Security Logs of Hillary Clinton’s Email Server Are Said to Show No Evidence of Hacking
Source: New York Times
WASHINGTON A former aide to Hillary Clinton has turned over to the F.B.I. computer security logs from Mrs. Clintons private server, records that showed no evidence of foreign hacking, according to people close to a federal investigation into Mrs. Clintons emails.
The security logs bolster Mrs. Clintons assertion that her use of a personal email account to conduct State Department business while she was the secretary of state did not put American secrets into the hands of hackers or foreign governments. The former aide, Bryan Pagliano, began cooperating with federal agents last fall, according to interviews with a federal law enforcement official and others close to the case. Mr. Pagliano described how he set up the server in Mrs. Clintons home in Chappaqua, N.Y., and according to two of the people, he provided agents the security logs. The law enforcement official described the interview as routine. Most of those close to the case spoke on condition of anonymity because they were not authorized to discuss the continuing investigation.
Mrs. Clintons work-related emails as secretary of state, which have been made public as part of a Freedom of Information Act lawsuit, show that she received spam emails intended to try to lure her into clicking a malicious link. Those emails, known as spear phishing attempts, were traced to Russia, but it was not clear from the emails alone whether anyone clicked on those links or whether the security was compromised.
Mr. Pagliano told the agents that nothing in his security logs suggested that any intrusion occurred. Security logs keep track of, among other things, who accessed the network and when. They are not definitive, and forensic experts can sometimes spot sophisticated hacking that is not apparent in the logs, but computer security experts view logs as key documents when detecting hackers.
Mrs. Clintons campaign reiterated Mr. Paglianos information on Thursday. Were not aware of any evidence whatsoever that the server was hacked, said Brian Fallon, a campaign spokesman.
--- the rest of the story is at the link above---
Read more: http://www.nytimes.com/2016/03/04/us/politics/security-logs-of-hillary-clintons-email-server-are-said-to-show-no-evidence-of-hacking.html?smid=tw-nytpolitics&smtyp=cur
I realize some people will be disappointed. LOL
The State Department was Hacked, but so far, no evidence that Hillary's private server was.
morningfog
(18,115 posts)nichomachus
(12,754 posts)Is erase any record of his entry, exit, and activity from the security logs. For someone who knows what they're doing, it's not that hard to do. Many people who have been hacked have no idea that they have been.
The only time a good hacker will leave a trail is when he/she wants a quick in and quick out and doesn't care if the victim knows or not.
So the lack of evidence on security logs isn't the magic bullet that Mrs. Clinton's claque thinks it is.
complain jane
(4,302 posts)for dismissing the people who hope this is true as a "claque".
phazed0
(745 posts)As an IT professional myself I write my own log entries and have full abilities to write (With corrected timestamps) or delete any logs I see fit. Secondly, anybody that thinks that log files "log everything" is sorely mistaken. Logs are only created for events that have programming to make an entry to the logs. Seeing as most attacks don't "login" in a traditional manner or require the use of "programmed" entry access - no log entry is ever created. MiTM attacks, IP and MAC spoofing, Meterpreter Shells - most of these wouldn't make a security log event.
The best place to start looking for past intrusions would be the networking logs of the ISP and/or the UTM Security Appliance they had in place - No mention of the things that would actually matter though.
For an IT pro, something smells fishy - or at the very least like BS (regardless of lawfulness).
EDIT:
I re-read the article and at the bottom they have:
"...show that she received spam emails intended to try to lure her into clicking a malicious link. Those emails, known as spear phishing attempts, were traced to Russia, but it was not clear from the emails alone whether anyone clicked on those links or whether the security was compromised."
It would appear to me that, because of the spam spear phishing emails, they had NO or very little protection in place other than the server itself. Any respectable mail service, UTM, or other filtering device would not have allowed these types of emails to be delivered. I use LogicNow and their Max Mail service for MSP's and they claim 1 false positive for every 100,000 messages... which seems to be true according to my over 300 managed business customers. Hard to believe there were respectable countermeasures installed.
Justice
(7,188 posts)bahrbearian
(13,466 posts)phazed0
(745 posts)It would be astonishing if the server was not compromised in one way or another.
Here's what we do know, that is not in dispute:
... and this, ladies and gentlemen is why we shouldn't have our own private email server setup by Justin Cooper(longtime aide to Clinton) in 2008, of which has no security clearance or expertise in computer security. Let's not get this twisted... this is a "friend doing a friend a favor"; this email server.
"That's total amateur hour," said Marc Maiffret, who has founded two cybersecurity companies. He said permitting remote-access connections directly over the Internet would be the result of someone choosing convenience over security or failing to understand the risks. "Real enterprise-class security, with teams dedicated to these things, would not do this," he said. http://www.dailyherald.com/article/20151013/business/310139975/
When Marc Maiffret speaks, if your in IT, you listen. He is a foremost expert in the field and I agree with his assessment fully. Opening up ports on your firewall and allowing remote access directly on the net is a 101 "duh" mistake. RDP (Microsoft Remote Desktop), which Clinton was using, is by far one of the most exploited vulnerabilities ever. Then exposing it directly to the net without anything.. no VPN or Proxy or anything is just plain stupid, bordering on negligence.
The U.S. National Institute of Standards and Technology, the federal government's guiding agency on computer technology, warned in 2008 that exposed server ports were security risks. It said remote-control programs should only be used in conjunction with encryption tunnels, such as secure VPN connections.
Also in 2012, the State Department had outlawed use of remote-access software for its technology officials to maintain unclassified servers without a waiver. It had banned all instances of remotely connecting to classified servers or servers located overseas.
The findings suggest Clinton's server "violates the most basic network-perimeter security tenets: Don't expose insecure services to the Internet," said Justin Harvey, the chief security officer for Fidelis Cybersecurity.
Mikko Hypponen, the chief research officer at F-Secure, a top global computer security firm, said it was unclear how Clinton's server was configured, but an out-of-the-box installation of remote desktop would have been vulnerable. Those risks - such as giving hackers a chance to run malicious software on her machine - were "clearly serious" and could have allowed snoops to deploy so-called back doors.
I guess once you get past how to use AOL it's time for the real world. Hillary is still in AOL land.
still_one
(92,372 posts)BlueMTexpat
(15,372 posts)exploding heads. More will undoubtedly follow.
OKNancy
(41,832 posts)Then some people will have to find a different non-scandal.
BlueMTexpat
(15,372 posts)If there isn't one, one will be created.
wryter2000
(46,077 posts)A lot of fraudulent Santa stuff in there.
SunSeeker
(51,662 posts)Kingofalldems
(38,469 posts)Haters: 'Curses! Foiled again!'
getagrip_already
(14,825 posts)was hacked. they lost everything. woops.
Hillary kept better care of the data than the guvvies....
Trust Buster
(7,299 posts)nichomachus
(12,754 posts)LuvLoogie
(7,021 posts)Way to go, Girl!
still_one
(92,372 posts)Sunlei
(22,651 posts)blackspade
(10,056 posts)The classified documents and their handling are the potential issue.
Response to blackspade (Reply #15)
Name removed Message auto-removed
harun
(11,348 posts)retrowire
(10,345 posts)I'm relieved to hear it wasn't hacked.
But if it's your job not to put that stuff at risk, then you've still broken the rules. That's where I sit on it.
Response to OKNancy (Original post)
Name removed Message auto-removed
MelissaB
(16,420 posts)Response to MelissaB (Reply #21)
Name removed Message auto-removed
Kingofalldems
(38,469 posts)Did they also possibly break the law?
Response to Kingofalldems (Reply #24)
Name removed Message auto-removed
Kingofalldems
(38,469 posts)And according to your name you are a Socialist. Doesn't add up. Those people despise Socialists.
Response to Kingofalldems (Reply #65)
Name removed Message auto-removed
Kingofalldems
(38,469 posts)Townhall is well known as is Wikipedia.
https://en.wikipedia.org/wiki/Townhall.com
LuvLoogie
(7,021 posts)complain jane
(4,302 posts)Arazi
(6,829 posts)of having classified documents on her server and how they were handled
Kingofalldems
(38,469 posts)secrets were obtained by foreign governments, at least to my understanding. Apparently that did NOT happen.
Agschmid
(28,749 posts)Not anymore...
PaulaFarrell
(1,236 posts)Even piddling little companies get multiple intrusion attempts every single day
Hoyt
(54,770 posts)Sorry, couldn't resist.
Kalidurga
(14,177 posts)Mike Nelson
(9,966 posts)...her server was safer than the US Government's!
Trajan
(19,089 posts)But, it doesn't defend that lack of discipline with classified ... Whether some bad actor took advantage of her undisciplined behavior is a different question ..
She still stored classified on unprotected mail servers ... Bottom line ...
videohead5
(2,181 posts)Since these e-mails was sent to her and she did not generate any of the e-mails in question you have to prove intent.that she purposely knew they were classified and that she purposely stored them on her server.there is also no difference between a .gov e-mail account and her server. neither one was secured for classified information.
TipTok
(2,474 posts)... inside both the military and state.
One of the complaints against her is that she or her folks manually copied info from the secure system to her private one.
Even your basic green side / lowest level government e-mail has some protection.
Half-Century Man
(5,279 posts)Nobody found links or data paths to her unprotected server or either one of it's cloud backups?
Really?
Pagliano wiped the server and the FBI recovered everything. In the forensic analysis of the server, did the FBI find evidence of intrusion?
Pagliano might not be the best witness available.
Trajan
(19,089 posts)Enough said ...
OKNancy
(41,832 posts)Hope you will vote for her.
Jester Messiah
(4,711 posts)Because I can tell you, I'd rather stick a fork in my eye than give you Hillarites the satisfaction.
OKNancy
(41,832 posts)If you don't vote for the Democrat in the general, then I really don't care what you think.
You are not someone whose opinion matters.
Jester Messiah
(4,711 posts)So yes, my opinion matters, to the extent that anyone's does who isn't wielding PAC money.
Trajan
(19,089 posts)I want everybody to be happy ... Usually ...
In this case, however, I'm expecting a groundswell of support for Bernie ... Looking at the long range forecasts (like those here >http://www.democraticunderground.com/12511395124#post2 ), Hillary is only leading in 4 of those states ...
The South was her firewall?
The North is her demise ...
I haven't ignored you because, on the whole, you are not offensive ...
You will note that I never debased you or your character ... That fact that you present my disagreement as 'snarkiness' .. Well, you chose that description, not I ...
dchill
(38,518 posts)It's whether the contents of the home server are legal.
jpak
(41,758 posts)yup
It was easier to do a man-in-the-middle cyber attack.
Go ahead; shoot the messenger 'cause that will change the facts.
Jester Messiah
(4,711 posts)riversedge
(70,285 posts)Jester Messiah
(4,711 posts)riversedge
(70,285 posts)Justice
(7,188 posts)The "disappointment" with the postive news speaks volumes about where people's minds are.
Paladin
(28,271 posts)Sad but true.
Kingofalldems
(38,469 posts)This whole thing just irritates the crap out of me. Seems there are 2 sets of laws in this country, one for the rich Repugs and one for everyone else. Colin Powell did the same thing she did, crickets, Cheney and Bush were found to have secret email servers hooked to CIA, they destroyed the evidence, again crickets. HRC, thinking everyone else does it, went there and she's being portrayed as a betrayer to our country, emails almost certainly hacked, on and on ad nauseum. So glad the emails weren't hacked and hope the rest proves to be just as big a fishing expedition as Benghazi.
She isn't my choice for president, but I still hate to see this happening.
TipTok
(2,474 posts)This same building has windows, a loading bay and sewer entrances. The computer that logs entry through the front door is in the corner and once you are in the building you have free access to it.
The fact that the card reader doesn't show illegal entry doesn't mean that someone didn't come in through the alternate entrances or didn't delete their swipe from the log computer.
In short, this means nothing. Neither positive or negative... Null...
Response to TipTok (Reply #48)
Name removed Message auto-removed
TipTok
(2,474 posts)It depends on the skill and intent of the intruder.
Systems can be more secure. Imagine if the logging computer was in its own room with a lock and a password.
It can still be defeated but it's harder.
The system that Clinton set up appears to be closer to the former than the latter.
In any case, the hacking issue is secondary. This is the equivalent of printing out classified information, putting it in a folder and leaving it on a bench in a shady part of town.
The fact that you came back later and found it doesn't mitigate the gross negligence of putting it out there in first place.
Response to TipTok (Reply #53)
Name removed Message auto-removed
TipTok
(2,474 posts)It's actually a criminal act since the intent was to defeat the safeguards in place on the approved government systems.
TriplD
(176 posts)as the article says:
They are not definitive, and forensic experts can sometimes spot sophisticated hacking that is not apparent in the logs
rpannier
(24,333 posts)or the lawyer of some deceased (insert country here) businessman, businesswoman or politico who remembers her as a fine Christian woman whom they trusted implicitly and wishes to enter a business partnership where she deposits X-millions for him/her and receives a percentage
No attack on Ms Clinton. It was just the first thing I thought of when I saw the part of the phishing scam
I used to get those. I read a few. I always laughed when it said they remembered me as a fine Christian. A 'fine' Christian is not likely the thing most people remember about me from a short meeting, whether it be yesterday or years ago
thereismore
(13,326 posts)Are you relieved because state secrets (hopefully) did not get hacked, or are you relieved because your candidate got lucky?
Your heart will tell you.
riversedge
(70,285 posts)Last edited Thu Mar 3, 2016, 08:29 PM - Edit history (1)
onehandle
(51,122 posts)Cryptoad
(8,254 posts)patricia92243
(12,598 posts)server she had in her home - I thought it was in her office at work - which I admit would not be such a good idea.
But in her home where I assume she didn't get that many serious emails - unless she worked from home a lot more than most people do. Somehow that it was at her home makes it seem like it is much ado about nothing.
Knowing that it is the Republicans behind it all makes it doubly seem much ado about nothing.
winter is coming
(11,785 posts)grasswire
(50,130 posts)Take it with a gran of salt.
Agnosticsherbet
(11,619 posts)Using a private email server was legal at the time, and it was not hacked.
Beacool
(30,250 posts)They got hacked.
Does the Justice Dept offer people immunity from prosecution when there's no crime? It's okay. In a few months there will be an indictment of someone.
leftynyc
(26,060 posts)in order to get people testify. Any lawyer worth his/her money is going to insist they don't talk without immunity - just like an innocent person should NEVER talks to cops without a lawyer present - you have no idea how they will manipulate what you say to try and get you in trouble. This is basic good sense.
MissMillie
(38,574 posts)investigating this a dozen times....
Benghazi? Planned Parenthood?
I say, three strikes and you're out.
If you have 3 investigations w/ nothing out of it.... then from now on the cost of any further investigation has to come out of your own pocket (or that of your super PAC, I suppose).
Darb
(2,807 posts)damn her.
Yo_Mama
(8,303 posts)Security logs are helpful, but only that. There are ways to access data without leaving traces in logs, and if a hacker is good enough, the log can just be "corrected".
We don't know what was being logged. Were accesses to documents being logged? I suspect not.
Calista241
(5,586 posts)Any logs files would only have recorded the most unsophisticated and incompetent script kiddie attacks. A government agency that wanted into the server would have left no tracks, and would totally have owned the server.