Mine technical blogs/forums

Technical blogs and forums provide a way for technical staff to ask for assistance or troubleshoot problems. In doing so they may reveal information such as operating system (OS), network devices, or applications in use. [1]

ID: T1257

Tactic: Technical Information Gathering

Version: 1.0

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Cannot detect access to public sites.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Success is dependent upon the existence of detailed technical specifications for target network posted in blogs/forums. Poor OPSEC practices result in an adversary gleaning a lot of sensitive information about configurations and/or issues encountered.

References

  1. Jeff Bardin. (2012, October 10). OSINT and Cyber Intelligence - Fun and Sun in Miami. Retrieved March 1, 2017.