Search Our Site

Our Newsletter

Our Ramblings

Home Network Security

1448644898859For those of us who grew up in the 80’s, we can probably think back to a time when hackers were looked upon as being pretty cool robin hood style outriders who dared to stand up against oppressors. The movie Wargames demonstrated that fascination about the possibilities of connectivity. Drinking terminals, discarded fast food boxes and unfinished cans of flat cola. The reality nowadays is considerably murkier. Hardly a week goes by without a story breaking about the nefarious activities of the hacking ‘community’ which is nowadays better described as organised criminals. As we’ve seen in the past it’s not just security agencies, nuclear launch facilities, or evil dictators that get stiffed by hackers, it’s more often normal folk like us.

In recent years hacking has continued to hit the headlines almost every week. The most well known has to be the UK phone hacking scandal. Ironically, that wasn’t even a true example of hacking as the clueless victims of the “hack” had merely neglected to change the pin on their voicemail from its default setting. It all goes to show that the weakest link in the security chain is usually human stupidity. I suppose calling it “hacking” deflected the glare of publicity away from their own stupidity but thats another discussion for another day. The ones that hit the headlines are usually interesting in some way, but they pale into insignificance when compared to the millions of attempts that occur every day to the rest of us. Cybercrime is big business. We hear it so often that the words threaten to lose their impact.

According to the Trustwave 2016 Global Security Report, there was a recorded 26.6 million victims of hacking and identity theft in a 12 month period during 2015. A number which roughly equates to one person being hacked every second. In 2015, 96% of all hacking attacks were credit card, or payment data theft used in fraudulent online or at the till transactions. Over £24 billion was estimated to be have been lost to identity theft from hackers, with a potential loss averaging £5,061 per household globally.

The checklist of items the hacker tends to go for are usernames, passwords, PINs, National Insurance numbers, phone and utility account numbers, bank and credit card details, employee numbers, driving licence and passport numbers, insurance documentation and account numbers, and any other financial background account details.

How they get this data ranges from acquiring remote access to your computer, SQL injections to a popular website, spoofing a banking or other financial website, remote code execution, exploits in website trust certificates, physical theft, and through social media.

On the subject of social media there are some interesting and worrying facts. According to sources, 18% of people under the age of 19 were the victims of a phishing scam, and 74% were victims when they followed links posted by they know that they believed were legitimate. Furthermore, 74% of all social media users share their birthday information publicly. 69% shared the schools and universities they attended. An amazing 22% of users publicly share their phone numbers, and unsurprisingly, 15% share the names of their furry little friends.

If these numbers aren’t scary enough, there’s the fact that 15% of all Wi-Fi users worldwide are still using WEP encryption for their home WIFI and, 91% of all public Wi-Fi hotspots are unsecured, unmonitored, and available 24x7x365.

And finally, it’s estimated that 11% of all spam contains some kind of code designed to hijack your computer if opened. A further 8% of all spam contains links to websites that have been designed to grab information or download some trojan to gain access behind your firewall.

WHAT CAN WE DO?

We’ve put together a number of measures to help you prevent hackers invading your private domain, whether in the cloud or locally inside your trusted networks.

We don’t suggest you take thing to the extreme but there is a happy medium where you can do everything you reasonably can to protect yourself and educate yourself to spot the signs when they arise.

NETWORK PROTECTION

Starting with the home network there are a number of easy wins we can gain to stop the baddies from getting too close. Most of these steps are surprisingly simple.

CHANGE ROUTER ADMINISTRATOR CREDENTIALS

This is one of the most common points of entry for someone to gain access to your home network. The router you received from your ISP may well be up to date and offer the best possible forms of encryption, but they have a weakness. They usually come with a limited number of preconfigured SSIDs and WIFI keys which can be found on the back of the router on a sticker.

It doesn’t take too much gumption to do a google search and find out the SSIDs and WIFI keys used by the big ISP’s. It doesn’t help that your router is usually advertising itself as a BT, Sky or Virgin Media router and that just makes life easier for the baddies.

A reasonably savvy hacker can therefore gain access to your router, get connected, and even log in using the weak default logins. For this reason we recommend that our customers change the default router usernames and passwords to something more complex.

CHECK WIRELESS ENCRYPTION

Most routers come with a level of encryption already active, but there are some examples where the default state of encryption may be extremely weak, or worse still, completely open.

If you scan your WIFI using your phone and you see a padlock beside your network name then you at least know you have some encryption active. If you then look on your router and it tells you that the encryption method is WEP then you’ll need to fix that PDQ. WEP is the older standard of wireless encryption and can be cracked in less than fifteen minutes by using a variety of tools, all of which are freely available on the net. Unfortunately, WPA isn’t great either, but the its generally strong enough to hold back low level hackers.

USE MAC ADDRESS FILTERING

Every network interface has a unique identifier known as a MAC (Media Access Code) address, regardless of whether it’s a computer, tablet, phone, or sky box.

The idea behind MAC address filtering is simple enough. You obtain the MAC addresses of your devices at home and enter them into the router so that only those you know about are able to connect. Obviously, if you have loads of network connected devices this could take a while. But it will improve your chancer against a drive by hacker in a car outside your home with their laptop balanced on their dashboard.

But hey, MAC addresses can be spoofed, so while the junior hacker will likely give up the more determined one will not. Think of MAC address filtering as putting a padlock on the garden gate; it may stop most casual nasties from entering your garden, but those who really want to get in there will just jump over.

DISABLE SSID BROADCAST

There are two schools of thought when it comes to hiding your network SSID. The first recommends hiding your router’s SSID from the public view, with the idea that invisibility to those around you makes you somehow immune to their attempts. But a hidden SSID may seem like a far more juicy target to a determined hacker with an SSID radio grabber. Both sides of the argument have merit. Are you successfully hidden by being invisible, or is the best hiding place in plain sight? Probably invisible on balance.

USE STATIC IP ADDRESSES

By default your router will automatically assign an IP address to any device that connects to it, so the pair, and the rest of the network, can communicate successfully.

DHCP (Dynamic Host Configuration Protocol) is the name for this feature, and it makes perfect sense. After all, who wants to have to add new IP addresses to new devices every time they connect to your network?

On the other hand, anyone who gains access to your router will now have a valid IP address which allows it to communicate with your network. So to some degree it’s worth considering opting out of DHCP controlled IP addresses and instead configuring your devices and computers to use something like 10.10.0.0 as their range of IP addresses.

Like most good anti-hacking attempts though, this will only slow the intruder down.

ROUTER POSITION

This simple network protection act is one of the best, if done correctly.

Believe it or not, by moving your router to the centre of your house, or more to the rear (depending on where your closest neighbours or the road is), you are limiting the range of your wireless broadcast signal.

Most routers are located in the front room where the master phone socket usually is. This means the router can reach most corners of the house, and to some degree beyond the house. If someone was moving down the road, for example, sampling wireless networks then they would come across yours as they passed your house.

If the router is situated in a more central location, away from the front window, then the signal may be too weak to get a successful reading without having to stand on your porch.

SWITCH OFF THE ROUTER WHEN YOU’RE NOT USING IT

Most people will already do this anyway. Since no one is using the router, what’s the point of wasting electricity?

However, a lot of people simply have their router powered on all the time, regardless of whether they are in the house or not. Granted there are those who will be running a server, or downloading something while at work or asleep, but the vast majority just keep it on.

If you’re not using the internet or any other home network resource, it’s a good idea to power off the router. And if you’re away for an extended period, then do the same.

BEYOND THE HOME NETWORK.

cloud-computingHome network security is one thing, and frankly it’s not all that often you’ll get a team of hackers travelling down your street with the intent of gaining access to you and your neighbour’s home networks.

Where most of us fall foul in terms of hacking is when we’re online and surfing happily without a care in the world.

PASSWORDS

Passwords are the single weakest point of entry for the online hacker. Face it, how many of us use the same password for pretty much every website we visit? Some people even use the same password for access to a forum that they use for their online banking, pretty alarming we think you’ll agree.

Using the same password on every site you visit is like giving someone the skeleton key to your digital life. It’s a bloody pain having different passwords for every different site, but when you stop and think logically about it, doing so leaves you incredibly vulnerable to those who have ill intentions with regards to your identity and bank balance. For many a kind of compromise is usually sufficient. Many of the sites we use on the net that require us to use a password are pretty innocuous. Using the same password for this swathe is normally fine but make sure that you use strong passwords for those services that are really sensitive. More about that below.

Where passwords are concerned, using ‘12345’, ‘password’, or ‘qwerty’ isn’t going to stop someone from gaining access. And passwords such as ‘L3tmeIn’ aren’t much better either. Additionally, as we mentioned earlier, using the names of your pets may seem like a good idea, maybe even mixing their names with the date of your birth as well sounds like a solid plan, but if you then go and plaster Mr Tiggywinles, Rover, or Fido’s name all over public posts on Facebook along with pictures of you blowing out the candles on your birthday cake then you’ve just seriously lowered the strength of your passwords from staying secret.

Security questions and two-phase verification techniques are now being employed by a number of credible sites. What this means is that you basically enter more than one password to log into your account. Most online banking is done this way now, and sometimes includes a visual verification such as a pre-selected thumbnail image from a range that the user can click on to verify who they are.

If you have trouble coming up with passwords yourself, then there are a number of password managers available that can help you create highly secure combinations of letters, numbers, and special symbols unique for every website you visit. Even better they’ll even store them for you in the program itself in case you forget them. They are usually managed by one ultra secret master password. Be sure to keep that one complex and safe. Some examples are as follows.

LastPass – LastPass allows you to create a single username and password while securely entering the correct details.

Kaspersky Password Manager – A fully automated and powerful password manager that can store your username and password details, then enter them into the site for you while remaining encrypted throughout.

Either way, human beings are the weakest link in the secure password chain so any help you can get is to be welcomed.

DON’T TELL THE WORLD EVERYTHING

David Glasser, the MD at Twitter US, recently admitted, “I hate to say it, but in reality, people need to share a little bit less about themselves.”

While there’s nothing wrong with letting your nearest and dearest know what you’re up to on Facebook, you really must consider the fact that they probably aren’t the only ones reading. Facebook and Twitter often come under fire because of their attempts to make users newsfeeds public by default and where you have to jump through hoops to limit the views for your own timeline.

It’s worth taking the time to double-check the security settings on all your social media sites and check back often. Are the things you’re posting on your timeline or feeds viewable by friends only, or friends of friends? Has it mysteriously been reverted back to public viewing? Are you sure you want to display that picture of you sat at your desk with all that information on the screen behind you?

As we said before publicly announcing your private details, like when you’re on your hols and for how long, the names and birthdays of you, your nearest and dearest, children, pets and so on, isn’t particularly smart, but hey we’re all guilty of it.

CLOUD SECURITY

The newsworthy hacking events of Pippa Middleton and many others has rammed home to us the fact that cloud storage isn’t quite as secure as we’d like to think.

Every device, either Android, Microsoft, or Apple, is capable of backing up your photos to its own particular cloud storage solution – sometimes it’s even a default setting. Most of the time the cloud solutions used are so secure that anyone trying to hack into them will have a pretty rough time of it, and no doubt bring down the wrathful vengeance of Google or Apple upon themselves. How the celebrity photos and videos were obtained is something you’ll have to find out for yourselves, but if storing stuff on the cloud is alarming you there are a couple of choices.

The first is to encrypt everything locally on your computer before uploading it to the cloud. This will take time, we’ll grant you, but it means only you’ll be able to decrypt them. Secondly, you could always compress everything first, using Winzip/Winrar etc., then password the compressed file. Breaking a password compressed file takes far longer than it’s actually worth, providing you’re not a celebrity, so most hackers won’t bother.

Finally, there are cloud storage solutions that encrypt the data on the device before uploading it to the also fully encrypted servers e.g. SpiderOak and Tresorit.

CONCLUSION

The very fact that you’re online makes you a potential target. If you’re sitting back and saying “they’ll have no interest in me” you’re sadly mistaken. Lets face it, you’re easy to find, easy to hack, and probably won’t do much about it when you do get hacked. Its in your best interests to stay up to speed with the latest hacking techniques and how to defend yourself against them.

Are Home Firewalls Really That Important?

In the latter stages of the 2nd decade of the 21st century, our homes have not really changed that much from those of our parents. Aside from a new predominance of cheap throwaway furniture, todays house is largely similar to that of the 70’s. Similar, that is, until we change our point of view, examining not the visible spectrum but rather the electromagnetic spectrum. working-from-home_colorThe past 20 years have seen an explosion in our use of the airwaves and that change has not stopped at our front doors. Todays homes are filled with an argosy of gadgets, many of which independently communicate without any intervention from their human hosts. Indeed, whilst the home of the 70’s was equipped with two main communications channels, namely the desktop telephone and the front door, the contemporary home has been unrecognisably changed by the communications revolution. It is the network which has been the real change across the years, allowing us to reach out in countless different ways but also, quietly, allowing the world to reach in.

And reach in it does.

The latest Government Security Breaches Survey found that nearly three-quarters (74%) of small organisations reported a security breach in the last year; an increase on the 2013 and 2014 survey. SMEs are now being pinpointed by digital attackers. If SMEs are being targeted, rest assured that home networks are too.

So how do we protect our homes? Well, the picture isn’t as bleak as it may seem. Most ISP’s provide equipment which has a built in firewall. Firewalls form your home network’s primary defence against online security risks, and can therefore considerably boost your peace of mind concerning your network security. Without any human intervention, the stock firewall set at its default settings is pretty effective. It basically blocks everything from the outside unless it was requested by something on the inside. So far so good you may think, and you’d be right, however its that sticky part about human intervention that hides the real danger. People feel the need to change their firewall settings. Not only that, they download dodgy code, click dodgy links and generally just circumvent all that good security the firewall was designed to provide. Before long the network security is full of holes and the world starts reaching in.

Home networks are becoming ever more complex and the paucity of good quality consumer grade network equipment speaks volumes about our inevitable prioritisation of cost above just about anything. ocean-digital-home-upnp-dlna-font-b-network-b-font-font-b-device-b-font-newsIn their race to the bottom, home network equipment manufacturers need to keep their costs to the bare minimum. They do this by using free vulnerable operating systems which have no simple mechanism to ever be upgraded or more importantly fixed. Theres no getting around the fact that our homes are full of and will continue for quite some time to be full of network equipment that is of a shockingly low security standard.

This brings us nicely back to the question of the home firewall. Yes, generic router firewalls are great out of the box but they only look outwards and never inwards. It is becoming increasingly apparent that home networks which are basically the same as small business networks require better. Low cost solutions do exist and they are effective. For example for those with a spare PC hanging around, the option exists to install a free software firewall (e.g. Sophos XG Home Edition) but its far from an elegant solution to keep a dedicated PC powered up 24×7 and it is one which few consumers would countenance. Other dedicated hardware solutions exist of course but they can be expensive and are in all likelihood, business solutions. Sadly, for the consumer, the choice to manage a firewall in the home is still the preserve of the nerdy computer enthusiast who, ironically is probably less vulnerable than most.

legislationFor now the discussion remains unresolved. It is unlikely that the consumer will find it in their gift to look beyond cost to something that keeps their online lives secure enough and it will likely therefore fall to some broader agency to act. Whether that agency turns out to be the government, the banks who perhaps have most to lose, or some other combination of private sector collaborators remains to be seen. One thing however is certain. The problem is going to get worse before it gets better and it will probably take some form of paradigm shift in public perception for the motivation to be found.

Lets hope the cause of the paradigm shift isn’t too painful.

The Nessus Vulnerability Scanner

In computer security, Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. For example:

  • Vulnerabilities that allow a remote cracker to control or access sensitive data on a system.
  • Misconfiguration (e.g. open mail relay, missing patches, etc).
  • Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
  • Denials of service against the TCP/IP stack by using mangled packets
  • Preparation for PCI DSS audits

On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user.
According to surveys done by sectools.org, Nessus is the world’s most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable estimates that it is used by over 75,000 organizations worldwide.

In typical operation, Nessus begins by doing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction.

Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis. These checks are available for free to the general public; commercial customers are not allowed to use this Home Feed any more. The Professional Feed (which is not free) also give access to support and additional scripts (audit and compliance tests…).
Optionally, the results of the scan can be reported in various formats, such as plain text, XML, HTML and LaTeX. The results can also be saved in a knowledge base for debugging. On UNIX, scanning can be automated through the use of a command-line client. There exist many different commercial, free and open source tools for both UNIX and Windows to manage individual or distributed Nessus scanners.
If the user chooses to do so (by disabling the option ‘safe checks’), some of Nessus’s vulnerability tests may try to cause vulnerable services or operating systems to crash. This lets a user test the resistance of a device before putting it in production.
Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary and brute force methods. Nessus 3 and later can also audit systems to make sure they have been configured per a specific policy, such as the NSA’s guide for hardening Windows servers.

 

Q. What is included in the Nessus download?
A. When you download Nessus, you receive the Nessus 4.4 scanning engine (server) that includes a flash web-based client. To receive updates under either a ProfessionalFeed or HomeFeed, you will need to register your scanner.

Q. What OS platforms does Nessus have builds for?
A. Nessus 4.4 is available and supported for a variety of operating systems and platforms:
Debian 5 (i386 and x86-64)
Fedora Core 12, 13 and 14 (i386 and x86-64)
FreeBSD 8 (i386 and x86-64)
Mac OS X 10.4, 10.5 and 10.6 (i386, x86-64, ppc)
Red Hat ES 4 / CentOS 4 (i386)
Red Hat ES 5 / CentOS 5 / Oracle Linux 5 (i386 and x86-64)
Red Hat ES 6 / CentOS 6 (i386 and x86-64) [Server, Desktop, Workstation]
Solaris 10 (sparc)
SuSE 9.3 (i386)
SuSE 10.0 and 11 (i386 and x86-64)
Ubuntu 8.04, 9.10, 10.04 and 10.10 (i386 and x86-64)
Windows XP, Server 2003, Server 2008, Server 2008 R2, Vista and 7 (i386 and x86-64)

Q. What does Nessus 4.4 cost?
A. The Nessus 4.4 scanner is available as a free download.

Q. Where can I go for more information?
A. If you still have questions about Nessus 4.4, feel free to contact us, visit http://www.rustyice.co.uk/ or post to us via our contact link.

The Problem of Tailgating in Secured Buildings

One of the biggest weaknesses of automated access control systems is the fact that most systems cannot actually control how many people enter the building when an access card is presented. Most systems allow you to control which card works at which door, but once an employee opens the door, any number of people can follow behind the employee and enter into the building. Similarly, when an employee exits the building, it is very easy for a person to grab the door and enter the building as the employee is leaving.

This practice is known as “tailgating” or “piggybacking”. Tailgating can be done overtly, where the intruder makes his presence known to the employee. In many cases, the overt “tailgater” may even call out to the employee to hold the door open for him or her. In these cases, good etiquette usually wins out over good security practices, and the intruder is willingly let into the building by the employee.

Tailgating can also be done covertly, where the intruder waits near the outside of the door and quickly enters once the employee leaves the area. This technique is used most commonly during weekends and at nights, where the actions of the more overt tailgater would be suspicious.

Solutions To The “Tailgating” Problem

First, recognize that the tailgating problem is probably the biggest weakness in your security system. This is particularly true at doors that handle a high volume of employee and visitor traffic. Many security managers spent a lot of time worrying about unauthorized duplication of access cards and computer “hackers” getting into their security system over the network. It is far more likely that someone who wants access to your facility will simply “tailgate” into the building rather than using one of these more exotic methods to breach your security.

The practice of overt tailgating can be reduced somewhat through employee security awareness training. If employees are frequently reminded of the tailgating problem, they are less likely to let a person that they do not know into the building deliberately.

It is difficult to overcome the problem of covert tailgating through employee security awareness alone. While it would be possible to ask employees to wait at the door until it locks after they pass, it is probably not likely that this procedure would be followed except under the most extreme circumstances.

The problem of covert tailgating can usually only be reliably solved through the use of special “anti-tailgating” devices.

“Anti-Tailgating” Devices

To minimize the problem of tailgating, the security industry has created a number of “anti-tailgating” devices. These devices include mechanical and optical turnstiles, security revolving doors, security portals, and doorway anti-tailgating devices.

The essential function of each of these devices is that they permit only one person to enter or leave the building at a time. They either do this by providing a physical barrier that only allows one person to pass, or electronically by providing sensors that detect when a person attempts to tailgate in, or when more than one person tries to enter using the same card.

The following is a brief summary of each of the common types of anti-tailgating devices:

HALF-HEIGHT MECHANICAL TURNSTILE

  • Approximate cost: |£2,000 to £3,500 per opening.
  • PROS: Lowest cost anti-tailgating device, readily accepted by most users, relatively unobtrusive, well-proven and reliable.
  • CONS: Can easily be climbed over or under, requires separate door or gate for emergency exit and for handicapped users, easily defeated by knowledgeable intruder.
  • Comments: Good choice for visitor lobbies or employee entrances that are constantly attended by a security officer and where cost is a consideration.

FULL-HEIGHT MECHANICAL TURNSTILE

  • Approximate cost: £3,500 to £5,000 per opening.
  • PROS: Provides good security at a moderate cost. Well-proven and reliable.
  • CONS: Obtrusive in appearance, requires separate door or gate for emergency exit and for handicapped users, lacks sophisticated anti-piggybacking detection features.
  • Comments: Good choice for commercial and industrial facilities where security and cost considerations are more important than appearance.

OPTICAL TURNSTILE

  • Approximate cost: £11,000 to £15,000 per opening.
  • PROS: Aesthetically-pleasing appearance, accommodates handicapped users, does not require separate emergency exit, has sophisticated anti-piggybacking detection systems, provides good visual and audible cues to users.
  • CONS: Expensive, provides little or no physical barrier, must be used at an entrance manned by security guard, relatively high “false alarm” rate.
  • Comments: Good choice for use in manned building lobbies where aesthetics prevent the use of a half-height manual turnstile.

SECURITY REVOLVING DOOR

  • Approximate cost: £22,000 to £38,000 per opening.
  • PROS: Provides best protection against tailgating and piggybacking, fast, handles high volumes of traffic, unobtrusive in appearance, provides energy savings when used at exterior entrances.
  • CONS: Very expensive, requires separate door or gate for emergency exit and for handicapped users, door cannot be used for loading/unloading of large objects, relatively high maintenance costs.
  • Comments: Good choice for use at unattended building entrances where appearance is important.

SECURITY PORTAL

  • Approximate cost: £22,000 to £38,000 per opening.
  • PROS: Provides good protection against tailgating and piggybacking, unobtrusive in appearance, accommodates handicapped users, does not require separate emergency exit, allows load/unloading of large objects.
  • CONS: Very expensive, relatively slow, cannot support large volumes of traffic, high maintenance costs.
  • Comments: Good choice for use at unattended building entrances with relatively low traffic volumes and for entrances into high security internal areas, such as computer rooms.

DOORWAY ANTI-TAILGATING DEVICE

  • Approximate cost: £3,000 to £5,000 per opening.
  • PROS: Easy add-on to existing doors; provides good protection against tailgating and piggybacking, unobtrusive in appearance, accommodates handicapped users, does not require separate emergency exit, allows loading/unloading of large objects, relatively inexpensive.
  • CONS: Must be used at an entrance manned by security guard, does not provide good visual and audible cues to users.
  • Comments: Good choice for use at doorways with relatively low traffic volumes and where conditions do not permit the use of another type of device.

Other Anti-Tailgating Systems

There are several new anti-tailgating detection systems on the market. These include closed-circuit television camera systems equipped with video analytics software, and machine vision sensors that use infrared imaging technology. Both of these systems “look” at the entrance point and use computer software to detect tailgaters. Once a tailgater is detected, an audible alarm is activated to alert the security guard.

While this new technology looks promising in the long run, it is our opinion that these systems are still too new and unproven for use in most applications.

Have additional questions about the prevention of tailgating?  Please contact us.