Hardware monitoring with twitter.

[robert.portvliet at gmail.com (Robert Portvliet)]

Just throwing this out there.... if during recon the attacker found
out about the twitter account & gained access to view the tweets, he
could then attack your firewall from TOR or a throwaway IP & get
realtime feedback on what kinds of actions would trigger an alert
and\or get him shunned, allowing him to avoid these actions when he
initiates his actual attack.



On Sat, Sep 5, 2009 at 2:05 PM, <bhoff at itworldclass.com> wrote:
> Hey guys I really appreciate all the feedback. But what would the actual red team + be on this. I have been going 
> over scenarios for weeks and not see the angle a hacker would use to third my firewalls with this.
>
> Comments are welcome and appreciated.
> Sent from my Verizon Wireless BlackBerry
>
> -----Original Message-----
> From: "Nicholas B." <nberthaume at gmail.com>
>
> Date: Sat, 5 Sep 2009 13:23:30
> To: <bhoff at itworldclass.com>; PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com>
> Subject: Re: [Pauldotcom] Hardware monitoring with twitter.
>
>
> I would never consider anything you do on twitter or any othe social
> network as private in the least. ?Using twitter for this purpose is so
> far out of scope from its original purpose I would NEVER suggest using
> it for anything like this
>
> On 9/4/09, bhoff at itworldclass.com <bhoff at itworldclass.com> wrote:
> > Well the ?tweets are private. And having to install some sort of mailserver
> > the risk out weighed the latter. Plus I am just giving status
> > green,yellow,orange,red,black.
> > Or something like othgyk1 rebooted at date.
> > Not to much there that would help an attacker.
> > And now I have almost instant notification of an attempt. Gives me time to
> > log in see what is happening and do some fancy rerouting to /dev/null :)
> >
> > ------Original Message------
> > From: Bert Van Kets
> > To: bhoff at itworldclass.com
> > To: PaulDotCom Security Weekly Mailing List
> > Subject: Re: [Pauldotcom] Hardware monitoring with twitter.
> > Sent: Sep 4, 2009 3:09 PM
> >
> > So you put the status of your firewall on an external system you have no
> > control over.......
> > Hmmmmmm. I would never do that. ;-)
> >
> >
> > bhoff at itworldclass.com wrote:
> > > A little update to my firewall project. I have ripped out sendmail...and
> > > now using twitter to monitor my firewalls health along with my
> > > windows/linux servers.
> > > This is great as I have now reduced the overhead on the hardware and
> > > reduced vuln. In the appliance.
> > > Thanks goes out to tcstool for pointing out an app shown on hak5 to make a
> > > bat file into a windows service. Future projects include using this with
> > > my ips and ids systems. ? Thoughts
> > > Sent from my Verizon Wireless BlackBerry
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom at mail.pauldotcom.com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
> >
> >
> >
> > Sent from my Verizon Wireless BlackBerry
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
> --
> Sent from my mobile device
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com