Practical Internet Security (eBook)
XXI, 536 Seiten
Springer US (Verlag)
978-0-387-29844-3 (ISBN)
As organizations today are linking their systems across enterprise-wide networks and VPNs as well as increasing their exposure to customers, competitors, browsers and hackers on the Internet, it becomes increasingly imperative for Web professionals to be trained in techniques for effectively protecting their sites from internal and external threats. Each connection magnifies the vulnerability to attack. With the increased connectivity to the Internet and the wide availability of automated cracking tools, organizations can no longer simply rely on operating system security to protect their valuable corporate data. Furthermore, the exploding use of Web technologies for corporate intranets and Internet sites has escalated security risks to corporate data and information systems.
Practical Internet Security reveals how the Internet is paving the way for secure communications within organizations and on the public Internet. This book provides the fundamental knowledge needed to analyze risks to a system and to implement a security policy that protects information assets from potential intrusion, damage, or theft. It provides dozens of real-life scenarios and examples, as well as hands-on instruction in securing Web communications and sites. You will learn the common vulnerabilities of Web sites; as well as, how to carry out secure communications across unsecured networks. All system administrators and IT security managers will find this book an essential practical resource.
As organizations today are linking their systems across enterprise-wide networks and VPNs as well as increasing their exposure to customers, competitors, browsers and hackers on the Internet, it becomes increasingly imperative for Web professionals to be trained in techniques for effectively protecting their sites from internal and external threats. Each connection magnifies the vulnerability to attack. With the increased connectivity to the Internet and the wide availability of automated cracking tools, organizations can no longer simply rely on operating system security to protect their valuable corporate data. Furthermore, the exploding use of Web technologies for corporate intranets and Internet sites has escalated security risks to corporate data and information systems.Practical Internet Security reveals how the Internet is paving the way for secure communications within organizations and on the public Internet. This book provides the fundamental knowledge needed to analyze risks to a system and to implement a security policy that protects information assets from potential intrusion, damage, or theft. It provides dozens of real-life scenarios and examples, as well as hands-on instruction in securing Web communications and sites. You will learn the common vulnerabilities of Web sites; as well as, how to carry out secure communications across unsecured networks. All system administrators and IT security managers will find this book an essential practical resource.
Dedication 6
Contents 7
Acknowledgements 11
Foreword 13
Preface 15
INTRODUCTION 15
PURPOSE 15
SCOPE 15
TARGET AUDIENCE 16
ORGANIZATION OF THIS BOOK 17
CONVENTIONS 21
Part I INTRODUCTION TO INTERNET SECURITY 22
INTERNET TECHNOLOGIES 24
INTRODUCTION 24
THE WEB CLIENT/SERVER ARCHITECTURE 24
WHAT DOES THE WEB SERVER DO? 34
DYNAMIC CONTENT TECHNOLOGIES 41
SUMMARY AND CONCLUSIONS 46
REFERENCES 46
BASIC SECURITY ISSUES 48
INTRODUCTION 48
INTERNET AND NETWORK SECURITY ISSUES: BASIC SECURITY CONCEPTS 49
SUMMARY AND CONCLUSIONS 57
REFERENCES 57
Part II ESTABLISHING YOUR ORGANIZATION’S SECURITY 58
REAL THREATS THAT IMPACT SECURITY 60
INTRODUCTION 60
COMMON HACKER EXPLOITS 60
VULNERABILITY DETECTION 61
WHAT YOUR ISP ISN’T TELLING YOU 62
SOFTWARE PATCHING 62
ARE YOU AT RISK FROM INTERNET SECURITY THREATS? 63
SUMMARY AND CONCLUSIONS 64
REFERENCES 67
A SECURITY POLICY: THE FOUNDATION OF YOUR PROTECTION 68
INTRODUCTION 68
MAJOR TYPES OF POLICY 69
WHAT TO INCLUDE 72
OBTAINING APPROVAL 74
GETTING POLICY IMPLEMENTED 75
SAMPLE HIGH LEVEL POLICY STATEMENTS 76
SUMMARY AND CONCLUSIONS 76
REFERENCES 76
Part III DEVELOPING YOUR SECURITY POLICY 78
STEPS TO TAKE NOW 80
INTRODUCTION 80
THREATS/VISIBILITY 81
SENSITIVITIES/CONSEQUENCES 82
INFORMATION ASSET INVENTORY 83
GENERAL SUPPORT SYSTEMS 83
CRITICAL/MAJOR APPLICATIONS 84
ENTERPRISE REQUIREMENTS 85
SUMMARY AND CONCLUSIONS 96
REFERENCES 97
RESPONDING TO ATTACKS 98
INTRODUCTION 98
SAMPLE POLICY AREAS 98
INTERNET FIREWALL POLICY 129
WORLD WIDE WEB (WWW) 146
ELECTRONIC MAIL 152
SUMMARY AND CONCLUSIONS 162
REFERENCES 163
Part IV SECURING THE WEB CLIENT 164
THREATS AND VULNERABILITIES 166
INTRODUCTION 166
TOP THREATS AND VULNERABILITIES IN WINDOWS SYSTEMS 167
TOP THREATS AND VULNERABILITIES IN CROSS-PLATFORM APPLICATIONS 175
TOP THREATS AND VULNERABILITIES IN UNIX SYSTEMS 189
TOP THREATS AND VULNERABILITIES IN NETWORKING PRODUCTS 191
SUMMARY AND CONCLUSIONS 195
REFERENCES 196
PROTECTING YOUR WEB BROWSER 198
INTRODUCTION 198
BROWSER WEAKNESSES 199
UNIVERSAL STATUS BAR SPOOFING? 200
KEEP YOUR SYSTEM UPDATED 200
CONFIGURE SECURITY IN YOUR WEB BROWSER 200
KEEP YOUR BROWSER IN CHECK 201
PRINCIPAL OF LEAST PRIVILEGE 201
ANTI-SPYWARE 201
ANTI-VIRUS 202
THINK BEFORE YOU CLICK! 202
SUMMARY AND CONCLUSIONS 202
REFERENCES 203
Part V NETWORK INTERCONNECTIONS: A MAJORPOINT OF VULNERABILITY 204
BASIC OPERATING SYSTEM AND TCP/IP CONCEPTS 206
INTRODUCTION 206
TCP/IP OVERVIEW 206
TCP/IP RESET ATTACKS 209
SUMMARY AND CONCLUSIONS 212
REFERENCES 213
EARLY SYSTEM SECURITY IMPROVEMENTS 214
INTRODUCTION 214
DES 216
SHADOW PASSWORDS 216
DIALBACK/DIALER PASSWORDS 217
SUMMARY AND CONCLUSIONS 222
REFERENCES 222
Part VI DETERRING MASQUERADERS AND ENSURING AUTHENTICITY 224
IMPERSONATING USERS 226
INTRODUCTION 226
WHAT’S AT RISK? 226
IDENTITY AND ACCESS MANAGEMENT 227
IT’S NOT WHAT YOU KNOW THAT COUNTS 227
ELIMINATE VULNERABLE, PASSWORD-BASED SYSTEMS 228
YOUR IDENTITY IS THE KEY 229
WHAT’S THE COST? 230
SUMMARY AND CONCLUSIONS 230
REFERENCES 230
HOW MASQUERADERS INFILTRATE A SYSTEM 232
INTRODUCTION 232
PREPARING FOR THE NEW WORLD ORDER 233
CHINESE CHECKERS 237
INTERCEPTION 238
SUMMARY AND CONCLUSIONS 245
REFERENCES 245
HOLDING YOUR DEFENSIVE LINE 246
INTRODUCTION 246
TROUBLE ARRIVES ON PORTS 80 AND 443 247
INCREASINGLY SOPHISTICATED CRIMINALS/ MASQUERADERS TARGET THE INTERNET 247
BLENDED THREATS RAISE THE BAR 248
WEB PROXIES ACCELERATE CONTENT DELIVERY, WEB FILTERS ADD SECURITY 248
DEFENSE-IN-DEPTH SOLUTIONS TO WEB-BORNE THREATS 249
ISA IN A SINGLE AUTO-UPDATING APPLIANCE 250
SUMMARY AND CONCLUSIONS 252
REFERENCES 252
Part VII PREVENTING EAVESDROPPING TO PROTECT YOUR PRIVACY 254
UNAUTHORIZED LISTENING AND LOOKING 256
INTRODUCTION 256
HOW DOES INSTANT MESSAGING WORK? 256
INSTANT MESSAGING SECURITY THREATS 257
BLOCKING INSTANT MESSAGING 260
SUMMARY AND CONCLUSIONS 261
REFERENCES 262
COUNTERING OR NOT COUNTERING THE EAVESDROPPER: THAT’S THE QUESTION? 264
INTRODUCTION 264
CALEA’S HISTORY 265
U.S. WIRETAP LAWS 266
FOREIGN INTELLIGENCE SURVEILLANCE ACT 269
COMMUNICATIONS IN AN AGE OF TERROR 269
ENTER NEW TECHNOLOGY: THE INTERNET 271
SUMMARY AND CONCLUSIONS 274
REFERENCES 275
Part VIII THWARTING COUNTERFEITERS AND FORGERY TO RETAIN INTEGRITY 277
THE FORGER’S ARSENAL 278
INTRODUCTION 278
INGRESS FILTERING 278
DISCERNING TRUE PACKET SOURCES 279
NEED FOR TWO PATHS 281
USE OF EXPLICIT IP ADDRESSES 281
HOW EXPENSIVE IS PEIP? 282
PROBLEMS CAUSED BY PEIP 283
VULNERABILITIES OF PEIP 284
SUMMARY AND CONCLUSIONS 288
REFERENCES 288
SHIELDING YOUR ASSETS 290
INTRODUCTION 290
THE BUSINESS ISSUES 290
CONVENTIONAL SECURITY SOLUTIONS 291
MINIMAL RESOURCES = MINIMUM SECURITY 293
THE NEXT GENERATION OF PERIMETER SECURITY 294
SUMMARY AND CONCLUSIONS 295
REFERENCES 295
Part IX AVOIDING DISRUPTION OF SERVICE TO MAINTAIN AVAILABILITY 297
DENIAL-OF-SERVICE ATTACKS 298
INTRODUCTION 298
OPERATING SYSTEM ATTACKS 299
NETWORKING ATTACKS 299
SUMMARY AND CONCLUSIONS 300
REFERENCES 300
CONSTRUCTING YOUR BASTIONS 302
INTRODUCTION 302
HOST PROBING 302
PORT SCANNING 303
OS FINGERPRINTING 303
COUNTERMEASURES 304
THE BOTTOM LINE 305
SUMMARY AND CONCLUSIONS 305
REFERENCES 305
THE IMPORTANCE OF FIREWALLS 306
INTRODUCTION 306
WHAT IT DOES 307
MAKING THE FIREWALL FIT 307
WHAT IT PROTECTS YOU FROM 309
PROXY SERVERS AND DMZ 312
SUMMARY AND CONCLUSIONS 313
REFERENCES 313
Part X CONFIGURING OPERATING SYSTEM AND NETWORK SECURITY 315
OPERATING SYSTEMS THAT POSE SECURITY RISKS 316
INTRODUCTION 316
THE PROBLEM IN PRINCIPLE 316
MICROSOFT 320
IMPACT ON PUBLIC PROTECTION 324
SUMMARY AND CONCLUSIONS 327
REFERENCES 328
NETWORK SECURITY 330
INTRODUCTION 330
CURRENT SECURITY RISKS 330
ASSESSING THE RISKS 332
SECURITY SOLUTIONS 333
ISSUES WITH LEGACY NETWORK SECURITY ARCHITECTURES 334
NEXT GENERATION SOLUTIONS: THE INTEGRATED NETWORK SECURITY PLATFORM 335
SUMMARY AND CONCLUSIONS 336
REFERENCES 337
Part XI ENHANCING WEB SERVER SECURITY 339
CONTROLLING ACCESS 340
INTRODUCTION 340
WHY ACCESS CONTROL? 341
ACCESS CONTROL SECURITY SOLUTION OVERVIEW 342
INTELLIGENT SECURITY NETWORK 343
ACCESS CONTROL SECURITY SOLUTION DEPLOYMENT SCENARIO 343
SUMMARY AND CONCLUSIONS 344
REFERENCES 345
EXTENDED WEB SITE SECURITY FUNCTIONALITY 346
INTRODUCTION 346
SECURE UI PRINCIPLE I: SECURITY SHOULD BE DEFAULT, AND DEFAULTS SHOULD BE SECURE 347
SECURE UI PRINCIPLE II: SECURITY MUST BE USABLE TO BE USED 347
SECURE UI PRINCIPLE III: ALERTS SHOULD WAKE-UP 347
SECURE UI PRINCIPLE IV: CRYPTOGRAPHY IS IN GREEK 348
RELATED REAL-LIFE WEB SITE-SPOOFING ATTACKS 348
SUMMARY AND CONCLUSIONS 349
REFERENCES 350
SECURING WEB COMMUNICATIONS WITH SSL VPNS 352
INTRODUCTION 352
THE BUSINESS OF SECURE REMOTE ACCESS 353
REMOTE ACCESS REQUIRES COMPREHENSIVE SECURITY 353
ENDPOINT SECURITY CONSIDERATIONS 354
THE COLLABORATIVE PROCESS OF VPN SECURITY 355
SECURING THE GATEWAY 355
SUMMARY AND CONCLUSIONS 356
REFERENCES 356
Part XII ISSUING AND MANAGING CERTIFICATES 358
WHY DIGITAL CERTIFICATES ARE USED 360
INTRODUCTION 360
UNDERSTANDING FIRST GENERATION DIGITAL CERTIFICATES 360
SECOND GENERATION AUTOMATED VETTING: CHEAPER, FASTER AND THE KEY TO IDENTITY VERIFICATION IMPROVEMENTS FOR THE NEXT DECADE 366
SUMMARY AND CONCLUSIONS 368
REFERENCES 369
CERTIFICATE AUTHORITIES 370
INTRODUCTION 370
HOW SECURE IS THE CA? 372
SOME TERMINOLOGY 374
WHY DO PKI IN A ROUTER? 374
SUMMARY AND CONCLUSIONS 375
REFERENCES 375
TRUSTING SSL CAS IN SERVERS AND BROWSERS 376
INTRODUCTION 376
SSL DEFINED 376
HOW SSL SERVER CERTIFICATES WORK 377
SECURING MULTIPLE SERVERS AND DOMAINS WITH SSL 380
SUMMARY AND CONCLUSIONS 381
REFERENCES 382
Part XIII FIREWALLS AND FIREWALL TOPOLOGIES 384
PROTECTING SERVERS AND CLIENTS WITH FIREWALLS 386
INTRODUCTION 386
TYPES OF FIREWALLS 387
UNDERSTANDING FIREWALL TYPES 390
FIREWALL TYPES DRAWBACKS 391
SUMMARY AND CONCLUSIONS 391
REFERENCES 392
CHOOSING THE RIGHT FIREWALL 394
INTRODUCTION 394
CONVERGENCE 395
ABOUT PACKET INSPECTION 401
SUMMARY AND CONCLUSIONS 418
REFERENCES 418
FIREWALL TOPOLOGIES 420
INTRODUCTION 420
VPN – VIRTUAL PRIVATE NETWORK 420
FIREWALL POLICIES 423
SETTING UP A DEMILITARIZED ZONE (DMZ) – A VPN ALTERNATIVE? 424
SUMMARY AND CONCLUSIONS 430
REFERENCES 431
SELECTING FIREWALL SECURITY TOPOLOGY POLICY 432
INTRODUCTION 432
FIREWALL PROTECTION 433
FIREWALL ARCHITECTURES 433
TYPES OF FIREWALLS 434
ISSUES 437
INTRANET 438
NETWORK TRUST RELATIONSHIPS 439
VIRTUAL PRIVATE NETWORKS (VPN) 440
FIREWALL ADMINISTRATION 440
SUMMARY AND CONCLUSIONS 450
REFERENCES 451
Part XIV SECURITY MANAGEMENT SOLUTIONS AND FUTURE DIRECTIONS 453
IDENTIFYING AND RESPONDING TO SECURITY VIOLATIONS 454
INTRODUCTION 454
THE PROFILER 455
HOW IST SHOULD WORK 456
HOW IST CAN HELP 456
IST REMOVING THE UNKNOWN: STAYING CURRENT ON HOSTS, SERVERS AND APPLICATIONS ON THE NETWORK 457
QUICKLY RESOLVE SECURITY INCIDENTS THROUGH DETAILED INVESTIGATIONS 457
QUICKLY RECOGNIZE THE SOURCE OF WORMS FOR CONTAINMENT 457
SUMMARY AND CONCLUSIONS 458
REFERENCES 459
REAL-TIME MONITORING AND AUDITING 460
INTRODUCTION 460
THE IDEAL MONITORING SOLUTION 461
WATCHING THE DATABASE ADMINISTRATOR 461
WATCHING TEMPORARY ACCOUNTS 462
AUDITING ACCESS TO SENSITIVE DATA 462
THE FLEXIBILITY TO FILTER RESULTS 463
ATTEMPTS TO CIRCUMVENT AN APPLICATION 463
SUMMARY AND CONCLUSIONS 463
REFERENCES 464
LIMITING DAMAGE 466
INTRODUCTION 466
APPLICATION FIREWALLS 467
APPLICATION FIREWALLS WITH CENTRALIZED MANAGEMENT CONSOLE 467
TRAFFIC MONITORING INTRUSION DETECTION SYSTEMS 467
THE PROBLEM WILL NOT GO AWAY 468
SUMMARY AND CONCLUSIONS 468
REFERENCES 469
KEEPING UP TO DATE ON NEW THREATS 470
INTRODUCTION 470
SECURE CONTENT MANAGEMENT GROWS IN IMPORTANCE 470
THE IMPERATIVE FOR SECURITY ECOSYSTEMS 471
WEB FILTERING EXPANDS ITS ROLE 472
SUMMARY AND CONCLUSIONS 472
REFERENCES 472
EMERGING TECHNOLOGIES 474
INTRODUCTION 474
THE DEVIL YOU KNOW 474
SUMMARY AND CONCLUSIONS 476
REFERENCES 476
SUMMARY, CONCLUSIONS AND RECOMMENDATIONS 478
INTRODUCTION 478
SUMMARY 478
CONCLUSIONS 482
RECOMMENDATIONS 488
REFERENCES 489
Part XV APPENDICES 491
CONFIGURING INTERNET AUTHENTICATION SERVICE ON MICROSOFT WINDOWS 2003 SERVER WINDOWS 2003 / ENHANCED 492
INTRODUCTION 492
CONFIGURING THE WINDOWS 2003 SERVER FOR IAS TO SUPPORT RADIUS CLIENTS 492
CONFIGURING THE WINDOWS 2003 SERVER FOR RADIUS USER MANAGEMENT 493
CONFIGURING THE SONICWALL SECURITY APPLIANCE TO SUPPORT THE AUTHENTICATION METHOD 494
REFERENCES 494
INTERNET SECURITY MANAGEMENT, RESILIENCY AND SECURITY 496
INTRODUCTION 496
THE ORGANIZATION AS BENEFACTOR 497
THE SCOPE OF SECURITY MANAGEMENT 497
COMPLEXITY IS PERVASIVE 498
SECURITY AS AN INVESTMENT 498
TECHNOLOGICAL BIASES 499
SECURITY IS A BUSINESS PROBLEM 500
REGULATORY BIASES 500
SECURITY AS A CORE COMPETENCY 501
CONCLUSIONS 501
REFERENCES 502
LIST OF TOP INTERNET SECURITY IMPLEMENTATION AND DEPLOYMENT COMPANIES 504
LIST OF INTERNET SECURITY PRODUCTS 526
LIST OF INTERNET SECURITY STANDARDS 532
LIST OF MISCELLANEOUS INTERNET SECURITY RESOURCES 536
GLOSSARY 538
Chapter 7 THREATS AND VULNERABILITIES (p. 145)
INTRODUCTION
Six years ago, the SANS Institute [1] and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities, with regards to securing the Web client. Thousands of enterprises used that list, and the expanded Top-20 lists that followed one, two, and three years later, to prioritize their efforts so they could close the most dangerous holes .rst. The vulnerable services and the threats that they posed, led to worms like Blaster, Slammer, Code Red and many others, that have been on these lists [1].
This chapter presents an overview of these vulnerabilities and threats, and is a marked deviation from the previous Top-20 lists. In addition to Windows and UNIX categories, SANS and NIPC have also included cross-platform applications and networking products. The change re.ects the dynamic nature of the evolving threat landscape and the vulnerabilities that attackers target. Unlike the previous Top-20 lists, this list is not cumulative in nature. SANS and NIPC have only listed critical vulnerabilities and threats from 2005 and 2006. If you have not patched your systems for a length of time, it is highly recommended that you .rst patch the vulnerabilities listed in the Top-20 2005 list [1].
SANS and NIPC have made a best effort to make this list meaningful for most enterprises. Hence, the Top-20 is a consensus list of vulnerabilities and threats that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore, the leading security software vendors and consulting .rms, the top university-based security programs, many other user enterprises, and the SANS Institute [1].
The SANS Top-20 is a living list. It includes step-by-step instructions and pointers to additional information useful for correcting the security .aws. SANS and NIPC will update the list and the instructions as more critical vulnerabilities and more current or convenient methods of protection are identi.ed, and they welcome your input along the way. This is a community consensus list – your experience in .ghting attackers and in eliminating the vulnerabilities and threats, can help others who come after you [1].
TOP THREATS AND VULNERABILITIES IN WINDOWS SYSTEMS
The family of Windows Operating systems supports a wide variety of services, networking methods and technologies. Many of these components are implemented as Service Control Programs (SCP) under the control of Service Control Manager (SCM), which runs as Services.exe. Vulnerabilities in these services that implement these Operating System functionalities are one of the most common avenues for exploitation [1].
Windows Services
Remotely exploitable buffer over.ow vulnerabilities continue to be the number one issue that affects Windows services. Several of the core system services provide remote interfaces to client components through Remote Procedure Calls (RPC). They are mostly exposed through named pipe endpoints accessible through the Common Internet File System (CIFS) protocol, well known TCP/UDP ports and in certain cases ephemeral TCP/UDP ports.
| Erscheint lt. Verlag | 10.1.2007 |
|---|---|
| Zusatzinfo | XXI, 536 p. 145 illus. |
| Verlagsort | New York |
| Sprache | englisch |
| Themenwelt | Mathematik / Informatik ► Informatik ► Datenbanken |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| Informatik ► Theorie / Studium ► Algorithmen | |
| Informatik ► Theorie / Studium ► Kryptologie | |
| Mathematik / Informatik ► Informatik ► Web / Internet | |
| Informatik ► Weitere Themen ► Hardware | |
| Naturwissenschaften | |
| Schlagworte | Audit • Browser • Controlling • Distributed Computing • Firewall • information systems • Internet • IT Security • Monitor • Network Security • operating system • organization • Practical security • security • system administrator |
| ISBN-10 | 0-387-29844-4 / 0387298444 |
| ISBN-13 | 978-0-387-29844-3 / 9780387298443 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 3,1 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
