What are the key features Auditors are looking for in a Bluetooth Audit?

Posted on 2006-04-03
Last Modified: 2010-04-11
I recently did a quick bluetooth audit of our organization.  I wanted to find out what are the important aspects of bluetooth.  What kind of ID information do they have?  What kinds of things are auditors looking for in reports about bluetooth auditing?
Question by:awakenings
    LVL 3

    Expert Comment

    With the increasing prevalence of BT and small-form factor devices in the enterprise, this is a growing area of interest for me as well.

    The kinds of things auditors are looking for:

    1) Use Policy  - re: use of devices (SFF, BT, cell phones, PDAs, phones w/ cameras in high security areas should all be covered).

    2) Device Policies - Data classification and minimum security (hardening, encryption, logging) device must support for more sensitive types of data

    3) Auditing/Logging - who accessed the data, what was the data, at what time

    And of course, alot of this is best effort only, as some device tracking will not be possible outside a great amount of expense/effort.

    This is a just a general post to your questions. If you're looking for more of the nitty-gritty, I can get some actual auditing questions/checklists to you.

    Also, here's a link: Bluetooth Security Review, Part 1,

    Author Comment

    I just upped the points because I am looking for more than what you provided.  I'll give you points for that.

    You did hit on some things I wasn't looking for that we have covered - Use Policy, Device Policy for example.

    From reading the article, it sounds like I should find  Redfang -- which seems to have dissapeared on my initial google searches.  I used bluesniff in my wireless audit, but I have no idea what I am looking for.  From the article it sounds like maybe MAC address and maybe if the device is hidden or not.
        In the wireless world, it is a bit easier for me because I am more familiar with the technology.  It has SSID, signal strength, signal to noise ratio, etc.  Do you have any specifics you would recommend?



    LVL 3

    Accepted Solution

    Read up on RedFang and I think you'll agree as a auditing/pentest tool it's still very proof-of-concept.

    Redfang download

    Bluesnarfer w/ links to snarf attack howtos

    Of course, I don't know the nature of the data you're trying to protect (i.e., compliance requirements, sensitivity), but I would begin with the basics:

    1) Look for discoverable devices
    2) Next, do these devices accept file transfers (FTRN)

    Here's more info on a SANS diary: Bluetooth Auditing

    That's all I've got for now. Maybe someone else can chime in.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Superior storage. Superior surveillance.

    WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

    SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
    Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now