If you want to use twitter, use security thru obscurity. replicate the messages from another twitter bot, such as the plant water, putting up a link to your garden or roses or whatever.
have it twitter messages about the weather, but only when there are problems have it twitter quotes, 1 list server ok, 1 list problems, 1 list thermals/power Be creative, but make it irrelevant and obscure to the truth. On Sun, Sep 6, 2009 at 12:01 PM, Michael Dickey <lonerv...@gmail.com> wrote: > My downside on this wouldn't relate to security really at all, but > operational aspects. What if Twitter goes down, or makes changes to what > they do in a way that your monitoring no longer works? Or something goes > down just enough to prevent being able to use Twitter? Or someone > eventually figures out how to send texts spoofed as coming from Twitter. I'm > sure I could get more exotic than that, but by then you'll have bigger > issues going on. :) > > We have monitoring as well on our hardware/software, but we deal with > emails and texting without needing to rely on something external. Relying on > something external makes me...feel kinda funny...down there > > It's creative if nothing else, though! :) > > > > On Sat, Sep 5, 2009 at 8:43 PM, <bh...@itworldclass.com> wrote: > >> Good points... >> If they knew about twitter alerts...if they could access the account....if >> they understood what the cryptic messages meant....all very good points. >> Thanks. >> >> That is what I am looking for. >> Sent from my Verizon Wireless BlackBerry >> >> -----Original Message----- >> From: Robert Portvliet <robert.portvl...@gmail.com> >> >> Date: Sat, 5 Sep 2009 20:52:50 >> To: <bh...@itworldclass.com>; PaulDotCom Security Weekly Mailing List< >> pauldotcom@mail.pauldotcom.com> >> Cc: Nicholas B.<nbertha...@gmail.com> >> Subject: Re: [Pauldotcom] Hardware monitoring with twitter. >> >> >> Just throwing this out there.... if during recon the attacker found >> out about the twitter account & gained access to view the tweets, he >> could then attack your firewall from TOR or a throwaway IP & get >> realtime feedback on what kinds of actions would trigger an alert >> and\or get him shunned, allowing him to avoid these actions when he >> initiates his actual attack. >> >> >> >> On Sat, Sep 5, 2009 at 2:05 PM, <bh...@itworldclass.com> wrote: >> > Hey guys I really appreciate all the feedback. But what would the actual >> red team + be on this. I have been going over scenarios for weeks and not >> see the angle a hacker would use to third my firewalls with this. >> > >> > Comments are welcome and appreciated. >> > Sent from my Verizon Wireless BlackBerry >> > >> > -----Original Message----- >> > From: "Nicholas B." <nbertha...@gmail.com> >> > >> > Date: Sat, 5 Sep 2009 13:23:30 >> > To: <bh...@itworldclass.com>; PaulDotCom Security Weekly Mailing List< >> pauldotcom@mail.pauldotcom.com> >> > Subject: Re: [Pauldotcom] Hardware monitoring with twitter. >> > >> > >> > I would never consider anything you do on twitter or any othe social >> > network as private in the least. Using twitter for this purpose is so >> > far out of scope from its original purpose I would NEVER suggest using >> > it for anything like this >> > >> > On 9/4/09, bh...@itworldclass.com <bh...@itworldclass.com> wrote: >> >> Well the tweets are private. And having to install some sort of >> mailserver >> >> the risk out weighed the latter. Plus I am just giving status >> >> green,yellow,orange,red,black. >> >> Or something like othgyk1 rebooted at date. >> >> Not to much there that would help an attacker. >> >> And now I have almost instant notification of an attempt. Gives me time >> to >> >> log in see what is happening and do some fancy rerouting to /dev/null >> :) >> >> >> >> ------Original Message------ >> >> From: Bert Van Kets >> >> To: bh...@itworldclass.com >> >> To: PaulDotCom Security Weekly Mailing List >> >> Subject: Re: [Pauldotcom] Hardware monitoring with twitter. >> >> Sent: Sep 4, 2009 3:09 PM >> >> >> >> So you put the status of your firewall on an external system you have >> no >> >> control over....... >> >> Hmmmmmm. I would never do that. ;-) >> >> >> >> >> >> bh...@itworldclass.com wrote: >> >>> A little update to my firewall project. I have ripped out >> sendmail...and >> >>> now using twitter to monitor my firewalls health along with my >> >>> windows/linux servers. >> >>> This is great as I have now reduced the overhead on the hardware and >> >>> reduced vuln. In the appliance. >> >>> Thanks goes out to tcstool for pointing out an app shown on hak5 to >> make a >> >>> bat file into a windows service. Future projects include using this >> with >> >>> my ips and ids systems. Thoughts >> >>> Sent from my Verizon Wireless BlackBerry >> >>>_______________________________________________ >> >>> Pauldotcom mailing list >> >>> Pauldotcom@mail.pauldotcom.com >> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >>> Main Web Site: http://pauldotcom.com >> >>> >> >>> >> >> >> >> >> >> >> >> Sent from my Verizon Wireless BlackBerry >> >>_______________________________________________ >> >> Pauldotcom mailing list >> >> Pauldotcom@mail.pauldotcom.com >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> >> >> > >> > -- >> > Sent from my mobile device >> >_______________________________________________ >> > Pauldotcom mailing list >> > Pauldotcom@mail.pauldotcom.com >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> > Main Web Site: http://pauldotcom.com >> > >> _______________________________________________ >> Pauldotcom mailing list >> Pauldotcom@mail.pauldotcom.com >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > Pauldotcom@mail.pauldotcom.com > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Tim Krabec Kracomp 772-597-2349 smbminute.com kracomp.blogspot.com www.kracomp.com
_______________________________________________ Pauldotcom mailing list Pauldotcom@mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
