AirGapTHEClintonServer.txt

1. ~shiftdot515/disquisitional/AirGapTHEClintonServer.txt
2.  
3. I believe the Clinton Email Server scandal was entirely about "Air Gap."
4. "Air Gap" is the name for a logical network setup where internet traffic
5. upstream and downstream flows through a specially configured packet filter
6. firewall, setup not only to log every tcp/ip packet coming in and out, but
7. setup so that the protected sub-net, actually only has its route in and out
8. from the log of firewall. Packets from internet destined for the network,
9. are entered into the packet log, and then read from the log and injected into
10. the protected network, and the reverse is done as well. The method is kept
11. secret. If the path is not through the packet log, it is not "Air Gap." it's
12. just a packet logger. With "Air Gap" everything that goes in is captured,
13. and everything that goes out is captured, if the logger can't keep up the
14. traffic in&out slows down, traffic on the subnet itself, would be uneffected.
15. Attacks that effect network can be saved even replayed, and of course file
16. transfers, and emails can be reconstructed.
17.  
18. I believe there was a requirement that any White House serving internet
19. server, be "Air Gapped." And, of course, like anything that can be done, it
20. was done badly. I suspect the Clinton software developer only did a packet
21. logger, and was not "Air Gap", traffic did not go through the log. This also
22. means there should likely be 2 servers, 1 to provide "Air Gap", and the email
23. server. Most likely, there was only 1 with a tcp/ip packet logger, which was
24. incompletely done or could n't keep up with heavy traffic, and possibly had
25. retention issues as well. I suspect the Clinton dev had basically a
26. "Barron's Guide" definition of a firewall, when he walked into the job, and
27. was buzzword compatible as far as packet filter and packet logging firewalls
28. -- I learned what Air Gap was in college in the mid 1990's. I also suspect
29. the Clinton dev might be described as "top heavy", heavy on design patterns,
30. object- -oriented methodogies, and client-server strategies & implementations,
31. and thought he was tasked to make a custom "Sendmail" replacement.
32.  
33. Air Gap itself is not a secret, but the software and configuration details
34. would necessarily have to be, and also a proprietorial secret for a business.
35. I suspected Air Gap was a factor in the scandal, but when I realized Congress
36. was talking in terms of deletions, while Clinton had printed copies, but the
37. FBI was in terms of "recovery". With Air Gap recovery should be 100% if you
38. archive the log for the period in question. So, 60% of the emails the were
39. the server saw were recovered from the Clinton Server, then 80% of the of the
40. (40%) were recovered from other "servers on the network." At that point I
41. became convinced the scandal was really about Air Gap. If there was any
42. doubt, President Elect Trump practically sings Clintons praises, after the
43. first security briefing after the election, before the spin to gracious,
44. after all the calls to imprison her, why? Because Clinton is essentially,
45. herself, blameless on the emails. It's also becomes clear the Congressional
46. hearings were a deliberate minefield, had Clinton revealed any details about
47. AirGap, to better explain it as server misconfiguration, she would have been
48. in violation.
49. ---