[THIN] Re: Port/box Security

• From: Mark Lee <marklee15@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Tue, 25 May 2004 16:29:46 +0100 (BST)

Just to chip in here, there are not any known GINA exploit's we are aware of 
either, and having written several GINA's for NT4 - 2K3 it's not a major piece 
of code either - it's the underlying WINLOGON process that you should worry 
about.  As ever, there may be buffer overflow/underrun exploits that have not 
been discovered yet.

 

Running any server on the net should be done so with the utmost care, whether 
it's IIS or RDP/ICA etc.  It's just a matter of what you do to secure the 
thing.  Obviously there are tool's out there to secure IIS etc.  but as for the 
GINA (ie. Interactive logons on a WWW facing TS or Citrix Box) then what ?  Not 
a sales pitch, but please take a look at GINAonce from www.alps-enterprise.com 
as this can control what IP's have what access to the server etc. etc. - ideal 
if you're machine is facing the web, even better if it's citrix as you limit it 
to only allow access to one specific published application, no interactive 
logon's or all remainging published apps....
 
Just a thought here too----

How about using some kind of local token on the client for authentication of 
the session ?  We are looking at using some kind of encypted USB keydrive at 
the client side tied in with a custom GINA and Virtual RDP/ICA channels to 
allow a second level access control, ie. it must be there or the session 
remains in a locked state or cannot even be logged on - even with a valid user 
id and password!!!  Dunno, what do you all think out there ?  ALA, a cheap 
smartcard alternative !?!?
 

Claudio Rodrigues <crodrigues@xxxxxxxxxxxxxxxxxxxxx> wrote:
And SecureRDP. It intercepts the connection before the user can see the
logon screen on any TS, filtering it by filters you setup like IP
address, Computer Name, MAC address, Client Version etc. Only if they
match the filter settings they will see the logon screen (and then try a
username/password combo). Otherwise the connection is intercepted and a
message (customizable) is displayed to the user. So even If I have your
administrator username/password I will not be able to logon as my
machine name, IP address and client version are different from the ones
allowed for sure.
This is a very easy way to remove brute force attacks on TSs exposed to
the internet.

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Roger Riggins
Sent: May 24, 2004 9:56 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Port/box Security


"...there are plenty of companies that use TS without Citrix
to provide desktops..."

WTS Gateway=3D3D$189.00

www.terminal-services.net


Good luck,
R






-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeff Durbin
Sent: Sunday, May 23, 2004 10:35 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Port/box Security

Man, you might want to lay off the caffeine a little.=3D20
I did read your whole post. What I was wondering was whether anyone
did
know of any way to exploit the GINA other than typing in guesses for
usernames and passwords and whether anyone knew of any RDP exploits.
As for the cost, there are plenty of companies that use TS without
Citrix
to provide desktops, and even more companies allow remote access via RDP
to
servers simply for administrative access. So the cost issue to implement
WI/CSG IS significant when you have to add Citrix itself in addition to
the
hardware and the certs. My question isn't whether or not WI/CSG is
safer; I
agree that it is. I'm trying to assess the level of security that exists
to
an RDP-exposed server in the absence of WI/CSG.
What I'm really getting at here is this: If I have a server that's
exposed
publicly via RDP, and I feel confident that the usernames and passwords
are
not easily guessed (a stretch in most environments, I know), is the GINA
*itself* or RDP vulnerable?

JD

> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx=3D20
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Lynch
> Sent: Monday, 24 May 2004 12:01 p.m.
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Port/box Security
>=3D20
> =3D20
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>=3D20
> Hey moron (and I use that term very loosely, 'cuz a moron has=3D20
> more brains than you)!
>=3D20
> Just because I said dictionary attack, doesn't mean that I=3D20
> captured data from a TCP or UDP stream, and I was attempting=3D20
> to guess the password hash. If I get a GINA prompt, I can=3D20
> start using "common"
> usernames (administrator, backup, nimda, etc), and then use a=3D20
> dictionary cracker to come up with common passwords and enter=3D20
> them into the prompt. I agree that WI exposes the same=3D20
> thing, but at least it's one central location, instead of=3D20
> multiple servers. To reduce the risk further, yes, use 2=3D20
> factor authentication (SafeWord or RSA tokens). There have=3D20
> been some GINA exploits in the past (NT4 was a prime suspect,=3D20
> don't know of one with Windows 2000).
>=3D20
> The only cost that a company will need to incur is the hardware (very
> minimal) and the SSL cert (1 or 2, and you can get them cheap).
>=3D20
> My argument wasn't necessarily with exposing GINA (you really=3D20
> need to read the whole email). I stated that *most*=3D20
> locations have either the UDP port or the XML port open to=3D20
> the internet for ICA Browsing.=3D20
> There are a few hacks out there for capturing this info and=3D20
> getting the usernames and passwords, as well as enumerating=3D20
> the published applications. Using WI and CSG eliminate this=3D20
> completely.
>=3D20
> Sheesh, and you called yourself a Senior Engineer.
>=3D20
> Chris
>=3D20
> [INSERT] Don't the flames start, cuz he and I used to work=3D20
> with each other. [/INSERT]
>=3D20
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> > Sent: Friday, May 21, 2004 10:36 PM
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: Port/box Security
> >=3D20
> > Someone who's got any server whose adminstrator password=3D20
> is blank or=3D20
> > easy has bigger problems than whether or not to expose a TS=3D20
> directly=3D20
> > to the Internet. I never said it was the right thing to do.=3D20
> Nor did I=3D20
> > say this:
> > =3D20
> > "You never knew he was there... so you claim to allow 1494=3D20
> to the LAN=3D20
> > and have zero issues to date. How would you know?"
> >=3D20
> > I agree that the risk is decreased if you have a single point
of=3D20
> > entry
> > (CSG/WI) to your farm rather than exposing multiple servers=3D20
> directly.=3D20
> > However, if anyone does find your WI page, you still have=3D20
> 100% of the=3D20
> > password guesing risk unless you use two-factor authentication.
> > Really, my question was whether there was a direct risk=3D20
> of exposing=3D20
> > the GINA, i.e., can you get a password hash? Chris said=3D20
> that exposing=3D20
> > the GINA put you at risk for a dictionary attack, and I=3D20
> don't see how=3D20
> > it does.
> >=3D20
> > JD
> >=3D20
> > > -----Original Message-----
> > > From: thin-bounce@xxxxxxxxxxxxx
> > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Roger Riggins
> > > Sent: Saturday, 22 May 2004 5:16 p.m.
> > > To: thin@xxxxxxxxxxxxx
> > > Subject: [THIN] Re: Port/box Security
> > >=3D20
> > > Just because a lot of people do it, doesn't mean it's the
> > right thing
> > > to do. One doesn't always need a password hash to score a
> > password. I
> > > *guarantee* that some of the people that are reading these
> > posts have
> > > member servers that are running TS and don't have a local=3D20
> > > administrator password. Some also have passwords that are
easily=3D20
> > > guessed on the second or third attempts. Once you're on=3D20
> as a local =3D20
> > > admin, you can shadow...install a sniffer...browse the=3D20
> profiles on =3D20
> > > that machine...whatever you want! Oh, you don't use an idle
> > timeout?=3D20
> > > Then he'll shadow a session at 3:00 in the morning when
> > nobody is in
> > > the office.
> > > Maybe it'll be an IT person's session who is a domain admin.
> > > Then he'll create his own domain admin account with an=3D20
> obscure name =3D20
> > > that you may overlook. Maybe he'll map his client drive and
> > copy your
> > > HR and fiscal databases to his local machine.
> > >=3D20
> > > You never knew he was there... so you claim to allow 1494
> > to the LAN
> > > and have zero issues to date. How would you know?=3D3D20
> > >=3D20
> > > Also, if somebody finds 3389 or 1494 open it may prompt
> > them to do a
> > > little social engineering. It's easier than you think. He=3D20
> already =3D20
> > > knows you run Citrix or TS, right?
> > >=3D20
> > > Can they do the same thing if you're running CSG? Sure,=3D20
> but they'll =3D20
> > > have a hell of a time finding WI sites with a port scanner.
> > By using
> > > CSG, you're reducing the risk. CSG is FREE!=3D3D20
> > >=3D20
> > > Infosec is about best effort. It's our job to give that
> > best effort,
> > > IMHO.=3D3D20
> > >=3D20
> > > Good luck,
> > > R=3D3D20
> > >=3D20
> > > -----Original Message-----
> > > From: thin-bounce@xxxxxxxxxxxxx
> > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> > > Sent: Friday, May 21, 2004 6:05 PM
> > > To: thin@xxxxxxxxxxxxx
> > > Subject: [THIN] Re: Port/box Security
> > >=3D20
> > > Let's say you did see the login prompt, either via ICA or
> > RDP. How
> > > would you use a dictionary attack if you didn't have a
> > username and a
> > > password hash? Or, maybe what I'm asking is, how would that
> > help you
> > > get a username and a password hash which you could use a=3D20
> > > dictionary/brute force attack on?
> > > You know me - when it comes to paranoia, I'm up there
> > with the worst
> > > of them, but I'm not sure how getting a windows login=3D20
> screen hurts =3D20
> > > you.
> > > Unless
> > > that specific situation can somehow be used to get a=3D20
> username and =3D20
> > > password hash, I don't see the danger (unless there's a protocol
=3D20
> > > vulnerability that can be exploited, in which case WI/CSG=3D20
> insulates =3D20
> > > you from it).=3D3D20
> > > As an aside, and to illustrate how many companies do
> > this, consider
> > > this:
> > > One of my customers moved physical locations, and his ISP
> > changed his
> > > IP address. I didn't know the new IP addresses of his
> > Terminal Server
> > > and couldn't reach the administrator. I figured it might be
> > close to
> > > his old address, so I port-scanned 253 IP addresses looking
> > for port
> > > 3389. I found about 60 servers, so there are a lot of=3D20
> people doing =3D20
> > > this.
> > >=3D20
> > > JD
> > >=3D20
> > >=3D20
> > >=3D20
> > > > -----Original Message-----
> > > > From: thin-bounce@xxxxxxxxxxxxx=3D3D20 =3D20
> > > >[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Lynch
> > > > Sent: Friday, 21 May 2004 6:51 a.m.
> > > > To: thin@xxxxxxxxxxxxx
> > > > Subject: [THIN] Re: Port/box Security =3D3D20 =3D3D20 =
-----BEGIN =3D
PGP=3D20
> > > >SIGNED MESSAGE-----
> > > > Hash: SHA1
> > > >=3D3D20
> > > > To say that you have never experienced this, doesn't
> > > mean=3D3D20 that it
> > > >doesn't happen. Just do a search on=3D3D20
> > http://neworder.box.sk for
> > > >CITRIX or ICA and you will find a=3D3D20 few exploits/hacks.
> > > Can you say
> > > >for sure that no one has=3D3D20 EVER attempted to log into your
> > > systems? =3D20
> > > >If I did a port=3D3D20 scan on your external IP range and saw
> > that 1494
> > > >was open, or=3D3D20 3389, or if my port scanner attempted a
> > > telnet to that
> > > >port=3D3D20 to see if any banner was presented for the=3D20
> service and I =3D20
> > > >get=3D3D20 the ^ICA prompt, I know that I need the ICA client to
=3D20
> > > >connect=3D3D20 to that IP address. Bam. I have a logon
> > prompt. I can
> > > >then=3D3D20 try to use a dictionary attack attempt to guess=3D20
> usernames =3D20
> > > >and=3D3D20 passwords. OR, if you have the XML service open=3D20
> to the=3D3D20 =3D20
> > > >internet or the ICA Browser service (1604/UDP), all I
> > > would=3D3D20 need to
> > > >do is capture or attempt a redirect (hijack) the=3D3D20 TCP/UDP
> > > connection
> > > >to my machine. I could then attempt to=3D3D20 crack the =
password.
> > > >=3D3D20
> > > > Again, there is a lot of "attempting" here. I would
> > rather=3D3D20 be
> > > >safe knowing that I had SG in place or a VPN in place=3D20
> that=3D3D20 is =3D20
> > > >securing the communications. Also, what's to say that I=3D3D20
> > > cannot get
> > > >the source of the connection, and break into that=3D3D20
> > machine? How
> > > >many users out there have firewalls in place? =3D3D20 Not =
many.=3D20
> > > >With Windows XP SP2, the firewall will be enabled=3D3D20 =3D20
> by default.
> > > That's a
> > > >good thing. We will see how robust=3D3D20 that firewall is. =
=3D20
> > > That's also
> > > >for another discussion.
> > > >=3D3D20
> > > > Chris=3D3D20
> > > >=3D3D20
> > > > > -----Original Message-----
> > > > > From: thin-bounce@xxxxxxxxxxxxx
> > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Robert =
K=3D3D20
> > > > Coffman Jr -=3D3D20
> > > > > Info From Data Corporation
> > > > > Sent: Thursday, May 20, 2004 11:38 AM
> > > > > To: thin@xxxxxxxxxxxxx
> > > > > Subject: [THIN] Re: Port/box Security =3D3D20 While I
> > > completely agree
> > > > >with you in theory, in practice this has=3D3D20 never=3D20
> caused us a =3D20
> > > > >problem. I've suggested to my clients=3D3D20
> > > > that it may=3D3D20
> > > > > be a matter of time before this port gets exploited, to=3D3D20
> > > > date we've had=3D3D20
> > > > > 0 issues and have been running this way for years.
> > > > >=3D3D20
> > > > > Can anyone provide concrete reasons not to expose 1494
> > to the=3D3D20
> > > > >internet?
> > > > >=3D3D20
> > > > > PS - Don't jump all over me here, I'm all in favor of
> > > exposing as=3D3D20
> > > > >little as possible to the net... I just need more ammo to=3D20
> > > > >convince=3D3D20 those with the purse strings.
> > > > >=3D3D20
> > > > > - Bob Coffman
> > > > >=3D3D20
> > > > > -----Original Message-----
> > > > > From: thin-bounce@xxxxxxxxxxxxx
> > > > > [mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Chris Lynch
> > > > > Sent: Thursday, May 20, 2004 12:01 PM
> > > > > To: thin@xxxxxxxxxxxxx
> > > > > Subject: [THIN] Re: Port/box Security =3D3D20 =3D3D20 =3D3D20
> > -----BEGIN PGP
> > > > >SIGNED MESSAGE-----
> > > > > Hash: SHA1
> > > > >=3D3D20
> > > > > The cost of hardware is negligible once someone high up=3D20
> > > > >understands=3D3D20 the security implications. Also, these
> > > two services
> > > > >can run on the=3D3D20 same server, and don't require much=3D20
> (PIV with =3D20
> > > > >512MB of RAM would be=3D3D20 sufficient for almost 1000
> > connections).
> > > > >=3D3D20
> > > > > And, notice that I said "WI AND SG". I would never=3D3D20
> > > > recommend running=3D3D20
> > > > > just WI, unless it was for internal users only.
> > > > > Exposing the ICA port to the Internet is just asking
> > for trouble.=3D20
> > > > > =3D3D20 Especially if you are also wanting Program =3D
Neighborhood=3D3D20
> > > > access (either=3D3D20
> > > > > XML or 1604/UDP).
> > > > >=3D3D20
> > > > > Chris
> > > > >=3D3D20
> > > > >=3D3D20
> > > > >=3D3D20
> > > > > ********************************************************
> > > > > This Week's Sponsor - Tarantella Secure Global Desktop
> > > Tarantella=3D3D20
> > > > >Secure Global Desktop Terminal Server Edition Free =
Terminal=3D20
> > > > >Service=3D3D20 Edition software with 2 years maintenance.
> > > > > http://www.tarantella.com/ttba
> > > > > **********************************************************
> > > > > Useful Thin Client Computing Links are available at:
> > > > > http://thin.net/links.cfm
> > > > > ***********************************************************
> > > > > For Archives, to Unsubscribe, Subscribe or set Digest =
or=3D3D20
> > > > Vacation mode=3D3D20
> > > > > use the below link:
> > > > > http://thin.net/citrixlist.cfm
> > > >=3D3D20
> > > > -----BEGIN PGP SIGNATURE-----
> > > > Version: PGP 8.0.3
> > > > Comment: Public PGP Key for Chris Lynch =3D3D20=3D20
> > > >iQA/AwUBQKz+Dm9fg+xq5T3MEQJWtACeL2emd6LHrEyj54jl74ZE4xy6cgIAnRDK
> > > > jVFNAPrlJdIEcLdr+f0rsFY4
> > > > =3D3D3Drs5a
> > > > -----END PGP SIGNATURE-----
> > > >=3D3D20
> > > >=3D3D20
> > > > ********************************************************
> > > > This Week's Sponsor - Tarantella Secure Global Desktop=3D3D20
> > > Tarantella
> > > >Secure Global Desktop Terminal Server Edition Free=3D3D20
> > > Terminal Service
> > > >Edition software with 2 years maintenance.
> > > > http://www.tarantella.com/ttba
> > > > **********************************************************
> > > > Useful Thin Client Computing Links are available at:
> > > > http://thin.net/links.cfm
> > > > ***********************************************************
> > > > For Archives, to Unsubscribe, Subscribe or set Digest or=3D3D20
> > > Vacation
> > > >mode use the below link:
> > > > http://thin.net/citrixlist.cfm
> > > >=3D3D20
> > >=3D20
> > > ********************************************************
> > > This Week's Sponsor - Tarantella Secure Global Desktop=3D20
> Tarantella =3D20
> > > Secure Global Desktop Terminal Server Edition Free=3D20
> Terminal Service =3D20
> > > Edition software with 2 years maintenance.
> > > http://www.tarantella.com/ttba
> > > **********************************************************
> > > Useful Thin Client Computing Links are available at:
> > > http://thin.net/links.cfm
> > > ***********************************************************
> > > For Archives, to Unsubscribe, Subscribe or=3D3D20 set Digest or
> > Vacation
> > > mode use the below link:
> > > http://thin.net/citrixlist.cfm
> > > ********************************************************
> > > This Week's Sponsor - Tarantella Secure Global Desktop=3D20
> Tarantella =3D20
> > > Secure Global Desktop Terminal Server Edition Free=3D20
> Terminal Service =3D20
> > > Edition software with 2 years maintenance.
> > > http://www.tarantella.com/ttba
> > > **********************************************************
> > > Useful Thin Client Computing Links are available at:
> > > http://thin.net/links.cfm
> > > ***********************************************************
> > > For Archives, to Unsubscribe, Subscribe or set Digest or
> > Vacation mode
> > > use the below link:
> > > http://thin.net/citrixlist.cfm
> > >=3D20
> >=3D20
> > ********************************************************
> > This Week's Sponsor - Tarantella Secure Global Desktop =
Tarantella=3D20
> > Secure Global Desktop Terminal Server Edition Free Terminal
Service=3D20
> > Edition software with 2 years maintenance.
> > http://www.tarantella.com/ttba
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thin.net/links.cfm
> > ***********************************************************
> > For Archives, to Unsubscribe, Subscribe or set Digest or=3D20
> Vacation mode=3D20
> > use the below link:
> > http://thin.net/citrixlist.cfm
>=3D20
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.3
> Comment: Public PGP Key for Chris Lynch
>=3D20
> iQA/AwUBQLE6t29fg+xq5T3MEQJmsACgpGqb7nCW1cW5QldAR54x/nC09kAAoLrv
> dqUd4OjnrLJGZGIO0tlMyEUp
> =3D3Do4O5
> -----END PGP SIGNATURE-----
>=3D20
> ********************************************************
> This Week's Sponsor - Tarantella Secure Global Desktop=3D20
> Tarantella Secure Global Desktop Terminal Server Edition Free=3D20
> Terminal Service Edition software with 2 years maintenance.
> http://www.tarantella.com/ttba
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or=3D20
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
>=3D20

********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop
Tarantella Secure Global Desktop Terminal Server Edition
Free Terminal Service Edition software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop
Tarantella Secure Global Desktop Terminal Server Edition
Free Terminal Service Edition software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop
Tarantella Secure Global Desktop Terminal Server Edition
Free Terminal Service Edition software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:

=== message truncated ===
                
---------------------------------
  Yahoo! Messenger - Communicate instantly..."Ping" your friends today! 
Download Messenger Now

********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop
Tarantella Secure Global Desktop Terminal Server Edition
Free Terminal Service Edition software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

• References:
  • [THIN] Re: Port/box Security
    • From: Claudio Rodrigues

Other related posts:

• » [THIN] Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security
• » [THIN] Re: Port/box Security

1. Home
2. thin
3. Archive
4. 05-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---