nanog mailing list archives
Re: 143.228.0.0/16 and house.gov
From: John Schnizlein <schnizlein () isoc org>
Date: Thu, 2 Oct 2008 17:06:35 -0400
This will be my last response on this despite whatever spin follows. On 2008Oct2, at 4:08 PM, William Allen Simpson wrote:
John Schnizlein wrote:I connected the internal network of the US House of Representatives to the Internet when I worked there, and operated it through both Democratic and Republican control.Aha, I wondered who was to blame....
Thank you for the compliment.
...I never saw any snooping by either party of the network traffic, and I had sniffers for diagnosing problems in several communication closets.Yet, there was verified interception of both House and Senate emailcommunications. Nobody claimed it was "on the wire" network traffic, asthere were many weaknesses in the data network security design.
If you know any, please send them to me privately. I can assure the community that our design and implementation got repeated review and testing from the best we could find at the time.
And the vicious fight about our setting up a VPN to bypass the centrallycontrolled system -- as in "if you do this, we'll cut off your networkaccess entirely" -- led all concerned to guess that there was a political reason, not a technical reason. So, I just used non-standard ports, andsome other firewalling, to prevent your staff from detecting it.
I hope no damage was produced by any inadvertent back doors opened by your VPN.
Since we were not blocking applications other than IRC, I don't know what you felt you needed to get around.
Also, there was the long fight about members running their own servers(as in member.house.gov), instead of relying on the central servers for connectivity (www.house.gov/member). Again, we really didn't trust theRepublicans not to examine internal data.
Although I do not recall the particular offices, I do recall that several committees and members had both email and web servers in their own offices with domains delegated to them on request. I have no idea what "long fight" you might have experienced.
I do recall unfounded accusations both ways, but it would be sad for the rumors to outlive the reality.Like this verified and widely reported: "Democrats Suggest Inquiry Points to Wider Spying by G.O.P." http://query.nytimes.com/gst/fullpage.html?res=940DE4D7173AF933A25751C0A9629C8B63&sec=&spon=&pagewanted=print
As I recall this was simply a case of one staffer logging into a server in a different office. As you mentioned above, not "on the wire" and not a data network security issue. As sometimes still happens, the "computer network" actually referred to a file server. This article is about activities in the Senate, which operates independently of the House - was your experience actually with respect to the Senate?
John
Current thread:
- Re: 143.228.0.0/16 and house.gov Suresh Ramasubramanian (Oct 01)
- Message not available
- Re: 143.228.0.0/16 and house.gov Suresh Ramasubramanian (Oct 01)
- Re: 143.228.0.0/16 and house.gov William Allen Simpson (Oct 02)
- Re: 143.228.0.0/16 and house.gov Suresh Ramasubramanian (Oct 02)
- Re: 143.228.0.0/16 and house.gov Suresh Ramasubramanian (Oct 01)
- Message not available
- <Possible follow-ups>
- Re: 143.228.0.0/16 and house.gov Joseph S D Yao (Oct 02)
- RE: 143.228.0.0/16 and house.gov Mick Bergman (Oct 02)
- Re: 143.228.0.0/16 and house.gov John Schnizlein (Oct 02)
- Re: 143.228.0.0/16 and house.gov William Allen Simpson (Oct 02)
- Re: 143.228.0.0/16 and house.gov John Schnizlein (Oct 02)
- Re: 143.228.0.0/16 and house.gov Jean-François Mezei (Oct 02)
- Re: 143.228.0.0/16 and house.gov Brandon Galbraith (Oct 02)
- Re: 143.228.0.0/16 and house.gov Wayne E. Bouchard (Oct 02)
- RE: 143.228.0.0/16 and house.gov Mick Bergman (Oct 02)