Bluetooth Monitoring – What Can You Do?

Summary

Excerpt From Bluetooth Vulnerabilities (Part 1) Webinar
Find Out More About What You Can Do To Defend Against Bluetooth Monitoring Attacks
CTO, Dr. Brett Walkenhorst, talks on how increased Bluetooth inquiry and scan request packets can be a sign of questionable activity on behalf of an attacker. Defenders can identify and pinpoint such dangers by actively keeping an eye out for such activity, which gives them important information about the whereabouts and identity of attackers. While active monitoring has its advantages, certain security monitoring in Bluetooth networks may be passive and less readily deployable for defense.

Video Transcript

The last thing you can do here is monitor your environment. For things like excessive Bluetooth inquiry and scan request packets. Those are going to be part of what's that active monitoring where the attacker is sort of giving themselves away. If you're monitoring for that kind of activity, you can find those devices that are behaving a little oddly.

It's it's not it's not normal for devices to be in that state for long periods of time. You can identify that, detect them and also localize them so you can find out where your attacker is. A lot of this category, however, is not amenable to monitoring as a defense because it's passive.

To the extent that it's active though, that will help you out.