2016 Postmortem
Related: About this forumDid the Clinton Email Server Have an Internet-Based Printer?
http://krebsonsecurity.com/2016/05/did-the-clinton-email-server-have-an-internet-based-printer/The Associated Press today points to a remarkable footnote in a recent State Department inspector general report on the Hillary Clinton email scandal: The mail was managed from the vanity domain clintonemail.com. But heres a potentially more explosive finding: A review of the historic domain registration records for that domain indicates that whoever built the private email server for the Clintons also had the not-so-bright idea of connecting it to an Internet-based printer.
According to historic Internet address maps stored by San Mateo, Calif. based Farsight Security, among the handful of Internet addresses historically assigned to the domain clintonemail.com was the numeric address 24.187.234.188. The subdomain attached to that Internet address was .wait for it . printer.clintonemail.com.
Interestingly, that domain was first noticed by Farsight in March 2015, the same month the scandal broke that during her tenure as United States Secretary of State Mrs. Clinton exclusively used her familys private email server for official communications.
I should emphasize here that its unclear whether an Internet-capable printer was ever connected to printer.clintonemail.com. Nevertheless, it appears someone set it up to work that way.
Ronald Guilmette, a private security researcher in California who prompted me to look up this information, said printing things to an Internet-based printer set up this way might have made the printer data vulnerable to eavesdropping.
Whoever set up their home network like that was a security idiot, and its a dumb thing to do, Guilmette said. Not just because any idiot on the Internet can just waste all your toner. Some of these printers have simple vulnerabilities that leave them easy to be hacked into.
More importantly, any emails or other documents that the Clintons decided to print would be sent out over the Internet however briefly before going back to the printer. And that data may have been sniffable by other customers of the same ISP, Guilmette said.
Barack_America
(28,876 posts)Another thing I'll have to quiz the IT guy at work about tomorrow.
Waiting For Everyman
(9,385 posts)On at least one device on the system, for how long wasn't stated. When I read that I was gobsmacked.
I'm not super savvy, but even I know that's a wide open door security risk, even for private individuals with nothing special to secure.
dreamnightwind
(4,775 posts)I knew about this (not to enable it), but checked my settings just in case. To my surprise, it was enabled! Disabled now.
amborin
(16,631 posts)TheBlackAdder
(28,205 posts).
Internet connected printers are a severe network exposure. But, let's not forget the wireless home networks too.
If a person sets up a cantana, or other directional wireless antenna, you greatly extend the range someone can hack. Those WPA-2 encryptions create a false sense of security, since cracking software on a linux laptop will probably break that network within hours. Some neighborhood kid could tap into that easily. The only secure way is dedicated cable connections. Printers and other embedded devices pose risks for networks.
People even think that their home cordless phones are secure. While many use spread spectrum and other technologies, several of the phones will also send unencrypted side signals to keep the phone from cutting out or dropping the call. Many of these can be hacked too.
A 3-foot boom mast, on any scanner or interceptor, can receive home cordless signals from over 1 mile away. That's a 1 mile radius that people can work on cracking the calls.
.
nadinbrzezinski
(154,021 posts)Like financials, in the computer. Old fashioned pen and notebook log.
DisgustipatedinCA
(12,530 posts)was appalling, based on what we know so far.
TheBlackAdder
(28,205 posts).
The best wireless network is about secure as an Internet cloud network.
The question isn't if your data gets hacked, but when.
.
nadinbrzezinski
(154,021 posts)Convenient yes...but there is a price
nadinbrzezinski
(154,021 posts)jeff47
(26,549 posts)nadinbrzezinski
(154,021 posts)That is why we have the financials off the network. No quicken fir me
Arazi
(6,829 posts)silvershadow
(10,336 posts)grasswire
(50,130 posts)JudyM
(29,250 posts)I guess when you're doing some unsavory things you can't take the risk of hiring a top tier IT firm.
Arazi
(6,829 posts)Have the Clintons protected him or is he out in the cold with a very public hole blown in his resume a mile deep
Paulie
(8,462 posts)looking up the historical records, the authoritative DNS servers haven't changed since 2009 for the clintonemail.com domain. So printer would have had to be manually added as an A record on Network Solutions dns (they are also the registrar). You wouldn't do that unless you specifically wanted that name to resolve.
24.187.234.186 rosencrans.dyndns.ws
24.187.234.187 wjcoffice.com
24.187.234.187 mail.clintonemail.com
24.187.234.187 mail.presidentclinton.com
24.187.234.188 printer.clintonemail.com
24.187.234.188 printer.presidentclinton.com
24.187.234.190 sslvpn.clintonemail.com
Wonder if there are any historical nmap scans from say late 2009, what actually enumerated on that ip prefix...