of the carriers to supply off-the-shelf
UMTS modules .. cheaper/easier than USRP+GNUradio. Anyone done this to
ATT's kit this side of the pond?
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http
-edged sword.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
balancer
in front of the webserver and IDS the traffic coming out the backside ..
you don't pass out copies of the key.
My 0.02.
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
named Aristotle.
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
/android-locdump
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
)' .. relevant
options documented here :
http://developer.android.com/guide/developing/tools/adb.html
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
is that Excel is embedding the PIN (part of the
printer driver) in the default printer settings it saves in the document
metadata.
The PIN itself isn't particularly private (it's sent in the clear when
printing) but embedding it is dumb.
Cheers,
Michael Holstein
Cleveland State University
.
One could argue the whole creatures of habit aspect around the PIN
(dammit, now I need to change my luggage), but the whole secure print
thing is sort of a misnomer and more of a marketing trick (internally
and externally) than anything else.
Cheers,
Michael Holstein
Cleveland State University
to such addresses and requires you answer a convoluted webform to
do most anything).
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
for JTR
(/pam_passwdqc) /just to make sure people don't use stupid ones.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
that sshd(8) listens on. The default
is 22. Multiple options of this type are permitted. See also
ListenAddress.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
it is to
stumble upon a random HTTP site with no authentication.
Having a bunch of drugs laying about when $agency comes to ask about it
.. also a bad idea.
My $0.02, IANAL, etc.
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe
.. you can tell it to act as USB Mass Storage or act as a MTP
device. The latter requires a certificate to communicate with it.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk
A = Spend money on compliance
'A' is *mandatory* if you choose to do certain operations in-house.
Why is this so hard to understand?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
still holds.
Well .. waste your money on compliance .. or waste your money on the
surcharge you pay to another entity that *is* compliant. Take your pick.
Cheers,
Michael Holstein
Cleveland State University
PS: Just because you say your network is secure doesn't make it so.
Internal
would be
asking you about change management for those assets, who has access to
them and why, how logs are reviewed and by whom, etc.
There's 12 basic points in the 1.2 spec, none of which contradict
current best-practice for network design.
Cheers,
Michael Holstein
Cleveland State University
PS
the right path.
Even so .. the problem with securing networks/systems is there's
millions of them and only a few of you. Also .. you have to be right
100% of the time, and they only have to get lucky once.
My $10.02 ($10 minimum purchase on all credit cards). **
Cheers,
Michael Holstein
Cleveland
instead of being told I
dunno, ask the cloud.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
exterior lights works better.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
the correct implementation of AES :
http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe
Yahoo.com has assassins? Wow!
User-agent: Slurp
Disallow: *
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
anyone see this and know about it? How it works and good detection?
http://www.brickhousesecurity.com/pc-computer-spy.html
autorun.inf is how it installs itself.
once installed, it works like any other rootkit spyware (screen grabs,
keystroke/window logger, etc).
Cheers,
Michael
beyond those that speed up a brute-force attack (like
the Tableau TACC1441), but those tools just speed up the password-key
generation process .. they aren't even attempting a true keyspace attack.
Cheers,
Michael Holstein
Cleveland State University
PS: as for custom ciphers, I hear 2 rounds
cycles across the entire drive.
The only way to completely wipe a flash disk is with a hammer.
Regards,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
looking with a program, but not in front of a
Court.
You're forgetting that most such work is either done by salaried
government employees or contractors paid by the hour .. neither of which
care how long it takes.
Cheers,
Michael Holstein
Cleveland State University
://www.ssddfj.org/papers/SSDDFJ_V1_1_Breeuwsma_et_al.pdf
In any case, provided you take a factory-new drive and immediately
install an encrypted filesystem on it, any such orphan data would be
essentially random.
Regards,
Michael Holstein
Cleveland State University
I must suggest your experience is quite limited - the case below is not
unique:
Yes it is. Rarely do you get a group of 28 computer scientists to
volunteer their time/money in a criminal case.
Cheers,
Michael Holstein
Cleveland State University
deliberately seed your hard disk with them?
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
deniability, consider TrueCrypt's
hidden volumes [*2*].
[*1*]: http://en.wikipedia.org/wiki/Steganography
[*2*]: http://www.truecrypt.org/docs/plausible-deniability
Regards,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe
to hide
any potential illegal stuff by putting articles about related illegal
stuff he didn't do on there.
Quit trying to re-invent the wheel and get your crypto on and lawyer up
when asked about it.
Cheers,
Michael Holstein
Cleveland State University
/
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
I'm developing an app for linux, the PC at work can't run a single
version of linux
Post a copy of lspci -v and I bet somebody proves you wrong.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter
, or Cisco ACL format :
http://www.okean.com/thegoods.html
Regards,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
fancier still, run Quagga on a linux box with a BGP
feed from somewhere and blackhole AS8060, AS8069, AS8705, AS3598, and a
couple of others I'm too lazy to look up at the moment .. and route your
traffic through that.
Cheers,
Michael Holstein
Cleveland State University
the internet is wide open for people to scan.
True, but when I see a bunch of *unsolicited* scans I know they're
malicious. You're asking for them, and then you don't know what happens
to the results.
It's not paranoia when they really *are* out to get you.
Cheers,
Michael Holstein
Cleveland State
.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
What UoW-LaCrosse students should do is flood FB with pictures of
staged underage drinking shots and put a stop to this.
Or just start photoshopping hookers into the front seat of local cop cars.
___
Full-Disclosure - We believe in it.
Charter:
being funny was when somebody
did one that mailed the contents of /etc/passwd .. and somebody else
took the time to make a passwd file that when run through jtr said
something like you're so lame for decoding this)
Cheers,
Michael Holstein
Cleveland State University
because he knew he *would* be fired .. but
it's hard to argue unlawful termination when you quit on your own
(IANAL, etc.).
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
AFAIK, it's a field of one:
http://www.hackerspace.net/hostilewrt
A WRT-54GL with a LiPO battery will run for (at least) a week. The PCB
inside fits in a long Kleenex box along with a battery underneath it and
some real kleenex on top. Scatter a few around as needed.
Cheers,
Michael
://www.usdoj.gov/dea/dea_banner.jpg) was
edited with Photoshop to produce the one on that site : wget -proxy=on
-O - http://narc.oti.cz/dea_banner.jpg |strings |head -3
JFIF
Ducky
Adobe
But as always .. click on links in email at your own risk. Use TOR+wget
if you want to be careful.
Cheers,
Michael
While these two events are not related in anyway, I am wondering why
people don't create backup off site or don't plan normal failsafe's
when there site is as big as Google (we have seen a few popular sites
die because of this mistake)
Google fat-fingered something in their BGP configs(*)
on the application .. bottom of page 4 :
The electronic chip must be read using specially formatted readers,
which protects the data on the chip
from unauthorized reading.
specially formatted .. meaning anything from this list? :
http://rfidiot.org/index.html#Hardware
Regards,
Michael
.org is now being affected as well.
Not here ..
$ date
Wed Feb 11 10:17:01 EST 2009
$ host metasploit.org
metasploit.org has address 66.240.213.84
metasploit.org mail is handled by 20 slug.metasploit.com.
metasploit.org mail is handled by 1 bogus.metasploit.com.
metasploit.org mail is
that's all fine and dandy. still can't reach port 80.
Again .. not here (AS32818 in Cleveland, OH) ..
~$ wget -O - http://www.metasploit.org
--10:52:43-- http://www.metasploit.org/
= `-'
Resolving www.metasploit.org... 66.240.213.84
Connecting to
that's all fine and dandy. still can't reach port 80.
Have you tried using OpenDNS, etc. to see if it resolves?
eg: host -t a www.metasploit.org *208.67.222.222
Perhaps your school/employeer/ISP has decided that Metasploit is off-limits.
~Mike.*
Have any of you guys heard of RFID?
Yeah .. wouldn't it make more sense to just build one that reads the
AVID chip most pets have in them anyway?
Then again .. I think the point was to deny entry if kitty was bringing
in a prize.
___
.
Cheers,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
I am looking for a free audit script / tool to audit host level
security for Solaris 10 machines. Does any one know of any such
scripts / tools around?
http://www.cisecurity.org/benchmarks.html
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
is interesting :
https://licensemanager.sonicwall.com/js/ClientValidationMethods.js
Seems remote debug is on as well :
https://licensemanager.sonicwall.com/mf/fwregister_done.jsp
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure
antenna can give you several hundred feet, easily.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
Oh wow, that is amazing. Learn whois, contact the respective abuse
handlers, let the rest of us be in peace. Better yet, show us your app
and tell us your ip so we can laugh and most likely lock you out of
Net::Abuse::Utils
that the recent onset
of attacks from this IP is the result of the IP being forged by an
external party. External parties will commonly use IP addresses that
belong to large organizations to mask network traffic.
--snip--
Cheers,
Michael Holstein
Cleveland State University
of this for their RNGs,
and random.org does it with RF (radios listening to static) .. do
patches exist for OpenSSL to use hardware devices? (short of a hack to
take something like the above and pipe it to /dev/random, etc).
Cheers,
Michael Holstein
Cleveland State University
configuration simpler .. though generally you can
set a multiplier in the config that allows for dissimilar hardware.
Have a look at Beowulf or OpenMOSIX.
Regards,
Michael Holstein
Cleveland State University
___
Full-Disclosure - We believe
.ibm.com/security/cryptocards/pcicc/overproduct.shtml] as
a good example of how it's implemented.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
Has anyone had a go with/against the Asus Eee PC?
SANS did a write-up on this the other day :
http://isc.sans.org/diary.html?storyid=3687
.. and they include the steps required to disable the offending services.
~Mike.
___
Full-Disclosure -
He states that the CSI/FBI surveys suggest that wiretapping is rare.
Should companies still be concerned with Wiretapping?
I'd argue that the vast majority of wiretapping isn't done officially
by the Government.
There's more money to be made in stealing your company secrets or
mis-using
WTF is cross-site shipping ???
A way to implement RFC 1149.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
I'm sorry everyone I was just trying to highlight a valid point, i
didn't expect a flame war to errupt.
Then be more judicious in your use of Reply-All.
The DHS need to ban ISP's from talking about infrastructure security
in public places. it should be classified information don't you
http://www.abovetopsecret.com/forum/thread302187/pg1
Read the other posts on that site .. the conspiracy nuts over there have
predicted the end of the world each month, every month going back for
some time.
If real,this is scary!!
Not as scary as people that think I read it on the
JtR will only succeed if the password is based on frequently used
characters. If it is truly random and 8 characters long, JtR will not
be able to crack it.
Sure it will, it just takes adjustments to john.conf and a *lot* longer.
djohn (distributed JtR) was written to address this :
SafeNet goofs again they haven't mastered the concept of timezones.
Cheers,
Michael Holstein CISSP GCIA
Information Security Administrator
Cleveland State University
--snip--
May 31, 2007
[our address]
RE: Certain Prior Notices Concerning the Unauthorized
Distribution
rainbow tables first
though. Remember, with a hash, you need not figure out the actual
password, just something that generates a collision.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter
Dork, show me a full set of a-zA-Z0-9{8} rainbow tables with salted
md5 and I will show you a picture of me in a bathing suit.
My *point* was that a rainbow attack against is a lot faster than a
brute-force with JTR or similar. Might as well try the easier options first.
Of course, if the
they do because I
personally saw one of the major US carriers .. [ahem.. Verizon] ..
deliver boxes of sent/received text messages -- for hundreds of phones
-- going back at least a year).
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
It's also possible to recover deleted photos
You mean SSID not broadcast?
Look for the client's network-specific probe request. Kismet (and
others) do this automagically. Windows quite helpfully issues probe
requests for *all* the networks it has past associations for.
You can also use aircrack-ng to force-deauth a client and just watch
Sure you can. You have to do it on the primary wifi0 and not a vap
(athx). shut it first, then change it (ifconfig or tool such as
macchanger), then bring it back up.
This apparently wasn't working in madwifi-ng :
http://madwifi.org/wiki/UserDocs/ChangeMacAddress
but it was patched
I use WEP at home, even though my house is far enough from the road to
make it rather difficult for someone to jump on my network.
Really? Like how far?
I've done point-to-multipoint (me with 24db parabolic, them with a
standard omni) at 6 miles (granted, I was on the 12th floor of a
* Intent: This is a biggie. If someone trespassed on your
private network through an open wireless access point, then proving
digital trespassing can be very difficult. However, if the user
must bypass your minimalist WEP security, then they clearly show
intent to trespass.
Accessing it
apologies if this is lame or already known.
What, you mean the part about stuff you post to the Internet not being
private?
Well .. *duh*.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
If you run Solaris, please check if you got telnet enabled NOW.
Simple test :
nmap -sV -oG - -p23 your.net/cidr |grep Sun Solaris
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http
Kidnappers will just start lining their car trunks with copper mesh.
[EMAIL PROTECTED] wrote:
Engineer: GPS Shoes Make People Findable
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
segment, do a MITM with ARP and stash a laptop.
Then just wait for somebody to login.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
.. or boredom or both.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
PS: I hate to be the one to point this out, but nothing will protect
your confidential research from a subpoena.
___
Full-Disclosure - We believe in it.
Charter: http
Reportedly DHS confirmed an alert had been distributed but said there was no
reason to believe the threat was credible.
and since when is DHS credible itself? and why to people scatter every
time their terrorism mood ring changes color?
I guess they don't realize that servers overheat when
...I wonder if someone probably didn't like all the portscans they got
from it (thinks of Microsoft) and took it out?
David.
Heck .. how to portscan Microsoft has been in the Nmap man page for ages
(even in the help you get when you execute it without arguments) ..
although it's not in
getting OpenSSL/whatever to cough up ones that MS
understands) ...
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
Ozan Ozkara wrote:
Hi folks,
I am trying to find a tool which provides automatic client configuration
for 802.1X implementation in windows environment. I'm trying
Consulting Inc.
network:Street-Address:6174 Darleon Place
network:City:ALEXANDRIA
network:State:VA
network:Postal-Code:22310
sigh .. another consultant that is trying to get other folks to do his
dirty work...
Cheers,
Michael Holstein CISSP GCIA
Information Security Administrator
Cleveland
why not save all that trouble and just use the --limit directive in
iptables? (examples on the netfilter mailing-list).
~Mike.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
That specially crafted attempt would be a HUGE raping of TCP/IP. How do
you supposed it would be possible for someone to insert 0wn3ed or any
other variable outside of an IP address?
Remember the (in)famous quote ...that vulnerability is purely
theoretical...?
I think the point is you
It's also loads of fun if the box in question is a server that's being
monitored by Big Brother or similar. Kinda hard to erase the 'red' marker
on the big screen in the NOC. Similar comments apply to machines that
report to a central syslog server...
7b) unplug target network cable [thus
That article focuses on Dutch passports, but in the US it's essentially
the same.
The Passport number
a 10 digit number (I don't know where they start, but it certainly
wasn't 01).
The Date Of Birth of the holder
about 32,000 possibilities (assuming 90yrs old)
The
And easily optimized by starting with a guess at the person's age - are
they 20, or 45, or 70? Take 5 years either side, and you're down to 3,650
or so guesses.
I was thinking more along the lines of hanging around just outside
security or immigration with my long range antenna and laptop
Does anyone could give me some spam archive, or spam to
[EMAIL PROTECTED], thanks.
Yeah, I've got gigabytes of it here sitting in the quarantine on my
Mailfrontier boxes .. problem is, I can't think of an easy way to
anonymize it and screen for false-positives that may contain sensitive
is you can just delete
the subdomain when you're done and not waste your bandwidth (and disk
space) dealing with test SPAM.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http
OK, so you pull the hard drive - where do you *put* it? Remember, if it's
packaged to be removable, it's going to look a lot like an MP3 player or some
other thing-with-a-battery, and you end up having to check it.
Being as the original email came from an exec at Universal Music, I
think the
Well, how about this :
build a PXE type CD/DVD with all your business applications (you could
automate a nightly build to keep antivirus, patches, etc current). Do
folder redirection or similar to mount all user-specific bits from a
USB thumb drive (itself an encrypted volume).
Then your
http://www.anonet.org
Forbidden
You don't have permission to access /index.html on this server.
Additionally, a 404 Not Found error was encountered while trying to use
an ErrorDocument to handle the request.
Apache/1.3.36 Server at www.anonet.org Port 80
The FBI, in a statement from its Baltimore field office, said a
preliminary review of the equipment by its computer forensic teams
has determined that the data base remains intact and has not been
accessed since it was stolen. More tests were planned, however.
Didn't the original wanted notice
So most of the research has been done here already.. Which brings me to
the work done by www.rfidvirus.org http://www.rfidvirus.org
They have some really good ideas about attacking the middleware using
SQL injections, SSL includes, and buffer overflows on the reader to
middle ware interface.
I have been reading the posts over the past few weeks, and am wondering
how the heck you guy discover these vulnerabilities. Granted, I am
still very new to the IS world, but I cannot begin to understand how you
discover weaknesses. After reading these posts, the explanation always
makes since,
gigabit (or faster) capture at wire-speed, a lot of other
factors like PCI bandwidth, disk bandwidth, interrupts, etc. come into play.
Good luck.
Michael Holstein CISSP GCIA
Cleveland State University
crazy frog crazy frog wrote:
Hi List,
I m just wondering if it is possible to capture
As someone already pointed out, if you want a nice GUI to look at them
(and do advanced protocol decodes) use Ethereal (or tethereal for text
output). Note that the display expressions in [t|e]thereal are different
than the BPF expressions used to capture.
Cheers,
Michael Holstein CISSP GCIA
Confirmed on xpsp2, fully patched.
~Mike.
John Bond wrote:
could some one tell me why/how this happens.
1. Open up Notepad
2. Type in this sentence exactly (without quotes): this app can break
3. Save the file to your hard drive.
4. Close
Set up a wildcard record, *.webvpn.example.org, pointing to the device.
The device then maps all internal domain names or IP addresses to a
unique hostname, such as: internalhost.webvpn.example.org, or
192-168-0-1.webvpn.example.org, etc.
This has the side effect of making procurement of the
SSL certificates are free. You just have to have enough knowledge to
distribute your own CA certificate. For a VPN appliance, this should
not be a problem at all, since only your trusted users should be
accessing it. Even if you aren't competent enough to figure out how to
distribute your own
again, redirecting a tor user to a 403 requires you to sit and think up of
a workaround. perhaps you aren't able to come up with one or you don't
want to take the time/effort. this means i've effectively deterred you from
using tor to get to the website. now if you care about the website more
But remember your rights stop when the rights of others start. So,
if a give admin wants people who use Tor to be blocked from his
particular site, it is his right. I might not agree with it, but
I'll defend his right to do so. After all, it is his site. If he
was to do that (and makes a clear
1 - 100 of 247 matches
Mail list logo
