PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Hardware monitoring with twitter.

From: tkrabec at gmail.com (Tim Krabec)
Date: Sun, 6 Sep 2009 12:21:46 -0400
If you want to use twitter, use security thru obscurity. replicate the
messages from another twitter bot, such as the plant water, putting up a
link to your garden or roses or whatever.

have it twitter messages about the weather, but only when there are problems

have it twitter quotes, 1 list server ok, 1 list problems, 1 list
thermals/power

Be creative, but make it irrelevant and obscure to the truth.


On Sun, Sep 6, 2009 at 12:01 PM, Michael Dickey <lonervamp at gmail.com> wrote:


My downside on this wouldn't relate to security really at all, but
operational aspects. What if Twitter goes down, or makes changes to what
they do in a way that your monitoring no longer works? Or something goes
down just enough to prevent being able to use Twitter?  Or someone
eventually figures out how to send texts spoofed as coming from Twitter. I'm
sure I could get more exotic than that, but by then you'll have bigger
issues going on. :)

We have monitoring as well on our hardware/software, but we deal with
emails and texting without needing to rely on something external. Relying on
something external makes me...feel kinda funny...down there

It's creative if nothing else, though! :)



On Sat, Sep 5, 2009 at 8:43 PM, <bhoff at itworldclass.com> wrote:


Good points...
If they knew about twitter alerts...if they could access the account....if
they understood what the cryptic messages meant....all very good points.
Thanks.

That is what I am looking for.
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: Robert Portvliet <robert.portvliet at gmail.com>

Date: Sat, 5 Sep 2009 20:52:50
To: <bhoff at itworldclass.com>; PaulDotCom Security Weekly Mailing List<
pauldotcom at mail.pauldotcom.com>
Cc: Nicholas B.<nberthaume at gmail.com>
Subject: Re: [Pauldotcom] Hardware monitoring with twitter.


Just throwing this out there.... if during recon the attacker found
out about the twitter account & gained access to view the tweets, he
could then attack your firewall from TOR or a throwaway IP & get
realtime feedback on what kinds of actions would trigger an alert
and\or get him shunned, allowing him to avoid these actions when he
initiates his actual attack.



On Sat, Sep 5, 2009 at 2:05 PM, <bhoff at itworldclass.com> wrote:

Hey guys I really appreciate all the feedback. But what would the actual

red team + be on this. I have been going over scenarios for weeks and not
see the angle a hacker would use to third my firewalls with this.


Comments are welcome and appreciated.
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: "Nicholas B." <nberthaume at gmail.com>

Date: Sat, 5 Sep 2009 13:23:30
To: <bhoff at itworldclass.com>; PaulDotCom Security Weekly Mailing List<

pauldotcom at mail.pauldotcom.com>

Subject: Re: [Pauldotcom] Hardware monitoring with twitter.


I would never consider anything you do on twitter or any othe social
network as private in the least.  Using twitter for this purpose is so
far out of scope from its original purpose I would NEVER suggest using
it for anything like this

On 9/4/09, bhoff at itworldclass.com <bhoff at itworldclass.com> wrote:

Well the  tweets are private. And having to install some sort of

mailserver

the risk out weighed the latter. Plus I am just giving status
green,yellow,orange,red,black.
Or something like othgyk1 rebooted at date.
Not to much there that would help an attacker.
And now I have almost instant notification of an attempt. Gives me time

to

log in see what is happening and do some fancy rerouting to /dev/null

:)


------Original Message------
From: Bert Van Kets
To: bhoff at itworldclass.com
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] Hardware monitoring with twitter.
Sent: Sep 4, 2009 3:09 PM

So you put the status of your firewall on an external system you have

no

control over.......
Hmmmmmm. I would never do that. ;-)


bhoff at itworldclass.com wrote:

A little update to my firewall project. I have ripped out

sendmail...and

now using twitter to monitor my firewalls health along with my
windows/linux servers.
This is great as I have now reduced the overhead on the hardware and
reduced vuln. In the appliance.
Thanks goes out to tcstool for pointing out an app shown on hak5 to

make a

bat file into a windows service. Future projects include using this

with

my ips and ids systems.   Thoughts
Sent from my Verizon Wireless BlackBerry
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com






Sent from my Verizon Wireless BlackBerry
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



--
Sent from my mobile device
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com





-- 
Tim Krabec
Kracomp
772-597-2349
smbminute.com
kracomp.blogspot.com
www.kracomp.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090906/0b81d11d/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: