HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » jeff47 » Journal
Page: 1


Profile Information

Member since: Tue Jun 24, 2008, 12:50 PM
Number of posts: 26,549

Journal Archives

How Team Clinton screwed up the security on her server

What we know so far:

1) Communications with her server were not encrypted for the first 3 months.

2) They left the default VPN keys installed on her server

Using those addresses, McGeorge discovered that the certificate appearing on the site Tuesday appeared to be the factory default for the security appliance, made by Fortinet Inc., running the service.

3) They were using, and continue to use, self-signed SSL certificates

4) They set up a .com domain, enabling the typosquater who has registered clintonmail.com (no "e" before "mail". Whoever registered that domain is in a perfect position to steal login information or perform spear phishing attacks.

5) Her ISP was repeatedly hacked by China
Go to Page: 1