William wrote: but in our ISP office I setup new win2000 servers and first thing I do is download all the patches. I've yet to see the server get infected in the 20-30 minutes it takes to finish it
It can happen in 5 or 10 minutes (I've seen it) but only if all of the following conditions are met simultaneously: a) administrator's password blank (or something _really_ easy to guess) b) public IP (no NAT) c) no firewall In other words: if one is stupid, one gets worm'ed or bot'ed.
(Note: I also disable IIS just in case until everything is patched..).
Not a bad idea, but sometimes you don't have the choice of doing it (with scripted installs or things like SBS). Besides, IIS is not the main source of trouble on a machine that sits on the Internet unprotected. I consider disabling IIS a second or third line of defense, to be used after you implemented the steps not to get screwed in the first place (which you described).
Similarly when settting up computers for several of my relatives (all have dsl) I've yet to see any infection before all updates are installed.
Me too.
Additional to that many users have dsl router or similar device and many such beasts will provide NATed ip block and act like a firewall not allowing outside servers to actually connect to your home computer.
Indeed. I have a $10 one that I use for installations (even when I install from a "trusted" environment), because the danger does not come only from the Internet, it can also come from your own LAN. By putting the machine being installed alone on its own segment behind a NAT box, you also shield yourself from crud that could be on the trusted network.
On this point it would be really interested to see what percentage of users actually have these routers and if decreasing speed of infections by new virus (is there real numbers to show it decreased?) have anything to do with this rather then people being more carefull and using antivirus.
Difficult to measure, and here's why: recent worms are polymorphic and propagate/replicate using many different mechanisms. How do you make the difference between a) a worm that arrived trough email and then contaminated x machines on your LAN and b) a worm that arrived through a vulnerability of IIS and then contaminated x machines on your LAN? The trouble here is that if you had all the time in the world _and_ if you did not have x users screaming, you could look at logs and such and finally figure out which of the egg or the chicken was first. In a real world, you clean the mess and when you are done you have to catch up with all the stuff you did not do while cleaning, and you never know. Michel.
MP> Date: Mon, 3 May 2004 20:53:50 -0700 MP> From: Michel Py MP> > but in our ISP office I setup new win2000 servers and first MP> > thing I do is download all the patches. I've yet to see the MP> > server get infected in the 20-30 minutes it takes to finish MP> MP> It can happen in 5 or 10 minutes (I've seen it) but only if MP> all of the following conditions are met simultaneously: I've not confirmed, but a client told us that some MS patches are carried by Akamai. Eddy -- EverQuick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net Sending mail to spambait addresses is a great way to get blocked.
Until recently, I believe that Microsoft's download servers were managed by Akamai. -- William S. Duncanson caesar@starkreality.com
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Edward B. Dreger Sent: Tuesday, May 04, 2004 2:23 To: Michel Py Cc: william(at)elan.net; Rob Thomas; NANOG Subject: RE: Worms versus Bots
MP> Date: Mon, 3 May 2004 20:53:50 -0700 MP> From: Michel Py
MP> > but in our ISP office I setup new win2000 servers and first MP> > thing I do is download all the patches. I've yet to see the MP> > server get infected in the 20-30 minutes it takes to finish MP> MP> It can happen in 5 or 10 minutes (I've seen it) but only if MP> all of the following conditions are met simultaneously:
I've not confirmed, but a client told us that some MS patches are carried by Akamai.
Eddy -- EverQuick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net Sending mail to spambait addresses is a great way to get blocked.
On Mon, 03 May 2004 20:53:50 PDT, Michel Py said:
In other words: if one is stupid, one gets worm'ed or bot'ed.
However, up to 90% of the users *are* stupid: http://www.silicon.com/software/security/0,39024655,39118228,00.htm Any network security scheme that fails to either (a) lower the stupidity rate or (b) deliver a system that will protect that 90% from themselves is doomed. We may be looking at a move back towards the WebTV appliance model (which would thrill the media conglomerates to no end).
In other words: if one is stupid, one gets worm'ed or bot'ed.
However, up to 90% of the users *are* stupid:
http://www.silicon.com/software/security/0,39024655,39118228,00.htm
Any network security scheme that fails to either (a) lower the stupidity rate or (b) deliver a system that will protect that 90% from themselves is doomed.
"There's only so much stupidity you can compensate for; there comes a point where you compensate for so much stupidity that it starts to cause problems for the people who actually think in a normal way." --Bill Dickson, digital.forest tech support Which leads to the logical conclusion:
We may be looking at a move back towards the WebTV appliance model (which would thrill the media conglomerates to no end).
=) Seriosuly though, the Internet might be a better place for it. After all, 90% of those "stupid" people just want email and HTTP. --chuck
chuck goolsbee wrote:
However, up to 90% of the users *are* stupid:
Seriosuly though, the Internet might be a better place for it. After all, 90% of those "stupid" people just want email and HTTP.
Do we have a pointer to a rigorous study that indicates either assertion? Or is it possible there are other explanations? What will be do when they figure out that paying us to let them hurt themselves is a sub-optimal use of their money? -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
In message <409808D0.5020408@cox.net>, "Laurence F. Sheldon, Jr." writes:
chuck goolsbee wrote:
However, up to 90% of the users *are* stupid:
Seriosuly though, the Internet might be a better place for it. After all, 90% of those "stupid" people just want email and HTTP.
Do we have a pointer to a rigorous study that indicates either assertion?
Or is it possible there are other explanations?
Don Norman has argued quite eloquently that it's a technology and human factors failure -- see, for example, http://www.interesting-people.org/archives/interesting-people/200312/msg0010... (reprinted from RISKS Digest). Now, I'm not saying that it's easy to get things like this right, and I've argued loudly against the notion that auto-patching is a sane approach. But if we deny that there's a problem except for "stupid people", we're not likely to find a solution. --Steve Bellovin, http://www.research.att.com/~smb
Steven M. Bellovin wrote:
However, up to 90% of the users *are* stupid:
Or is it possible there are other explanations?
Don Norman has argued quite eloquently that it's a technology and human factors failure -- see, for example, http://www.interesting-people.org/archives/interesting-people/200312/msg0010... (reprinted from RISKS Digest).
Now, I'm not saying that it's easy to get things like this right, and I've argued loudly against the notion that auto-patching is a sane approach. But if we deny that there's a problem except for "stupid people", we're not likely to find a solution.
That last sentence is the point I was trying to get to. After all, nearly half the people here are below the average for intelligence. -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
At 4:19 PM -0500 5/4/04, Laurence F. Sheldon, Jr. wrote:
chuck goolsbee wrote:
However, up to 90% of the users *are* stupid:
I didn't say that, I only quoted (Valdis Kletnieks) it... to which I replied that compensating for stupidity is a zero-sum game.
Seriosuly though, the Internet might be a better place for it. After all, 90% of those "stupid" people just want email and HTTP.
Do we have a pointer to a rigorous study that indicates either assertion?
First of all, I was disagreeing with Valdis' assessment of "stupidity"... a more accurate term would be "non-technical." I have no rigorous study to point to sorry. But I will say virtually all the "home users" I have encountered are running Windows for the purpose of getting email and using "the Web". That machine is usually in some unprotected, or already compromised state. I make similar/same suggestions to them that have already been stated here: Nuke/pave, enable what security features are available in the OS, get a firewall, NAT, etc etc. The prescription seems to be viewed to be as difficult as the disease it cures. Zero-sum. So maybe they WOULD be better with a "WebTV" model. Or a Macintosh.
Or is it possible there are other explanations?
Perhaps. I'm just reporting what I am seeing.
What will be do when they figure out that paying us to let them hurt themselves is a sub-optimal use of their money?
How is WebTV doing these days? Since it is now Microsoft can their boxen get rooted/zombied/botted now too? I'll admit I never paid too much attention to WebTV. Perhaps there is a market for "safe Internet access"... I don't know. But I suspect the barrier to entry is either making it work with the dominant platform, or asking the market take the leap to another platform. Both are unlikely. What I do know is that the dominant platform is inherently insecure, and many of its users, those "non-technical" folks I referred to... they seem to be mostly unaware of the danger they pose to themselves and everyone else on the Network. --chuck
On Tue, 4 May 2004, chuck goolsbee wrote:
So maybe they WOULD be better with a "WebTV" model.
Or a Macintosh.
or a cheap Lidel or WalMart PC with Fedora 1 on it. Epiphany, Evolution and OpenOffice would keep vast majority of the basic computer users happy. Distributions like Fedora[0] are pretty much invulnerable to mass, automated worm infections[1]. Automated worms would literally be a thing of the past if everyone switched to Fedora, RHEL or if the current dominant OS vendor adopted similar measures (apparently they will be). Judging by the amount of packets (couple per s) I get in to common vulnerability ports, there are a lot of worm infected machines out there: # iptables -L scans -v | awk 'BEGIN { printf ("\n%5s %6s %4s %20s\n", "pkts", "bytes", "prot", "dest port"); } NR > 2 && $1 ~ /^[0-9]/ { sub (/^dpt:/, "", $11); pkts += $1; bytes += $2; printf ("%5d %6d %4s %20s\n", $1, $2, $4, $11);} END { printf ("----- ------\n%5d %6d\n", pkts, bytes);}' pkts bytes prot dest port 1721 82856 tcp microsoft-ds 874 42008 tcp 135 455 21944 tcp netbios-ssn 322 15456 tcp 3127 36 1788 tcp ms-sql-s 661 31776 tcp 2745 309 14832 tcp 6129 82 3960 tcp swat 427 20556 tcp 1025 263 20514 udp netbios-ns 36 14544 udp ms-sql-m ----- ------ 5186 270234 that's maybe an hours worth or less of counting too. And what uses TCP ports 1327 and 2745? 0. http://people.redhat.com/drepper/nonselsec.pdf[2] 1. Though not to trojans which attack human vulnerabilities obviously, or non buffer overflow attacks, eg scripting language vulnerabilities, though these are rare. 2. Obviously, the 2 main mechanisms described in the paper originate elsewhere in concept, but Fedora is probably the first OS of sufficient use to a basic computer user to put it all together. regards, -- Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A warning: do not ever send email to spam@dishone.st Fortune: QOTD: Money isn't everything, but at least it keeps the kids in touch.
On May 5, 2004, at 5:13 AM, Paul Jakma wrote:
On Tue, 4 May 2004, chuck goolsbee wrote:
So maybe they WOULD be better with a "WebTV" model.
Or a Macintosh.
or a cheap Lidel or WalMart PC with Fedora 1 on it. Epiphany, Evolution and OpenOffice would keep vast majority of the basic computer users happy. Distributions like Fedora[0] are pretty much invulnerable to mass, automated worm infections[1].
Automated worms would literally be a thing of the past if everyone switched to Fedora, RHEL or if the current dominant OS vendor adopted similar measures (apparently they will be). Judging by the amount of packets (couple per s) I get in to common vulnerability ports, there are a lot of worm infected machines out there:
We have all been through this before. Linux out of the box is generally no more secure than Windows. Linux can also be misconfigured and hacked. The reason why you don't see as many linux virus/worms is because there aren't as many linux desktops. Once Linux becomes a real player in the residential desktop OS market you'll see more and more worms/viruses running around because of it. Now, I love Linux, I have 30 linux servers in production but it isn't the be all, end all to mass user security.
Matthew Crocker wrote:
We have all been through this before. Linux out of the box is generally no more secure than Windows.
I would disagree with that, but that gets into a religious argument. Really, however, the distribution involved with Linux is more critical than that it is Linux. Some distros are wide open, some are very secure out of the box. Again, however, this is getting into religious territory.
Linux can also be misconfigured and hacked. The reason why you don't see as many linux virus/worms is because there aren't as many linux desktops. Once Linux becomes a real player in the residential desktop OS market you'll see more and more worms/viruses running around because of it.
Except that logic doesn't work because Apache has a greater market-share than IIS, and yet we see many more IIS worms than Apache worms.
Now, I love Linux, I have 30 linux servers in production but it isn't the be all, end all to mass user security.
To misappropriate a phrase, "Its not magic pixie dust," I'll agree with you. -- Jeff McAdams "He who laughs last, thinks slowest." -- anonymous
--On Wednesday, May 05, 2004 6:04 AM -0400 Matthew Crocker <matthew@crocker.com> wrote:
We have all been through this before. Linux out of the box is generally no more secure than Windows. Linux can also be misconfigured and hacked. The reason why you don't see as many linux virus/worms is because there aren't as many linux desktops. Once Linux becomes a real player in the residential desktop OS market you'll see more and more worms/viruses running around because of it. Now, I love Linux, I have 30 linux servers in production but it isn't the be all, end all to mass user security.
In the past this may have been true, it's been my experience that most modern Linux distributions have adopted (more or less) the approach that OpenBSD has: Leave services turned off by default. In fact, a typical RedHat workstation installation goes a step further by not even installing a lot of services by default. Sure, Joe Sixpack can still install everything and uncomment everything from /etc/inetd.conf[1] and get himself pwned, but I don't think we have to worry much about your average computer user doing this. -J [1] Actually since RedHat uses xinetd, it involves a little more work to turn _everything_ on. -- Jeff Workman | jworkman@pimpworks.org | http://www.pimpworks.org
On Tue, 04 May 2004 16:58:40 PDT, chuck goolsbee <chucklist@forest.net> said:
At 4:19 PM -0500 5/4/04, Laurence F. Sheldon, Jr. wrote:
chuck goolsbee wrote:
However, up to 90% of the users *are* stupid:
I didn't say that, I only quoted (Valdis Kletnieks) it... to which I replied that compensating for stupidity is a zero-sum game.
On Mon, 03 May 2004 20:53:50 PDT, Michel Py said:
In other words: if one is stupid, one gets worm'ed or bot'ed.
My error - what I meant was "However, by that definition, 90% are stupid". In fact, I'm in agreement with Steve Bellovin - either the users need to master the technology (which isn't going to happen), or we need to fix the design and HCI factors so that what ships *is* something that's actually usable.
So maybe they WOULD be better with a "WebTV" model.
Have to admit, that model *does* solve the HCI issues..
Or a Macintosh.
Actually, there's multiple solutions - remember that monocultures are bad. :)
Perhaps there is a market for "safe Internet access"... I don't know. But I suspect the barrier to entry is either making it work with the dominant platform, or asking the market take the leap to another platform. Both are unlikely. What I do know is that the dominant platform is inherently insecure, and many of its users, those "non-technical" folks I referred to... they seem to be mostly unaware of the danger they pose to themselves and everyone else on the Network.
The trick here is realizing that compensating for stupidity doesn't have to be a zero-sum game. Today's window of opportunity: "Microsoft is expected to recommend that the "average" Longhorn PC feature a dual-core CPU running at 4 to 6GHz; a minimum of 2 gigs of RAM; up to a terabyte of storage; a 1 Gbit, built-in, Ethernet-wired port and an 802.11g wireless link; and a graphics processor that runs three times faster than those on the market today." http://www.microsoft-watch.com/article2/0,1995,1581842,00.asp So you have several years to convince people that there are cheaper/free solutions that are more secure *and* don't require a forklift upgrade....
"Microsoft is expected to recommend that the "average" Longhorn PC feature a dual-core CPU running at 4 to 6GHz; a minimum of 2 gigs of RAM; up to a terabyte of storage; a 1 Gbit, built-in, Ethernet-wired port and an 802.11g wireless link; and a graphics processor that runs three times fasterthan
those
on the market today."
How about a PC that has *NO* externally accessible network connectivity, not even wireless. But it does have an internal 100baseTx Ethernet port that uses a non-standard connector. And it also includes a router unit running off the same power supply as the PC but otherwise completely independent. This router is connected to the non-standard Ethernet interface of the PC and supplies 2 externally accessible Ethernet ports and an 802.11g wireless capability. The components for this stuff are small enough these days that you can easily fit an entire router into a PC's slimline case and the router can include a complete SI Firewall capability. The PC BIOS will allow the initial SI Firewall config to be done before booting the PC. And even if there is an SI Firewall on the broadband router serving the home, it's still worthwhile to protect Mom's PC from worm infestations brought into the home by junior's unsafe Internet practices. I know Microsoft would hate the idea of a Windows PC running Linux on an in-box firewall router but it seems like poetic justice in a way. --Michael Dillon
On Thu, 6 May 2004 Michael.Dillon@radianz.com wrote:
connectivity, not even wireless. But it does have an internal 100baseTx Ethernet port that uses a non-standard connector. And it also includes a router unit running off the same power supply as the PC but otherwise completely independent.
Urg, a horrible idea. Why not just make the software on the host secure? regards, -- Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A warning: do not ever send email to spam@dishone.st Fortune: H. L. Mencken suffers from the hallucination that he is H. L. Mencken -- there is no cure for a disease of that magnitude. -- Maxwell Bodenheim
On Thu, 6 May 2004 Michael.Dillon@radianz.com wrote:
connectivity, not even wireless. But it does have an internal 100baseTx Ethernet port that uses a non-standard connector. And it also includes a router unit running off the same power supply as the PC but otherwise completely independent.
Urg, a horrible idea. Why not just make the software on the host secure?
Because then you would have to limit the ability to modify the software to only those trusted not to affect network security. It's the same answer as the answer to "why not run everything as root"? DS
Michael.Dillon@radianz.com wrote:
you can easily fit an entire router into a PC's slimline case and the router can include a complete SI Firewall capability. The PC BIOS will allow the initial SI Firewall config to be done before booting the PC.
They got to it before you did; http://www.giwano.com/ Pete
I think running two separate computers is a wee bit of overkill... A better solution would be a NIC with a built-in SI firewall...manageable from a host app, but physically separate from the OS running on the PC. -C On Thu, May 06, 2004 at 09:49:37PM +0300, Petri Helenius wrote:
Michael.Dillon@radianz.com wrote:
you can easily fit an entire router into a PC's slimline case and the router can include a complete SI Firewall capability. The PC BIOS will allow the initial SI Firewall config to be done before booting the PC.
They got to it before you did; http://www.giwano.com/
Pete
On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
A better solution would be a NIC with a built-in SI firewall...manageable from a host app, but physically separate from the OS running on the PC.
Gaak. No. ;) What's the point of a firewall, if the first piece of malware that does manage to sneak in (via a file-sharing program, or a webpage that installs malware, or an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call to tell the firewall "Shield DOWN!"?
Simple solution...build the on-NIC firewall to not use uPnP, or at least require a password before changing rulesets. :) Seriously, this is such a stupidly simple solution that I'm amazed no one's attempted to make a product out of it yet. -C On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks@vt.edu wrote:
On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
A better solution would be a NIC with a built-in SI firewall...manageable from a host app, but physically separate from the OS running on the PC.
Gaak. No. ;)
What's the point of a firewall, if the first piece of malware that does manage to sneak in (via a file-sharing program, or a webpage that installs malware, or an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call to tell the firewall "Shield DOWN!"?
Uh... they have. It's called a Snapgear card :) -- Jonathan -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Chris Woodfield Sent: Tuesday, May 11, 2004 12:42 PM To: Valdis.Kletnieks@vt.edu Cc: Petri Helenius; Michael.Dillon@radianz.com; nanog@merit.edu Subject: Re: Worms versus Bots Simple solution...build the on-NIC firewall to not use uPnP, or at least require a password before changing rulesets. :) Seriously, this is such a stupidly simple solution that I'm amazed no one's attempted to make a product out of it yet. -C On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks@vt.edu wrote:
On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
A better solution would be a NIC with a built-in SI firewall...manageable from a host app, but physically separate from the OS running on the PC.
Gaak. No. ;)
What's the point of a firewall, if the first piece of malware that does manage to sneak in (via a file-sharing program, or a webpage that installs malware, or an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call to tell the firewall "Shield DOWN!"?
I stand corrected, they're out there. I'm advised that 3com has a on-NIC firewall product as well. However, at $299 and $329 respectively, I don't anticipate wide adoption in the consumer market... -C On Tue, May 11, 2004 at 12:49:05PM -0400, Jonathan M. Slivko wrote:
Uh... they have. It's called a Snapgear card :) -- Jonathan
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Chris Woodfield Sent: Tuesday, May 11, 2004 12:42 PM To: Valdis.Kletnieks@vt.edu Cc: Petri Helenius; Michael.Dillon@radianz.com; nanog@merit.edu Subject: Re: Worms versus Bots
Simple solution...build the on-NIC firewall to not use uPnP, or at least require a password before changing rulesets. :)
Seriously, this is such a stupidly simple solution that I'm amazed no one's attempted to make a product out of it yet.
-C
On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks@vt.edu wrote:
On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
A better solution would be a NIC with a built-in SI firewall...manageable from a host app, but physically separate from the OS running on the PC.
Gaak. No. ;)
What's the point of a firewall, if the first piece of malware that does manage to sneak in (via a file-sharing program, or a webpage that installs malware, or an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call to tell the firewall "Shield DOWN!"?
On Tue, 11 May 2004, Chris Woodfield wrote:
I stand corrected, they're out there. I'm advised that 3com has a on-NIC firewall product as well.
However, at $299 and $329 respectively, I don't anticipate wide adoption in the consumer market...
This is all silly.. there's no reason operating systems cant be (collectively) immune to automated worms. regards, -- Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A warning: do not ever send email to spam@dishone.st Fortune: Indomitable in retreat; invincible in advance; insufferable in victory. -- Winston Churchill, on General Montgomery
While following the thread, I did a bit of Googling, then browsing 3Com's site: http://www.3com.com/products/en_US/detail.jsp?tab=features&pathtype=purchase&sku=3CRFW200B On-NIC firewall w/remote management. On Tue, 11 May 2004, Chris Woodfield wrote: :>Simple solution...build the on-NIC firewall to not use uPnP, or at least require :>a password before changing rulesets. :) :> :>Seriously, this is such a stupidly simple solution that I'm amazed no one's attempted :>to make a product out of it yet. :> :>-C :> :>On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks@vt.edu wrote: :>> On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said: :>> :>> > A better solution would be a NIC with a built-in SI firewall...manageable from a host :>> > app, but physically separate from the OS running on the PC. :>> :>> Gaak. No. ;) :>> :>> What's the point of a firewall, if the first piece of malware that does manage :>> to sneak in (via a file-sharing program, or a webpage that installs malware, or :>> an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call to :>> tell the firewall "Shield DOWN!"? :>> :> :> :>
participants (17)
-
Chris Woodfield -
chuck goolsbee -
David Schwartz -
Edward B. Dreger -
Jeff McAdams -
Jeff Workman -
Jonathan M. Slivko -
Laurence F. Sheldon, Jr. -
Matthew Crocker -
Michael.Dillon@radianz.com -
Michel Py -
Paul Jakma -
Petri Helenius -
Rick Ernst -
Steven M. Bellovin -
Valdis.Kletnieks@vt.edu -
William S. Duncanson