Which of the following attacks allows access to contact lists on cellular phones?
A.
War chalking
B.
Blue jacking
C.
Packet sniffing
D.
Bluesnarfing
Explanation:
Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth
is a high-speed but very short-range wireless technology for exchanging data between desktop and
mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in
the way Bluetooth is implemented on a mobile phone, an attacker can access information — such as the
user’s calendar, contact list and e-mail and text messages — without leaving any evidence of the attack.
Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser
extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but
others are vulnerable as long as Bluetooth is enabled.
Incorrect Answers:
A: War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign
posts, trees) to indicate the existence of an open wireless network connection, usually offering an
Internet connection so that others can benefit from the free wireless access. The open connections
typically come from the access points of wireless networks located within buildings to serve enterprises.
The chalk symbols indicate the type of access point that is available at that specific spot. War chalking is
not used to access information on a mobile device.
B: Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as
mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the
name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.
Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can
reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.
Bluejacking is usually harmless, but because bluejacked people generally don’t know what has happened,
they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but
with modern phones it’s possible to send images or sounds as well. Bluejacking has been used in guerrilla
marketing campaigns to promote advergames.
Bluejacking is sending unwanted messages to a mobile device; it is not used to steal information from the
mobile device.C: Packet sniffing is the process of intercepting data as it is transmitted over a network; it is not used to
access data on a mobile device.
A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to
a local area network that is not filtered or switched, the traffic can be broadcast to all computers
contained in the same segment. This doesn’t generally occur, since computers are generally told to ignore
all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is
shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic.
The NIC is put into promiscuous mode, and it reads communications between computers within a
particular segment. This allows the sniffer to seize everything that is flowing in the network, which can
lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware
or software solution. A sniffer is also known as a packet analyzer. Packet sniffing is not used to access
information on a mobile device.http://searchmobilecomputing.techtarget.com/definition/bluesnarfing
http://www.webopedia.com/TERM/W/warchalking.html
http://en.wikipedia.org/wiki/Bluejacking
http://www.techopedia.com/definition/4113/sniffer