Advertisement
shiftdot515

ClintonServerAirGap.txt

Dec 12th, 2016
1,028
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.21 KB | None | 0 0
  1. I believe the Clinton Email Server scandal was entirely about "Air Gap."
  2. "Air Gap" is the name for a logical network setup where internet traffic
  3. upstream and downstream flows through a specially configured packet filter
  4. firewall, setup not only to log every tcp/ip packet coming in and out, but
  5. setup so that the protected sub-net, actually only has its route in and out
  6. from the log of firewall. Packets from internet destined for the network,
  7. are entered into the packet log, and then read from the log and injected into
  8. the protected network, and the reverse is done as well. The method is kept
  9. secret. If the path is not through the packet log, it is not "Air Gap." it's
  10. just a packet logger. With "Air Gap" everything that goes in is captured,
  11. and everything that goes out is captured, if the logger can't keep up the
  12. traffic in&out slows down, traffic on the subnet itself, would be uneffected.
  13. Attacks that effect network can be saved even replayed, and of course file
  14. transfers, and emails can be reconstructed.
  15.  
  16. I believe there was a requirement that any White House serving internet
  17. server, be "Air Gapped." And, of course, like anything that can be done, it
  18. was done badly. I suspect the Clinton software developer only did a packet
  19. logger, and was not "Air Gap", traffic did not go through the log. This also
  20. means there should likely be 2 servers, 1 to provide "Air Gap", and the email
  21. server. Most likely, there was only 1 with a tcp/ip packet logger, which was
  22. incompletely done or could n't keep up with heavy traffic, and possibly had
  23. retention issues as well. I suspect the Clinton dev had basically a
  24. "Barron's Guide" definition of a firewall, when he walked into the job, and
  25. was buzzword compatible as far as packet filter and packet logging firewalls
  26. -- I learned what Air Gap was in college in the mid 1990's. I also suspect
  27. the Clinton dev might be described as "top heavy", heavy on design patterns,
  28. object- -oriented methodogies, and client-server strategies & implementations,
  29. and thought he was tasked to make a custom "Sendmail" replacement.
  30.  
  31. Air Gap itself is not a secret, but the software and configuration details
  32. would necessarily have to be, and also a proprietorial secret for a business.
  33. I suspected Air Gap was a factor in the scandal, but when I realized Congress
  34. was talking in terms of deletions, while Clinton had printed copies, but the
  35. FBI was in terms of "recovery". With Air Gap recovery should be 100% if you
  36. archive the log for the period in question. So, 60% of the emails the were
  37. the server saw were recovered from the Clinton Server, then 80% of the of the
  38. (40%) were recovered from other "servers on the network." At that point I
  39. became convinced the scandal was really about Air Gap. If there was any
  40. doubt, President Elect Trump practically sings Clintons praises, after the
  41. first security briefing after the election, before the spin to gracious,
  42. after all the calls to imprison her, why? Because Clinton is essentially,
  43. herself, blameless on the emails. It's also becomes clear the Congressional
  44. hearings were a deliberate minefield, had Clinton revealed any details about
  45. AirGap, to better explain it as server misconfiguration, she would have been
  46. in violation.
  47. ---
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement