PaulDotCom mailing list archives
Hardware monitoring with twitter.
From: nberthaume at gmail.com (Nicholas B.)
Date: Wed, 9 Sep 2009 17:32:58 -0400
I have to disagree and say just don't do it. After a bit of probing people can obfuscate your terminology if they have done any research on your methods (such as finding this thread). Use proven method and don't count on obscurity to hide potentially sensitive information. On Sun, Sep 6, 2009 at 12:21 PM, Tim Krabec<tkrabec at gmail.com> wrote:
If you want to use twitter, use security thru obscurity. replicate the messages from another twitter bot, such as the plant water, putting up a link to your garden or roses or whatever. have it twitter messages about the weather, but only when there are problems have it twitter quotes, 1 list server ok, 1 list problems, 1 list thermals/power Be creative, but make it irrelevant and obscure to the truth. On Sun, Sep 6, 2009 at 12:01 PM, Michael Dickey <lonervamp at gmail.com> wrote:My downside on this wouldn't relate to security really at all, but operational aspects. What if Twitter goes down, or makes changes to what they do in a way that your monitoring no longer works? Or something goes down just enough to prevent being able to use Twitter?? Or someone eventually figures out how to send texts spoofed as coming from Twitter. I'm sure I could get more exotic than that, but by then you'll have bigger issues going on. :) We have monitoring as well on our hardware/software, but we deal with emails and texting without needing to rely on something external. Relying on something external makes me...feel kinda funny...down there It's creative if nothing else, though! :) On Sat, Sep 5, 2009 at 8:43 PM, <bhoff at itworldclass.com> wrote:Good points... If they knew about twitter alerts...if they could access the account....if they understood what the cryptic messages meant....all very good points. Thanks. That is what I am looking for. Sent from my Verizon Wireless BlackBerry -----Original Message----- From: Robert Portvliet <robert.portvliet at gmail.com> Date: Sat, 5 Sep 2009 20:52:50 To: <bhoff at itworldclass.com>; PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com> Cc: Nicholas B.<nberthaume at gmail.com> Subject: Re: [Pauldotcom] Hardware monitoring with twitter. Just throwing this out there.... if during recon the attacker found out about the twitter account & gained access to view the tweets, he could then attack your firewall from TOR or a throwaway IP & get realtime feedback on what kinds of actions would trigger an alert and\or get him shunned, allowing him to avoid these actions when he initiates his actual attack. On Sat, Sep 5, 2009 at 2:05 PM, <bhoff at itworldclass.com> wrote:Hey guys I really appreciate all the feedback. But what would the actual red team + be on this. I have been going over scenarios for weeks and not see the angle a hacker would use to third my firewalls with this. Comments are welcome and appreciated. Sent from my Verizon Wireless BlackBerry -----Original Message----- From: "Nicholas B." <nberthaume at gmail.com> Date: Sat, 5 Sep 2009 13:23:30 To: <bhoff at itworldclass.com>; PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com> Subject: Re: [Pauldotcom] Hardware monitoring with twitter. I would never consider anything you do on twitter or any othe social network as private in the least. ?Using twitter for this purpose is so far out of scope from its original purpose I would NEVER suggest using it for anything like this On 9/4/09, bhoff at itworldclass.com <bhoff at itworldclass.com> wrote:Well the ?tweets are private. And having to install some sort of mailserver the risk out weighed the latter. Plus I am just giving status green,yellow,orange,red,black. Or something like othgyk1 rebooted at date. Not to much there that would help an attacker. And now I have almost instant notification of an attempt. Gives me time to log in see what is happening and do some fancy rerouting to /dev/null :) ------Original Message------ From: Bert Van Kets To: bhoff at itworldclass.com To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Hardware monitoring with twitter. Sent: Sep 4, 2009 3:09 PM So you put the status of your firewall on an external system you have no control over....... Hmmmmmm. I would never do that. ;-) bhoff at itworldclass.com wrote:A little update to my firewall project. I have ripped out sendmail...and now using twitter to monitor my firewalls health along with my windows/linux servers. This is great as I have now reduced the overhead on the hardware and reduced vuln. In the appliance. Thanks goes out to tcstool for pointing out an app shown on hak5 to make a bat file into a windows service. Future projects include using this with my ips and ids systems. ? Thoughts Sent from my Verizon Wireless BlackBerry _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.comSent from my Verizon Wireless BlackBerry _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Sent from my mobile device _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Tim Krabec Kracomp 772-597-2349 smbminute.com kracomp.blogspot.com www.kracomp.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Hardware monitoring with twitter. bhoff at itworldclass.com (Sep 03)
- Hardware monitoring with twitter. Bert Van Kets (Sep 04)
- <Possible follow-ups>
- Hardware monitoring with twitter. bhoff at itworldclass.com (Sep 04)
- Hardware monitoring with twitter. Nicholas B. (Sep 05)
- Hardware monitoring with twitter. bhoff at itworldclass.com (Sep 05)
- Hardware monitoring with twitter. Robert Portvliet (Sep 05)
- Hardware monitoring with twitter. bhoff at itworldclass.com (Sep 05)
- Hardware monitoring with twitter. Michael Dickey (Sep 06)
- Hardware monitoring with twitter. Tim Krabec (Sep 06)
- Hardware monitoring with twitter. Nicholas B. (Sep 09)
- Hardware monitoring with twitter. Nicholas B. (Sep 05)