******* Vendor Corner ******* ============================================================ Sponsored by VeriSign - The Internet Trust Company ============================================================ Running an e-commerce Web site or online store? VeriSign Payment Services make it easy to securely accept, authorize, and manage credit card and all other payment types. Get a FREE guide, "Enabling Secure Payment Processing on Your Site." You'll learn everything you need to know about processing payments online. http://www.verisign.com/cgi-bin/go.cgi?a=n052501690017000 ============================================================ ******* What's new with SecurityPortal.com ******* A Safe Haven for Data? When the news reports first surfaced last week regarding the HavenCo Internet Co-Location facility in the Principality of Sealand, the first comments that circulated through our staff ranged from "wow, this is cool" to "this is pretty late for an April Fool's joke" to "yeah, I saw it in San Diego last year but I think the dolphins will get the servers all wet". Well, this is Sealand, not SeaWorld and it seems to be a real enough attempt to build an offshore platform for ebusiness and communications which not only skirts existing governmental regulations but seeks to make at least portions of the governments themselves irrelevant. An abandoned World War II fortress off the coast of Great Britain, Sealand is billed as the smallest independent country in the world. The concept behind HavenCo is that any type of organization, be it for profit, advocacy or otherwise, is too constrained by governmental legislation - laws that will vary between country, state, and city. The complexities of meshing the world's nation-state forms of government with a fairly standard communications network like the Internet are readily apparent. From taxation of electronic commerce to transmitting pornography to hosting encryption software, the Internet comes into daily conflict with every government's prerogative to tax, censor, and otherwise regulate its populace. In a mission that seems to be part libertarian, part anarchist, and all dot-com, HavenCo plans to develop an Internet Data Center that is physically secure, has satellite communications uplinks and has almost no regulations for what paying customers can do with the servers they house there. Although it is hard to take a country seriously with a leader named Prince Roy and its sovereignty is probably due more to a lack of interest in the UK rather than the legitimacy of the claimants, HavenCo does appear to be taking a run at building something legitimate. You can bet that if HavenCo starts showing some success, the UK will suddenly "remember" that they "own" this football field-sized bunker. Read the full story here <http://securityportal.com/cover/coverstory20000612.html> ******* Vendor Corner ******* Our consulting partner, AtomicTangerine, is developing Internet Security University, a complete set of security courseware to be delivered online via SecurityPortal. You can greatly assist this development effort by answering a short survey to help identify factors important for the training and development of professionals working in the area of information security. The information you provide will be used only for the purpose of developing the courseware and will not be redistributed. Thanks! http://securityportal.com/research/learnersurvey.html ******* Top News ******* June 12, 2000 Welcome to SecurityPortal.com - The focal point for security on the Net Recent postings in our top news <http://www.securityportal.com/topnews> : Jun 12, 2000 Currents: Banking Committees Examine Medical Privacy <http://www.computercurrents.com/news/00/06/11/news1.html> - Senate Banking Committee Chairman Phil Gramm, R-Texas, is planning a medical data privacy amendment for a securities bill currently before the committee, which would prohibit financial institutions and insurance company affiliates from sharing medical information as part of the decision-making process on whether to approve a loan. Weekly Solaris Security Roundup <http://securityportal.com/topnews/weekly/solaris20000612.html> - Vulnerabilities: Lilikoi Ceilidh 2.60 Multiple Vulnerabilities , Unify eWave ServletExec JSP Source Code Disclosure Vulnerability, ISC innd 2.x Remote Buffer Overflow Vulnerability, and BRU BRUEXECLOG Environmental Variable Vulnerability. Discussion: setuid Q, solaris packages, High TCP connect timeout rate, and No secure copy on Solaris 8? Read the tip of the week for information on safeguarding yourself from the top ten security vulnerabilities. Weekly Linux Security Roundup <http://securityportal.com/topnews/weekly/linux20000612.html> - General advisories for Linux Kernel Bug, Sendmail 8.10.2, OpenSSH, INND, rpc.lockd, Kerberos 4 KDC, mailx, kdelibs, splitvt, Bind, BRU, Netwin Dmail, Netscape, and wu-ftpd. Vendor Advisories/Patches for Caldera, Connectiva, Debian, RedHat, Slackware, SuSE, and Trustix. Weekly Microsoft Security Roundup <http://securityportal.com/topnews/weekly/microsoft20000612.html> - Microsoft security bulletins for Internet Explorer 4/5, and Windows NT 4.0. NTBugtraq: Account lockout problems, domain admin problems, a proposal for protection from Windows rootkit drivers, MS00-029 patch problems, and Outlook security patch commentary. Jun 10, 2000 Remote root hack in OpenSSH <http://securityportal.com/topnews/openssh20000609.html> Fixed version released, patches for OpenSSH 1.2.2, 1.2.3 and 2.1.0 attached. Or disable "UseLogin". CERT Advisory CA-2000-11 MIT Kerberos Vulnerable to Denial-of-Service Attacks <http://securityportal.com/topnews/CA-2000-11.html> - The CERT Coordination Center has recently been notified of several potential buffer overflow vulnerabilities in the Kerberos authentication software. The most severe vulnerability allows remote intruders to disrupt normal operations of the Key Distribution Center (KDC) if an attacker is able to send malformed requests to a realm's key server Jun 9, 2000 Slashdot: Massive DDoS Attack Brewing? <http://slashdot.org/article.pl?sid=00/06/09/125216&mode=thread> - Quite a number of people wrote in with the news that CNN is reporting that a Back Orifice-like program masquerading as a movie clip is infecting thousands of computers worldwide. The prediction is that it's being setup for a DDos - but the technical details, are shall we say, "sketchy". IDG: Survey says workers unworried about e-mail privacy <http://idg.net/ic_187308_1773_1-483.html> - Despite increasing supervisor surveillance, more than half of the workers polled in a new survey by job-information Web site Vault.com said they're unconcerned about employers reading their e-mail CA: COMPUTER ASSOCIATES CAUTIONS COMPUTER USERS OF VBS/PLAN.A WORM <http://www.ca.com/press/2000/06/virus_planaworm.htm> - Computer Associates International, Inc. (CA) is warning eBusinesses and home users of VBS/PLAN.A WORM, a new visual basic script (VBS) - based email Worm that spreads by sending itself to all entries in a Microsoft Outlook address book. This Worm is similar to the dangerous "ILOVEYOU" Worm that recently attacked thousands of computers throughout the world. It has the potential to overload email servers, which can result in denial of service. It has been seen "in the field" and is being watched closely by CA's antivirus security team. The Worm arrives with the subject line: US PRESIDENT AND FBI SECRETS =PLEASE VISIT Vnunet: Firewall flaw threatens server shutdown <http://www.vnunet.com/News/1102869>- Check Point Software has admitted that an as yet unfixed flaw in its market leading firewall product, Firewall-1, leaves it vulnerable to denial of service attacks. During routine security tests, Lance Spitzner, a member of the Global Enterprise Security Team at Sun Microsystems, discovered that the firewall can be brought down by exploiting the very mechanisms designed to log problems. Because of a flaw in its fragmentation logging process, Spitzner discovered a Firewall-1 gateway can be disabled by bombarding it with a stream of incomplete fragments of data packets, using a tool called jolt2 ZDNet: 80,000 Domains at Risk: DNS problems plague Australia <http://www.zdnet.com.au/enterprise/security/stories/au0003277.html> - About 75 percent of Domain Name System (DNS) servers in Australia and New Zealand are vulnerable to Denial-of-Service attacks and 55 percent may be compromised at the root level. The figures represent a considerable risk to many Web sites, according to Sydney-based security consultancy DeMorgan CNN: FBI probing potentially 'massive' new hacker attack to disable Web sites <http://www.cnn.com/2000/TECH/computing/06/09/hacker.attack/index.html> - CNN has confirmed the FBI plans to meet Friday with officials from a computer security company that claims to have discovered a potential threat designed to shut down Web sites FCW: GSA casting for FIDNet comments <http://www.fcw.com/fcw/articles/2000/0605/web-fidnet-06-08-00.asp> - The General Services Administration today released the draft request for proposals on the Federal Intrusion Detection Network, a program that will provide a single analysis and response center for governmentwide cyberattacks SJMercury: Hackers said poised for attack <http://www.sjmercury.com/svtech/news/breaking/ap/docs/79777l.htm> - Hackers have embedded a malicious program disguised as a movie clip on 2,000 commercial and home computers, positioning themselves to launch an attack designed to shut down Web sites, security experts told the government in an alert Thursday. Wired: Gore Backs Anti-ID Theft Bill <http://wired.com/news/business/0,1367,36879,00.html>- Presidential contender Al Gore moved to beef up his image on the privacy rights front by pitching support for legislation that will make selling a Social Security number a federal crime Jun 8, 2000 InfoWorld: Outlook patch ships <http://www.infoworld.com/articles/hn/xml/00/06/08/000608hnpatchout.xml> - The upgrade aims to protect users of the popular e-mail program from spreading viruses or worms by blocking access to files which may be deemed too unsafe to open. Once the patch is installed, users will be prompted with a warning dialog box if and when an outside program attempts to access their Outlook address book or deliver e-mail without intervention Cnet: Bug bites free email services at MailCity, iVillage <http://news.cnet.com/news/0-1005-200-2036086.html?tag=st.ne.1002.thed.ni> - In the latest security breach besetting free Web-based email services, Lycos' WhoWhere said it had fixed a problem this week affecting millions of accounts, including those belonging to MailCity and iVillage members. WhoWhere representatives would not disclose how many people have registered for the company's MailCity service, nor would they estimate how many other accounts may have been at risk or how long the bug might have existed. Representatives for women's portal iVillage said the company has 4.9 million registered subscribers for its free email service, which it has outsourced to WhoWhere for about two years. NewsBytes: Australian Parliament Passes Wiretapping Legislation <http://www.newsbytes.com/pubNews/00/150247.html> - Australian spooks and cops are set to have an easier time monitoring the telephone calls, communications and even the computers of the country's citizens with the passing of a new bill through Parliament today. LinuxWorld: Linux security classes <http://www.linuxworld.com/linuxworld/lw-2000-06/f_lw-06-iss.html> - Whether your firm has been running Linux for awhile or is one of a growing number of companies that have only recently moved to Linux on their networks, you may be concerned about how to secure Linux. If you're not, you should be. ISS (Internet Security Systems), the security firm founded by Christopher Klaus in 1994, has announced that it will be the first company to offer a professional Linux security training course. CIO: Pro and Con <http://www.cio.com/archive/060100_con.html> - ALL THE HACKERS HAD to go on were five innocuous e-mail messages. Within four hours, they had taken control of their target's bank account, changed his password and locked him out. They had also acquired his credit card numbers, the details of his driving record and his salary to the penny. For the coup de grce, they infiltrated his office and left a puckish note on his desk: "Hi Matt, from your friends at Jaws." MSNBC: CD Universe evidence compromised <http://www.msnbc.com/news/417406.asp> - Six months after "Maxim" broke into the computers of Internet retailer CD Universe and stole 300,000 credit cards, U.S. authorities have been unable to find the thief. And even if they do, they are unlikely to be able to successfully prosecute the case because electronic evidence collected from the company's computers was not adequately protected, MSNBC.com has learned. ZDNet: Mitnick: 'Use Hackers as a Resource' <http://www.zdnet.com/zdtv/cybercrime/hackingandsecurity/story/0,9955,258326 2,00.html?&_ref=2143482247> - Notorious hacker Kevin Mitnick is back in court, challenging the terms of his probation that forbid him from even talking about computers. On Tuesday, Mitnick fielded questions from reporters during a satellite media tour sponsored by CIO magazine. Earlier this month, he told the magazine that hiring hackers is the best way for companies to learn about security threats. The magazine says its poll of corporate CIOs found nearly one in three willing to hire Mitnick to advise them on security preparedness. ZDNetUK: No complaints from users, says Spanish telco <http://www.zdnet.co.uk/news/2000/22/ns-15863.html>- "The company has no reports of the existence of this virus, has not detected any type of problem in its systems and has not received any form of complaint from clients that has to do with the supposed virus," Telefonica said in a statement. Wired: NSI's Webjacking Epidemic <http://wired.com/news/business/0,1367,36797,00.html> - more on the Internet.com domain hijacking and several other horror stories with Network Solutions Symantec Demonstrates World's First Anti-Virus Technology for PALM OS Platform <http://securityportal.com/topnews/symantec20000608.html> - Symantec today announced the development of the world's first anti-virus technology for the Palm OS� platform. (Symantec Press Release) Local root hack in Linux kernel 2.2.15 and most other kernels <http://securityportal.com/topnews/linuxnews20000608.html> A local root hack exists in Linux kernel version 2.2.15, 2.2.14 and most other verions. Upgrade to 2.2.16 if possible. This problem can be exploited via Sendmail (workaround available) and other programs as well. CNet: Spy agency eyes bids for $5 billion technology overhaul <http://news.cnet.com/news/0-1003-200-2033783.html?tag=st.ne.1002.bgif.ni> - The ultra-secretive National Security Agency said today it will turn to the private sector to overhaul its technology in a single, 10-year contract valued at up to $5 billion ComputerWorld: GSM nets in U.S. so far appear free of cell phone virus <http://www.computerworld.com/home/print.nsf/(frames)/000607E69A?OpenDocumen t&~f> - Providing an initial indicator that a sigh of relief may be in order, two U.S. wireless telephone carriers that operate networks based on the European GSM mobile phone standard have confirmed they haven't contracted the Love-Bug-like virus that has appeared in a phone network in Spain ComputerUser: Bank Groups Unveil Privacy Guidelines <http://currents.net/news/00/06/07/news11.html> - A triumvirate of banking industry groups Tuesday unveiled privacy guidelines that they say will bolster consumer confidence, clarify "appropriate" uses of personal information and give banks a baseline set of standards under which to operate ISS X-Force: Buffer Overflow in i-drive Filo (tm) software <http://xforce.iss.net/alerts/advise54.php> - Internet Security Systems (ISS) X-Force has discovered a vulnerability in the i-drive Filo software. i-drive.com provides web storage services for over 3 million users. The browser-based tool, Filo, allows users to clip and save any web page to their i-drive account. Filo is designed for saving important pages found on the web such as investment research, travel confirmations, and e-commerce receipts Jun 7, 2000 TechWeb: Hacker 'Mafiaboy' May Face More Charges <http://www.techweb.com/wire/story/reuters/REU20000607S0005>- The 15-year-old Canadian hacker known as "Mafiaboy," who was charged with two counts of mischief in one of the biggest cyber attacks in history, is likely to face more charges related to the jamming of several well-known Web sites, a Quebec prosecutor said Wednesday ComputerWorld: Checkpoint vulnerable to denial-of-service attacks <http://www.computerworld.com/home/print.nsf/(frames)/000607E692?OpenDocumen t&~f>- A security researcher has discovered a flaw in a popular firewall that he says makes the tool vulnerable to denial-of-service attacks. The FireWall-1 product, developed by Checkpoint Software Technologies Ltd. in Redwood City, Calif., can apparently be disabled by bombarding the tool with incomplete fragments of data packets MSNBC: Case dropped against 'Love Bug' suspect <http://www.msnbc.com/msn/417393.asp> - Philippine authorities said on Wednesday they had dropped a case against a bank worker suspected of involvement in the "Love Bug" virus, which caused billions of dollars in damage to computers around the world ITPlanet: IT, Company Execs Add To Security Holes <http://www.planetit.com/techcenters/docs/security/news/PIT20000602S0014?sps ubcat=applications> - Common security breaches by IT and business professionals -- not just an attacker's expertise -- contribute to the success of computer break-ins, the SANS Institute said Thursday TechWeb: Virus Targets Cell Phone Users <http://www.techweb.com/wire/story/TWB20000606S0010> - The so-called VBS-Telefonica worm, like its Love Bug predecessor, utilizes Microsoft Outlook and the Outlook address book to propagate itself from PC to PC. But when activated, it sends short messages to random GSM phones in Europe, according to F-Secure, an anti-virus vendor based in Helsinki, Finland. See also June 6th Top News ZDNet: Microsoft unveils Internet Security and Acceleration Server <http://www.zdnet.com/eweek/stories/general/0,11011,2582663,00.html> - Microsoft Corp. on Tuesday unveiled a new firewall and caching server designed to provide enhanced security and manageability for machines running Windows 2000 CERT Advisory CA-2000-10 Inconsistent Warning Messages in Internet Explorer <http://www.cert.org/advisories/CA-2000-10.html> - Several flaws exist in Microsoft Internet Explorer that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. These problems are different from the problems reported in CERT Advisory CA-2000-05 and CERT Advisory CA-2000-08, but they have a similar impact. Jun 6, 2000 FCW: Biometrics: More than a helping hand <http://www.fcw.com/fcw/articles/2000/0605/tec-bio-06-05-00.asp> - Personal computers generally have been a boon to agency and departmental staff, but they can be a nightmare for those responsible for security. With users accessing networks remotely, transmitting data via the Internet and carrying around laptops containing sensitive data, ensuring security is an increasingly complex challenge. At least one thing is clear: Passwords are not enough. Currents: Security Firm to List Additional Hacking Threats <http://www.currents.net/news/00/06/05/news5.html> - While Thursday's unveiling of the 10 most dire Internet security threats has already generated widespread discussion in the technology community, one cyber-security firm is warning against taking the list at face value. Published Thursday by the not-for-profit SANS (System Administration, Networking and Security) Institute, the highly technical "Ten Most Critical Internet Security Threats" list is a valuable document, but should not be seen as the end-all and be-all of security concerns, Network Security Technologies (NETSEC) Vice President Joseph Nowland said Friday. Nandotimes: British government reports 67 lost laptops <http://www.techserver.com/noframes/story/0,2294,500212323-500298954-5016460 00-0,00.html> - Britain's Ministry of Defense, embarrassed by several recent computer thefts from military and security personnel, disclosed Monday it has lost 67 laptop computers in the last three years. Since May 1997, 59 laptops have been stolen and eight others mislaid by absent-minded staff, junior Defense Minister Lewis Moonie said in a House of Commons written answer. NAI: VBS Timofonica <http://vil.nai.com/villib/dispvirus.asp?virus_k=98674> - This is a VBScript worm which uses MAPI to propagate to new host systems. The most suspicious function of this worm is that the email message will arrive from someone you know, formatted in fluent Spanish. Wired: U.S. To Follow EU Crypto Lead <http://wired.com/news/politics/0,1283,36788,00.html>- If the European Union votes next week to relax encryption regulations, the United States says it will take similar steps The Advanced Encryption Standard <http://securityportal.com/topnews/encryptionstandard20000606.html> - Despite such things as export controls and the Clipper Chip, which gave the impression that the U.S. government was less than enthused about the private use of advanced encryption, on January 2nd, 1997, the National Institute of Standards and Technology announced that an effort would be under way to find a replacement for the Data Encryption Standard. After a preliminary request for public comments, the formal request for a block cipher algorithm, operating on 128-bit blocks, and with key sizes of 128, 192, and 256 bits, was made on September 12th, 1997. Of the submissions made, fifteen submissions were found to be complete, and after nine months of public comment, five of the cryptographic algorithms submitted were selected as finalists. A further period of discussion concerning the finalists has recently closed. Soon, therefore, the successor to DES will be announced Civic.com: Technology and gov leaders to debate e-gov privacy <http://www.civic.com/civic/articles/2000/0605/web-1egov-06-05-00.asp> - State and local government and technology leaders will debate electronic government privacy issues, such as public key infrastructure security, digital signatures, and policy statements, in a new e-Government Web Privacy Coalition ZDNet: Weekend hijacking: Internet.com hit <http://www.zdnet.com/zdnn/stories/news/0,4586,2582092,00.html> - CEO Alan Meckler said Monday that the company discovered Sunday night that the registration information associated with its domains had been reassigned to a Canadian address Jun 5, 2000 TheRegister: Crackers use search engines to exploit weak sites <http://www.theregister.co.uk/000602-000028.html> - The recent proliferation of point-and-drool GUI utilities for brute-force password cracking has led many crackers and Script Kiddies to overlook a powerful and quite obvious tool available to all, the common search engine. With a bit of ingenuity, anyone can skirt basic password authentication and go straight to the goodies on those sites where administrators are foolish enough to post them. If the desired information is contained in a Web page, anyone can find it. Slashdot: ISPs Victimizing DoS Victims? <http://slashdot.org/article.pl?sid=00/05/31/171256&mode=nocomment> - A submittor who requested to be nameless sent this issue in for consideration: "I recently heard of a case where an ISP suffered DoS attacks and determined that they were all aimed at knocking one of their users off the net. This user had done nothing against the AUP of the provider but was being targeted simply because of expressing a religious viewpoint on the net that a few script kiddies found objectionable. That isn't what I'm objecting to per se, leaving aside whether or not I agree with the victims or the attackers viewpoint. What prompted me to get the opinions of other Slashdotters is the ISPs response. They suspended the target account 'to protect themselves from further attacks.'" Now that's just plain wrong, and extremely dangerous behavior from an ISP, both from the business and censorship point of view. Recent Virus Alerts <http://securityportal.com/research/virus/recentvirus20000605.html> - Major virus alerts from the last seven days. Contains VBS Scrambler, VBS CoolNote, VBS Fireburn and more. Information Week: Take The Security Nightmares Out Of Wireless <http://www.informationweek.com/story/IWK20000605S0003> - The goal of providing remote users with wireless access to critical company data has led to sleepless nights for IT managers charged with overseeing such projects. Their chief concern: securing data as it flies across the airwaves. But plans by Certicom Corp. to deliver a client for handhelds that enables secure, virtual private network connections may help some administrators skip that Nyquil nightcap ******* What's new with SecurityPortal.com ******* EROS - A Capabilities Based Operating System There have been a lot of security advisories in the last few weeks, with some pretty major problems. There were even some nasty kernel level problems in several operating systems, allowing users to do all sorts of bad things, like hang any program on the system once it exits, or execute a local denial of service by slamming the ports. Even if you managed to squish every bug you could find, you still would not have a bug-free system, because you are not going to find all of the bugs. A good example of this is OpenBSD (oh man, Theo is gonna hate me for this, sorry in advance): despite a massive code audit, which has caught most of the bugs, there are still problems cropping up. For example, in OpenBSD 2.6 "Any user can change interface media configurations", found Nov 9th, 1999. More recently, "Kernel contained an undocumented system call used to lock semaphore operations while they were being sampled by the ipcs(1) command. This locking could be used as a local denial-of-service attack which would block the exiting of processes that had semaphore resources allocated. Processes not using semaphores are not affected, so the actual effect is very minimal." (sorry for the length). What that last one means is that users could prevent programs from ending properly, which can cause all sorts of grief. It is obvious that no matter how much code auditing you do, bugs will crop up. Additionally, OpenBSD has not audited any POP or IMAP servers, which are a pretty universal requirement for users to read email, so you are back to running unaudited code. So what are the possible answers? Build software add-ons such as StackGuard and SubDomain, which try to contain the damage a program can suffer or do once exploited. The advantage of these is that with less effort than a code audit, you can lock down the system quite tightly, usually without the need to do major modifications. So, if you can't do a code audit because of time or money constraints, or just don't have the source, you can still harden the system. The disadvantage of this is that there are still many avenues of attack, and the system still has problems, but you have just (hopefully) minimized their impact. There are even larger systems, like Pitbull for Solaris, which provide very tight security, but still do nothing to fix the underlying OS. The bugs will still exist in Solaris, leaving you open to attacks: admittedly much harder to successfully pull off, but still possible. You can do a massive code audit, like OpenBSD, but this is expensive in terms of time and money, and if you already have a huge code base, such as Linux or Windows, it's a pretty hopeless task I think it's safe to say at this point that a full audit of the core Linux software is not going to happen, ever. Read the full story at <http://securityportal.com/closet/closet20000607.html> *******New From SecurityPR.com******** Intrusion.com awarded 2000 Market Engineering Award from Frost & Sullivan <http://www.intrusion.com/News/060600.shtml> The award underscores Intrusion.com's strategy to provide market-leading security monitoring software to businesses and government entities enabling organizations to securely conduct e-commerce and protect their information assets. JAWS Technologies awarded most outstanding security product at Internet World 2000 <http://securityportal.com/pr/pr.20000609094046.html> - JAWS to release secure data vaulting products worldwide; Financial Institution Report validates market for end-to-end security solutions approach. SMARTWatch V3.0: Preemptive Hacker Defense Tool Ships! <http://www.wetstonetech.com/pr006a.htm> A host based intrusion detection system detects when key "watched" Files or Directories have been malicioulsy or accidentally altered. SMARTWatch can automatically & immediately restore the damage to system resources upon detection, thus providing uninterrupted system operation. Enter your own Press Releases directly at SecurityPR.com. http://securitypr.com ******************************************* Tell us how we are doing. Send any other questions or comments to <mailto:[EMAIL PROTECTED]> . Michael McCrea SecurityPortal.com - the Focal Point for Security on the Net [EMAIL PROTECTED] -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
