Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- I believe the Clinton Email Server scandal was entirely about "Air Gap."
- "Air Gap" is the name for a logical network setup where internet traffic
- upstream and downstream flows through a specially configured packet filter
- firewall, setup not only to log every tcp/ip packet coming in and out, but
- setup so that the protected sub-net, actually only has its route in and out
- from the log of firewall. Packets from internet destined for the network,
- are entered into the packet log, and then read from the log and injected into
- the protected network, and the reverse is done as well. The method is kept
- secret. If the path is not through the packet log, it is not "Air Gap." it's
- just a packet logger. With "Air Gap" everything that goes in is captured,
- and everything that goes out is captured, if the logger can't keep up the
- traffic in&out slows down, traffic on the subnet itself, would be uneffected.
- Attacks that effect network can be saved even replayed, and of course file
- transfers, and emails can be reconstructed.
- I believe there was a requirement that any White House serving internet
- server, be "Air Gapped." And, of course, like anything that can be done, it
- was done badly. I suspect the Clinton software developer only did a packet
- logger, and was not "Air Gap", traffic did not go through the log. This also
- means there should likely be 2 servers, 1 to provide "Air Gap", and the email
- server. Most likely, there was only 1 with a tcp/ip packet logger, which was
- incompletely done or could n't keep up with heavy traffic, and possibly had
- retention issues as well. I suspect the Clinton dev had basically a
- "Barron's Guide" definition of a firewall, when he walked into the job, and
- was buzzword compatible as far as packet filter and packet logging firewalls
- -- I learned what Air Gap was in college in the mid 1990's. I also suspect
- the Clinton dev might be described as "top heavy", heavy on design patterns,
- object- -oriented methodogies, and client-server strategies & implementations,
- and thought he was tasked to make a custom "Sendmail" replacement.
- Air Gap itself is not a secret, but the software and configuration details
- would necessarily have to be, and also a proprietorial secret for a business.
- I suspected Air Gap was a factor in the scandal, but when I realized Congress
- was talking in terms of deletions, while Clinton had printed copies, but the
- FBI was in terms of "recovery". With Air Gap recovery should be 100% if you
- archive the log for the period in question. So, 60% of the emails the were
- the server saw were recovered from the Clinton Server, then 80% of the of the
- (40%) were recovered from other "servers on the network." At that point I
- became convinced the scandal was really about Air Gap. If there was any
- doubt, President Elect Trump practically sings Clintons praises, after the
- first security briefing after the election, before the spin to gracious,
- after all the calls to imprison her, why? Because Clinton is essentially,
- herself, blameless on the emails. It's also becomes clear the Congressional
- hearings were a deliberate minefield, had Clinton revealed any details about
- AirGap, to better explain it as server misconfiguration, she would have been
- in violation.
- ---
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement