[166499] in North American Network Operators' Group
Re: If you're on LinkedIn, and you use a smart phone...
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Sat Oct 26 02:07:29 2013
In-Reply-To: <CAPnfr8+d0xjsG3scq1zeSD10ks0KfGgW17ZSsSXfO5ysjeW-Sw@mail.gmail.com>
Date: Sat, 26 Oct 2013 01:06:51 -0500
From: Jimmy Hess <mysidia@gmail.com>
To: Chris Hartley <hartleyc@gmail.com>
Cc: Nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Oct 25, 2013 at 6:43 PM, Chris Hartley <hartleyc@gmail.com> wrote:
> Anyone who has access to logs for their email infrastructure ought
> probably to check for authentications to user accounts from linkedin's
> servers.
> [snip]
>
Perhaps a prudent countermeasure would be to redirect all POP, IMAP, and
Webmail access to your corporate mail server from all of LinkedIn's IP
space to a "Honeypot" that will simply log usernames/credentials
attempted.
The list of valid credentials, can then be used to dispatch a warning to
the offender, and force a password change.
This could be a useful proactive countermeasure against the UIT
(Unintentional Insider Threat); of employees inappropriately entering
corporate e-mail credentials into a known third party service with
outside of organizational control.
Seeing as Linkedin almost certainly is not providing signed NDAs and
privacy SLAs; it seems reasonable that most organizations who
understand what is going on, would not approve of use of the service with
their internal business email accounts.
--
-JH
