By Seán Boran (sean at boran.com) for SecurityPortal
Weekly Security Tools Digest Archive
http://securityportal.com/research/research.wst.html
To receive this digest via Email:
http://securityportal.com/subscribe.html
This is a summary of changes to free security tools over the last week.
Updates to General free tools this week include mod_ssl, Stunnel, BIND and Apache.
Auditing and Intrusion Monitoring tools include Nessus, Snort, Saint, Titan, Chkrootkit and 7 other tools.
Firewalls for UNIX/Linux/BSD & Cross-platform include Zorp, IPtables, RChains and 3 other tools.
Tools for Linux/Unix/Cross Platform include OpenCA, Libnet and 7 other tools.
Tools for Windows include Tiny Personal Firewall, Forix iScan and 4 other tools.
SSL
- mod_ssl 2.8.0-1.3.17
Ralf S. Engelschall
http://www.modssl.orgmod_ssl provides provides strong SSL/TLS cryptography for Apache.
Changes: version 2.8.0 for Apache 1.3.17. Changed ApacheModuleSSL.dll to mod_ssl.so in Makefile.Win32 to make mod_ssl not too broken after Apache 1.3.16's Win32 changes. Enhanced ApacheCore.def patch for Win32 folks. Upgraded to Apache 1.3.16 as base version. Fixed ssl_intro.wml: DES uses 56 bit, not 54 bit. Allow %{ENV:variable} in SSLRequire expressions, too. Fixed version parsing for APXS stuff in configure. Fixed Geoff Thorpe's Email addresses in various places. Fixed typo in INSTALL document. Make sure the user is not able to fake the client certificate based authentication. Fixed URLs in FAQ and various fixes for the Win32 world.
- Stunnel 3.13
Michal Trojnara
http://www.stunnel.orgThe Stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries. It calls the underlying crypto libraries, so Stunnel supports whatever cryptographic algorithms you compiled into your crypto package. Runs on Windows and UNIX.
Changes: thread fixes and OOB data are handled correctly.
BIND 8.2.3
Internet Software Consortium
http://www.isc.org/products/BINDBIND (Berkeley Internet Name Domain) is an implementation of the Domain Name System (DNS) protocols and provides an openly re-distributable reference implementation of the major components of the Domain Name System, including: a Domain Name System server (named), a Domain Name System resolver library and tools for verifying the proper operation of the DNS server.
Changes: BIND version 8 is still in wide usage. The latest version of BIND 8 is BIND version 8.2.3. Internet Software Consortium has discovered or has been notified of several bugs which can result in vulnerabilities of varying levels of severity in BIND as distributed by ISC. Upgrading to BIND version 9.1 is strongly recommended. If that is not possible for your site, upgrading at least to BIND version 8.2.3 is imperative. If you are running BIND 4.x.x, and cannot upgrade to BIND 9.1.x or BIND 8.x, it is recommended to use BIND Version 4.9.8 rather than any lower 4.x releases. It is possible to obtain older versions of BIND via ftp; however, they are provided for reference only and should not be used.
Apache 1.3.17 - Apache 2.0a Alpha
Apache Software Foundation and The Apache Server Project
http://www.apache.org/distChanges: new version 1.3.17. This is a maintenance release with numerous bug fixes including some security fixes. For details, see http://www.apache.org/dist/CHANGES_1.3.
Nessus 1.0.7
Renaud Deraison
http://www.nessus.orgNessus 1.0.7a has been released.
Changes: this new version fixes a bug in the scanners timeout. An interesting article put in light the advantages of Nessus: Network Computing tested the latest security scanners. The results showed that the Nessus Security Scanner was able to detect the most security holes, followed by the ISS Security Scanner. Read the full story at http://www.networkcomputing.com/1201/1201f1b1.html.
Snort 1.7
Martin Roesch & many others
http://ww.snort.orgSnort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
Changes: site updates by Jim Forster: corrected a few bugs in the downloadable ruleset, as well as the database. Added the Snort 1.7 Solaris package, IDScenter v1.08, and getcontact.pl to the downloads section. Also doing some re-writes on a few of the rules, they will be in the next release. NOTE: for those trying to mail Jim Forster at jforster@snort.org, that address is no longer valid. Please use jforster@rapidnet.com only. A big rule changes is coming soon: Jim Forster is going to do a full breakout of the rulesets, with some major cleanups. Once complete, there will be a 'core' rule file available for download, and with the modification. All other rules (such as 'info-only') will not be included in this standard set. Anyone wanting specific rules of this type will need to download them separately. This will clear up some confusion on the snortfull.conf rules, as well as minimize the false alerts. A full announcement will be posted once this update is complete.
- Snort IDScenter 2001 1.08
Ueli Kistler
http://www.eclipse.fr.fm/snort.htmIDScenter is a tool for setting up Snort for Win32. It is a tool for managing, controlling, and monitoring the Snort IDS. IDScenter support alarm sound functions and has error checking procedures. If Snort is killed, IDScenter restarts Snort immediately. It runs under Windows 2000, Windows 95/98 and Windows NT. Its features are: all features of snort.panel are implemented. The IP / Interface detection is possible. It includes an integrated Alertviewer and an external viewer can be set. An alarm sound can be started if an alert occurs (WAV/Beep). An EXE-File can be started (this is also possible to set in RULES) in case of alert. The autostart in Registry\RUN can be set in IDScenter. Non-visible FORMS, only an icon with alert/stop/start-Status is visible in the taskbar.
Changes: Snort 1.7 is now supported by IDScenter. Snort 1.6 still supported.
SAINT 3.1.5 beta 1
World Wide Digital Security, Inc.
http://www.wwdsi.com/saintSaint is a security scanning tool based on Satan.
Changes: two version of Saint were released during the week: version 3.1.5 beta 1 and 3.1.4. New vulnerability checks in version 3.1.4: check for Linux Ramen worm, fixed false alarm bug affecting Linux 2.4, check for buffer overflow in Lotus Notes Policy feature, check for Netscape INDEX request vulnerability, checks for vulnerabilities in icecast, statsconfig.pl, and wwwwais, updated Compaq Insight Manager check to detect new buffer overflow. New vulnerability checks in version 3.1.5 beta 1: new checks for vulnerabilities in BIND and LPRng.
Titan 3.8 - Devel: 4.0 Alpha
Dan Farmer, Brad Powell and Matthew Archibald
http://www.fish.com/titan/lisa-paper.htmlTitan is a freely available host-based security tool that can be used to improve or audit the security of a UNIX system. It was written almost completely in Bourne shell, with a master script controlling the execution of many smaller programs. Each of the programs either fixes or detects potential security problem, and its simple and extremely modular design also makes it useful to help check or enforce the adherence of a system against its security policy. Finally, anyone who can write a shell script or program can easily create their own Titan modules.
Changes: this version mostly includes bug fixes for Solaris 8: bugs fixed in rootchk.sh, automount2.sh, utmp2.7.sh, ziplock.sh and keyserv2.8.sh. Titan-Config no longer recognized Solaris 2.5.1.
Chkrootkit 0.22
Nelson Murilo
http://www.chkrootkit.orgChkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD.
Changes: for a few weeks, Chkrootkit is updated very regularly! Several changes in this new version of Chkrootkit: chklastlog bug correction, this bug caused it to dump core on some systems (Thanks to Manfred Bartz). Bindshell false positive fixed (Thanks to Manfred and Tim Haynes). Login false positive on OpenBSD 2.7 fixed (Thanks to Marcos Paulo Hauer). Cron test improvement (Thanks to Elder Vieira Costa) and suspicious files and dir test improvement.
BigBrother 1.6e1 UNIX, 1.07d NT WS, 2.2 NT SRV
Sean McGuire
http://bb4.com/index.htmlBigBrother is a system and network monitor. It use a web-based monitoring notification & reporting. Big Brother uses a client-server architecture combined with methods which both push and pull data. Network testing is done by polling all monitored services from a single machine, and reporting these results to a central location (the BBDISPLAY). If you want local system information, you can install a BB client on the local machine, which will send CPU, process, disk space, and logfile status reports in periodically. Each report is timestamped with an expiration date (like milk). This lets us know when a report is no longer valid, which is usually an indication of a more serious problem.
Changes: new Unix version 1.6e1.
John the Ripper 1.6 - Devel: 1.6.23
Openwall Project
http://www.openwall.com/johnJohn the Ripper is a password cracker, currently available for UNIX, DOS, Win32. Its primary purpose is to detect weak UNIX passwords.
Changes: new development version. The current development version offers significant performance improvements over the version 1.6 release: two MD5 hashes at a time for extra ILP on RISC: up to +80% on Alpha EV5. Significant improvements to the generic bitslice DES code: +20% on RISC. Bitslice DES code for x86 with MMX: twice faster on Intel MMX. Bitsliced the LM hash code as well: now several times faster. First attempt at vectorization support for bitslice DES. System-wide installation support for *BSD ports and Linux distributions. AIX and DEC C2 files support in 'unshadow'. New make targets for Linux/PowerPC, FreeBSD/Alpha, SCO, NetBSD/VAX, OpenBSD/SPARC. Bug and portability fixes.
Logcheck 1.1.1
Psionic Software
http://www.psionic.com/abacus/logcheckLogcheck is part of the Abacus Project of security tools. It is a program created to help in the processing of UNIX system logfiles generated by the various Abacus Project tools, system daemons, Wietse Venema's TCP Wrapper and Log Daemon packages, and the Firewall Toolkit® by Trusted Information Systems® Inc.(TIS). Logcheck also works very well at reporting on other common operating system security violations and strange events. Logcheck helps spot problems and security violations in your logfiles automatically and will send the results to you in e-mail. Logcheck supports the following operating systems (and most others not listed here as well): Linux, SunOS, Solaris, HPUX, Digital OSF/1, FreeBSD, BSDI, OpenBSD and NetBSD.
Changes: Logcheck 1.1.1 has been released. The only change is that the entire package is now covered by the GNU license.
Comment: I'm an avid Logcheck user and have added several improvements for managing my Solaris systems, such as:
- allow comments and blank lines in config files,
- change dir from /usr/local to /secure/logcheck,
- use mailx,
- add DEBUG variable to check report via "view" rather than Email,
- send Logcheck email even if empty.
- Logtail binaries for Solaris SPARC and Intel are included.
- It can be downloaded from www.boran.com/security/sp/solaris/logcheck11_sean.zip
MergeLog 4.2
Bertrand Demiddelaer
http://download.sourceforge.net/mergelogMergeLog is a small and fast C program which merges and sorts http log files in 'Common Log Format' from web servers behind round-robin DNS. It has been designed to easily manage huge log files from highly stressed servers. MergeLog is distributed with ZMergeLog which supports gzipped log files.
Changes: this version is autoconf compliant.
IPaudit 0.95
Jon Rifkin
http://www.sp.uconn.edu/~jrifkin/ipauditIPaudit records and displays network activity. It is useful for identifying high bandwidth users, intrusive telnet sessions, denial of service attacks, and scans. IPaudit stores counts of bytes and packets for every combination of host/port pairs and protocol. It also includes scripts which automatically generate HTML reports, CGI scripts which organize web presentation, and the utilities "total" and "ipstrings" which can be used to investigate network traffic records from the command line.
Remark: first time in the Tools Digest, but this tool has not been updated for several months.
Prelude 0.1
Yoann Vandoorselaere
http://www.linux-mandrake.com/preludePrelude is a Network Intrusion Detection system which captures packets and performs data analysis and reporting. Important and current features of Prelude include an IP defragmentation stack and detection plugins with persistent state. Prelude is divided in three parts: the core of the program, which scans the network interface, retrieves packets and slices them; a series of intrusion detection plugins, each dedicated to a particular kind of attack, and PreludeReport, a server which Prelude contacts in order to report an intrusion.
Remark: first time in the Tools Digest.
Slackware Administrators Security Toolkit 0.1
John Jenkins
http://sourceforge.net/projects/sastkSAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what the daemons do.
Remark: first time in the Tools Digest.
Zorp 0.6.0 - Devel: 0.7.14
Balazs Scheidler
http://www.balabit.hu/products/zorpZorp is a new-generation modular proxy firewall suite to fine tune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize outband authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).
Changes: two new development versions during this week! 0.7.13 and 0.7.14. Here are the changes for the new version 0.7.13: enable SO_KEEPALIVE for TCP sockets, implemented session limits for services (max_instances parameter for Service), build changes (so that modules can be independently built and maintained, each module has its own configure.in and Makefiles), new transparent parameter for Listeners (it performs additional checks when a connection is accepted, it disallows connecting to a transparent listener directly). POP3: new proxy (professional version only). SSL: implemented certificate based authentication (professional version only). This version also includes several bugfixes: after a couple of Python exceptions occurring in event handlers Zorp crashed, fixed a deadlock which occurred when freeing hashes exported to Python (HTTP and FTP) and fixed a problem in FTP which caused logfiles to fill. Here are the changes for the new version 0.7.14: two bugs causing SIGSEGVs were fixed, a race condition when the Python object is used after the C counterpart had been freed, z_proxy_destroy() used the global Python thread state erroneously and small build fixes.
Ferm 0.0.14 (Devel)
Auke Kok
http://www.geo.vu.nl/~koka/fermFerm compiles ready-to-go firewall rules from a structured rule-setup. These rules will be executed by the preferred kernel interface, such as IPchains and IPtables. Ferm will also add in modularizing firewalls, because it creates the possibility to split up the firewall into several different files, which can be loaded at will, so you can dynamically adjust your rules.
Changes: new 'reverse' operator feature, better IPtables handling, and the '!' operator. Close to a stable release now, but more feedback is awaited! The stable release will be 1.0.
Firewall Builder 0.8.6
Lord Vkurland
http://www.crocodile.org/~vadim/fwbuilderFirewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, and support for a new firewall platform can be added to the GUI without any changes to the program (only a new policy compiler is needed). This provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports IPchains, IPtables, and IPfilter.
Remark: first time in the Tools Digest.
IPtables Linux Firewall 4.3d
Patrik Hildingsson
http://www.kurd.nuIPtables Linux Firewall is a firewall that uses NetFilter in Linux 2.4. It features easy configuration and a DMZ option, logs portscans (limited so they won't flood the logfile), and has stateful inspection, masquerading, and general NAT support.
Changes: this version fixes the global_ping bug, adds init-like start/stop option. Other changes: removed VNC drop in DENY_PORTS, added fix to lame configured boxes which didn't have sed/head in path, firewall.conf can be 53 lines or more now. The script now checks version number in firewall.conf. An optional iplimit match for inbound ssh-connections has also been added. Allows fw-admin to limit number of ssh-sessions/ip.
RChains 200101301332
Curt Rebelein, Junior
ftp://ftp.rebby.com/pub/Linux/software/scripts/firewallRChains is a highly detailed firewall script which implements many features including per host bandwidth monitoring w/ MRTG.
Changes: improved the SysV script, rewrote the MRTG configuration example and the MRTG statistics reporting. Improved the scalability of the script. Made the setup of the hosts on the internal LAN much easier. Implemented the use of functions rather than additional scripts. Implemented user chains for the internal network -- This will make per host monitoring much easier. Updated the MRTG example scripts. Developed a Redhat RPM for the new version.
EasyChains 0.9.3-3
Dejavo
http://dejavo.virtualave.net/djvlinux.htmlEasyChains is a very easy-to-use GUI for the console firewall script. It makes it easy to create a custom firewall using the firewall generator, or you can add and remove custom rules from a numbered list. You can generate a monitor for the console and for X.
Remark: first time in the Tools Digest.
OpenCA 0.2
Massimiliano Pala
http://www.openca.orgThe OpenCA project is a collaborative effort to develop a full featured interfaces structure for currently available security-related and administrative toolkit developed for managing x509 digital certificates common operations (i.e. admission, verify, revocation, suspension, etc... ). The project will therefore cover various aspects of administrative solutions in managing digital certificates and will be using many different software today available among the Open Source community.
Changes: a bug-fixed version of the 0.2.0 OpenCA package (actually patch 5) is now available for downloading. This patch fixes a "Hex vs. Decimal" serial problem - no test have actually been done, but it should fix the problem. This is not a major release - only a small bug fix - anyway if you have problems with patch 4 you should update to the new version.
Libnet 1.0.1b
Mike D. Schiffman
http://www.packetfactory.net/libnetLibnet is a collection of routines to help with the construction and handling of network packets. It provides a portable framework for low-level network packet shaping, handling and injection. Libnet features portable packet creation interfaces at the IP layer and link layer, as well as a host of supplementary and complementary functionality. Using Libnet, quick and simple packet assembly applications can be whipped up with little effort. With a bit more time, more complex programs can be written (Traceroute and ping were easily rewritten using Libnet and Libpcap).
Remark: first time in the Tools Digest.
Flash 0.9.4
Stephen Fegan
http://www.netsoc.ucd.ie/flashFlash is an attempt to address the security problems associated with giving local Unix users full shell access. It is a (hopefully) secure shell which will only execute administrator defined programs, while also being very user friendly. Flash is fully windowed (using an ncurses interface), is driven by cursor keys, has hotkey support, has fascist logging support and more.
Remark: first time in the Tools Digest. This tool seems interesting but has not been tested.
KbdLock 1.3
Patrizio Bruno
http://scain.firenze.net/kbdlock.htmlKbdLock stands for KeyBoarD LOCKing. KbdLock is a patch to the Linux kernel to enable a SysRq combination that locks the keyboard.
Remark: first time in the Tools Digest.
HAP Kernel Patches 2.2.18-hap-2
Digital Outlets, Inc.
http://www.doutlets.com/downloadables/hap.phtmlHAP-Linux is a collection of security-related patches that are floating around, plus a few non-security (but required) patches to the 2.x.x Linux kernels.
Remark: first time in the Tools Digest.
Sharesecret 0.4.0
Stefan Karrmann
http://www.mathematik.uni-ulm.de/m5/sk/sharesecret.htmlGiven a threshold "t", Sharesecret splits a secret into parts, such that exactly "t" parts are needed to reconstruct the secret. If you have fewer parts you know only the approximate or exact length of the secret.
Remark: first time in the Tools Digest.
Star 0.8
Brian Wagener & Katrina Illari
http://sourceforge.net/projects/starSecure Tar (Star) doesn't create encrypted tape archives (tar files) yet, but it can encrypt/decrypt files only using multiple blocksizes, and keysizes using the AES algorithm Rijndael. Once the standalone application is stable, then I will incorporate it with tar. The encryption is exported under exemption TSU 740.13.
Remark: first time in the Tools Digest.
Crank 0.0.5
Matthew Russell
http://crank.sourceforge.netCrank is a project to provide a GUI toolkit to facilitate (and where possible, automate) the breaking of classical (pen-and-paper) cryptosystems. Initial focus is on the cryptanalysis of mono-alphabetic substitution ciphers.
Remark: first time in the Tools Digest.
SCAIN 3.0
Patrizio Bruno
http://scain.firenze.netSCAIN stands for Simple Crypto Algorithm Ideated by a Novice and is a simple cryptographic algorithm that generates different output with the same input and the same password. It uses pass phrases and keys of 128 bits; the idea is to hide the key in the cipher based on the password.
Remark: first time in the Tools Digest. The code has been totally rewritten to make it much more fast and reliable. Now it's possible to use keys of arbitrary length and the multiple bit transposition ensures a new way to make undecryptable your data.
Tiny Personal Firewall build 2.0.9
Tiny Software, Inc.
http://www.tinysoftware.com/pwall_news.phpTiny Personal Firewall represents smart, easy-to-use personal security technology that fully protects personal computers against hackers. Built on ICSA-certified security technology, it is also an integral part of The Tiny Software Centrally Managed Desktop Security (CMDS) system selected by the US Air Force for its approximately 500,000 desktop computers. NOTE: Tiny Personal Firewall is intended for users that are NOT running either WinRoute Pro or WinRoute Lite.
Changes: new wizard dialog allows user to specify local and remote ports when a new rule is created. Improved security of NetBIOS over TCP/IP protocol. Some bugs in kernel driver fixed. Configuration is now encrypted. TPF2 is now able to detect when an application with an existing filter rule already created is replaced by another application. The configuration file of Tiny Personal Firewall is now encrypted.
Tesseract beta 1 - Real-time network analyst
Johan Samuelson
http://w1.132.telia.com/~u13200034/tesseract.htmlTesseract is a network utility for Windows 2000. It displays network traffic between a network interface on your computer and remote computers. It also analyses this data and report suspicious activities such as traceroutes, pings, portscans etc. Please note that this program is in an early beta stage, and thus lacks proper documentation and configuration ability. Most items in the configuration window are unavailable for the time being.
Remark: first time in the Tools Digest.
iScan Vulnerability Scanner
Forix Business Systems
http://www.forixnt.com/tools.htmliScan is a semi (*some of the freeware executables used in iScan do not have source code available) open source vulnerability scanner available for NT platforms. All necessary executables are provided in the zipped archive, however several things need to be installed prior to using iScan...be sure to read the readme file prior to usage. iScan uses Perl as a "glue" language, in addition to performing checks. The modules provided with iScan are written in using an object-oriented approach.
Remark: first time in the Tools Digest.
X-NetStat 3.0
Fresh Software
http://fs.arez.comX-NetStat 3.0 is a program for Windows 9x/NT that monitors your current network and Internet connections. XNS will display your each of your connections' source and remote network address (Hostname or IP), the local and remote port the connection is utilizing, the protocol (ICMP, UDP, TCP) being used to communicate, and the status of the connection. Any time you connect to a website, check your email, send an ICQ message, or unknowingly open a backdoor or your system, XNS will take notice and display the details of each connection in it's window. X-Netstat lets you go behind the scenes of your network activity, has an intuitive interface, and can be stowed away unobtrusively in the system tray. Bottom line, X-NetStat is the fastest and easiest way to see what exactly is going on over the Internet or your LAN. Excellent GUI and plenty of very useful options.
Remark: first time in the Tools Digest.
Netmon - Network Monitor 1.52
Johan Samuelson
http://w1.132.telia.com/~u13200034/netmon.htmlNetmon is a compact, easy-to-use network information utility. It displays information pertaining to the IP, TCP, UDP and ICMP protocols. It's main purpose is viewing connections made using TCP and UDP protocols from or to your computer. This information may prove very useful in hunting trojans (or other suspicious activity) present in your system. Netmon is a graphical conversion of the "netstat" utility shipped with Windows. It's main advantages over the console based version, is the graphical user interface (GUI), the database of common trojan ports and the complete list of well-known ports (the ports that are numbered below 1024 and reserved for different applications). It has been tested with Windows 98 SE, 2000 SP1 & Millennium.
Remark: first time in the Tools Digest.
CodeSafe 3.1
Zhang Dehua
http://www.geocities.com/SiliconValley/Park/9031CodeSafe could protect your program, including Executable file(.EXE) and Dynamic Link Library(.DLL), from being cracked or run without your permission. It runs under Windows 95/98 and Windows NT.
Remark: first time in the Tools Digest.
Note: tools announced on forums are not necessarily updates or new or free, it's just that someone posted an announcement. We try out best to only notify you only of new or updated free tools.
Seán Boran is an IT security consultant based in Switzerland and the author of the online IT Security Cookbook.
| © Copyright 2001, SecurityPortal Inc. & Seán .Boran, All Rights Reserved, Last Update: 31 janvier, 2001 |