and spaces to the text.
HTML will truncate the spaces in your text. Any number of spaces count as one. Some extra information: In HTML a new line counts as one space.
Using empty paragraphs < p > to insert blank lines is a bad habit. Use the < br > tag instead. (But don't use the < br > tag to create lists. Wait until you have learned about HTML lists.)
HTML automatically adds an extra blank line before and after some elements, like before and after a paragraph, and before and after a heading.
We use a horizontal rule (the < hr > tag), to separate the sections in our tutorials.
--------------------------------------------------------------------------------
Basic HTML Tags
If you lookup the basic HTML tags in the reference below, you will see that the reference contains additional information about tag attributes.
You will learn more about HTML tag attributes in the next chapter of this tutorial.
Tag Description
< html > Defines an HTML document
< body > Defines the document's body
< h1 > to < h6 > Defines header 1 to header 6
< p > Defines a paragraph
< br > Inserts a single line break
< hr > Defines a horizontal rule
< !-- > Defines a comment
--------------------------------------------------------------------------------
The most important tags in HTML are tags that define headings, paragraphs and line breaks.
The best way to learn HTML is to work with examples. We have created a very nice HTML editor for you. With this editor, you can edit the HTML source code if you like, and click on a test button to view the result.
--------------------------------------------------------------------------------
Headings
Headings are defined with the < h1 > to < h6 > tags. < h1 > defines the largest heading. < h6 > defines the smallest heading.
< h1 >This is a heading< /h1 >
< h2 >This is a heading< /h2 >
< h3 >This is a heading< /h3 >
< h4 >This is a heading< /h4 >
< h5 >This is a heading< /h5 >
< h6 >This is a heading< /h6 >
HTML automatically adds an extra blank line before and after a heading.
Paragraphs
Paragraphs are defined with the
tag.
< p >This is a paragraph< /p >
< p >This is another paragraph< /p >
HTML automatically adds an extra blank line before and after a paragraph.
Don't Forget the Closing Tag
You might have noticed that paragraphs can be written without end tags < /p >:
< p >This is a paragraph
< p >This is another paragraph
The example above will work in most browsers, but don't rely on it. Future version of HTML will not allow you to skip ANY end tags.
Closing all HTML elements with an end tag is a future-proof way of writing HTML. It also makes the code easier to understand (read and browse) when you mark both where an element starts and where it ends.
Line Breaks
The < br > tag is used when you want to break a line, but don't want to start a new paragraph. The < br > tag forces a line break wherever you place it.
< p >This < br > is a para< br >graph with line breaks< /p >
The < br > tag is an empty tag. It has no end tag like < /br >, since a closing tag doesn't make any sense.
--------------------------------------------------------------------------------
< br > or < br />
More and more often you will see the
tag written like this:
Because the < br > tag has no end tag (or closing tag), it breaks one of the rules for future HTML (the XML based XHTML), namely that all elements must be closed.
Writing it like < br / > is a future proof way of closing (or ending) the tag inside the opening tag, accepted by both HTML and XML.
Comments in HTML
The comment tag is used to insert a comment in the HTML source code. A comment will be ignored by the browser. You can use comments to explain your code, which can help you when you edit the source code at a later date.
< !-- This is a comment -- >
Note that you need an exclamation point after the opening bracket, but not before the closing bracket.
--------------------------------------------------------------------------------
Recap on HTML Elements
Each HTML element has an element name (body, h1, p, br)
The start tag is the name surrounded by angle brackets:
The end tag is a slash and the name surrounded by angle brackets
The element content occurs between the start tag and the end tag
Some HTML elements have no content
Some HTML elements have no end tag
--------------------------------------------------------------------------------
Basic Notes - Useful Tips
When you write HTML text, you can never be sure how the text is displayed in another browser. Some people have large computer displays, some have small. The text will be reformatted every time the user resizes his window. Never try to format the text in your editor by adding empty lines and spaces to the text.
HTML will truncate the spaces in your text. Any number of spaces count as one. Some extra information: In HTML a new line counts as one space.
Using empty paragraphs < p > to insert blank lines is a bad habit. Use the < br > tag instead. (But don't use the < br > tag to create lists. Wait until you have learned about HTML lists.)
HTML automatically adds an extra blank line before and after some elements, like before and after a paragraph, and before and after a heading.
We use a horizontal rule (the < hr > tag), to separate the sections in our tutorials.
--------------------------------------------------------------------------------
Basic HTML Tags
If you lookup the basic HTML tags in the reference below, you will see that the reference contains additional information about tag attributes.
You will learn more about HTML tag attributes in the next chapter of this tutorial.
Tag Description
< html > Defines an HTML document
< body > Defines the document's body
< h1 > to < h6 > Defines header 1 to header 6
< p > Defines a paragraph
< br > Inserts a single line break
< hr > Defines a horizontal rule
< !-- > Defines a comment
--------------------------------------------------------------------------------
HTML Elements
--------------------------------------------------------------------------------
HTML documents are text files made up of HTML elements.
HTML elements are defined using HTML tags.
--------------------------------------------------------------------------------
HTML Tags
HTML tags are used to mark-up HTML elements
HTML tags are surrounded by the two characters < and > The surrounding characters are called angle brackets
HTML tags normally come in pairs like and
The first tag in a pair is the start tag, the second tag is the < strong >end tag < /strong >The text between the start and end tags is the element content HTML tags are not case sensitive, < b > means the same as < B >
--------------------------------------------------------------------------------
HTML Elements
Remember the HTML example from the previous page:
< html >
< head >
< title >Title of page< /title >
< /head >
< body >
This is my first homepage. < b >This text is bold< /b >
< /body >
< /html >
This is an HTML element:
< b >This text is bold< /b >
The HTML element starts with a start tag: < b >
The content of the HTML element is: This text is bold
The HTML element ends with an end tag: < /b >
The purpose of the < b > tag is to define an HTML element that should be displayed as bold.
This is also an HTML element:
< body >
This is my first homepage. < b >This text is bold< /b >
< /body >
This HTML element starts with the start tag < body >, and ends with the end tag < /body >.
The purpose of the < body > tag is to define the HTML element that contains the body of the HTML document.
--------------------------------------------------------------------------------
Why do We Use Lowercase Tags?
We have just said that HTML tags are not case sensitive: < B > means the same as < b >. If you surf the Web, you will notice that plenty of web sites use uppercase HTML tags in their source code. We always use lowercase tags. Why?
If you want to follow the latest web standards, you should always use lowercase tags. The World Wide Web Consortium (W3C) recommends lowercase tags in their HTML 4 recommendation, and XHTML (the next generation HTML) demands lowercase tags.
--------------------------------------------------------------------------------
HTML documents are text files made up of HTML elements.
HTML elements are defined using HTML tags.
--------------------------------------------------------------------------------
HTML Tags
HTML tags are used to mark-up HTML elements
HTML tags are surrounded by the two characters < and > The surrounding characters are called angle brackets
HTML tags normally come in pairs like and
The first tag in a pair is the start tag, the second tag is the < strong >end tag < /strong >The text between the start and end tags is the element content HTML tags are not case sensitive, < b > means the same as < B >
--------------------------------------------------------------------------------
HTML Elements
Remember the HTML example from the previous page:
< html >
< head >
< title >Title of page< /title >
< /head >
< body >
This is my first homepage. < b >This text is bold< /b >
< /body >
< /html >
This is an HTML element:
< b >This text is bold< /b >
The HTML element starts with a start tag: < b >
The content of the HTML element is: This text is bold
The HTML element ends with an end tag: < /b >
The purpose of the < b > tag is to define an HTML element that should be displayed as bold.
This is also an HTML element:
< body >
This is my first homepage. < b >This text is bold< /b >
< /body >
This HTML element starts with the start tag < body >, and ends with the end tag < /body >.
The purpose of the < body > tag is to define the HTML element that contains the body of the HTML document.
--------------------------------------------------------------------------------
Why do We Use Lowercase Tags?
We have just said that HTML tags are not case sensitive: < B > means the same as < b >. If you surf the Web, you will notice that plenty of web sites use uppercase HTML tags in their source code. We always use lowercase tags. Why?
If you want to follow the latest web standards, you should always use lowercase tags. The World Wide Web Consortium (W3C) recommends lowercase tags in their HTML 4 recommendation, and XHTML (the next generation HTML) demands lowercase tags.
--------------------------------------------------------------------------------
Introduction to HTML
--------------------------------------------------------------------------------
What is an HTML File?
HTML stands for Hyper Text Markup Language
An HTML file is a text file containing small markup tags
The markup tags tell the Web browser how to display the page
An HTML file must have an htm or html file extension
An HTML file can be created using a simple text editor
--------------------------------------------------------------------------------
Do You Want to Try It?
If you are running Windows, start Notepad.
If you are on a Mac, start SimpleText.
In OSX start TextEdit and change the following preferences: Open the "Format" menu and select "Plain text" instead of "Rich text". Then open the "Preferences" window under the "Text Edit" menu and select "Ignore rich text commands in HTML files". Your HTML code will probably not work if you do not change the preferences above!
Type in the following text:
< html >
< head >
< title >Title of page< /title >
< /head >
< body >
This is my first homepage. This text is bold
< /body >
< /html >
Save the file as "mypage.htm".
Start your Internet browser. Select "Open" (or "Open Page") in the File menu of your browser. A dialog box will appear. Select "Browse" (or "Choose File") and locate the HTML file you just created - "mypage.htm" - select it and click "Open". Now you should see an address in the dialog box, for example "C:\MyDocuments\mypage.htm". Click OK, and the browser will display the page.
--------------------------------------------------------------------------------
Example Explained
The first tag in your HTML document is < html >. This tag tells your browser that this is the start of an HTML document. The last tag in your document is < /html >. This tag tells your browser that this is the end of the HTML document.
The text between the < head > tag and the < /head > tag is header information. Header information is not displayed in the browser window.
The text between the < title > tags is the title of your document. The title is displayed in your browser's caption.
The text between the < body > tags is the text that will be displayed in your browser.
The text between the < b > and < /b > tags will be displayed in a bold font.
--------------------------------------------------------------------------------
HTM or HTML Extension?
When you save an HTML file, you can use either the .htm or the .html extension. We have used .htm in our examples. It might be a bad habit inherited from the past when some of the commonly used software only allowed three letter extensions.
With newer software we think it will be perfectly safe to use .html.
--------------------------------------------------------------------------------
Note on HTML Editors:
You can easily edit HTML files using a WYSIWYG (what you see is what you get) editor like FrontPage or Dreamweaver, instead of writing your markup tags in a plain text file.
However, if you want to be a skillful Web developer, we strongly recommend that you use a plain text editor to learn your primer HTML.
--------------------------------------------------------------------------------
Frequently Asked Questions
Q: After I have edited an HTML file, I cannot view the result in my browser. Why?
A: Make sure that you have saved the file with a proper name and extension like "c:\mypage.htm". Also make sure that you use the same name when you open the file in your browser.
Q: I have edited an HTML file, but the changes don't show in the browser. Why?A: A browser caches pages so it doesn't have to read the same page twice. When you have modified a page, the browser doesn't know that. Use the browser's refresh/reload button to force the browser to reload the page.
Q: What browser should I use?A: You can do all the training with all of the well-known browsers, like Internet Explorer, Firefox, Netscape, or Opera. However, some of the examples in our advanced classes require the latest versions of the browsers.
Q: Does my computer have to run Windows? What about a Mac?A: You can do all your training on a non-Windows computer like a Mac.
--------------------------------------------------------------------------------
What is an HTML File?
HTML stands for Hyper Text Markup Language
An HTML file is a text file containing small markup tags
The markup tags tell the Web browser how to display the page
An HTML file must have an htm or html file extension
An HTML file can be created using a simple text editor
--------------------------------------------------------------------------------
Do You Want to Try It?
If you are running Windows, start Notepad.
If you are on a Mac, start SimpleText.
In OSX start TextEdit and change the following preferences: Open the "Format" menu and select "Plain text" instead of "Rich text". Then open the "Preferences" window under the "Text Edit" menu and select "Ignore rich text commands in HTML files". Your HTML code will probably not work if you do not change the preferences above!
Type in the following text:
< html >
< head >
< title >Title of page< /title >
< /head >
< body >
This is my first homepage. This text is bold
< /body >
< /html >
Save the file as "mypage.htm".
Start your Internet browser. Select "Open" (or "Open Page") in the File menu of your browser. A dialog box will appear. Select "Browse" (or "Choose File") and locate the HTML file you just created - "mypage.htm" - select it and click "Open". Now you should see an address in the dialog box, for example "C:\MyDocuments\mypage.htm". Click OK, and the browser will display the page.
--------------------------------------------------------------------------------
Example Explained
The first tag in your HTML document is < html >. This tag tells your browser that this is the start of an HTML document. The last tag in your document is < /html >. This tag tells your browser that this is the end of the HTML document.
The text between the < head > tag and the < /head > tag is header information. Header information is not displayed in the browser window.
The text between the < title > tags is the title of your document. The title is displayed in your browser's caption.
The text between the < body > tags is the text that will be displayed in your browser.
The text between the < b > and < /b > tags will be displayed in a bold font.
--------------------------------------------------------------------------------
HTM or HTML Extension?
When you save an HTML file, you can use either the .htm or the .html extension. We have used .htm in our examples. It might be a bad habit inherited from the past when some of the commonly used software only allowed three letter extensions.
With newer software we think it will be perfectly safe to use .html.
--------------------------------------------------------------------------------
Note on HTML Editors:
You can easily edit HTML files using a WYSIWYG (what you see is what you get) editor like FrontPage or Dreamweaver, instead of writing your markup tags in a plain text file.
However, if you want to be a skillful Web developer, we strongly recommend that you use a plain text editor to learn your primer HTML.
--------------------------------------------------------------------------------
Frequently Asked Questions
Q: After I have edited an HTML file, I cannot view the result in my browser. Why?
A: Make sure that you have saved the file with a proper name and extension like "c:\mypage.htm". Also make sure that you use the same name when you open the file in your browser.
Q: I have edited an HTML file, but the changes don't show in the browser. Why?A: A browser caches pages so it doesn't have to read the same page twice. When you have modified a page, the browser doesn't know that. Use the browser's refresh/reload button to force the browser to reload the page.
Q: What browser should I use?A: You can do all the training with all of the well-known browsers, like Internet Explorer, Firefox, Netscape, or Opera. However, some of the examples in our advanced classes require the latest versions of the browsers.
Q: Does my computer have to run Windows? What about a Mac?A: You can do all your training on a non-Windows computer like a Mac.
--------------------------------------------------------------------------------
Monday, November 17, 2008
Best Tips for choosing strong passwords
Password cracking software uses one of three approaches: intelligent guessing, dictionary attacks, and automation that tries every possible combination of characters. Given enough time, the automated method can crack any password.
However, even when password cracking tools continue to improve, it still can take months to crack a strong password. Here is one of the best tip on creating strong secure passwords:
Instead of using the same password for everything you access, choose a root password, then take the name of the service or application you’re accessing, replace a few letters with numbers (or jumble it up), and append it to the end of your root password.
OfZenAndComputing.com has some more strong password tips:1. Do not use names, nor words found in the dictionary.
2. Your password’s length should be at least 8 characters long.
3. Select an alphanumeric password, meaning that it contains both letters and numbers. Try appending a random number to the end of the password, or replacing one or two letters with numbers.
Source: Create a strong, secure password | Passwords: The weakest link
BLUETOOTH TECHNOLOGY
"BLUETOOTH represents a single chip, low cost, low power radio based network technology for Wireless Personal Area Networks (WPAN)"
>
Bluetooth wireless technology is a short-range communications system intended to replace the cables connecting portable and/or fixed electronic devices. It provides Wireless interconnections between low power, short range, small mobile devices (Palmtops, Laptops, PDAs, phones, etc) in close proximity (within a room, car, cabin, elevator…) Bluetooth technology
Provides freedom from wires
Supports creation of Adhoc piconets and Personal Area Networks(PAN) with limited coverage (within the range of 10 ms)
Doesnot require Infrastructure support like Switches, Access Points, hubs, routers, etc. for establishing interconnectivity
Connects Keyboard, mouse, printers, headphones, head sets with speakers etc. to PC without wires.
To Interconnects hand held, portable, battery operated devices like mobile phones, hands free equipment with mobile phones, PDAs, mobile computers, communicators,, microphones, wireless speakers to home theatre systems
The Bluetooth core system consists of an RF transceiver and follows IEEE 802.15 standards. The system offers services that enable the connection of mobile devices and exchange of a variety of data (voice, music, graphics, text) between these devices.
Bluetooth consortium was formed by 5 companies in 1998 i.e. Ericsson, Intel, IBM, Nokia and Toshiba. Blue-tooth standard is adopted by over 1000 manufacturers of electronics appliances (Akai, Motorola, LG, Samsung, Nokia, for music, video, data, fax m/c ……)
Features of Bluetooth
1. Power consumption is very low due to battery operated devices.
2. Freq. Band (2400-2483.5 MHz) 83.5MHz. B.W.
3. Fast Freq. Hopping TDD scheme at a rate of 1600 hops/sec.
4. Within a Pico net all devices use the same hopping sequence
5. Transmitter Power upto 100mW.
6. Range 10m-100m with special transceivers.
The Bluetooth RF (physical layer) operates in the unlicensed ISM band at 2.4GHz. The datarate is 1 Megabits per second (Mbps). A group of devices interconnected using RF link form a piconet. Devices in a piconet use a specific frequency hopping pattern which is algorithmically determined by certain fields in the Bluetooth specification address and clock of the master.
Today's wireless world means that data is being sent, among us, invisibly from device to device, country to country, person to person. This data, in the form of e-mails, photos, contacts and addresses are precious and private to each of us. This private information, no longer making its way along wires in plain sight, needs to be sent securely to its intended recipient without interception. Wireless standards the world over are evolving and have various formats for dealing with the security issues of its users. Bluetooth wireless technology is no exception.
Bluetooth wireless technology has, from its inception, put great emphasis on wireless security so that users of this global standard can feel secure while making their connections. The Bluetooth Special Interest Group (SIG), has a Bluetooth security experts group made up of engineers from its member companies who provide critical security information and feedback that is taken into account as the Bluetooth wireless specification evolves.
Product developers that use Bluetooth wireless technology in their products have several options for implementing security. There are three modes of security for Bluetooth access between two devices.
Security Mode 1: non-secure
Security Mode 2: service level enforced security
Security Mode 3: link level enforced security
The manufacturer of each product determines these security modes. Devices and services also have different security levels. Three security levels are defined:
services that require authorization and authentication (mode 3)
services that require authentication only and (mode 2)
services that are open to all devices. (mode 1)
Lately, confusion and misinformation surrounding security and Bluetooth wireless technology has increased. The current security issues typically involve mobile phones. The encryption algorithm in the Bluetooth specifications is secure.
Cases where data has been compromised on mobile phones are the result of implementation issues on that platform. The recently reported issues of advanced "hackers" gaining access to information stored on select mobile phones using Bluetooth functionality are due to incorrect implementation. The names bluesnarfing, bluejacking and bluebugging have been given to these methods of illegal and improper access to information. The following sections provide users with more information about these current issues and will address their concerns for dealing with these security risks.
Bluejacking allows phone users to send business cards anonymously using Bluetooth wireless technology. Bluejacking does NOT involve the removal or alteration of any data from the device. These business cards often have a clever or flirtatious message rather than the typical name and phone number. Bluejackers often look for the receiving phone to ping or the user to react. They then send another, more personal message to that device. Once again, in order to carry out a bluejacking, the sending and receiving devices must be within 10 meters of one another. Phone owners who receive bluejack messages should refuse to add the contacts to their address book. Devices that are set in non-discoverable mode are not susceptible to bluejacking.
Bluebugging allows skilled individuals to access the mobile phone commands using Bluetooth wireless technology without notifying or alerting the phone's user. This vulnerability allows the hacker to initiate phone calls, send and receive text messages, read and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet. As with all the attacks, without specialized equipment, the hacker must be within a 10 meter range of the phone.
Bluesnarfing allows hackers to gain access to data stored on a Bluetooth enabled phone using Bluetooth wireless technology without alerting the phone's user of the connection made to the device. The information that can be accessed in this manner includes the phonebook and associated images, calendar, and IMEI (international mobile equipment identity). By setting the device in non-discoverable, it becomes significantly more difficult to find and attack the device. Without specialized equipment the hacker must be within a 10 meter range of the device while running a device with specialized software. Only specific older Bluetooth enabled phones are susceptible to bluesnarfing.
>
Bluetooth wireless technology is a short-range communications system intended to replace the cables connecting portable and/or fixed electronic devices. It provides Wireless interconnections between low power, short range, small mobile devices (Palmtops, Laptops, PDAs, phones, etc) in close proximity (within a room, car, cabin, elevator…) Bluetooth technology
Provides freedom from wires
Supports creation of Adhoc piconets and Personal Area Networks(PAN) with limited coverage (within the range of 10 ms)
Doesnot require Infrastructure support like Switches, Access Points, hubs, routers, etc. for establishing interconnectivity
Connects Keyboard, mouse, printers, headphones, head sets with speakers etc. to PC without wires.
To Interconnects hand held, portable, battery operated devices like mobile phones, hands free equipment with mobile phones, PDAs, mobile computers, communicators,, microphones, wireless speakers to home theatre systems
The Bluetooth core system consists of an RF transceiver and follows IEEE 802.15 standards. The system offers services that enable the connection of mobile devices and exchange of a variety of data (voice, music, graphics, text) between these devices.
Bluetooth consortium was formed by 5 companies in 1998 i.e. Ericsson, Intel, IBM, Nokia and Toshiba. Blue-tooth standard is adopted by over 1000 manufacturers of electronics appliances (Akai, Motorola, LG, Samsung, Nokia, for music, video, data, fax m/c ……)
Features of Bluetooth
1. Power consumption is very low due to battery operated devices.
2. Freq. Band (2400-2483.5 MHz) 83.5MHz. B.W.
3. Fast Freq. Hopping TDD scheme at a rate of 1600 hops/sec.
4. Within a Pico net all devices use the same hopping sequence
5. Transmitter Power upto 100mW.
6. Range 10m-100m with special transceivers.
The Bluetooth RF (physical layer) operates in the unlicensed ISM band at 2.4GHz. The datarate is 1 Megabits per second (Mbps). A group of devices interconnected using RF link form a piconet. Devices in a piconet use a specific frequency hopping pattern which is algorithmically determined by certain fields in the Bluetooth specification address and clock of the master.
Security Issues
Today's wireless world means that data is being sent, among us, invisibly from device to device, country to country, person to person. This data, in the form of e-mails, photos, contacts and addresses are precious and private to each of us. This private information, no longer making its way along wires in plain sight, needs to be sent securely to its intended recipient without interception. Wireless standards the world over are evolving and have various formats for dealing with the security issues of its users. Bluetooth wireless technology is no exception.
Bluetooth wireless technology has, from its inception, put great emphasis on wireless security so that users of this global standard can feel secure while making their connections. The Bluetooth Special Interest Group (SIG), has a Bluetooth security experts group made up of engineers from its member companies who provide critical security information and feedback that is taken into account as the Bluetooth wireless specification evolves.
Product developers that use Bluetooth wireless technology in their products have several options for implementing security. There are three modes of security for Bluetooth access between two devices.
Security Mode 1: non-secure
Security Mode 2: service level enforced security
Security Mode 3: link level enforced security
The manufacturer of each product determines these security modes. Devices and services also have different security levels. Three security levels are defined:
services that require authorization and authentication (mode 3)
services that require authentication only and (mode 2)
services that are open to all devices. (mode 1)
Lately, confusion and misinformation surrounding security and Bluetooth wireless technology has increased. The current security issues typically involve mobile phones. The encryption algorithm in the Bluetooth specifications is secure.
Cases where data has been compromised on mobile phones are the result of implementation issues on that platform. The recently reported issues of advanced "hackers" gaining access to information stored on select mobile phones using Bluetooth functionality are due to incorrect implementation. The names bluesnarfing, bluejacking and bluebugging have been given to these methods of illegal and improper access to information. The following sections provide users with more information about these current issues and will address their concerns for dealing with these security risks.
What is bluejacking?
Bluejacking allows phone users to send business cards anonymously using Bluetooth wireless technology. Bluejacking does NOT involve the removal or alteration of any data from the device. These business cards often have a clever or flirtatious message rather than the typical name and phone number. Bluejackers often look for the receiving phone to ping or the user to react. They then send another, more personal message to that device. Once again, in order to carry out a bluejacking, the sending and receiving devices must be within 10 meters of one another. Phone owners who receive bluejack messages should refuse to add the contacts to their address book. Devices that are set in non-discoverable mode are not susceptible to bluejacking.
What is bluebugging?
Bluebugging allows skilled individuals to access the mobile phone commands using Bluetooth wireless technology without notifying or alerting the phone's user. This vulnerability allows the hacker to initiate phone calls, send and receive text messages, read and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet. As with all the attacks, without specialized equipment, the hacker must be within a 10 meter range of the phone.
What is bluesnarfing?
Bluesnarfing allows hackers to gain access to data stored on a Bluetooth enabled phone using Bluetooth wireless technology without alerting the phone's user of the connection made to the device. The information that can be accessed in this manner includes the phonebook and associated images, calendar, and IMEI (international mobile equipment identity). By setting the device in non-discoverable, it becomes significantly more difficult to find and attack the device. Without specialized equipment the hacker must be within a 10 meter range of the device while running a device with specialized software. Only specific older Bluetooth enabled phones are susceptible to bluesnarfing.
Subscribe to:
Posts (Atom)
