HNS Newsletter Issue 90 - 03.12.2001 http://net-security.org http://security-db.com This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. Visit Help Net Security for the latest security news - http://www.net-security.org. Subscribe to this weekly digest on: http://www.net-security.org/text/newsletter Archive of the newsletter in TXT and PDF format is available here: http://www.net-security.org/news/archive/newsletter Table of contents: 1) General security news 2) Security issues 3) Security world 4) Featured products 5) Security software ================================================= FREE PKI Guide from Thawte ================================================= Need to manage security on multiple web servers? Find out how to implement affordable PKI! Click here to get a FREE Thawte PKI Guide and find the answers to all your PKI security issues. http://www.gothawte.com/rd128.html ================================================= General security news --------------------- ---------------------------------------------------------------------------- A 'PATCHWORK' APPROACH TO SECURITY Lee Schlesinger is telling us that there's a simple way to reduce a network's exposure to malicious attacks: installing security patches as they're released. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/anchordesk/stories/story/0,10738,2826693,00.html CYBERCRIME TREATY NOT 'BIG BROTHER' The Council of Europe assured that the new European treaty to combat cybercrime will give law enforcers international reach but will not be a "Big Brother" type agency. We'll see about that... Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2001/TECH/internet/11/25/crime.internet.reut/index.html SECURITY PROBLEMS WORSEN IN HONG KONG The HKCERT did a survey that shows an increase in virus attacks on Hong Kong companies. The cause of this is a general lack of understanding among firms with regards to data security. Link: http://www.cmpnetasia.com/ViewArt.cfm?Artid=13143&Catid=5&subcat=50 ORACLE NOT SO SECURE Oracle's decision to use the "unhackable" guarantee as its marketing mantra is quite surprising and it has made the company's software a chief target for the hacking community. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.silicon.com/p49418 AN AUDIT OF ACTIVE DIRECTORY SECURITY, PART FOUR This is the fourth in a five-part series on auditing Active Directory security. This installment looks at some potential security concerns related to the Configuration Naming Context in AD. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/infocus/1509 ONLINE ONLY: LOCKED DOWN OUT OF THE BOX The basics of security boil down to three areas: configuration issues, patch and version levels, and the number of network services, and which ones, are running. Most mainstream Linux distributions are finally beginning to address security issues up-front. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.nwc.com/1224/1224f4.html SECURITY EXPERTS: USERS ARE THE WEAKEST LINK Corporate network users are the No. 1 threat to sensitive business data because of weak user passwords, an inconsistent policy enforcement and the lack of user-access management. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/storyba/0,4125,NAV47_STO66047,00.html A BRIEF HISTORY OF THE WORM This article will take a brief look at the evolution of worms and other malware, in an attempt to better understand how we got to where we are today. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/infocus/1515 DMITRY SKLYAROV TRIAL DATE SCHEDULED A federal judge in California set a hearing for April 15 to schedule a trial date for Dmitry Sklyarov, charged with violating a new U.S. copyright law. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1005-200-7983072.html .NET CODE SCRUTINIZED Foundstone and Core Security Technologies conducted a review and they are pleased with what Microsoft has done. "The software gives developers and administrators a great deal of granular access control," said Joel Scambray, managing principal at Foundstone. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.eweek.com/article/0,3658,s%253D701%2526a%253D18967,00.asp RECORD-BREAKING YEAR FOR SECURITY INCIDENTS EXPECTED CERT estimates that the number of security incidents reported this year will surpass 40,000 which is more than twice the number of incidents reported last year. It's clear that similar incidents can evolve into serious threats. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/itresources/rcstory/0,4167,STO66054_KEY73,00.html 'BADTRANS' WORM PICKS UP SPEED The worm, called "Badtrans.b," is a variant of an earlier identified worm and sends itself out through Microsoft Outlook and Outlook Express. To make things worse, a spokesman for BTopenworld confirmed accidentally sending its customers emails carrying the worm. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2001/TECH/internet/11/26/badtrans.worm/index.html KERNELTRAP SPOKE WITH THEO DE RAADT KernelTrap spoke with OpenBSD creator and maintainer Theo de Raadt. Intwerview is pretty long and covers various topics regarding OpenBSD and security in general. Also - OpenBSD 3.0 will be officially released on December 1st, 2001. The collection of three CDs includes OpenBSD for i386, alpha, macppc, amiga, hp300, mvme68k, mac68k, vax, sparc and sparc64 architectures. Downloadable version is available on various FTP mirrors. Link: http://kerneltrap.com/article.php?sid=389 HOW INSTANT MESSAGING CAN JEOPARDISE NETWORK SECURITY The use of instant messaging within a company can slow network performance and expose systems. Jonathan Bennett explains how good policies and tools can reduce the risks. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/itweek/brief/2001/45/network AV VENDORS SPLIT OVER FBI TROJAN SNOOPS Antivirus vendors are thinking whether they should include in their software packages detection for a keystroke logging Trojan, called Magic Lantern, reportedly under development by the FBI. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/55/23057.html CISCO HACKERS SENTENCED FOR STOCK THEFT Two former Cisco Systems accountants were sentenced to 34 months in prison for breaking into company computers and helping themselves to nearly $8 million in Cisco stock. Link: http://www.newsbytes.com/news/01/172453.html PHIL ZIMMERMANN "Though the issues of cryptography and privacy are closely related, I hope that I'm not typecast as only a cryptographer," says Phil Zimmermann, the creator of PGP. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infosecuritymag.com/articles/november01/people_zimmermann.shtml NETWORK ASSOCIATES UNDER FIRE Did Network Associates agree to insert backdoors in its security products to assist the U.S. government or not? And if it didn't, will it? Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/conflict/0,2100,48648,00.html ID MOUSE HAS FINGER ON SECURITY CONCERNS The biometrics division of Siemens created ID Mouse Professional which allows users to identify themselves to their PCs and to Web-based environments and applications. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ecommercetimes.com/perl/story/14993.html EUROPE DEBATES DATA SECURITY POLICIES Telecommunication ministers of the European Union are heading for a confrontation with the European Parliament over a new data-protection law. Should law enforcement authorities have more access to phone and Internet traffic data? Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.pcworld.com/news/article/0,aid,73284,00.asp MICROSOFT TOUTS TIGHTER SECURITY OF WEB SERVICES The release of the security review extends a marketing and technology offensive by Microsoft as it struggles to reverse the perception that it has sacrificed security for convenience in developing its operating systems software. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2001/TECH/internet/11/27/microsoft.security.reut/index.html REMOVING W32/BADTRANS-B AND TROJ/PWS-AV Sophos published instructions that can be used to remove W32/Badtrans-B and Troj/PWS-AV from an infected computer. There are removal instructions for Windows NT/2000/XP and Windows 95/98/Me. Just to note - you don't have to double click on the attachment to get infected. If you are running a home computer with Windows 95/98/Me installed, try to search for files kernel32.exe and kdll.dll. If you have them, then you should really visit the link below. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.sophos.com/support/faqs/w32badtransb.html HOW TO CRASH A PHONE BY SMS Job de Haas has adapted a program called sms_client which sends an SMS, from an online computer, in which the User Data Header is broken. The flaw affects Nokia 6210, 3310 and 3330 phones but not a Siemens phone. Phones from other manufacturers are yet to be tested. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/55/23080.html DEFACERS TARGET CHURCH SITES A group called Hacking For Satan has vandalized various church web sites replacing their home pages with a message about Satanism. Link: http://www.newsbytes.com/news/01/172482.html NETWORK ASSOCIATES TO EXPAND CHANNEL FOCUS Network Associates is to increase its channel focus next year to capitalise on what the company says will be a bumper year for security products. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1127193 THE FUTURE OF WINDOWS SECURITY EXPLOITS During a presentation at the Black Hat conference, Halvar Flake ("Reverse Engineer" at Black Hat Consulting) showed how heap overflow attacks could be used to write more or less arbitrary data to more or less arbitrary locations. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/55/23075.html KEY STEPS TO BOLSTER SECURITY Timothy Dyck writes about how good security systems depend more on good processes and design than on specific technologies. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/itweek/brief/2001/45/management/ BUG INFORMATION RELEASED EARLY Red Hat accidentally pre-releases information about a serious security hole in a FTP program that comes with Linux and sends other vendors scrambling. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityfocus.com/news/293 NIPC ON WU-FTPD National Infrastructure Protection Center issued an advisory entitled "Significant Vulnerability Identified In Common Linux File Transport Protocol Program" that deals with the WU_FTPD problem. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.nipc.gov/warnings/advisories/2001/01-027.htm R.I.P. CYPHERPUNKS Once the online haunt of top cryptographers, the Cypherpunks list was characterized by its mix of revolutionary politics and advanced mathematics. John Gilmore wrote that the list had "degenerated a long time ago to the point where I have no idea why more than 500 people are still receiving it every day." Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/news/294 OSKAR ANDREASSON IP TABLES TUTORIAL Oskar Andreasson speaks about his comprehensive IP Tables tutorial and how this document can be used to build a robust firewall for your organization. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/feature_stories/feature_story-94.html FLUFFI BUNNI PLACES ADS AT SECURITYFOCUS "This definitely ranks as one of the more elegant attacks I've seen in a while. This wasn't the product of an impulsive act. It was carried out with patience, perseverance, and a healthy dose of panache," said Jay Dyson on Fluffi Bunni banner appearing on SecurityFocus.com. Link: http://www.newsbytes.com/news/01/172554.html SECURITY SERVICES CHECK FOR INTRUDERS Loudcloud and IBM have launched security services to help firms with vulnerability assessment and intrusion detection. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.zdnet.co.uk/story/0,,t269-s2100181,00.html ---------------------------------------------------------------------------- ======================================================== HNS Security Database ======================================================== HNS Security Database consists of a large database of security related companies, their products, professional services and solutions. HNS Security Database will provide a valuable asset to anyone interested in implementing security measures and systems to their companies' networks. Visit us at http://www.security-db.com ======================================================== Security issues --------------- All vulnerabilities are located at: http://net-security.org/text/bugs ---------------------------------------------------------------------------- VULNERABILITY ON A SITE RUNNING INFORMIX DATABASE I found a doubledot vulnerability on a site running Informix database. I can read of any file on the system by putting /../ into the url. But so far I have only found two sites with this problem. The site is running Netscape Enterprise/4.0 on Solaris according to Netcraft.com Link: http://www.net-security.org/text/bugs/1006788590,14847,.shtml XIRCOM REX6000 PDA PASSWORD RETRIEVAL The Xircom REX6000 PCMCIA PDA can be protected with up to a 10 digit PIN-code that needs to be entered via the touchscreen every time the PDA is powered on if using the highest security level. After entering a correct code every data stored on the PDA is available for access. Memos marked Private needs the same PIN code again to be entered everytime they are accessed. The manual states clearly that "PIN code is to protect the data". However the PIN Code protection structure built into the REX6000 PDA makes this secret PIN Code useless for protecting any type of data. Using the included REXTOOLS program the user can copy/paste/change the PDA information via a computer. Link: http://www.net-security.org/text/bugs/1006788698,3683,.shtml REDHAT STRONGHOLD SECURE SERVER FILE DISCLOSURE In Redhat Stronghold from versions 2.3 up to 3.0 a flaw exists that allows a remote attacker to disclose sensitive system files including the httpd.conf file, if a restricted access to the server status report is not enabled when using those features. This may assist an attacker in performing further attacks. Link: http://www.net-security.org/text/bugs/1006788792,13999,.shtml FILE EXTENSIONS SPOOFABLE IN MSIE DOWNLOAD DIALOG A flaw in Microsoft Internet Explorer allows a malicious website to spoof file extensions in the download dialog to make an executable program file look like a text, image, audio, or any other file. If the user chooses to open the file from its current location, the executable program will be run, circumventing Security Warning dialogs, and the attacker could gain control over the user's system. Link: http://www.net-security.org/text/bugs/1006789062,53933,.shtml NSI RWHOISD REMOTE FORMAT STRING VULNERABILITY Rwhoisd is a publicly available RWHOIS server daemon for Unix based systems developed and maintained by Network Solutions Inc. Rwhoisd contains another remotely exploitable format string vulnerability. It is possible to overwrite memory by syslog() if set use-syslog: YES. $ normal default is YES Attackers may be able to execute arbitrary code on affected hosts. Link: http://www.net-security.org/text/bugs/1006789213,69119,.shtml SAFEWORD AGENT FOR SSH VULNERABILITY This is Secure Computing's response to a security alert that was posted on securityfocus.com on Nov 23, 2001. The posting was related specifically to the SafeWord Agent for SSH (secure shell), and implied there was a security risk directly tied to SafeWord PremierAccess, which is false. Secure Computing has since removed the SafeWord Agent for SSH from the Secure Computing public web site and is longer available from any source. Link: http://www.net-security.org/text/bugs/1007069485,29428,.shtml WU-FTPD UPDATES CORE Security Technologies reported a vulnerability in the wu-ftpd ftp server that can be exploited remotely. The problem is in the internal glob function used by wu-ftpd which allows an attacker to corrupt memory space and execute arbitrary code remotely. There is no need for an user account on the ftp server, this problem can be abused by anonymous users as well. This vulnerability was first reported by Matt Power but was deemed not exploitable at that time. CONECTIVA LINUX - WU-FTPD UPDATE Link: http://www.net-security.org/text/bugs/1007070250,28558,.shtml IMMUNIX OS - WU-FTPD UPDATE Link: http://www.net-security.org/text/bugs/1007070377,64321,.shtml SUSE LINUX - WU-FTPD UPDATE Link: http://www.net-security.org/text/bugs/1007070598,4133,.shtml CALDERA OPENLINUX - WU-FTPD UPDATE Link: http://www.net-security.org/text/bugs/1007070732,66140,.shtml RED HAT LINUX - WU-FTPD UPDATE Link: http://www.net-security.org/text/bugs/1007070944,90844,.shtml UNICOS LOCAL ROOT COMPROMISE The Mickey Mouse Hacking Squadron has discovered a format bug vulnerability by which any unprivileged user on a system running NQS can gain root access. Link: http://www.net-security.org/text/bugs/1007071531,4531,.shtml ORACLE HOME ENVIRONMENT VARIABLE VALIDATION BUG The dbsnmp executable can be manipulated to run programs from the wrong directory. This is accomplished by modifying the ORACLE_HOME environmental variable to point to a location other than the actual location of Oracle. Because the dbsnmp process runs setuid, this allows an attacker to elevate his or her privilege to the level of the oracle operating system account. Link: http://www.net-security.org/text/bugs/1007174109,82584,.shtml CHOWN PATH ENVIRONMENT VARIABLE VULNERABILITY The vulnerability only affects Oracle 8.0.5 and 8.1.5. The dbsnmp file executes the CHOWN and CHGRP commands on several files. It references these files without fully-qualifying the path. This allows an attacker to set the PATH environment variable to run the CHOWN and CHGRP commands on the attacker's version of the files. This vulnerability can result in an attacker gaining root access if the dbsnmp is setuid root. Link: http://www.net-security.org/text/bugs/1007174174,55359,.shtml LOTUS DOMINO 5.08 HTTP SERVER DOS There exists a DOS in the current version of Lotus Domino 5.08 and earlier. The DOS manifests itself on Lotus Domino servers with the http task running and ssl enabled. Link: http://www.net-security.org/text/bugs/1007174296,73482,.shtml REDHAT 7.0 LOCAL ROOT VIA UUCP An earlier version(1) of makewhatis had a fault in the handling of compressed files that allowed execution of arbitrary commands as root. A patch for this problem was developed that seemed to be effective. However, the patch was not restrictive enough in the metacharacters it filtered out. It is still possible to perform file creation or overwriting with arbitrary contents, as root. Link: http://www.net-security.org/text/bugs/1007174467,95675,.shtml ---------------------------------------------------------------------------- ======================================================== Sponsored by GFI, the developers of a revolutionary new intrusion detection product - LANguard Security Event Log Monitor. Download your copy! http://www.net-security.org/cgi-bin/ads/ads.pl?banner=gfitxt ======================================================== Security world -------------- All press releases are located at: http://net-security.org/text/press ---------------------------------------------------------------------------- KASPERSKY LABS SECURES DEERFIELD.COM CUSTOMERS Kaspersky Labs, an international data-security software developer, announced the signing of a publishing agreement with Deerfield.com, a leading provider of Internet optimization and connectivity software, to deliver Deerfield.com customers a customized, co-branded anti-virus solution based on award-winning Kaspersky Anti-Virus technology. Press release: < http://www.net-security.org/text/press/1006789472,18203,.shtml > ---------------------------------------------------------------------------- INTELLITACTICS RELEASED NETWORK SECURITY MANAGER 3.3 According to John Sop, Chief Executive Officer of Intellitactics Inc., a leader in Enterprise Security Management (ESM), Intellitactics' Network Security Manager 3.3 is the solution for simplifying enterprise security management, clarifying complex security data, and providing an advanced level of security understanding. Press release: < http://www.net-security.org/text/press/1006887735,54926,.shtml > ---------------------------------------------------------------------------- IPSWITCH RELEASES IMAIL ANTI-VIRUS SOLUTION Ipswitch, Inc., a leading supplier of Internet productivity software, announced the release of IMail Anti-Virus, its new anti-virus e-mail product powered by Symantec, a world leader in Internet security. Fully integrated with IMail Server and Symantec's CarrierScan Server, IMail Anti-Virus provides administrators with a powerful all-in-one anti virus solution that is easy to install and use. Specifically configured to work with IMail Server, IMail Anti-Virus protects end-users' e-mail from dangerous viruses. Press release: < http://www.net-security.org/text/press/1006888088,5030,.shtml > ---------------------------------------------------------------------------- CYBERWALLPLUS 7.1 FOR WINDOWS XP RELEASED Network-1 Security Solutions, Inc., a technology leader in distributed intrusion prevention solutions for servers and workstations, announced the introduction of CyberwallPLUS 7.1, the latest version of its advanced Internet security solutions. In addition to providing official support to Windows XP and Windows 98, CyberwallPLUS 7.1 enhances an organization's control over its security policies, whether centralized, distributed, or present on standalone machines. Press release: < http://www.net-security.org/text/press/1006888166,59097,.shtml > ---------------------------------------------------------------------------- CODE 511 DEVELOPING SECURITY TOOLS FOR MACOS X Code511 is the first IT Security company leading the developement of security tools for MacOS X. The BSD core system of OS X gives to the macintosh community the opportunity to access a great number of security tools. This program was fully created by "Grungie" for Code511 under the GPL licence, that make this products 100% open source. The sources are available here: http://grungie.code511.com Press release: < http://www.net-security.org/text/press/1007340795,61454,.shtml > ---------------------------------------------------------------------------- ======================================================== Help Net Security T-Shirt available ======================================================== Thanks to our affiliate Jinx Hackwear we are offering you the opportunity to wear a nifty HNS shirt :) The image speaks for itself so follow the link and get yourself one. Get one here: http://207.21.213.175:8000/ss?click&jinx&3af04db0 ======================================================== Featured products ------------------- The HNS Security Database is located at: http://www.security-db.com Submissions for the database can be sent to: staff@net-security.org ---------------------------------------------------------------------------- CERTCO RMX CertCo RMX is the world´s first comprehensive risk management exchange, enabling customers of online business-to-business (B2B) exchanges to manage the risks associated with conducting high value transactions over open networks. Despite projected explosive growth - Jupiter Communications anticipates online trade will reach $6 trillion in 2005, and that online exchanges will account for $2.1 trillion of this amount - risk management and security issues remain significant barriers to B2B e-commerce. Read more: < http://www.security-db.com/product.php?id=378 > This is a product of Certco, for more information: < http://www.security-db.com/company.php?id=79 > ---------------------------------------------------------------------------- KIV-7 The new KIV–7HSB is specifically designed to operate in Time Division Multiple Access (TDMA) architectures to provide secure high bandwidth, wide area, networked data exchange via MILSTAR satellites over a broad range of data rates. It fully accommodates all complex handshaking and resynchronization durations encountered during normal TDMA system operations. Read more: < http://www.security-db.com/product.php?id=924 > This is a product of Rainbow Technologies, for more information: < http://www.security-db.com/company.php?id=103 > ---------------------------------------------------------------------------- QUICKSAFE 1200 The QuickSafe takes a fundamentally different approach to SSL acceleration; one that allows for unparalleled speed. The QuickSafe runs the lowest cost per transaction of any accelerator in the industry. At 1200 Key operations per second on its entry-level unit, it's also the fastest accelerator on the market. Instead of a traditional, front-end SSL accelerator, the QuickSafe is positioned behind web servers and facilitates a net gain in system capacity and throughput. The back-end configuration minimizes attack exposure by restricting web server access to the private keys used for decryption. The distributed design facilitates more efficient load balancing and increased scalability beyond any of its competitors. Apache servers will particularly benefit from the new levels of speed and security QuickSafe's custom plug-ins offer. Read more: < http://www.security-db.com/product.php?id=887 > This is a product of Cryptographic Appliances, for more information: < http://www.security-db.com/company.php?id=216 > ---------------------------------------------------------------------------- Security Software ------------------- All programs are located at: http://net-security.org/various/software ---------------------------------------------------------------------------- GNOME XSU Gnome Xsu is an interface for the command `su - username -c command` in Gnome. When the user executes xsu, he will be prompted for a command, a username and a password. If the username and password are correct xsu will execute the command as the entered user. So if the username was root, then the command will be executed as root. Gnome Xsu 0.2.0 uses the standard su binary to gain it's root access. This way, all security issues should be solved. Info/Download: < http://www.net-security.org/various/software/1007322857,58191,linux.shtml > ---------------------------------------------------------------------------- PDD 1.00 The first tool of its kind for forensic analysis of Palm OS platform devices. pdd (Palm dd) is a Windows-based tool for Palm OS memory imaging and forensic acquisition. The Palm OS Console Mode is used to acquire memory card information and to create a bit-for-bit image of the selected memory region. No data is modified on the target device and the data retrieval is not detectable by the user of the PDA. Info/Download: < http://www.net-security.org/various/software/1007323144,36163,windows.shtml > ---------------------------------------------------------------------------- ADVANCED PDF PASSWORD RECOVERY A program to decrypt protected Adobe Acrobat PDF files, which have owner password set, preventing the file from editing (changing), printing, selecting text and graphics (and copying them into the Clipboard), or adding/changing annotations and form fields (in any combination). Decryption is being done instantly. Decrypted file can be opened in any PDF viewer (e.g. Adobe Acrobat Reader) without any restrictions - i.e. with edit/copy/print/annotate functions enabled. Info/Download: < http://www.net-security.org/various/software/1007323611,36353,windows.shtml > ---------------------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org http://security-db.com