Search This Blog

Thursday, June 30, 2005

firewall-wizards digest, Vol 1 #1622 - 8 msgs

Send firewall-wizards mailing list submissions to
firewall-wizards@honor.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@honor.icsalabs.com

You can reach the person managing the list at
firewall-wizards-admin@honor.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."

Today's Topics:

1. RE: Equifax Canada (Ames, Neil)
2. RE: Equifax Canada (J. Oquendo)
3. RE: Transitive Trust: 40 million credit cards hack'd (Bill Sharrock)
4. Re: Ok, so now we have a firewall, we're safe, right? (Chris Blask)
5. Re: Transitive Trust: 40 million credit cards hack'd (ArkanoiD)
6. LangaList security item (Brian Loe)
7. Re: Host based vs network firewall in datacenter (sin)
8. SSH brute force attack (Toderick, Lee W)

--__--__--

Message: 1
Subject: RE: [fw-wiz] Equifax Canada
Date: Wed, 22 Jun 2005 13:48:03 -0400
From: "Ames, Neil" <NAmes@anteon.com>
To: "Brian Loe" <knobdy@stjoelive.com>,
<firewall-wizards@honor.icsalabs.com>

Brian,
STOP! It'll all be over when our identities *and* finances are =
allowed to be tied to a national ID card. The tyrannies that Commerce =
can impose on us are nothing compared to those which might be visited =
upon us by a government which suddenly controls our (access to our) =
finances. I would much rather have Visa, Mastercard, and the like, be =
legally required to uphold certain standards for independent identity =
management (and related protections) than let the government be the sole =
authority. We *MUST* keep Commerce separate from Government!!!
=20
=20
--Fritz

________________________________

From: firewall-wizards-admin@honor.icsalabs.com on behalf of Brian Loe
Sent: Wed 6/22/2005 10:57 AM
To: firewall-wizards@honor.icsalabs.com
Subject: RE: [fw-wiz] Equifax Canada

Pretty soon the fed might realize it's losing money printing all that =
fancy
cash and one day say, "hey, that national ID card has a magnetic strip =
on
it!"

That way, next time you're pulled over they can just debit your national =
ID
card for the ticket right there and send you on your way. Speed up the =
hands
of justice...

> If we return to the gold standard, or "cash 'n' carry"..=20
> Some of these issues would alleviate themselves. How many
> people do you know go around with less than $10.00 in their
> wallet and just carry plastic. As a society we have become
> dependent plastic items with mag stripes on the back. How
> many people go to gas stations that only accept cash ?? How
> many 7-11's are starting to question if you open up your
> wallet and pay for your items in cash?? But yet, still have
> the markings on the door to get a possible or potential
> assailants height.
>
> Pretty soon, one could be punished for cutting up their
> credit cards just as the mattress people warn us not to
> remove the tag.
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

--__--__--

Message: 2
Date: Wed, 22 Jun 2005 13:54:59 -0400 (EDT)
From: "J. Oquendo" <sil@politrix.org>
To: firewall-wizards@honor.icsalabs.com
Cc: Brian Loe <knobdy@stjoelive.com>
Subject: RE: [fw-wiz] Equifax Canada

On Wed, 22 Jun 2005, Brian Loe wrote:

> Pretty soon the fed might realize it's losing money printing all that fancy
> cash and one day say, "hey, that national ID card has a magnetic strip on
> it!"

Neat. Then all we would need is a new mailing list on (un)SecurityFocus
that will target binary reading, and magnetics to spoof these cards. Come
on now, the whole concept of it is a horrible idea. "Get your National ID
card right now!" For what? To keep track of when I take number twos, what
color boxers I buy. Information gathered from all sorts of these cards
(even those annoying supermarket swipe cards) is getting way out of hand.

> That way, next time you're pulled over they can just debit your national ID
> card for the ticket right there and send you on your way. Speed up the hands
> of justice...

And what happens if you don't have the money in your account right then
and there? You certainly must have sent a postdated check once in your
life. If you couldn't pay right there would they choose to put you on the
new and improved (carryover from DHS No Fly List) No Drive List, then
arrest you. Would make practical business sense. You go from a $50.00
speeding ticket to having to pay $5000.00 in bail. Never fear though you'd
get the money back but then the fed in the meantime can use your hard
earned cash on some Money Market/IRA/GREASE_SOMEONES_POCKET_ACCOUNT to
replete the national debt and buy themselves a CLS500. Maybe even return
some of your hard earned - now out the door - Social Security benefits.

Yea I ramble on too much ...
http://www.kuro5hin.org/story/2004/2/10/21427/8342

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x97B43D89
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89

To conquer the enemy without resorting to war is the most
desirable. The highest form of generalship is to conquer
the enemy by strategy." - Sun Tzu

--__--__--

Message: 3
Subject: RE: [fw-wiz] Transitive Trust: 40 million credit cards hack'd
From: Bill Sharrock <tux@wi.rr.com>
To: Firewal Wizards <firewall-wizards@honor.icsalabs.com>
Date: Thu, 23 Jun 2005 02:59:25 -0500

On Mon, 2005-06-20 at 13:06 -0400, Marcus J. Ranum wrote:
> Behm, Jeffrey L. wrote:
> >You don't gotta outrun the bear, just
> >the guy next to you.
>
> That's the strategy that's gotten us where we are today.
>
> It works great assuming the bear count remains a constant and the
> bears don't suddenly all come equipped with overdrive. It also
> assumes that bears exercise reason in selecting their targets.
> Next-gen malware breaks all of those assumptions.
>
> mjr.
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

But going back to the issue of trust, do I really care more about the
bear or about the fact that the guy I left in the dust just happens to
be carrying the backpack I put my insulin in? Sure I'm not mauled but I
can't say that I'm not in danger from the attack.

The worst part is it doesn't matter if the bear is some super,
genetically enhanced, cyber-bear. Now that I have to consider the lowest
common denominator in my troop (again), I'm back to worrying about
Smokey and Gentle Ben.

Well, that's my two cents adjusted for inflation. Thanks for listening.

Bill

--__--__--

Message: 4
Date: Thu, 23 Jun 2005 07:54:10 -0400
To: firewall-wizards@honor.icsalabs.com,
Paul Robertson <proberts@patriot.net>
From: Chris Blask <chris@blask.org>
Subject: Re: [fw-wiz] Ok, so now we have a firewall, we're safe, right?

--=====================_292796687==.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed

<Paul? Is this going to get to the list? -chris>

Hi denizens!

This thread has evolved some very good points and examples. It looks to me
like birds could be made to come home to roost before too long...

o SOX does exist, therefore diligence and lack thereof could be argued in
a legal context.

o Expert testimony from folks like many of us should be acceptable in court.

We need an example case to establish a precedent. Anyone know of any
shareholder class-action suits pending out there (or where there should be
one) where "security design/implementation as part of SOX compliance" - or
the lack thereof - is/could be part of demonstrating due diligence?

I'm not a litigious person by nature, but it is the engine of determining
responsibility in society. A few good precendents a lawyer can understand
could provide very good fulcrums for keeping vendors and operators accountable.

At 05:09 PM 6/13/2005, Dave Piscitello wrote:
>We collapsing threads
.d.
>2) Hiding complexity versus hiding the truth about a product
>
>I spoke of hiding complexity in my email - putting grep/awk/sed
>behind a GUI is very different from not documenting that "left set to
>factory default settings, our device accepts incoming ftp connections
>from guest accounts with no password enforcement."

Legal Due Diligence could reasonable be set at requiring a disclaimer
something like:

o "Default settings of this software may create security
exposures. Please consult a qualified security source for guidance."

That would be a baby step forward...

>On 13 Jun 2005 at 15:13, Marcus J. Ranum wrote:
>
> > R. DuFresne wrote:
> > >Failing to do so moves liability out of the end users realm, even
> > >Marcus would have to agree there.
> >
> > I couldn't agree more - if a vendor misrepresents their product they
> > should be held accountable. There are agencies of the government that
> > are already responsible for enforcing truth-in-advertising rules, and
> > there are precendent-setting decisions that hold the vendors liable in
> > such circumstances.

Exactly - no need to reinvent the wheel, someone just needs to get held
responsible using the same mechanisms auto manufacturers have
lived/suffered under for so long.

.d.
> > Outright lies? Isn't that a bit severe? Well, I give you one
> > case in point: I recently re-installed Windows XP on my
> > desktop machine (my annual "clean scrape") and as it was
> > installing (and on the product box) Microsoft touted XP as
> > a way to "quickly and securely access the Internet" Oh. Really?

"The new car you have purchased will Quickly and Securely get you to the
store..."

o With NO caveats?
o For a 1955 Bel Air with NO Seat Belts?!?

Someone needs to poke that manufacturer with the well-worm sticks of legal
liability...

-cheers

-chris

Think wrongly, if you please, but in all cases think for yourself.

- Doris Lessing

Chris Blask
chris@blask.org
http://blaskworks.blogspot.com
--=====================_292796687==.ALT
Content-Type: text/html; charset="us-ascii"

<html>
<body>
&lt;Paul?&nbsp; Is this going to get to the list?&nbsp;
-chris&gt;<br><br>
Hi denizens!<br><br>
This thread has evolved some very good points and examples.&nbsp; It
looks to me like birds could be made to come home to roost before too
long...<br><br>
o&nbsp; SOX does exist, therefore diligence and lack thereof could be
argued in a legal context.<br><br>
o&nbsp; Expert testimony from folks like many of us should be acceptable
in court.<br><br>
We need an example case to establish a precedent.&nbsp; Anyone know of
any shareholder class-action suits pending out there (or where there
should be one) where &quot;security design/implementation as part of SOX
compliance&quot; - or the lack thereof - is/could be part of
demonstrating due diligence?<br><br>
I'm not a litigious person by nature, but it is the engine of determining
responsibility in society.&nbsp; A few good precendents a lawyer can
understand could provide very good fulcrums for keeping vendors and
operators accountable.<br><br>
At 05:09 PM 6/13/2005, Dave Piscitello wrote:<br>
<blockquote type=cite class=cite cite="">We collapsing
threads</blockquote>.d.<br>
<blockquote type=cite class=cite cite="">2) Hiding complexity versus
hiding the truth about a product<br><br>
I spoke of hiding complexity in my email - putting grep/awk/sed <br>
behind a GUI is very different from not documenting that &quot;left set
to <br>
factory default settings, our device accepts incoming ftp connections
<br>
from guest accounts with no password enforcement.&quot;
</blockquote>&nbsp;<br>
Legal Due Diligence could reasonable be set at requiring a disclaimer
something like: <br><br>
o&nbsp; &quot;Default settings of this software may create security
exposures.&nbsp; Please consult a qualified security source for
guidance.&quot;<br><br>
That would be a baby step forward...<br><br>
<blockquote type=cite class=cite cite="">On 13 Jun 2005 at 15:13, Marcus
J. Ranum wrote:<br><br>
&gt; R. DuFresne wrote:<br>
&gt; &gt;Failing to do so moves liability out of the end users realm,
even<br>
&gt; &gt;Marcus would have to agree there.<br>
&gt; <br>
&gt; I couldn't agree more - if a vendor misrepresents their product
they<br>
&gt; should be held accountable. There are agencies of the government
that<br>
&gt; are already responsible for enforcing truth-in-advertising rules,
and<br>
&gt; there are precendent-setting decisions that hold the vendors liable
in<br>
&gt; such circumstances.</blockquote><br>
Exactly - no need to reinvent the wheel, someone just needs to get held
responsible using the same mechanisms auto manufacturers have
lived/suffered under for so long.<br><br>
.d.<br>
<blockquote type=cite class=cite cite="">&gt; Outright lies? Isn't that a
bit severe?&nbsp; Well, I give you one<br>
&gt; case in point: I recently re-installed Windows XP on my<br>
&gt; desktop machine (my annual &quot;clean scrape&quot;) and as it
was<br>
&gt; installing (and on the product box) Microsoft touted XP as<br>
&gt; a way to &quot;quickly and securely access the
Internet&quot;&nbsp;&nbsp; Oh. Really?</blockquote><br>
&quot;The new car you have purchased will Quickly and Securely get you to
the store...&quot;<br><br>
o&nbsp; With NO caveats?<br>
o&nbsp; For a 1955 Bel Air with NO Seat Belts?!?<br><br>
Someone needs to poke that manufacturer with the well-worm sticks of
legal liability...<br><br>
-cheers<br><br>
-chris<br><br>
<br><br>
<br>
<x-sigsep><p></x-sigsep>
<font size=2>Think wrongly, if you please, but in all cases think for
yourself.<br><br>
&nbsp;- Doris Lessing</font> <br><br>
Chris Blask<br>
chris@blask.org<br>
<a href="http://blaskworks.blogspot.com/" eudora="autourl">http://blaskworks.blogspot.com</a>
</body>
</html>

--=====================_292796687==.ALT--

--__--__--

Message: 5
Date: Thu, 23 Jun 2005 19:02:29 +0400
From: ArkanoiD <ark@eltex.net>
To: "Paul D. Robertson" <paul@compuwar.net>
Cc: Bill Royds <broyds@rogers.com>,
"'George Capehart'" <capegeo@opengroup.org>,
"'Firewal Wizards'" <firewall-wizards@honor.icsalabs.com>
Subject: Re: [fw-wiz] Transitive Trust: 40 million credit cards hack'd
Reply-To: ark@eltex.net

Isn't it already in FreeBSD 5? I am going to build next version of my firewall
on FreeBSD actively using its new security features, are they ready for production?

On Sat, Jun 18, 2005 at 09:23:42PM -0400, Paul D. Robertson wrote:
>
> Little of anything good has filtered into actual practice except in
> bite-sized chunks or esoteric systems. For instance, I really like MAC
> compartments, but to date, the TrustedBSD folk haven't got their MAC stuff
> up to the level of the jails FBSD already has.
>

--__--__--

Message: 6
From: "Brian Loe" <knobdy@stjoelive.com>
To: <firewall-wizards@honor.icsalabs.com>
Date: Thu, 23 Jun 2005 11:11:14 -0500
Subject: [fw-wiz] LangaList security item

From the LangaList - pretty sad it has to be said. Posting since it might
have some relevance to previous posts about DSL wireless routers supplied by
ISPs. It's obviously not in AOL's interest to advertise their LACK of
security, all the while advertising their improved security.

4) ISP Security Tools (E.G. AOL's) OK?

Fred, I've poked through your archives looking for information
about AOL - which many of my friends use and often ask me
questions about it. I don't use it and so generally just say
"don't know". One recurring question is about how 'self
protected' AOL is and so, how necessary is third party software
(Spybot, Ad-Aware, MS AntiSpyware, Spyware Blaster, etc.) to
protect it? In a similar way, is a third party firewall needed
and antivirus software? AOL projects this image of taking care
of it all and being 'safe'. Any ideas or experience about
this? Thanks, Bill Zaydak

Oh, jeez---- if anything, AOL members need more protection than others!
Although some AOL users are quite sophisticated, AOL as a whole tends to
attract (and is advertised to) relative novice users. These are people who
are especially vulnerable to all kinds of hack attacks and scams--- not
because they're bad people or anything like that--- but simply because they
don't yet know any better.

AOL is well-intentioned in trying to offer some protection to these users,
many of whom would never think to install or run security-enhancing tools on
their own. But no external agent (like an ISP) can provide complete local
protection for a PC; and no generalized security service can do as well as
you can do in managing your PC security on your own.

In general, as soon as an AOL user reaches the point of asking "are these
tools any good?" I feel they're ready to start taking control of their own
online experience. I'll then (gently) recommend they get their own security
tools, and maybe explore a standard ISP, which will get them to the internet
for less money and without all the extra baggage and intermediation that AOL
imposes on its users.

Some people really like AOL, and that's perfectly fine. I just like to make
sure that people stay with AOL as a conscious choice, and not because they
weren't aware of alternatives.

But in any case, yes, AOL users need full software protection, regardless of
what AOL says or is doing. If your AOL friends can handle it, you'd be doing
them a favor to set them up with a good collection of security tools, such
as those you mention.

--__--__--

Message: 7
Date: Fri, 24 Jun 2005 00:27:58 +0300
From: sin <sin@pvs.ro>
To: Alin-Adrian Anton <aanton@spintech.ro>
Cc: firewall-wizards@honor.icsalabs.com
Subject: Re: [fw-wiz] Host based vs network firewall in datacenter

Alin-Adrian Anton wrote:

> No matter what kind of network you have, you need at least one firewall
> at the border with the Internet.
>
> Having a datacenter without a fast firewall at the border, is simply
> insane.

in fast firewall i presume you mean basic ACLs to filter much of the
junk traffic, no ?

>
> The machine at the border can be some expensive hardware, like a cisco,
> or can be a powerful BSD-based packet filter, sitting on powerful
> hardware (the best you can get, Intel based).

It can also be run on commodity hardware; expensive hardware it's not
always gonna give you uber performance over cheaper hardware.

> If you chose cisco-like solution, chose an expensive one. You defenately
> need it (because expensive ones can handle smarter ACLs and keep state
> much better, and also can resist to DDoS over 100 Mbps. Cheap ones may
> die).

every router dies because of DDOS if some part of that traffic is not
filtered upstream, and by dieing i mean that you have a big chance
running out of bandwidth before you run out of vip cpu power.

>
> If you chose BSD solution use ipfw (fastest), or pf (best in terms of
> what it can do). Pf on FreeBSD with Intel "FXP" cards is able to use the
> hardware chip for checking CRC of the packets. This feature is only
> available on FreeBSD, and as far as I know nobody ported it to other OS.
> Having hardware to check for checksums greatly improves performance,
> even over ipfw.

Intel's Linux drivers also offer the same facility.

> I would not chose a linux based solution for firewalling high loads of
> evil traffic.

can you also give some arguments why not ?

>
> Even better, if you can afford it, you can have both: the cisco and the
> BSD, cisco sitting maybe in front of the BSD. This way you also keep a
> simple and good control of what goes in and what goes out, and you can
> cut down packets which the hardware firewall missed (it happens).

firewalls just don't miss packets. they allow them to pass based on
certain rules. maybe some software bugs can cause some unwanted packets
to pass on certain situations.

>
> In case of a serious DDoS problem, you can even enable statefull ACL
> version (keep it somewhere) on the BSD box, to really cut down whatever
> the hardware firewall skips into the internal network.

i believe you might want to do exactly the opposite, disabling any
statefull ACLs on the router (you know, a 7500 cisco router can get
pretty busy processing a high rate of small packets without any ACLs
defined on a particular interface). adding statefull ACL's can have
negative impact on the router performance in case of DoS/DDoS attack.

>
> On the inside land, it may be a very good idea to use any kind of
> firewall you want on each machine, in order to limit access to SNMP (if
> you are going to monitor them via SNMP), and so on. You should use a
> different switch for the monitoring connection, such that an internal
> server cannot impersonate you in any way (arp, ISN prediction, etc).

It can get quite expensive doing out of band management on a fairly big
network, and also somewhat complex.

>
> Limit all services to what they really need to accept, and nothing else.
> If they are not going to use the LAN, always bind them on the local
> interface.
>
> Each host inside the lan should not trust anyone from the LAN, so
> writing down what is strictly needed for each of them is a good thing.
> Implementing it is the next step, I just pointed some ideas.

it will have to trust another host by some degree...

--__--__--

Message: 8
Date: Fri, 24 Jun 2005 13:17:17 -0400
From: "Toderick, Lee W" <TODERICKL@MAIL.ECU.EDU>
To: <firewall-wizards@honor.icsalabs.com>
Subject: [fw-wiz] SSH brute force attack

This is a multi-part message in MIME format.

------=_NextPart_000_030A_01C578BF.0B62ACF0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit

Greetings!

Our computers running SSH daemons have logged attacks. The attacks begin
with a scan logged "Did not receive identification string from x.x.x.x",
followed approximately 15 minutes later with "Illegal user " or " Failed
password for root".

Does anyone have information or documentation about this scan/attack?
Following is a list of Illegal users:
# cat secure.4 | grep "193.24.213.216" | cut -d " " -f6-12 | grep "Illegal"
| cut -d " " -f 3
sun0s
reboot
reboot
flood
irc
key
david
htpd
httpd
jared42
cchen
admin
admin
admin
admin
test
test
test
test
test
test
test
admin
akcesbenefit
b3
njproghouse
schaiderhair
perseus
guardit
phpbb
bejgli
forums
temp
eric
staff
bb
maggie
rock
sandra
kim
recruit
alina
dana
bloodclansb
jeff

Thanks,
Lee Toderick

------=_NextPart_000_030A_01C578BF.0B62ACF0
Content-Type: application/x-pkcs7-signature;
name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIICWTCCAlUw
ggG+oAMCAQICAw06gDANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0EwHhcNMDQxMDE0MTYwNzQ2WhcNMDUxMDE0MTYwNzQ2WjBIMR8wHQYDVQQD
ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSUwIwYJKoZIhvcNAQkBFhZ0b2Rlcmlja2xAbWFpbC5l
Y3UuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUUr9xoi2HUZnfwfwuE5jce55hLslw
D2qlizq7fvD8vYxu4TGqnKKLnCyUHqQGVLLB28w/q1gnkRxHQszoV8MskWGaPNaT9j85EvhKLGBW
npQaj7smf6+XAXxwXoKyon51Y7Yy58XeWv4A2SNDO2WvxRQiZ0nghFnt9Sww4qiXdwIDAQABozMw
MTAhBgNVHREEGjAYgRZ0b2Rlcmlja2xAbWFpbC5lY3UuZWR1MAwGA1UdEwEB/wQCMAAwDQYJKoZI
hvcNAQEEBQADgYEAI3Bv7PxrhFYuCENtL5KlF/D6FcLOhsvj0MSXJAFJWfLZRDXDxB0EFvKS2Lqt
QZN2So/HmvJbWwNlz9bwLzW0N/81IjwGfDs1tJGwpcnXUd5Y96xb433rSFOe2Nb+T+P/+JM0KDYD
r9+f8NzrBVbOXbzsx0Tl1cRHkSGx4toB6RkxggLPMIICywIBATBpMGIxCzAJBgNVBAYTAlpBMSUw
IwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVy
c29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDTqAMAkGBSsOAwIaBQCgggG8MBgGCSqGSIb3DQEJ
AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA1MDYyNDE3MTcxN1owIwYJKoZIhvcNAQkE
MRYEFH3g52WMT5OYtx/qwWvB8YuWc1buMGcGCSqGSIb3DQEJDzFaMFgwCgYIKoZIhvcNAwcwDgYI
KoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsO
AwIaMAoGCCqGSIb3DQIFMHgGCSsGAQQBgjcQBDFrMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoT
HFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBG
cmVlbWFpbCBJc3N1aW5nIENBAgMNOoAwegYLKoZIhvcNAQkQAgsxa6BpMGIxCzAJBgNVBAYTAlpB
MSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUg
UGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDTqAMA0GCSqGSIb3DQEBAQUABIGAIYqZKU40
AohU9329CNgJSfnMG1ZISpZFHlk2DvsRMAoUg3/GVsXU/qAJWn2mScC6cAbPux8QRPCamk3/dIJF
F32QxBsZ6/woabHcMwSkBtJP/TdaQJGAomE4OplodSrJIOSozzrCJhI1icbUk+nHs/gf6tvSMfcf
tN73H3WQobcAAAAAAAA=

------=_NextPart_000_030A_01C578BF.0B62ACF0--

--__--__--

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

End of firewall-wizards Digest

No comments: