18.104.22.168/16 and house.gov
William Allen Simpson
william.allen.simpson at gmail.com
Thu Oct 2 20:08:46 UTC 2008
John Schnizlein wrote:
> I connected the internal network of the US House of Representatives to
> the Internet when I worked there, and operated it through both
> Democratic and Republican control.
Aha, I wondered who was to blame....
Of course, my Member was on the Internet before the House, as MERIT -- the
very same organization that ran/runs NANOG -- had its own POP (called an SCP
in those days) in DC. Only later did we use the House net.
She usually took her Mac laptop to Science and Education committee meetings.
Her staff was often asked how they got her to use her own laptop, when they
couldn't get their own members to read (or type) their own email.
This was all pre-2001, and Blackberry mania.
> I never saw any snooping by either
> party of the network traffic, and I had sniffers for diagnosing problems
> in several communication closets.
Yet, there was verified interception of both House and Senate email
communications. Nobody claimed it was "on the wire" network traffic, as
there were many weaknesses in the data network security design.
And the vicious fight about our setting up a VPN to bypass the centrally
controlled system -- as in "if you do this, we'll cut off your network
access entirely" -- led all concerned to guess that there was a political
reason, not a technical reason. So, I just used non-standard ports, and
some other firewalling, to prevent your staff from detecting it.
Also, there was the long fight about members running their own servers
(as in member.house.gov), instead of relying on the central servers for
connectivity (www.house.gov/member). Again, we really didn't trust the
Republicans not to examine internal data.
> I do recall unfounded accusations
> both ways, but it would be sad for the rumors to outlive the reality.
Like this verified and widely reported:
"Democrats Suggest Inquiry Points to Wider Spying by G.O.P."
> The notorious case of intercepted cell-phone conversations had nothing
> to do with the data network.
True, but irrelevant.
> I will not say anything about how large or redundant the data center is
> for obvious reasons, beyond that I am no longer employed there and do
> not have the details.
I've not even visited DC since 2002, and the old building with the page
dorm was torn down that summer.
But I can dig and traceroute. I'm pretty sure this isn't an ideal (or
standard conforming) setup. But it shouldn't have been swamped, as seems to
;; QUESTION SECTION:
;financialservices.house.gov. IN A
;; ANSWER SECTION:
financialservices.house.gov. 3600 IN CNAME www.house.gov.
www.house.gov. 3503 IN CNAME house.gov.edgesuite.net.
house.gov.edgesuite.net. 4372 IN CNAME a1164.g.akamai.net.
a1164.g.akamai.net. 20 IN A 22.214.171.124
a1164.g.akamai.net. 20 IN A 126.96.36.199
house.gov. 900 IN SOA mercury.house.gov. dnsadmin.mail.house.gov. 1002529 3600 1800 604800 3600
house.gov. 14128 IN NS chyron.house.gov.
house.gov. 14128 IN NS mercury.house.gov.
mercury.house.gov. 14166 IN A 188.8.131.52
chyron.house.gov. 14149 IN A 184.108.40.206
More information about the NANOG