Intro: A Change in Focus
Penetration testers have been focusing on wireless technologies for over a decade now, and those of us in the industry have seen the various families of wireless protocols evolve through a roller coaster ride of security issues, half-baked encryption schemes, and mitigation tactics.
While the 802.11 wireless protocols is by far the most popular and has stolen much of the limelight for security issues and development it's not the only show in town. Lately, other wireless protocols have become the focus of security researchers and hackers alike. One protocol that can arguably be placed at the top of the list, and is an area of growing concern, is the 802.15.4 protocol that ZigBee wireless rides on. New tools and techniques are being developed by penetration testers to validate the security and configuration of ZigBee-enabled devices.
This article takes a closer look at the ZigBee protocol, some of the attacks that have been leveraged against it, and the security tools that penetration testers can use.
ZigBee is not exactly a new technology; in fact it was originally developed in 1998, but only recently has ZigBee become more commonplace in industrial and consumer products. ZigBee was designed to fulfill a niche and previously untapped market in which regular wireless devices were unsuitable. The unique characteristics of ZigBee embedded wireless devices have opened a floodgate of new products that require its low power simplicity and functionality.