> What is the link? You are arguing that by hiding our identity we are more secure. And that’s simply not true.
> Note also it breaks some monitoring tools like wz broke atmosphere The same can happen if the user changes the id string manually or if they are running behind a proxy/firewall. So not an issue. And vendors will adopt very quickly. LieGrue, strub > Am 08.05.2015 um 13:06 schrieb Romain Manni-Bucau <[email protected]>: > > Le 8 mai 2015 11:40, "Mark Struberg" <[email protected]> a écrit : >> >>> you make tomee easily identifiable compared to tomcat (= any java > server of >>> the web more or less). This way it is super easy to know that you can >>> exploit a cxf issue for instance, thing you don’t know with default > header. >> >> Folks, lets weight the upsides and downsides >> >> * upside: we show up in stats >> >> * downside: easier to get hacked? WHY? >> All the scripts I do know are really blunt brute force. They f***g don’t > care about ANY headers. Of course they probably _sort_ their attacks, but > still they will use ALL vectors they have. >> Brute force attacks are almost never executed from the origin but always > hidden and executed by a zombie mob of hacked clients. So the origin > doesn’t care if some old grandmas Win98 PC needs a few seconds longer to > hack your server. >> > > Origin? What is the link? Scanners on aws are more and more clever. I cant > be sure yet they use resp headers but i wouldnt take the risk in particular > while default profile is used in tomee - dev one. > >> So basically it makes no sense to hide the fact that a server is running > TomEE. >> > > Note also it breaks some monitoring tools like wz broke atmosphere changing > server info (mea culpa but nobody said anything :() > >> >> LieGrue, >> strub >> >> >> >>> Am 08.05.2015 um 00:34 schrieb Romain Manni-Bucau <[email protected] >> : >>> >>> 2015-05-08 0:32 GMT+02:00 Andy <[email protected]>: >>> >>>> Yes yes whatever, you win (not that this was ever intended to be a >>>> competition, you just seem to enjoy making it into one every single >>>> time)... I am going to bed. Complete waste of my time. You still imply > that >>>> I have unsecured something? >>>> >>>> >>> you make tomee easily identifiable compared to tomcat (= any java > server of >>> the web more or less). This way it is super easy to know that you can >>> exploit a cxf issue for instance, thing you don't know with default > header. >>> >>> >>>> On 08/05/2015 00:26, Romain Manni-Bucau wrote: >>>> >>>>> not what I said. >>>>> >>>>> I said: >>>>> 1) over exposing a variable you shouldnt activate is useless >>>>> 2) we shouldnt set Apache TomEE to server variable by default >>>>> >>>>> Happy to replace these defaults by a server.xml.sample or anothing you >>>>> judge appropriated while we stay aligned on tomcat default secured >>>>> settings >>>>> (also note that Apache Coyote is secured cause most of servers have it >>>>> otherwise it would be as Apache TomEE) >>>>> >>>>> >>>>> >>>>> >>>>> Romain Manni-Bucau >>>>> @rmannibucau <https://twitter.com/rmannibucau> | Blog >>>>> <http://rmannibucau.wordpress.com> | Github < >>>>> https://github.com/rmannibucau> | >>>>> LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber >>>>> <http://www.tomitribe.com> >>>>> >>>>> 2015-05-08 0:24 GMT+02:00 Andy <[email protected]>: >>>>> >>>>> Hmm, so why do you want to treat the system administrator like one? >>>>>> >>>>>> On 08/05/2015 00:21, Romain Manni-Bucau wrote: >>>>>> >>>>>> Sure security is all about children... >>>>>>> >>>>>>> >>>>>>> Romain Manni-Bucau >>>>>>> @rmannibucau <https://twitter.com/rmannibucau> | Blog >>>>>>> <http://rmannibucau.wordpress.com> | Github < >>>>>>> https://github.com/rmannibucau> | >>>>>>> LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber >>>>>>> <http://www.tomitribe.com> >>>>>>> >>>>>>> 2015-05-08 0:19 GMT+02:00 Andy <[email protected]>: >>>>>>> >>>>>>> I was just thinking 'Kindergarten', how strange... >>>>>>> >>>>>>>> On 08/05/2015 00:17, Romain Manni-Bucau wrote: >>>>>>>> >>>>>>>> hmm this answer doesnt make sense for me, I surely miss something > but >>>>>>>> >>>>>>>>> read >>>>>>>>> it like "hey there is this property you can switch on true but if > you >>>>>>>>> google you'll see you shouldn't" >>>>>>>>> >>>>>>>>> >>>>>>>>> Romain Manni-Bucau >>>>>>>>> @rmannibucau <https://twitter.com/rmannibucau> | Blog >>>>>>>>> <http://rmannibucau.wordpress.com> | Github < >>>>>>>>> https://github.com/rmannibucau> | >>>>>>>>> LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber >>>>>>>>> <http://www.tomitribe.com> >>>>>>>>> >>>>>>>>> 2015-05-08 0:15 GMT+02:00 Andy <[email protected]>: >>>>>>>>> >>>>>>>>> This is what I said and the reason I changed it. And yes the >>>>>>>>> constants >>>>>>>>> >>>>>>>>> have that for 'server' now, and have also had other values in the >>>>>>>>>> past. >>>>>>>>>> >>>>>>>>>> So to be even more complete and correct myself.... changed it > from >>>>>>>>>> "Apache >>>>>>>>>> Coyote/1.1" to "Apache TomEE", which is still better IMHO. >>>>>>>>>> >>>>>>>>>> @Romain: "you encourage it by making it on the front of the > scene." >>>>>>>>>> >>>>>>>>>> That's like saying I'm encouraging someone to change the 'port', >>>>>>>>>> which >>>>>>>>>> is >>>>>>>>>> also potentially dangerous when put into the hands of an idiot. >>>>>>>>>> I like, and hope, to think that exposing a property would > encourage >>>>>>>>>> someone to look it up before changing it blindly. The very first >>>>>>>>>> google >>>>>>>>>> hit >>>>>>>>>> on 'xpoweredBy' will enlighten even the most fickle reader. >>>>>>>>>> >>>>>>>>>> Sorry if my opinion just does not fit in on that. Another hour > of my >>>>>>>>>> life >>>>>>>>>> wasted. >>>>>>>>>> >>>>>>>>>> Andy. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On 07/05/2015 23:58, Romain Manni-Bucau wrote: >>>>>>>>>> >>>>>>>>>> 2015-05-07 23:56 GMT+02:00 Andy <[email protected]>: >>>>>>>>>> >>>>>>>>>> Also, for completeness: >>>>>>>>>>> >>>>>>>>>>> xpoweredBy="*false*" activates nothing, if it were >>>>>>>>>>> >>>>>>>>>>>> xpoweredBy="*true*" >>>>>>>>>>>> then maybe that might just 'activate' whatever it is you think > is >>>>>>>>>>>> being >>>>>>>>>>>> activated here? >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> you encourage it by making it on the front of the scene. >>>>>>>>>>>> >>>>>>>>>>>> server="*Apache TomEE*" merely changes the existing value > and >>>>>>>>>>>> >>>>>>>>>>> also >>>>>>>>>>> >>>>>>>>>>> 'activates' nothing. I don't see where you think this is a >>>>>>>>>>> security >>>>>>>>>>> >>>>>>>>>>>> issue? >>>>>>>>>>>> Happy to learn though, so please point me to the specific code > that >>>>>>>>>>>> this >>>>>>>>>>>> affects? >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> it is on by default is not overrided by the app. >>>>>>>>>>>> >>>>>>>>>>>> Andy. >>>>>>>>>>>> >>>>>>>>>>> On 07/05/2015 23:21, Romain Manni-Bucau wrote: >>>>>>>>>>> >>>>>>>>>>>> You activated 2 different headers which is useless since we >>>>>>>>>>>> change >>>>>>>>>>>> >>>>>>>>>>>> serverinfo by default you already get tomee here. >>>>>>>>>>>> >>>>>>>>>>>>> That said this is not the real issue. Doing it is a standard >>>>>>>>>>>>> security >>>>>>>>>>>>> issue, that is why it is off by default in tomcat so I > suggest to >>>>>>>>>>>>> not >>>>>>>>>>>>> set >>>>>>>>>>>>> it on by default >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Romain Manni-Bucau >>>>>>>>>>>>> @rmannibucau <https://twitter.com/rmannibucau> | Blog >>>>>>>>>>>>> <http://rmannibucau.wordpress.com> | Github < >>>>>>>>>>>>> https://github.com/rmannibucau> | >>>>>>>>>>>>> LinkedIn <https://www.linkedin.com/in/rmannibucau> | > Tomitriber >>>>>>>>>>>>> <http://www.tomitribe.com> >>>>>>>>>>>>> >>>>>>>>>>>>> 2015-05-07 23:10 GMT+02:00 Andy <[email protected]>: >>>>>>>>>>>>> >>>>>>>>>>>>> Some crawlers are using that header as the evaluation. >>>>>>>>>>>>> Default >>>>>>>>>>>>> is >>>>>>>>>>>>> Apache >>>>>>>>>>>>> >>>>>>>>>>>>> Tomcat 7.0.x etc and it is always on, so having Apache TomEE >>>>>>>>>>>>> will >>>>>>>>>>>>> >>>>>>>>>>>>> give >>>>>>>>>>>>>> us >>>>>>>>>>>>>> better standing. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Andy. >>>>>>>>>>>>>> >>>>>>>>>>>>>> On 07/05/2015 22:38, Romain Manni-Bucau wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>> PS (sorry hit enter without wishing it): asking cause I >>>>>>>>>>>>>> wouldn't >>>>>>>>>>>>>> have it >>>>>>>>>>>>>> >>>>>>>>>>>>>> on >>>>>>>>>>>>>> >>>>>>>>>>>>>> by default as a user >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Romain Manni-Bucau >>>>>>>>>>>>>>> @rmannibucau <https://twitter.com/rmannibucau> | Blog >>>>>>>>>>>>>>> <http://rmannibucau.wordpress.com> | Github < >>>>>>>>>>>>>>> https://github.com/rmannibucau> | >>>>>>>>>>>>>>> LinkedIn <https://www.linkedin.com/in/rmannibucau> | > Tomitriber >>>>>>>>>>>>>>> <http://www.tomitribe.com> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 2015-05-07 22:36 GMT+02:00 Romain Manni-Bucau < >>>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> : >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> What's the goal? We already switch server info,isnt it >>>>>>>>>>>>>>> enough? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Romain Manni-Bucau >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> @rmannibucau <https://twitter.com/rmannibucau> | Blog >>>>>>>>>>>>>>>> <http://rmannibucau.wordpress.com> | Github >>>>>>>>>>>>>>>> <https://github.com/rmannibucau> | LinkedIn >>>>>>>>>>>>>>>> <https://www.linkedin.com/in/rmannibucau> | Tomitriber >>>>>>>>>>>>>>>> <http://www.tomitribe.com> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> ---------- Forwarded message ---------- >>>>>>>>>>>>>>>> From: <[email protected]> >>>>>>>>>>>>>>>> Date: 2015-05-07 22:03 GMT+02:00 >>>>>>>>>>>>>>>> Subject: tomee git commit: TomEE header >>>>>>>>>>>>>>>> To: [email protected] >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Repository: tomee >>>>>>>>>>>>>>>> Updated Branches: >>>>>>>>>>>>>>>> refs/heads/master 2c4047e14 -> 268b57c86 >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> TomEE header >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Project: http://git-wip-us.apache.org/repos/asf/tomee/repo >>>>>>>>>>>>>>>> Commit: >>>>>>>>>>>>>>>> > http://git-wip-us.apache.org/repos/asf/tomee/commit/268b57c8 >>>>>>>>>>>>>>>> Tree: >>>>>>>>>>>>>>>> http://git-wip-us.apache.org/repos/asf/tomee/tree/268b57c8 >>>>>>>>>>>>>>>> Diff: >>>>>>>>>>>>>>>> http://git-wip-us.apache.org/repos/asf/tomee/diff/268b57c8 >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Branch: refs/heads/master >>>>>>>>>>>>>>>> Commit: 268b57c868c055e3788b85d6ed6a192da094e808 >>>>>>>>>>>>>>>> Parents: 2c4047e >>>>>>>>>>>>>>>> Author: [email protected] <[email protected]> >>>>>>>>>>>>>>>> Authored: Thu May 7 22:03:35 2015 +0200 >>>>>>>>>>>>>>>> Committer: [email protected] <[email protected]> >>>>>>>>>>>>>>>> Committed: Thu May 7 22:03:35 2015 +0200 >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > ---------------------------------------------------------------------- >>>>>>>>>>>>>>>> .../apache/tomee/RemoteTomEEEJBContainerIT.java > | 2 >>>>>>>>>>>>>>>> +- >>>>>>>>>>>>>>>> .../java/org/apache/tomee/installer/Installer.java | > 17 >>>>>>>>>>>>>>>> +++++++++++++++++ >>>>>>>>>>>>>>>> 2 files changed, 18 insertions(+), 1 deletion(-) >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > ---------------------------------------------------------------------- >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > http://git-wip-us.apache.org/repos/asf/tomee/blob/268b57c8/tomee/apache-tomee/src/test/java/org/apache/tomee/RemoteTomEEEJBContainerIT.java >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > ---------------------------------------------------------------------- >>>>>>>>>>>>>>>> diff --git >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > a/tomee/apache-tomee/src/test/java/org/apache/tomee/RemoteTomEEEJBContainerIT.java >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > b/tomee/apache-tomee/src/test/java/org/apache/tomee/RemoteTomEEEJBContainerIT.java >>>>>>>>>>>>>>>> index 70fcf6f..17731b9 100644 >>>>>>>>>>>>>>>> --- >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > a/tomee/apache-tomee/src/test/java/org/apache/tomee/RemoteTomEEEJBContainerIT.java >>>>>>>>>>>>>>>> +++ >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > b/tomee/apache-tomee/src/test/java/org/apache/tomee/RemoteTomEEEJBContainerIT.java >>>>>>>>>>>>>>>> @@ -67,7 +67,7 @@ public class RemoteTomEEEJBContainerIT { >>>>>>>>>>>>>>>> " <!-- TomEE plugin for Tomcat -->\n" + >>>>>>>>>>>>>>>> " <Listener >>>>>>>>>>>>>>>> className=\"org.apache.tomee.catalina.ServerListener\" > />\n" + >>>>>>>>>>>>>>>> " <Service name=\"Catalina\">\n" + >>>>>>>>>>>>>>>> - " <Connector port=\"" + http + "\" >>>>>>>>>>>>>>>> protocol=\"HTTP/1.1\" >>>>>>>>>>>>>>>> />\n" + >>>>>>>>>>>>>>>> + " <Connector port=\"" + http + "\" >>>>>>>>>>>>>>>> protocol=\"HTTP/1.1\" >>>>>>>>>>>>>>>> xpoweredBy=\"false\" server=\"Apache TomEE\" />\n" + >>>>>>>>>>>>>>>> " <Engine name=\"Catalina\" >>>>>>>>>>>>>>>> defaultHost=\"localhost\">\n" + >>>>>>>>>>>>>>>> " <Host name=\"localhost\" >>>>>>>>>>>>>>>> appBase=\"webapps\"\n" >>>>>>>>>>>>>>>> + >>>>>>>>>>>>>>>> " unpackWARs=\"true\" >>>>>>>>>>>>>>>> autoDeploy=\"true\">\n" + >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > http://git-wip-us.apache.org/repos/asf/tomee/blob/268b57c8/tomee/tomee-common/src/main/java/org/apache/tomee/installer/Installer.java >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > ---------------------------------------------------------------------- >>>>>>>>>>>>>>>> diff --git >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > a/tomee/tomee-common/src/main/java/org/apache/tomee/installer/Installer.java >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > b/tomee/tomee-common/src/main/java/org/apache/tomee/installer/Installer.java >>>>>>>>>>>>>>>> index 0308c3d..60bd8f7 100644 >>>>>>>>>>>>>>>> --- >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > a/tomee/tomee-common/src/main/java/org/apache/tomee/installer/Installer.java >>>>>>>>>>>>>>>> +++ >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> > b/tomee/tomee-common/src/main/java/org/apache/tomee/installer/Installer.java >>>>>>>>>>>>>>>> @@ -448,6 +448,23 @@ public class Installer implements >>>>>>>>>>>>>>>> InstallerInterface { >>>>>>>>>>>>>>>> alerts.addError("Error while adding >>>>>>>>>>>>>>>> listener to >>>>>>>>>>>>>>>> server.xml >>>>>>>>>>>>>>>> file", e); >>>>>>>>>>>>>>>> } >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> + //Add TomEE header >>>>>>>>>>>>>>>> + try { >>>>>>>>>>>>>>>> + newServerXml = >>>>>>>>>>>>>>>> Installers.replace(serverXmlOriginal, >>>>>>>>>>>>>>>> + "<Connector port=\"8080\"", >>>>>>>>>>>>>>>> + "<Connector port=\"8080\"", >>>>>>>>>>>>>>>> + "/>", >>>>>>>>>>>>>>>> + "xpoweredBy=\"false\" server=\"Apache >>>>>>>>>>>>>>>> TomEE\" >>>>>>>>>>>>>>>> />"); >>>>>>>>>>>>>>>> + >>>>>>>>>>>>>>>> + newServerXml = >>>>>>>>>>>>>>>> Installers.replace(serverXmlOriginal, >>>>>>>>>>>>>>>> + "<Connector port=\"8443\"", >>>>>>>>>>>>>>>> + "<Connector port=\"8443\"", >>>>>>>>>>>>>>>> + "/>", >>>>>>>>>>>>>>>> + "xpoweredBy=\"false\" server=\"Apache >>>>>>>>>>>>>>>> TomEE\" >>>>>>>>>>>>>>>> />"); >>>>>>>>>>>>>>>> + } catch (final IOException e) { >>>>>>>>>>>>>>>> + alerts.addError("Error adding server > attribute to >>>>>>>>>>>>>>>> server.xml >>>>>>>>>>>>>>>> file", e); >>>>>>>>>>>>>>>> + } >>>>>>>>>>>>>>>> + >>>>>>>>>>>>>>>> // overwrite server.xml >>>>>>>>>>>>>>>> if >>>>>>>>>>>>>>>> (Installers.writeAll(paths.getServerXmlFile(), >>>>>>>>>>>>>>>> newServerXml, >>>>>>>>>>>>>>>> alerts)) { >>>>>>>>>>>>>>>> alerts.addInfo("Add OpenEJB listener to >>>>>>>>>>>>>>>> server.xml"); >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Andy Gumbrecht >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> https://twitter.com/AndyGeeDe >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> >>>>>>>>>>>>>> Andy Gumbrecht >>>>>>>>>>>>>> >>>>>>>>>>>>> https://twitter.com/AndyGeeDe >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> >>>>>>>>>>>> Andy Gumbrecht >>>>>>>>>>> >>>>>>>>>> https://twitter.com/AndyGeeDe >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> >>>>>>>>> Andy Gumbrecht >>>>>>>> https://twitter.com/AndyGeeDe >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>> Andy Gumbrecht >>>>>> https://twitter.com/AndyGeeDe >>>>>> >>>>>> >>>>>> >>>> -- >>>> Andy Gumbrecht >>>> https://twitter.com/AndyGeeDe >>>> >>>> >>
