RE: Web Client Requests

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sat, 28 Jan 2006 12:54:24 -0800

..except if the app is proxy-aware, then you get into the "worm ate the
bird" problem again...

I will stipulate that the SBS community seems to hit this particular
wall more often than most; probably due to the
cheaposkinflintmothposcketicity of their customers.

--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
--------------------------------------------

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Saturday, January 28, 2006 12:34 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Web Client Requests

http://www.ISAserver.org

Hey Jim,

That's what the Firewall client is for, so that you don't have to
disable auth.

So, I'll have to update my maxim:

SecureNAT and Anonymous Access rules are for Losers and Servers.

How's that?

Tom 

> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
> Sent: Saturday, January 28, 2006 1:13 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> You're right - I responded in reverse.
> If you:
> 1. disable the web proxy filter
> 2. remove authentication
> 
> ..then no one is forced to authenticate and you are limited 
> to IP-based access controls.
> Bad juju, IMHO...
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> --------------------------------------------
> -----Original Message-----
> From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Saturday, January 28, 2006 11:02 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> Yes unfortunately? Wouldn't it be no, unfortunately?
> 
> Yes to me would mean that everything would authenticate 
> except for what you specify.
> 
> No would mean that everything would then go through without 
> authentication.
> 
> Amy
> 
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Saturday, January 28, 2006 10:36 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> Yes, unfortunately.
> This is exactly why I list this step among the "last line  of 
> defense".
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> --------------------------------------------
> -----Original Message-----
> From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Saturday, January 28, 2006 7:12 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> Yes, I am. So once you do that does any traffic bother to 
> authenticate anymore?
> 
> Amy
> 
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Saturday, January 28, 2006 10:05 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> Contrary to tribal knowledge, there's nothing special about 
> the SBS installation of ISA other than some rules that make 
> me nauseous and wizards that remove the burden of 
> understanding.  The SBS version of ISA is ISA Std Edition.
> 
> I think you're referring to disassociating the Web Proxy 
> filter from the HTTP protocol as is offered for some apps 
> that can't authenticate at all?
> 
> ..which brings up my next point - while it's true that there 
> are some apps that think they have a direct link to their 
> desired destination, this technique should be the *last* line 
> of defense; not the first.
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> --------------------------------------------
> -----Original Message-----
> From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Saturday, January 28, 2006 5:59 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> So then in the SBS world once we check the box that allows 
> apps to bi-pass the web proxy filter won't everything then 
> bi-pass it? In the first ISA, she says, she would allow 
> unauthenticated access and everything would then go through?
> 
> Amy
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Saturday, January 28, 2006 1:58 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> I'm not clear on "basic and authenticated", since basic is an 
> authentication mechanism?  If you mean "basic and <anything else
> offered>", it's up to the client to choose the strongest method it
> supports (RFC 2617).
> 
> In the first "ISA, she say:", ISA advises the client what 
> auth methods it will accept )Negotiate, NTLM, Kerberos in my example).
> In the second "Client, he say:", the client responds with the 
> auth method it wants to use.  In this response, the specified 
> auth method
> *must* be one of the options ISA previously presented, or ISA 
> will reject the auth attempt.
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> --------------------------------------------
> -----Original Message-----
> From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, January 27, 2006 5:31 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> I'll probably get your post a day or two from now. They tend 
> to come in blobs. 20 messages today, 300 tomorrow. I find it 
> difficult to keep track of a thread. I don't even ask yahoo 
> to send it out of their own system. It gets delivered to my 
> yahoo account! Maybe I should sign up under a non-yahoo 
> address and see if I have any better success.
> 
> I understand that the authentication process starts all over 
> again. What I'm asking is, if I enable basic and 
> authenticated access for the listener, what determines 
> whether ISA will accept basic or authenticated for a 
> particular packet? 
> 
> Amy
>  
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Friday, January 27, 2006 5:24 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> http://www.ISAserver.org
> 
> sbs2k@xxxxxxxxxxxxxxx
> 
> The point is that:
> 1. the clients know diddly (and maybe even squat) about the 
> way the proxy is configured 2. unless the client is using 
> proxy:keepalive in the client-to-proxy connection, each 
> request is an introduction between the client and the proxy 
> 
> Thus, each new connection between the client and proxy incurs 
> a new authentication requirement and the ball starts bouncing 
> all over again.
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org
>    Read the help / books / articles!
> -------------------------------------------------------
>  
> 
> -----Original Message-----
> From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, January 27, 2006 14:11
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Web Client Requests
> 
> Which forum? 
> 
>  
> 
> So here is where I get confused. If my web listener allows 
> both non-authenticated and authenticated requests, then why 
> after I allow non-authenticated access does ISA ever require 
> authentication? Won't everything then be accepted with authentication?
> 
>  
> 
> Amy
> 
>  
> 
> ________________________________
> 
> From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
> Sent: Friday, January 27, 2006 3:38 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Web Client Requests
> 
>  
> 
> Hey guys, im forwarding this message on behalf of Jim. He 
> posted it to another list and true to form it was too good an 
> explanation not to impart on the masses (or the cheesemakers).
> 
>  
> 
> This traces the path of your IE (or other) http requests and 
> explains why you will always see anonymous requests in your 
> web logs. Thanks Jim
> 
>  
> 
> Greg Mulholland
> 
> 
> >>>>>>>>>>>>>>
> 
> Correct - all web clients do exactly that.
> This is also why the logs will forever contain anonymous 
> requests even if all you allow are authenticated connections, 
> because ISA will log those denied anonymous requests.
> 
> What you can't tell from the logs is what happens after that 
> in detail.
> This requires a bit of Netmon (or Ethereal, if you swing that 
> way) sleuthing.
> 
> Here's the bouncing ball:
> 
> ** Client, he say:
> GET http://www.isaserver.org/ HTTP/1.1
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, 
> application/x-shockwave-flash, application/vnd.ms-excel, 
> application/vnd.ms-powerpoint, application/msword, */*
> Accept-Language: en-us
> Accept-Encoding: gzip, deflate
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 
> 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)
> Host: www.isaserver.org
> Proxy-Connection: Keep-Alive
> 
> ** ISA, she say:
> HTTP/1.1 407 Proxy Authentication Required ( The ISA Server 
> requires authorization to fulfill the request. Access to the 
> Web Proxy service is denied.  )
> Via: 1.1 HEARTOFGOLD
> Proxy-Authenticate: Negotiate
> Proxy-Authenticate: Kerberos
> Proxy-Authenticate: NTLM
> Connection: Keep-Alive
> Proxy-Connection: Keep-Alive
> Pragma: no-cache
> Cache-Control: no-cache
> Content-Type: text/html
> Content-Length: 4113 
> 
> ..note - the ISA in this case (as in yours, probably) logged 
> this request as anonymous and responded saying that it 
> allowed three authentication methods: Negotiate, Kerberos and 
> NTLM.  These are the default auth methods for any ISA 
> installation (including SBS).
> 
> ** Client, he say:
> GET http://www.isaserver.org/ HTTP/1.1
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, 
> application/x-shockwave-flash, application/vnd.ms-excel, 
> application/vnd.ms-powerpoint, application/msword, */*
> Accept-Language: en-us
> Accept-Encoding: gzip, deflate
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 
> 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)
> Host: www.isaserver.org
> Proxy-Connection: Keep-Alive
> Proxy-Authorization: NTLM
> TlRMTVNTUAABAAAAB7IIogQABAAzAAAACwALACgAAAAFASgKAAAAD0ZPUkRQUk
> VGRUNUSE9N
> RQ==
> 
> Note that the client chose NTLM auth and passed the first 
> part of the handshake in Base-64 encoding.  Not to worry, 
> this isn't like Basic, which is base-64 encoded plain text; 
> this is base-64 encoded encrypted information.  ISA also logs 
> this request as anonymous.
> 
> ** ISA, she say:
> HTTP/1.1 407 Proxy Authentication Required ( Access is denied.  )
> Via: 1.1 HEARTOFGOLD
> Proxy-Authenticate: NTLM
> TlRMTVNTUAACAAAACAAIADgAAAAFgomiWWcfZe6QNCsAAAAAAAAAALQAtABAAA
> AABQLODgAA
> AA9IAE8ATQBFAAIACABIAE8ATQBFAAEAFgBIAEUAQQBSAFQATwBGAEcATwBMAE
> QABAAiAGgA
> bwBtAGUALgBqAGEAbABvAGoAYQBzAGgALgBvAHIAZwADADoAaABlAGEAcgB0AG
> 8AZgBnAG8A
> bABkAC4AaABvAG0AZQAuAGoAYQBsAG8AagBhAHMAaAAuAG8AcgBnAAUAIgBoAG
> 8AbQBlAC4A
> agBhAGwAbwBqAGEAcwBoAC4AbwByAGcAAAAAAA==
> Connection: Keep-Alive
> Proxy-Connection: Keep-Alive
> Pragma: no-cache
> Cache-Control: no-cache
> Content-Type: text/html
> Content-Length: 0  
> 
> Note that ISA also passed some NTLM data back to the client - 
> this is part and parcel to NTLM authentication even outside of HTTP
> 
> ** Client, he say:
> GET http://www.isaserver.org/ HTTP/1.1
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, 
> application/x-shockwave-flash, application/vnd.ms-excel, 
> application/vnd.ms-powerpoint, application/msword, */*
> Accept-Language: en-us
> Accept-Encoding: gzip, deflate
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 
> 5.1; SV1;.NET CLR 1.1.4322; InfoPath.1)
> Host: www.isaserver.org
> Proxy-Connection: Keep-Alive
> Proxy-Authorization: NTLM
> TlRMTVNTUAADAAAAGAAYAG4AAAAYABgAhgAAAAgACABIAAAACAAIAFAAAAAWAB
> YAWAAAAAAA
> AACeAAAABYKIogUBKAoAAAAPSABPAE0ARQBKAGkAbQBIAEYATwBSAEQAUABSAE
> UARgBFAEMA
> VABunrbKxTfLxwAAAAAAAAAAAAAAAAAAAABNhP8BkKK3ZR1MXfC2h14+Q4IQaVlWRH8=
> 
> 
> Note that the client passes the remaining part of the NTLM 
> handshake - if ISA can resolve the credentials passed by the 
> client during this process, all will be FD&H.
> 
> ** ISA, she say:
> HTTP/1.1 200 OK
> Proxy-Connection: Keep-Alive
> Connection: Keep-Alive
> Content-Length: 40936
> Via: 1.1 HEARTOFGOLD
> Date: Fri, 27 Jan 2006 05:49:15 GMT
> Content-Type: text/html
> Server: Microsoft-IIS/6.0
> X-Powered-By: ASP.NET
> Set-Cookie: ASPSESSIONIDCCRRSRBC=EIBLFICAIMCPFBFCEKFFKBEA; path=/
> Cache-control: private
> 
> This is where access is allowed (200 response).
> 
> You should note that I haven't included anything that may 
> have been passed in the HTTP body - it's not important to 
> this discussion and only makes for an unweildy thread.
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> 
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.375 / Virus Database: 267.14.23/243 - Release 
> Date: 1/27/2006
>  
> 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests
• » RE: Web Client Requests

1. Home
2. isalist
3. Archive
4. 01-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---