← Back to context

Comment by Jerry2

9 years ago

Here's some more details about the state of security of her private server [0]:

>Outlook Web Access, or OWA, was running on port 80 without SSL (unencrypted)

>Remote Desktop Protocol, port 3389, was exposed through the DMZ (open to anyone on the internet.) This, at the time it was being used, was open to critical vulnerabilities that would allow for remote execution of code.

>VNC Remote Desktop, port 5900, was also exposed through the DMZ.

>SSL VPN used a self-signed certificate. This isn't inherently bad, but left them open for "spearphishing" attacks, which have already been confirmed to be received by Hillary Clinton and her staff

It's also interesting how they responded to attacks on the server [1]:

>Here is the section from page 41 of the report which references an “attack”:

> On January 9, 2011, the non-Departmental advisor to President Clinton who provided technical support to the Clinton email system notified the Secretary’s Deputy Chief of Staff for Operations that he had to shut down the server because he believed “someone was trying to hack us and while they did not get in i didnt [sic] want to let them have the chance to.” Later that day, the advisor again wrote to the Deputy Chief of Staff for Operations, “We were attacked again so I shut [the server] down for a few min.” On January 10, the Deputy Chief of Staff for Operations emailed the Chief of Staff and the Deputy Chief of Staff for Planning and instructed them not to email the Secretary “anything sensitive” and stated that she could “explain more in person.”

[0] https://np.reddit.com/r/politics/comments/4j2r94/judicial_wa...

[1] http://lawnewz.com/high-profile/clinton-tech-says-private-em...

8 comments

Jerry2

Reply
darawk  9 years ago

Ah yes, the classic 'shut it down for a few minutes' defense. Stops 'em every time.

  • artursapek  9 years ago

    "i didnt [sic] want to let them have the chance to"

    Can you imagine if this was how Google and Amazon handled security?

    • laura2013  9 years ago

      I'm pretty sure google and amazon can afford scrubbing centers (not to mention their apps are load balanced) to avoid attacks.

mikegioia  9 years ago

This is, in my opinion, the worst part of the story. Anyone who has set up a web-server on the public net knows what happens when you leave ports accessible like this to old, well-known software. There's a good chance people would target her domain/IP looking for exploits and I'd be scared to question just how many people got access to that machine.

  • fvargas  9 years ago

    I wouldn't say "anyone". Most people, technical or not, have no idea what they're doing when it comes to computer security and don't care enough or take the time to research best practices.