I decided to do a bit of bluetooth sniffing, since I was sitting around with a few bluetooth phones around me.

I tried looking, using the normal procedure, but couldn't see any of the phones. Apparently all the phones were not in "discoverable" mode, so I couldn't see them.

I googled around, to see if there was a way to find them anyway, and found references to "redfang", a brute force scanner.

I found a page with the c code on it, but I couldn't get it to compile.

I looked for some other tool, and found something called "bluesniff", but found it was just an interface to redfang anyway.

When I googled around for details of the compiler error I was getting, trying to compile redfang, I found that the code I had was old anyway, and it had been almost completely rewritten.

I got the new one, and compiled it, and ran it, it sat there saying it was scanning.

Hmm, this was going to take a while, since it takes between 6 and 10 seconds to try each MAC address.

I let this run for a while, while I read about other stuff. I found another tool, called tbear, which included a couple of different tools.

I had a look, it said it borrowed some of the code from redfang, but it looked a bit better, because you could specify the vendor part of the MAC address, to make it slightly faster to scan.

I googled around, to see if I could work out what the MAC address range my mate's phones would have.

I found a page about a couple of their phones, here, but I wasn't sure if that was the correct model of phone, and it didn't have any details about the MAC address anyway.

I didn't get a chance to find any of the phones after that.

While googling, I turned up the following pages:


http://trifinite.org/trifinite_stuff_bluebug.html.

http://searchmobilecomputing.techtarget.com/newsItem/0,289139,sid40_gci950232,00.html.

http://www.securityfocus.com/infocus/1830.