Information Technology Reference
In-Depth Information
attacker can communicate with both the victims by making believe to each
one of the two of being the other one [17].
7.1.2
Location attacks
This type of attack is simple and requires no theft of the key. A Bluetooth-
compatible device can be in two states: detectable or not detectable.
The former allows a device being 'seen' from any other; the latter prevents
all communications to or from that device. If a device is discoverable, it
answers to inquiries made by other devices. If four or more devices intercept
the same victim, then, they can coordinate their signal strength to determine the
position of the victim. This is possible because all Bluetooth devices transmit
their identity to every request [18]. The attack is much more effective to locate
the position of a victim, compared with that achieved through a network of
mobile phones, because the cells are extended for several kilometers [17].
7.2
WLANs
WLAN based on the 802.11x, for its constitution, make the process of
identifying the wireless networks relatively easy [19].
Scanner allows WLAN users to identify a network through the use of a
Wireless Network Interface Card, just call NIC, and specific software that
searches for access points. As long as there was a limited number of
applications for scanning of WLAN, NetStumbler was the most popular
applications for Windows platforms, not only because it was and is free, but
also because of its simple graphical interface, and its ability to use GPS
systems for the detection of the longitude and latitude of an AP. This function
is very useful for attackers who want to return later in the region for sniffing
the traffic passing on that AP [20].
NetStumbler was created by Marius Milner and was spread by a set of his
'followers' [21]. NetStrubler.org [22] is pursuing a project that allows users
to insert into the database of the web site the results of their war-driving.
Thanks to the GPS function the site has built a map of all APs within the
territory of the United States. The results were prepared on a map and you
can click on a particular AP and see where it is installed with precision.
Having a site that identifies the insecure networks of companies and makes
known to the whole world is like having a section in the newspaper we read
every day where we can find the list of companies that decide to leave open
their doors during the night. Fortunately, Netstrubler.org administrators give
the ability to 'victims organizations' to request the removal from the list of
information on their AP.
The loyal fans of Linux will approach to Kismet [23]. It does not have a
user-friendly graphical interface as Netstumbler, and it is not easy to use, but
