<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
5038 is used by Allmon to display a HTML base management console.
It's not bad and can be installed locally. Since it's only listening
to local host by default I'm OK with it. If you are going to
firewall IAX (4569) you are going to need to read the allstar node
list to create allow rules.<br>
Debian uses iptables. I use Shorewall as a front end to make it more
user friendly.<br>
<br>
<div class="moz-cite-prefix">On 10/05/2015 07:43 PM, Steven Donegan
wrote:<br>
</div>
<blockquote
cite="mid:546400889.1016431.1444088609441.JavaMail.yahoo@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:HelveticaNeue-Light, Helvetica Neue Light, Helvetica
Neue, Helvetica, Arial, Lucida Grande,
sans-serif;font-size:16px">
<div id="yui_3_16_0_1_1443990021550_87597" dir="ltr">5038 is
asterisk management port - I would suggest for hardening that
222 (whatever port is selected for ssh) and 4569 be firewalled
tightly and 5038 kept totally local. But this is all food for
further discussion :-)</div>
<div id="yui_3_16_0_1_1443990021550_87811" dir="ltr"><br>
</div>
<div dir="ltr">Not having a currently running Debian system
handy - does it use iptables or firewalld? I have set up both
in a scripted fashion before.<br>
</div>
<div id="yui_3_16_0_1_1443990021550_87518"><span></span></div>
<div id="yui_3_16_0_1_1443990021550_87519"> </div>
<div id="yui_3_16_0_1_1443990021550_87520" class="signature">Steven
Donegan<br>
KK6IVC General Class FCC License<br>
Silver State Car #86<br>
<a class="moz-txt-link-abbreviated" href="http://www.sscc.us">www.sscc.us</a></div>
<br>
<div id="yui_3_16_0_1_1443990021550_87814" style="font-family:
HelveticaNeue-Light, Helvetica Neue Light, Helvetica Neue,
Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;">
<div id="yui_3_16_0_1_1443990021550_87813" style="font-family:
HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida
Grande, sans-serif; font-size: 16px;">
<div id="yui_3_16_0_1_1443990021550_87812" dir="ltr">
<hr id="yui_3_16_0_1_1443990021550_87965" size="1"> <font
id="yui_3_16_0_1_1443990021550_87815" face="Arial"
size="2"> <b><span style="font-weight:bold;">From:</span></b>
Steve Zingman <a class="moz-txt-link-rfc2396E"
href="mailto:szingman@msgstor.com"><szingman@msgstor.com></a><br>
<b><span style="font-weight: bold;">To:</span></b>
Steven Donegan <a class="moz-txt-link-rfc2396E"
href="mailto:donegan@donegan.org"><donegan@donegan.org></a>
<br>
<b><span style="font-weight: bold;">Cc:</span></b> <a
class="moz-txt-link-rfc2396E"
href="mailto:app_rpt-users@ohnosec.org"><a class="moz-txt-link-rfc2396E" href="mailto:app_rpt-users@ohnosec.org">"app_rpt-users@ohnosec.org"</a></a>
<a class="moz-txt-link-rfc2396E"
href="mailto:app_rpt-users@ohnosec.org"><app_rpt-users@ohnosec.org></a>
<br>
<b><span style="font-weight: bold;">Sent:</span></b>
Monday, October 5, 2015 4:38 PM<br>
<b><span style="font-weight: bold;">Subject:</span></b>
Node security<br>
</font> </div>
<div id="yui_3_16_0_1_1443990021550_87816"
class="y_msg_container"><br>
<div id="yiv4753716635">
<div> As of right now it's listening to 222 and 5038 on
127.0.0.1 TCP<br clear="none">
and 4569 on UDP.<br clear="none">
<br clear="none">
That's all.<br clear="none">
<br clear="none">
<div class="qtdSeparateBR"><br>
<br>
</div>
<div class="yiv4753716635yqt8111012284"
id="yiv4753716635yqt40981">
<div class="yiv4753716635moz-cite-prefix">On
10/05/2015 07:15 PM, Steven Donegan wrote:<br
clear="none">
</div>
<blockquote type="cite">
<div
style="color:#000;background-color:#fff;font-family:HelveticaNeue-Light,
Helvetica Neue Light, Helvetica Neue, Helvetica,
Arial, Lucida Grande,
sans-serif;font-size:16px;">
<div dir="ltr"
id="yiv4753716635yui_3_16_0_1_1443990021550_83439">Let
me spin up one of the DIAL setups - may take
me a day - then see what is enabled by default
and hardening will be 'easy' (no
processes/ports active not absolutely
required). Adding the CA stuff will be easy as
well if desired. Whatever the overall
direction is I can do security stuff :-)<br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_83330"><span></span></div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_83216"> </div>
<div class="yiv4753716635signature"
id="yiv4753716635yui_3_16_0_1_1443990021550_83203">Steven
Donegan<br clear="none">
KK6IVC General Class FCC License<br
clear="none">
Silver State Car #86<br clear="none">
<a moz-do-not-send="true" rel="nofollow"
shape="rect"
class="yiv4753716635moz-txt-link-abbreviated"
target="_blank" href="http://www.sscc.us/">www.sscc.us</a></div>
<br clear="none">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_83442"
style="font-family:HelveticaNeue-Light,
Helvetica Neue Light, Helvetica Neue,
Helvetica, Arial, Lucida Grande,
sans-serif;font-size:16px;">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_83441"
style="font-family:HelveticaNeue, Helvetica
Neue, Helvetica, Arial, Lucida Grande,
sans-serif;font-size:16px;">
<div dir="ltr"
id="yiv4753716635yui_3_16_0_1_1443990021550_83440">
<hr size="1"> <font
id="yiv4753716635yui_3_16_0_1_1443990021550_83443"
face="Arial" size="2"> <b><span
style="font-weight:bold;">From:</span></b>
Steve Zingman <a moz-do-not-send="true"
rel="nofollow" shape="rect"
class="yiv4753716635moz-txt-link-rfc2396E"
ymailto="mailto:szingman@msgstor.com"
target="_blank"
href="mailto:szingman@msgstor.com"><szingman@msgstor.com></a><br
clear="none">
<b><span style="font-weight:bold;">To:</span></b>
Steven Donegan <a
class="moz-txt-link-rfc2396E"
href="mailto:donegan@donegan.org"><a class="moz-txt-link-rfc2396E" href="mailto:donegan@donegan.org"><donegan@donegan.org></a></a>;
David Andrzejewski <a
class="moz-txt-link-rfc2396E"
href="mailto:david@davidandrzejewski.com"><a class="moz-txt-link-rfc2396E" href="mailto:david@davidandrzejewski.com"><david@davidandrzejewski.com></a></a>
<br clear="none">
<b><span style="font-weight:bold;">Cc:</span></b>
<a moz-do-not-send="true" rel="nofollow"
shape="rect"
class="yiv4753716635moz-txt-link-rfc2396E"
ymailto="mailto:app_rpt-users@ohnosec.org" target="_blank"
href="mailto:app_rpt-users@ohnosec.org">"app_rpt-users@ohnosec.org"</a>
<a moz-do-not-send="true" rel="nofollow"
shape="rect"
class="yiv4753716635moz-txt-link-rfc2396E"
ymailto="mailto:app_rpt-users@ohnosec.org" target="_blank"
href="mailto:app_rpt-users@ohnosec.org"><app_rpt-users@ohnosec.org></a>
<br clear="none">
<b><span style="font-weight:bold;">Sent:</span></b>
Monday, October 5, 2015 4:04 PM<br
clear="none">
<b><span style="font-weight:bold;">Subject:</span></b>
Re: [App_rpt-users] New Official Allstar
Distribution Released (DIAL)<br
clear="none">
</font> </div>
<div class="yiv4753716635y_msg_container"
id="yiv4753716635yui_3_16_0_1_1443990021550_83444"><br
clear="none">
<div id="yiv4753716635">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_83445">
Sure,<br clear="none">
I think a hardening script might be in
order (and optional).<br clear="none">
<br clear="none">
<div
class="yiv4753716635qtdSeparateBR"><br
clear="none">
<br clear="none">
</div>
<div
class="yiv4753716635yqt9120962000"
id="yiv4753716635yqt52579">
<div
class="yiv4753716635moz-cite-prefix">On
10/05/2015 06:55 PM, Steven
Donegan wrote:<br clear="none">
</div>
<blockquote type="cite">
<div
style="color:#000;background-color:#fff;font-family:HelveticaNeue-Light,
Helvetica Neue Light, Helvetica
Neue, Helvetica, Arial, Lucida
Grande,
sans-serif;font-size:16px;">BTW
- I have a script to make a *NIX
box a CA and generate
certificates - that could easily
be added to the DIAL/Pi/etc
releases - let me see if I can
scrounge it up :-) Assuming
anyone would want that ability
and Steve is OK with it :-)<br
clear="none">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_80415"><span></span></div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_80416"> </div>
<div
class="yiv4753716635signature"
id="yiv4753716635yui_3_16_0_1_1443990021550_80482">Steven Donegan<br
clear="none">
KK6IVC General Class FCC
License<br clear="none">
Silver State Car #86<br
clear="none">
<a moz-do-not-send="true"
rel="nofollow" shape="rect"
class="yiv4753716635moz-txt-link-abbreviated" target="_blank"
href="http://www.sscc.us/">www.sscc.us</a></div>
<br clear="none">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_80485"
style="font-family:HelveticaNeue-Light,
Helvetica Neue Light,
Helvetica Neue, Helvetica,
Arial, Lucida Grande,
sans-serif;font-size:16px;">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_80484"
style="font-family:HelveticaNeue,
Helvetica Neue, Helvetica,
Arial, Lucida Grande,
sans-serif;font-size:16px;">
<div dir="ltr"
id="yiv4753716635yui_3_16_0_1_1443990021550_80483">
<hr
id="yiv4753716635yui_3_16_0_1_1443990021550_80529"
size="1"> <font
id="yiv4753716635yui_3_16_0_1_1443990021550_80486"
face="Arial" size="2"> <b><span
style="font-weight:bold;">From:</span></b> David Andrzejewski <a
class="moz-txt-link-rfc2396E"
href="mailto:david@davidandrzejewski.com"><a class="moz-txt-link-rfc2396E" href="mailto:david@davidandrzejewski.com"><david@davidandrzejewski.com></a></a><br
clear="none">
<b><span
style="font-weight:bold;">To:</span></b>
Steven Donegan <a
class="moz-txt-link-rfc2396E"
href="mailto:donegan@donegan.org"><a class="moz-txt-link-rfc2396E" href="mailto:donegan@donegan.org"><donegan@donegan.org></a></a> <br
clear="none">
<b><span
style="font-weight:bold;">Cc:</span></b>
Bryan D. Boyle <a
class="moz-txt-link-rfc2396E"
href="mailto:bdboyle@bdboyle.com"><a class="moz-txt-link-rfc2396E" href="mailto:bdboyle@bdboyle.com"><bdboyle@bdboyle.com></a></a>; <a
class="moz-txt-link-rfc2396E"
href="mailto:app_rpt-users@ohnosec.org"><a class="moz-txt-link-rfc2396E" href="mailto:app_rpt-users@ohnosec.org">"app_rpt-users@ohnosec.org"</a></a>
<a
class="moz-txt-link-rfc2396E"
href="mailto:app_rpt-users@ohnosec.org"><a class="moz-txt-link-rfc2396E" href="mailto:app_rpt-users@ohnosec.org"><app_rpt-users@ohnosec.org></a></a>
<br clear="none">
<b><span
style="font-weight:bold;">Sent:</span></b>
Monday, October 5, 2015
3:50 PM<br clear="none">
<b
id="yiv4753716635yui_3_16_0_1_1443990021550_80488"><span
id="yiv4753716635yui_3_16_0_1_1443990021550_80487"
style="font-weight:bold;">Subject:</span></b>
Re: [App_rpt-users] New
Official Allstar
Distribution Released
(DIAL)<br clear="none">
</font> </div>
<div
class="yiv4753716635y_msg_container"
id="yiv4753716635yui_3_16_0_1_1443990021550_80489"><br clear="none">
<div id="yiv4753716635">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_80490">Yep
- disallowing
keyboard-interactive
and accepting only
certificates. I turn
off PermitRootLogin
and only allow
certificates. Barring
some kind of exploit
in sshd, that ought to
be secure enough.<br
clear="none">
<br clear="none">
<span>Steven Donegan
wrote:</span><br
clear="none">
<blockquote
type="cite">
<div
class="yiv4753716635qtdSeparateBR"><br
clear="none">
<br clear="none">
</div>
<div
class="yiv4753716635yqt4126216668"
id="yiv4753716635yqt02654">
<div
style="color:#000;background-color:#fff;font-family:HelveticaNeue-Light,
Helvetica Neue
Light, Helvetica
Neue, Helvetica,
Arial, Lucida
Grande,
sans-serif;font-size:16px;">Using
certificates for
ssh is yet
another method
:-) <br
clear="none">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_67368"><span></span></div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_67369"> </div>
<div
class="yiv4753716635signature"
id="yiv4753716635yui_3_16_0_1_1443990021550_67423">Steven Donegan<br
clear="none">
KK6IVC General
Class FCC
License<br
clear="none">
Silver State
Car #86<br
clear="none">
<a
class="moz-txt-link-abbreviated"
href="http://www.sscc.us"><a class="moz-txt-link-abbreviated" href="http://www.sscc.us">www.sscc.us</a></a></div>
<br clear="none">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_67426"
style="font-family:HelveticaNeue-Light,
Helvetica Neue
Light,
Helvetica
Neue,
Helvetica,
Arial, Lucida
Grande,
sans-serif;font-size:16px;">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_67425"
style="font-family:HelveticaNeue,
Helvetica
Neue,
Helvetica,
Arial, Lucida
Grande,
sans-serif;font-size:16px;">
<div dir="ltr"
id="yiv4753716635yui_3_16_0_1_1443990021550_67424">
<hr size="1">
<font
face="Arial"
size="2"> <b><span
style="font-weight:bold;">From:</span></b> Bryan D. Boyle <a
class="moz-txt-link-rfc2396E"
href="mailto:bdboyle@bdboyle.com"><a class="moz-txt-link-rfc2396E" href="mailto:bdboyle@bdboyle.com"><bdboyle@bdboyle.com></a></a><br
clear="none">
<b><span
style="font-weight:bold;">To:</span></b>
Steven Donegan
<a
class="moz-txt-link-rfc2396E"
href="mailto:donegan@donegan.org"><a class="moz-txt-link-rfc2396E" href="mailto:donegan@donegan.org"><donegan@donegan.org></a></a> <br
clear="none">
<b><span
style="font-weight:bold;">Cc:</span></b>
Steve Zingman
<a
class="moz-txt-link-rfc2396E"
href="mailto:szingman@msgstor.com"><a class="moz-txt-link-rfc2396E" href="mailto:szingman@msgstor.com"><szingman@msgstor.com></a></a>; <a
class="moz-txt-link-rfc2396E" href="mailto:app_rpt-users@ohnosec.org"><a class="moz-txt-link-rfc2396E" href="mailto:app_rpt-users@ohnosec.org">"app_rpt-users@ohnosec.org"</a></a>
<a
class="moz-txt-link-rfc2396E"
href="mailto:app_rpt-users@ohnosec.org"><a class="moz-txt-link-rfc2396E" href="mailto:app_rpt-users@ohnosec.org"><app_rpt-users@ohnosec.org></a></a>
<br
clear="none">
<b><span
style="font-weight:bold;">Sent:</span></b>
Monday,
October 5,
2015 2:49 PM<br
clear="none">
<b><span
style="font-weight:bold;">Subject:</span></b>
Re:
[App_rpt-users]
New Official
Allstar
Distribution
Released
(DIAL)<br
clear="none">
</font> </div>
<div
class="yiv4753716635y_msg_container"
id="yiv4753716635yui_3_16_0_1_1443990021550_67427"><br clear="none">
<div
id="yiv4753716635">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_67429">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_67428">Using
a jump box as
you describe
is one
way...not
allowing SSH
from the
outside adds a
layer; setting
up a secue VDI
capability to
the jumpbox
over a vpn is
yet a third
way...;). </div>
<div
id="yiv4753716635AppleMailSignature"><br
clear="none">
</div>
<div
id="yiv4753716635AppleMailSignature">my
rule: if it's
exposed to the
net, it's
potentially
vulnerable.
Just turn on
your SIP port
and pop some
popcorn to
see...;)<br
clear="none">
<br
clear="none">
--
<div>Bryan</div>
<div>Sent from
my iPhone 5.<span
style="font-size:13pt;">..No electrons were harmed in the sending of
this message.</span></div>
<div><br
clear="none">
<div><br
clear="none">
</div>
</div>
</div>
<div
class="yiv4753716635qtdSeparateBR"><br
clear="none">
<br
clear="none">
</div>
<div
class="yiv4753716635yqt0199404845"
id="yiv4753716635yqt51679">
<div><br
clear="none">
On Oct 5,
2015, at
17:39, Steven
Donegan <<a
class="moz-txt-link-abbreviated" href="mailto:donegan@donegan.org"><a class="moz-txt-link-abbreviated" href="mailto:donegan@donegan.org">donegan@donegan.org</a></a>>
wrote:<br
clear="none">
<br
clear="none">
</div>
<blockquote
type="cite">
<div>
<div
style="color:#000;background-color:#fff;font-family:HelveticaNeue-Light,
Helvetica Neue
Light,
Helvetica
Neue,
Helvetica,
Arial, Lucida
Grande,
sans-serif;font-size:16px;">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65382">Direct
root login
being
disallowed IF
there were no
other way to
get full root
privileges
(not the case
here) was
considered
best practice.
However in
almost every
case there is
a user (on
Raspbian user
pi) that can
simply login,
sudo -s and do
whatever they
want. Yes it
puts up a
small hurdle
but I don't
see it as a
serious one.</div>
<div><br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65659">In
short, there
is almost no
setup that
will allow you
to completely
lock out root
with the
exception of a
few well
designed
appliances.
And that means
someone is out
there doing
support to get
things
resolved. This
system is not
of that flavor
and root is
necessary for
many things so
frankly adding
a hurdle or
two really
doesn't
appreciably
make the
system more
secure.</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65660"><br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65661">Require
a long pass
phrase (say 20
mixed
characters or
so) and this
whole thing is
moot...</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65662"><br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65663">And
BTW - putting
sshd on port
222 (or
anything
except 22) is
security by
obscurity -
many tools can
find standard
protocols on
non-standard
ports :-) (I
know, I wrote
one)<br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65683"><br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65684">The
best bet is to
not allow ssh
at all. If
that is not
feasible then
do the su or
sudo thing
and/or set up
an
intermediate
system such
that you
access a
non-privileged
account on
system A, then
ssh to system
B and system B
will ONLY
accept ssh
from system A.
Still can be
beaten but it
is a bit
harder...</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65685"><br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65686">And
BTW - I have
done infosec
for about 20
years so I am
allowed to
have an
opinion on
this topic :-)<br
clear="none">
</div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65327"><span></span></div>
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65326"> </div>
<div
class="yiv4753716635signature"
id="yiv4753716635yui_3_16_0_1_1443990021550_65291">Steven Donegan<br
clear="none">
KK6IVC General
Class FCC
License<br
clear="none">
Silver State
Car #86<br
clear="none">
<a
class="moz-txt-link-abbreviated"
href="http://www.sscc.us"><a class="moz-txt-link-abbreviated" href="http://www.sscc.us">www.sscc.us</a></a></div>
<br
clear="none">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65306"
style="font-family:HelveticaNeue-Light,
Helvetica Neue
Light,
Helvetica
Neue,
Helvetica,
Arial, Lucida
Grande,
sans-serif;font-size:16px;">
<div
id="yiv4753716635yui_3_16_0_1_1443990021550_65305"
style="font-family:HelveticaNeue,
Helvetica
Neue,
Helvetica,
Arial, Lucida
Grande,
sans-serif;font-size:16px;">
<div dir="ltr"
id="yiv4753716635yui_3_16_0_1_1443990021550_65304">
<hr size="1">
<font
face="Arial"
size="2"> <b><span
style="font-weight:bold;">From:</span></b> Steve Zingman <<a
class="moz-txt-link-abbreviated"
href="mailto:szingman@msgstor.com"><a class="moz-txt-link-abbreviated" href="mailto:szingman@msgstor.com">szingman@msgstor.com</a></a>><br
clear="none">
<b><span
style="font-weight:bold;">To:</span></b>
"<a
class="moz-txt-link-abbreviated"
href="mailto:app_rpt-users@ohnosec.org"><a class="moz-txt-link-abbreviated" href="mailto:app_rpt-users@ohnosec.org">app_rpt-users@ohnosec.org</a></a>"
<<a
class="moz-txt-link-abbreviated"
href="mailto:app_rpt-users@ohnosec.org"><a class="moz-txt-link-abbreviated" href="mailto:app_rpt-users@ohnosec.org">app_rpt-users@ohnosec.org</a></a>>
<br
clear="none">
<b><span
style="font-weight:bold;">Sent:</span></b>
Monday,
October 5,
2015 2:24 PM<br
clear="none">
<b><span
style="font-weight:bold;">Subject:</span></b>
[App_rpt-users]
New Official
Allstar
Distribution
Released
(DIAL)<br
clear="none">
</font> </div>
<div
class="yiv4753716635y_msg_container"><br
clear="none">
<div
id="yiv4753716635">
<div> </div>
<div>
<pre style="white-space:pre-wrap;color:rgb(0, 0, 0);font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-indent:0px;text-transform:none;widows:1;word-spacing:0px;">Dave,
Let's say I agree with you. And I well may.
On most internet exposed machines, I don't even allow ssh unless I trust your address or require a VPN.
I agree is common practice to not allow it.
Now the question is why?
As John McLaughlin would say, DISCUSS!
On 10/05/2015 08:40 AM, Steve Zingman wrote:
><i> root login via SSH is now allowed
</i>
> This is a bad idea. Root should *never* be allowed to login to a system
> remotely. It's better to log in as a normal user and then become root
> via su, sudo, etc.
> - Dave
</pre>
<br
clear="none">
<pre class="yiv4753716635moz-signature">--
"Anything is possible if you don't know what you are talking about."
1st Law of Logic</pre>
<div
class="yiv4753716635qtdSeparateBR"><br
clear="none">
<br
clear="none">
</div>
<div
class="yiv4753716635yqt8052708876"
id="yiv4753716635yqtfd88066"> </div>
</div>
</div>
<br
clear="none">
<div
class="yiv4753716635yqt8052708876"
id="yiv4753716635yqtfd80175">_______________________________________________<br
clear="none">
App_rpt-users
mailing list<br
clear="none">
<a
class="moz-txt-link-abbreviated"
href="mailto:App_rpt-users@ohnosec.org"><a class="moz-txt-link-abbreviated" href="mailto:App_rpt-users@ohnosec.org">App_rpt-users@ohnosec.org</a></a><br
clear="none">
<a
class="moz-txt-link-freetext"
href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users"><a class="moz-txt-link-freetext" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a></a><br
clear="none">
<br
clear="none">
To unsubscribe
from this list
please visit <a
class="moz-txt-link-freetext"
href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users"><a class="moz-txt-link-freetext" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a></a>
and scroll
down to the
bottom of the
page. Enter
your email
address and
press the
"Unsubscribe
or edit
options
button"<br
clear="none">
You do not
need a
password to
unsubscribe,
you can do it
via email
confirmation.
If you have
trouble
unsubscribing,
please send a
message to the
list detailing
the problem. </div>
<br
clear="none">
<br
clear="none">
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<blockquote
type="cite">
<div><span>_______________________________________________</span><br
clear="none">
<span>App_rpt-users
mailing list</span><br
clear="none">
<span><a
class="moz-txt-link-abbreviated"
href="mailto:App_rpt-users@ohnosec.org"><a class="moz-txt-link-abbreviated" href="mailto:App_rpt-users@ohnosec.org">App_rpt-users@ohnosec.org</a></a></span><br
clear="none">
<span><a
class="moz-txt-link-freetext"
href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users"><a class="moz-txt-link-freetext" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a></a></span><br
clear="none">
<span></span><br
clear="none">
<span>To
unsubscribe
from this list
please visit <a
class="moz-txt-link-freetext"
href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users"><a class="moz-txt-link-freetext" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a></a>
and scroll
down to the
bottom of the
page. Enter
your email
address and
press the
"Unsubscribe
or edit
options
button"</span><br
clear="none">
<span>You do
not need a
password to
unsubscribe,
you can do it
via email
confirmation.
If you have
trouble
unsubscribing,
please send a
message to the
list detailing
the problem. </span></div>
</blockquote>
</div>
</div>
<br
clear="none">
<br
clear="none">
</div>
</div>
</div>
</div>
</div>
<pre>_______________________________________________
App_rpt-users mailing list
<a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv4753716635moz-txt-link-abbreviated" ymailto="mailto:App_rpt-users@ohnosec.org" target="_blank" href="mailto:App_rpt-users@ohnosec.org">App_rpt-users@ohnosec.org</a>
<a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv4753716635moz-txt-link-freetext" target="_blank" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a>
To unsubscribe from this list please visit <a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv4753716635moz-txt-link-freetext" target="_blank" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a> and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. </pre>
</blockquote>
<br clear="none">
</div>
</div>
<br clear="none">
<br clear="none">
</div>
</div>
</div>
</div>
<br clear="none">
<fieldset
class="yiv4753716635mimeAttachmentHeader"></fieldset>
<br clear="none">
<pre>_______________________________________________
App_rpt-users mailing list
<a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv4753716635moz-txt-link-abbreviated" ymailto="mailto:App_rpt-users@ohnosec.org" target="_blank" href="mailto:App_rpt-users@ohnosec.org">App_rpt-users@ohnosec.org</a>
<a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv4753716635moz-txt-link-freetext" target="_blank" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a>
To unsubscribe from this list please visit <a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv4753716635moz-txt-link-freetext" target="_blank" href="http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users">http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users</a> and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. </pre>
</blockquote>
</div>
<br clear="none">
<pre class="yiv4753716635moz-signature">--
"Anything is possible if you don't know what you are talking about."
1st Law of Logic</pre>
</div>
</div>
<br clear="none">
<br clear="none">
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br clear="none">
<pre class="yiv4753716635moz-signature">--
"Anything is possible if you don't know what you are talking about."
1st Law of Logic</pre>
</div>
</div>
<br>
<br>
</div>
</div>
</div>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
"Anything is possible if you don't know what you are talking about."
1st Law of Logic</pre>
</body>
</html>