-
Notifications
You must be signed in to change notification settings - Fork 0
/
readme.html
317 lines (167 loc) · 6.82 KB
/
readme.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1" http-equiv="content-type">
<title>BNAP, BNAP</title>
</head>
<body>
<div style="text-align: center; font-family: Verdana;">
<small>
<a href="index.php">Home</a> |
<a href="readme.html#ABOUT">About</a> |
<a href="readme.html#PRIVACY">Privacy</a> |
<a href="thelist.php">The List</a> |
<a href="code.html">Code</a>
<br>
</small>
</div>
<big><big><big><big><a name="ABOUT"></a>About<br>
</big></big></big></big><br>
<table style="text-align: left; width: 90%;" border="0" cellpadding="2" cellspacing="2">
<tbody>
<tr>
<td valign="top">Q:</td>
<td valign="top">What is this all about anyway?</td>
</tr>
<tr>
<td valign="top">A:</td>
<td valign="top">As part of an overall goal for
assessing risks to Bluetooth devices,
we're interested in the common MAC address prefixes that vendors
allocate to devices. When a vendor registers and obtains a
MAC prefix
or organizationally unique identifier, they can use it for anything
they like. We're interested in the actual prefixes that are
being
allocated by vendors in common (and uncommon) Blueetooth devices.</td>
</tr>
<tr>
<td valign="top">Q:</td>
<td valign="top">What are the characteristics of
Bluetooth Device Addresses?<br>
</td>
</tr>
<tr>
<td valign="top">A:</td>
<td valign="top">A Bluetooth Device Address
(BD_ADDR) is a globally unique value assigned to each Bluetooth adapter
by the manufacturer. The BD_ADDR information is made up of
three components:<br>
<br>
<ul>
<li>LAP: The Lower Address Part of the BD_ADDR is the
portion of the MAC address that is allocated by the vendor to devices.
The LAP makes up 24-bits of the BD_ADDR. The LAP is
used for uniquely identifying a Bluetooth device as part of the Access
Code and synchronization word information that precedes the Bluetooth
baseband header for every transmitted frame.</li>
<li>UAP: The Upper Address Part of the BD_ADDR is 8-bits
of the device MAC address, representing a portion of the 24-bit prefix
that is allocated to vendors by the IEEE (OUI). The UAP is
used for seeding various algorithms used in the Bluetooth
specification, including the generation of the Header Error Correct
(HEC) field used to identify accidentally corrupted Bluetooth packets
in transit.</li>
<li>NAP: The Non-significant Address Part makes up the
remaining 16 bits of the BD_ADDR information, and the remaining 16 bits
of the OUI. The NAP value is not used for any significant
purposes for Bluetooth networking, other than that it is present in
Frequency Hopping Synchronization frames.</li>
</ul>
<br>
The format of the BD_ADDR information is shown below. Note
that this diagram represents the BD_ADDR information in "Bluetooth
Order", with the least-significant bit at the left-most position.<br>
<br>
<div style="text-align: center;"><img style="width: 430px; height: 203px;" alt="Bluetooth Device Address" src="images/bdaddr.jpg"><br>
<br>
<div style="text-align: left;">More information
about Bluetooth networking is available in the Bluetooth Special
Interest Group (SIG) specification documentation at <a href="http://www.bluetooth.org">http://www.bluetooth.org</a>.</div>
</div>
</td>
</tr>
<tr>
<td valign="top">Q:</td>
<td valign="top">Why is this information interesting?</td>
</tr>
<tr>
<td valign="top">A:</td>
<td valign="top">The LAP information is allocated
uniquely for each Bluetooth device, but the UAP and NAP are part of the
Organizationally Unique Identifier (OUI). We're interested in
collecting UAP and NAP information to determine what OUI's are being
used by vendors for BD_ADDR values. With this information, we
can correlate manufacturer information to a specific device, and
accelerate Bluetooth device discovery.</td>
</tr>
<tr>
<td valign="top">Q:</td>
<td valign="top">Why should I share this information
with you?</td>
</tr>
<tr>
<td valign="top">A:</td>
<td valign="top">We are independent researchers
without commercial funding or alterior motives. We're simply
interested in evaluating how vendors are using NAP and UAP information.
Since we can only get so far by assessing the devices that we
own specifically, we're asking for your help in this effort.
If we are able to identify any particularly useful analysis
mechanisms from the information we obtain through this community
effort, we will share our results openly and publicly to make
meaningful improvements to the wireless security and networking
industries.</td>
</tr>
<tr>
<td valign="top">Q:</td>
<td valign="top">Who is behind this effort?</td>
</tr>
<tr>
<td valign="top">A:<br>
</td>
<td valign="top">
<ul>
<li>Joshua Wright ([email protected]) started the original project at http://802.15ninja.net/bnapbnap but has since stopped maintaining it</li>
<li>Brad Antoniewicz has since resumed the project here!</li>
<li>Many additions have been added from the <a href="http://www.hackfromacave.com/projects/bpp.html">Bluetooth Profiling Project</a></li>
</ul>
</td>
</tr>
<tr>
<td valign="top">Q:</td>
<td valign="top">Why isn't my entry listed in "The List" yet?</td>
</tr>
<tr>
<td valign="top">A:</td>
<td valign="top">
For purposes of data validation, we only list entries that have matching OUI's submitted by more than one host.</td>
</tr>
<tr>
<td valign="top">Q:</td>
<td valign="top">What's with the Smurf?</td>
</tr>
<tr>
<td valign="top"></td>
<td valign="top">It's a light take on the Smurf's
episode where one Smurf becomes infected with a communicable disease,
and turns purple. When purple, the Smurf seeks out to infect
other Smurfs (by biting them on the butt) and yells out "GNAP, GNAP" in
a torrets-like fashion. It's juvenile, I know.</td>
</tr>
</tbody>
</table>
<br>
<br>
<big><big><big><big><a name="PRIVACY"></a>Privacy<br>
</big></big></big></big>The collection of
Bluetooth Device Address (BD_ADDR) prefix information is for the use of
research to identify common MAC address prefixes that are allocated to
Bluetooth devices. This information will not be sold or
licensed under any circumstances. Once verified, the content
that is submitted is made publicly available for others to leverage for
their own research projects as well, such that the project abides by
the same privacy principles outlined here.<br>
<br>
</body>
</html>