Welcome to another great
show right here on ITProTV. You're watching
the CompTIA IT Fundamentals show. I'm your host, Ronnie Wong, and today we're banging into a part
two on security best practices. We've just implemented the idea
of using antivirus software, but there are plenty of best practices for
us to take a look at. And here, of course, to help us on this
journey is gonna be Mr. Don Pezet himself. Don, welcome to the show. Hey, thanks for having me back, Ronnie. In the first episode, we did talk
about antivirus software, which for the most part is gonna be
a software we add to a computer. In this episode, I wanna take a look at
some features that are probably already on your computer that just
need to be enabled or configured properly in order to function. So we're gonna look at a range of things,
things like host-based firewalls and some other security features, and just kind of see how those should
be configured or maintained or at least to be aware of what's being done
on most machines that are out there. And I say most, cuz unfortunately,
not everybody follows the best practices. So if you find any one of those and
we talk about a technology in this episode that you're not using yourself,
you should probably look into it. Especially in a corporate space, you
should be using all of the tools that we talk about in the best practices series. All right, Don, as we get started here, we want to mention this idea of using
what we call a computer firewall. So what is a computer firewall and
why should we think about using it? All right, so
in the olden days, the network, the Internet was a very trustworthy thing,
right? We just trusted that the other machines
around the network are legitimate and that we could talk. And the main reason for that was that
computers were really expensive back then. And so, only people that made
a significant investment were able to communicate on it, and that resulted
in a fairly trustworthy network. It's not like that anymore, now it's
dirt cheap to get on the Internet, anybody can get on there, regular people,
criminals, doesn't matter. So the network is no longer trustworthy,
even your own network is not trustworthy anymore because unauthorized people
might be able to get onto your network. So now, we have a challenge, where our computer can't just
trust anybody that talks to it. It's almost like we're gonna teach our
computer the whole stranger danger thing, right, like we learned as a kid. If you run into a stranger on the street,
you don't talk to them, right? You only talk to people that you know. That's how your computer should be. Your computer shouldn't talk to
people that it doesn't know, unless we specifically
instruct it to do so. Maintaining computer security is
very much like raising a child. [LAUGH] It's very similar. A little less messy, I think. But basically, what a firewall does,
is it acts as a gate. It's a gate in between your computer and
the rest of the network. Now, most networks have a firewall
in between the network and the Internet, and so that protects you
from people out on the Internet, but it doesn't protect you from other
people on the same network. And a great example of that
would be like a hotel. If I go to a hotel, fire up my laptop,
hey look, they got free wireless. I jump on the wireless and
I'm out to the Internet, right? Everybody else in the hotel
is on the same wireless. Do I trust them, do I even know them? Can I even see them? They're probably in their own rooms, right? So that's a very untrustworthy network. We can't rely on a hardware
firewall to protect us, we'd have to carry it with us when
we travel, that's not gonna happen. So now, we have what are called
software firewalls, ones that are built right into your operating system, and
the odds are it's already turned on. In fact, most of them are very, very
simple and just have a very simple rule that says, your computer is allowed
to talk to whoever it wants, but nobody is allowed to talk to you
unless you ask them first, right? So it's like in terms of people,
if Ronnie were to try and talk to me, I would just block it. Nope, I don't wanna hear it,
talk to the hand. [LAUGH]
Personal firewall, right, talk to the hand. But if I ask him a question and
I say, Ronnie, how are you doing? Now, he can talk to me and I'll hear it,
right, because I engaged in that comment. If I fire-up a web browser and
I go to Facebook, Facebook should be allowed to talk to me. But if Facebook just randomly tries
to reach out to my machine, no way. We wanna stop that. That's how the most basic
firewalls function. And almost every operating
system out there has a firewall implemented that does exactly that,
if you're Windows, macOS, Linux, they all follow that same kind of routine. So let me show you an example here,
I'm on a Windows machine and this is a pretty,
fairly standard install of Windows. I've added Google Chrome to it and
I turned off the annoying wallpaper. But otherwise, it's Windows 10 and
Windows 10 has a built-in firewall. Now, if you didn't know that and you're a Windows 10 user,
that's how Microsoft intents it. They don't want you to be
bothered by this firewall. It's running in the background,
it's on by default. And you can see it,
if you bring up your Start Menu and just type firewall, you'll find
this Windows Defender Firewall. And when you take a look at that, it gives
you a simplified view of the firewall that really just gives you two things. Is the firewall on or is it off? If you see green lights here, it's on. I didn't turn it on,
it just happens to be on, right? It was on by default. If they're red, then they're turned off. And that's pretty much all that you see. And if you drill down into it,
you can see Windows Firewall state is on, it's blocking all connections to apps
that are not in the allowed list. And then, if it blocks something,
we do get a little notification, letting us know a block occurred. That's what it's doing, right? And it looks really simple. It's actually really complex,
it's just hiding all the complexity. If we go into the Advanced Settings button
over here, it launches a whole separate tool called the Windows Firewall Advanced-
Window Advanced Security. There we go. This one, where you can actually go in and
see all of the rules that it's using to figure out whether the traffic
should be allowed in or not allowed in. You'll see some things have
a green checkmarks, some don't. All of this stuff is being blocked
right there that doesn't have a checkmark at all. The outbound rules, on the other hand, are a little more simple cuz we usually
allow pretty much everything to go out. But these are all rules being maintained
by that firewall, dictating who's allowed to communicate and who isn't, and
when they're allowed to communicate. Maybe they're allowed to communicate
when they're at home but not when they're on some stranger network,
right? So it keeps track of all of that. These firewalls are really critical. The nice part is, we don't normally have
to do anything, they're just turned on, but they aren't always. And let me give you an example. I've got a Mac over here. So here's a Mac, joining macOS,
let's see, I think it's 10.13, let's see. This one is 10.13.4, macOS High Sierra. As of the filming of this episode, that is
the latest edition with all the updates. And if I go into my system preferences,
and I go into Security and Privacy, and Firewall,
Firewall's off, right? Apple does not turn their
firewall on by default. And that's because Apple doesn't
actually plan for businesses, they plan for home users. And for home users, they wanna
keep things as simple as possible. You're gonna be at home, you're gonna
trust the people around that network, you don't need a firewall for that. But the moment you start travelling,
that changes a good bit, right? All of a sudden, there's networks
that you don't trust anymore. And so now, you might want to enable that
and so you can come in and turn that on, and then you've got firewall options where
you can start defining all sorts of rules, just like we saw on Windows. It's got the capabilities to do it,
it's just not on by default. So the security best practice for this, is that every machine in your
network should have a software-based firewall on it that is properly configured
to protect the system on the network, that'll stop attackers from being able to
see what computers are on your network, and definitely stop them from
being able to get in and start to compromise those machines. So really, a critical process as far as
maintaining security on most computers. Now, Don, the idea of firewalls
are a great protection but that protects our individual machines, but we do tend to also use Devices
inside of our own networks as well. And I believe in a previous
networking episode that we did, we already talked about some of that. But can you remind us of some of the other
things that we might have to also think about? Yeah, yeah. I mean, in addition to computers,
what do you have on your network? Internet of Things, right? You might have web cameras,
you might have routers- Printers. Refrigerators, printers,
right, network printers. These kind of devices a lot of times
they don't have a firewall, or maybe they do but you don't see it. The main thing about them is that we
expect the manufacturer to configure them securely, that, that webcam that's plugged
into my network is configured securely. Maybe it is, maybe it isn't, right? But a main thing we need to worry about on
them is that they almost always ship out of the factory with a default
password assigned to them. Now, what do I mean by that, right? Well let's say, that I want to log
into some kind of a router, right? So I wanna go and log into a router,
here's a Linksys smart Wi-Fi router, a WRT1900AC, I think this is what this is. So it's a router on a network, right? Maybe I'm travelling and
I go to somebody's network and I see a Wi-Fi network
that's just called Linksys. That's usually a good indicator that
they've left everything at the defaults, but even if it's something different. I'm at a hotel and
I just happen to see in the background, this is the router they have, all right? I wanna get in and access this router,
but I need a password to do it, okay? Well, if I know what type of router it is, I can look up what the default
password for that is. It's just a Google search away. We can jump over to Google and we can
do a search for something like Linksys, we have to spell it right,
Linksys WRT1900AC password, right? We can just run a search like that and
it's gonna go into a search. And if you look at the recommendations
down here, you can see where plenty of other people are trying to search for
whatever these default passwords are. And when you do that search,
you'll find a number of results, but the very first result is coming right
from Linksys themselves, right? Right from the manufacturer. And if go and take a look at their site, it's gonna take me to their Q&A FAQ,
right? Their FAQ or frequently asked questions. And if I, I'm just gonna search in
here to save me some time, here we go. Frequently asked question number 14 is,
what are the default IP Address, username, and
password to the Linksys WRT1900AC? If I click on that, it takes me in here
where we can find some basic information on getting logged in and
getting this thing up and running, right? Now, I'll see it is,
I think you have to scroll down there [LAUGH]. Now it was question number 14, right? You think it would jump right to 14,
is that too much to ask? Here let me just search for the word
password again and try that again. It jumped you back up to the top list,
you probably have to scroll down [LAUGH]. Man, there it is. Okay [LAUGH]. If you can find it on the FAQ, the hardest part here is
navigation apparently. Question 14, what are the default
IP Address, username, and password? And the then it tells me the default
IP Address for this router is 192.168.1.1, and admin is the default for
both the username and the password. So if I find a Linksys
router that's out there, the odds are the username is admin and
the password is admin. Or in the case of this router,
it's not even asking for a username, it's just asking for a password, so
I can type in, admin and sign in. And when I do that, now I'm in and I'm able to start taking
advantage of that router. I can do things like redirect traffic, or spoof IP addresses or DNS to be
able to compromise people's data. I can take over this network,
and at the minimum, I can shut the network down, right? And cause a denial service. So I can do whatever I want
because I knew the password, because the password was freely
available out there on the internet. There's websites that are dedicated
to collecting default username and passwords for any device. I got it right from the manufacturer here,
I didn't have to go to some shady dark web, cyber sleuth website,
I just went to the manufacturer, pulled up the help documentation,
it's all right there. So on any equipment that we deploy, we need to make sure we
change the default password. If it's a router, a printer,
a switch, a web cam, a DVR, right? A Roku or something like that, those
little devices they all have interfaces that can be connected to via the network. And if they have a password that's known,
if they have a default password set, the attackers already know that. And at that point firewalls
don't really help you, antivirus doesn't really help you, they're
logging in with legitimate credentials. They're saying, hey, I'm an administrator,
and the system has to say, yeah, yeah you are, you know the password,
you're obviously an administrator. We need to make sure we change that,
and changing it's easy. Most systems will actually prompt you,
this one is not. But a lot of times they'll prompt you and
say, hey, you need to change your password,
you get a big warning, right? And so you go into wherever your
settings are to be able to come in, and this one's right here
under Router Password. We saw it earlier in an episode where
we configured a wireless router. But we can go in and
change that password, get it set, and now we've got a system where an attacker
might know what router we have, but they don't know the password to be able to
log in and take control of that device. So changing a default password
is pretty important in making sure that people just
can't get into the system. We don't wanna be an easy target,
we wanna be a little bit harder. Now Don when it comes down
to these types of things and changing those default passwords,
they sound good and okay. But what about passwords in general? Don, if I have to log in every time and type in a password,
it seems very inconvenient. What about the use of passwords today? All right, so here's where you get
a big divide between home users and business and enterprise, right? For a home user, a lot of times they
don't wanna mess around with passwords. So for example, on a Mac,
if I go into my user settings here, I can take my user account, and see how my
user account is flagged as an admin, and if I were to turn on this computer, I'd
have to provide my user name and password. Well actually here let me
unlock this screen real quick. And, once I'm in here, there we go,
I can come into Login Options. And under Login Options,
it's got Automatic login, right? Now I have a password on my account,
you saw, I just had to type it
to unlock this screen. Automatic login though, if I turn that on
for my account and I type in my password, what it's gonna do is, it's gonna
save that password on the hard drive. It's gonna save it, it's encrypted so
it's at least protected. But now, whenever I turn this computer on,
it's not gonna ask for a username and a password, it's just gonna
automatically log in as me. Now as a home user that's
pretty convenient. Hey, I push a power button on my computer,
it logs right in, I'm ready to go, nobody else is gonna mess with this,
right? It's just me. But then if I take my laptop and
I leave it at the airport, anybody could pick up the laptop,
turn it on and it automatically logs in, and
now they have access to all of my stuff. So with our accounts when we set these up,
if it's enterprise account, if it's a business,
if you travel with the device, you shouldn't have
automatically login turned on. It is basically giving somebody
the keys to your kingdom, it's letting them walk right in. It's like leaving the front door
to your house, not just unlocked, but wide open and
then somebody can just walk right in. So we need to make sure that we have
things like automatic login turned off, and that we actually have
a password on our account. Most systems, Mac OS, Windows, Linux, they
all require passwords these days, right? They didn't always,
used to be on Macs and on Windows, you could leave your password blank. On Linux,
you've always had to have a password. But on these you could leave it blank,
not anymore, right? Starting, probably about four years ago, they've all switched to where
they do require a password. But that automatic login,
that basically bypasses the password, even if you were to turn it on and
then lock the screen. All the attacker has to do is unplug
the computer and plug it back in. And then when it powers back on
it'll auto login and their in. So that's a big problem. We need to make sure those
passwords are set and that their set with strong passwords,
right. When you choose a password, if I go in and
I want to change my password. I need to pick a new password. And when I pick a new password, if I pick something super easy like one,
two, three, four. Well, anybody can guess that, right? A lot of us will just try that as a matter
of course just to see if we can get in. You need to pick a strong password. And what defines a strong password? Well, password length. The longer the password,
the stronger it is. Capital letters and lowercase letters,
those impact the strength of the password. Numbers, special characters,
like exclamation points and at symbols. Those improve the quality of the password. In fact, on a Mac, they don't have this
on Windows, but on a Mac, there's this Password Assistant and it helps you to
measure how strong your password is. And so, I could come through here and
I can tell it that I wanted to do 1234. And I get a nice rating right here that's
telling me the quality of that password is garbage. I should not be using that password,
right? But if I were to come in and
do something a little more random, right. See how the more I type
the stronger it gets? What if it was just a bunch
of lowercase letters? See how, it's not getting stronger
until I get a lot longer, it's not getting stronger very fast. And I'm already at a certain length
that's just too much for me to remember. If I start mixing in capital and
lowercase letters, well, it's still not that great, right? If I start throwing in some numbers
though, it jumped up really fast, also the password length jumped up there. But those numbers,
that made a big difference. And if I start throwing in numbers and special characters, now I end up
with something really good, right? And we can start to create some
really complex passwords, right? That's all about setting
a strong password, a password that will be hard to guess. And there's a number of different ways to
do it, it doesn't have to be too crazy. I usually use password phrases. So if I were to type something like,
I like CompTIA!, right? See how strong that password is? It's easy to remember though. It's got capital letters, lower case
letters, it's got an exclamation point and spaces and special characters. In fact, the only thing I'm
missing here is a number, right? So we could pick something
a little more fun. We don't wanna go easy to guess. If I did, Don Pezet 2018, well, that
might be easy to guess, but it is strong. Capital letters, lower case letters,
spaces, non-dictionary words, like my name. And the numbers like that,
that does get you a little bit stronger. So it's better though to try and
pick something that's a better mixture. And a lot of people will take words and
mix in letters like that. So I've got the word cloud but written with lower case C,
capital L, a zero instead of an O, that kind of thing, and it can start
to get stronger based on that. So come up with some solution
that works for you, but a strong password is important because. If somebody guesses your password
then they can get right in and your system is as good as
not having a password. >> All right Don, now that I've
got a strong password in mind. So I can go to Facebook and
I can use that strong password. Then I can check my Instagram and
use that same strong password, and be able to go and do my Amazon
shopping and use that same password. Sounds like a good solution to me, Don. It does, and so let's say that I'm the
attacker, and I steal your laptop, right? And I power it on and ask for a password. Like man, it's got a password. That stinks. I can't get in and steal all the stuff. Well, there actually is a way to do it. All I could do is I could say hey,
I don't care about this laptop. I know Ronnie did, but I don't. I'm gonna tear the laptop open. I'm gonna rip the hard drive out of it. And I guess that sounds
a little more violent. I'm gonna use a screw driver and
I'll unscrew it and take the hard drive out because once I get
his data, I can sell the parts on eBay and make some money, right? That's what an attacker will do. So I can take out the hard
drive of his computer and I can go to one of my computers, one of
my computers where I know the password. I can log in just fine on my computer. And I can add his hard drive as
a second drive to my computer. And once we do that, I can browse
his hard drive to my hearts content. I can go in there and
get at all his files and any other information that
he's got on that disk. I never had to use a password,
because I never logged into his computer. I had physical access to his hard drive. When you're working with data, data actually has two forms
in the security world. There's data at rest and data in motion. The data on your hard drive
is called data at rest. It's just sitting there. It's sitting there and if somebody can
physically get it, they can read it. Right, that's data at rest. Data and motion is if I go to a web
page and start typing an email or I'm uploading a file that
data is crossing the network. Somebody can intercept that there
they wouldn't modify the password or not they can intercept it on
the network while it's in the transit. And they can get the data there,
that's data in motion. We need to be protecting not just our
computer, passwords and firewalls and all that, but
we need to be protecting our data. And we can do that a few different ways
when it's in motion, or when it's at rest. But the best solution for
both is to use encryption to ensure that our data is encrypted
when it's stored on the drive. And that it's encrypted when
it's crossing the network. And that way if somebody does intercept it
either way, by ripping my hard drive out or by intercepting network communications,
they just see encrypted cipher text. They see junk. It doesn't mean anything to them. They can't do anything with it. And the data is safe. Now encryption can be intimidating. If this is the first time that you're
learning about encryption, a lot of people just know what they've seen in Mission
Impossible movies and things like that. And believe it or not, not everything that's done in
a Tom Cruise movie is exactly true. So what you'll find is that
encryption is actually easy and you're probably already doing it,
all right? Let me give you an example. Let me go over to my Windows machine,
and I'm gonna fire up. I wanna use a browser that I haven't used. I'll use Microsoft Edge. So I'm gonna fire up Microsoft Edge. And I'm gonna go to a website. I'm gonna go to www.cnn.com,
right, time to check the news. Now when I go to CNN's website,
I just typed in cnn, hit the button, went over and
now I'm on their website. Okay, a couple of things actually
happened in the background that I might not have noticed, right? One for example. Well, I did notice the giant
auto-play advertisement. That's nice. But the one thing that I did notice
was that the address changed. I typed www,cnn.com, right? And instead it changed it
to https://www.cnn.com. That HTTPS, that's hypertext transport
protocol secure or with SSL. It's using secure socket layers, and more accurately it's using transport layer
security or TLS, doesn't really matter. To encrypt the data that I sent to CNN and
the data they sent back to me. Most websites do that. They do that even if you tell it not to. If I just type http://itpro.tv and
I come to our website, right? I didn't type https, I'm just gonna saying give me a nonsecure
connection to that website, right? When I do that, look what it did? It change it to https. It said, no we're not doing non-encrypted, you're gonna get an encrypt to
connection whether you want it or not. And so it switched it over. Now, notice our little lock is
actually different than CNN's. CNN just had a regular lock. That's because they're using
weak encryption, right? It's not bad,
it's just it hasn't been fully validated, and I don't know why a company
their size would do that. Ours is what's called Extended Validation,
or EV, so we've gone through additional checks to make sure it's as secure as
possible, so we get a green lock on ours. The green lock is kind of the best case
scenario, that's what you want to see. If you go to, we'll say we go to Google. I go to google.com,
it switches me over to security, and there I'm seeing that kind
of weaker level, right? Now you might ask yourself,
why are they doing that weaker level? And the reason, is they're not really
moving sensitive data here, are they? Right? When you're talking about just doing a quick Google search,
that's not a big deal. But if I was moving financial data that is
a big deal, they'd want to verify that, there would be more to it. So when you go to companies like Google or
Amazon or whatever, a lot of times the first site they
serve up won't be extended validation, it'll be a regular search. But then,
once you actually go to buy something, and you go to a check out page, right? I guess I have to try and
buy something, let's buy a Fire TV. That when you actually go to try and
purchase something, that it'll switch. And all of the sudden you'll start
seeing a higher level of security when it starts asking for
your password and so on. So I have to log in with an account here
I guess, so it's not gonna do it for me. But you'll see it was different levels. The important part, through,
is it encrypting your data in transit. As the data moves between you and their
servers, that data is being encrypted and protect it, right? But this still doesn't solve the problem
of the data on your hard drive. And on your hard drive, there's a number
of solutions that are available. Most of them are not turned on by default,
all right? So in Windows there's a technology called
BitLocker, and if you were to bring up your Start menu and just type BitLocker,
you'll find the Manage BitLocker tool. And what that does,
is it allows you to turn on encryption for your entire hard drive. Everything that's on your hard
drive gets encrypted and protected. And now if somebody rips the hard
drive out of your computer and plugs it in somewhere else, doesn't
matter, the data is secure and protected. On Windows it's called BitLocker,
on a Mac it's actually called FileVault. If I go into my system preferences, and I go into Security & Privacy,
you'll find FileVault right here. And notice how, on the BitLocker one,
it was turned off by default? FileVault's turned off by default also,
so I can see here it's turned off. But you want it turned on. Now this is just a lab machine for
the show, so I don't really care about it. But if we switch over to my actual laptop,
this is my actual laptop, and I go into my system preferences, and
my Security & Privacy, and FileVault, we'll see something
a little bit different. I've turned on FileVault, right? My hard drive is encrypted. I travel a lot. I travel, I take my laptop,
there's always a chance I could lose it. And I like the fact that,
if I lose my laptop, I don't have to worry about
somebody getting at my data. I know that it's safe, cuz it's fully
encrypted and we're protected there. I also do this with my external drives. I don't have one here on
the podium with me, but I backup to an external hard drive. And I have that drive encrypted as well, because that hard drive is sitting
on my desk right now in my office. I can't see my office from here. Somebody who knew that, hey,
I'm an IT guy, I do backups. So they said, I'm gonna go in the office,
I'm gonna find this backup drive. They could steal the backup drive. And all my data's on there,
multiple copies of it, right? And they could read it, and
access that information. I don't have to worry about that,
I know that disk is encrypted. If somebody steals it, I'll be frustrated
cuz I have to buy a new disk, but I don't have to worry
about losing my data. That's what encryption is all about. Data in motion is data
crossing the network, and it can be encrypted with things
like HTTPS, your secure HTTP traffic, it can be encrypted with VPNs and
other technologies. Data at rest is data on your hard drives,
and the best way to protect
it is with encryption. And whole disk encryption
is what I'm showing here, that's where your entire
hard drive gets encrypted. You can also do encryption
on individual files. There's programs like PGP, Pretty Good
Privacy, that will encrypt a single file. Or in the Windows world, it's actually
built into the operating system. You can come in and you can take a file,
I don't know, I'll take, oops, one of my documents here, my resume. I can find my resume, and I can pull
up the properties for that file, and I can actually turn on encryption just for
that one file. I'm not gonna see it on the main screen
here, you have to go to Advanced, and inside of Advanced you'll see where I
can encrypt contents to secure data. And when I do that,
that'll protect just that one file. And that's what it's telling me right
there, it's gonna protect that file. And I'll say OK. It's gonna pause for a moment, cuz this
is the first file I've encrypted, so it's gotta generate keys. But once it's done,
that file is now encrypted. And it doesn't really
look any different to me, except it's got a tiny microscopic
miniature little yellow lock on it. But otherwise, it's now encrypted. If somebody steals my hard drive,
they won't be able to read that one file. But encrypting the entire hard
drive is the better option, because I might forget to
turn on encryption for a file, or I might move it
somewhere else and forget about it. If you do the whole drive,
you know you are protected. All right Don, well, that's plenty of
things for us to consider in terms of security best practices, but
we are not completely done yet. So Don, I'm gonna give you the last word, and what are we gonna be taking
a look at in our next episode here? All right, so we covered
a lot of things in this episode. We talked about host-based firewalls, we talked about changing default
passwords, setting passwords. We talked about encryption,
data in motion, data at rest, a lot of good stuff, right? But there are a few more things
that we do need to tackle. We haven't talked about
safe browsing practices. Viruses, what we've
talked about in part one, usually come from people browsing the web. So I wanna talk a little
bit about that and the steps we can take to make
sure that that doesn't affect us. So we're gonna tackle that, and the last
thing we've got is just patching in updates, which are your number one
defense against most of these attacks. So pretty important for
us to be able to see and do that as well. So that's all coming up in part three. All right, so there you have it, and
that means you wanna stay around for that part three. So signing off for ITProTV,
I'm your host Ronnie Wong. And I'm Don Pezet. Stay tuned right here for
more of your CompTIA IT Fundamentals show. [MUSIC] Thank you for watching ITProvTV.
