| Groups | Blog | Home |
dotnet security : Windows authentication over remoting... possible?
some link demands. Schneider [quoted text, click to view] "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... > Hi, > > I have to develop an application that will consist of a service and a > windows forms application... the service could be on a distant server but I > need to authenticate the user as being part of the same domain. so when the > application starts, I can send something to the remote service and query for > some objects and the service can give me the objects if I'm the right user > (part of the right group). I don't want to send username and password nor > password hash over the network so if there is a better way (just like SQL > server does or many other apps), I would like to know it (maybe if you have > a link) > > Thanks > > ThunderMusic > >
Hi,
I have to develop an application that will consist of a service and a windows forms application... the service could be on a distant server but I need to authenticate the user as being part of the same domain. so when the application starts, I can send something to the remote service and query for some objects and the service can give me the objects if I'm the right user (part of the right group). I don't want to send username and password nor password hash over the network so if there is a better way (just like SQL server does or many other apps), I would like to know it (maybe if you have a link) Thanks ThunderMusic
ThunderMusic,
Not easily. You can host your remoted objects in IIS, and then it would use the authentication mechanism that you have configured in IIS. Also, I believe this will force you to design your objects in a certain way (for stateless calls, since the mechanism for HTTP is stateless). I could be wrong here. I would honestly not use or recommend remoting as a distributed object technology. If you have to develop your app now (meaning, get it out the door tomorrow), then I would suggest using COM+/Enterprise Services. If you have some time to spare, and don't mind developing with pre-release software, I would look into Windows Communication Foundation. Either way, remoting is a dead-end in my book. Hope this helps. -- - Nicholas Paldino [.NET/C# MVP] - mvp@spam.guard.caspershouse.com [quoted text, click to view] "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... > Hi, > > I have to develop an application that will consist of a service and a > windows forms application... the service could be on a distant server but > I need to authenticate the user as being part of the same domain. so when > the application starts, I can send something to the remote service and > query for some objects and the service can give me the objects if I'm the > right user (part of the right group). I don't want to send username and > password nor password hash over the network so if there is a better way > (just like SQL server does or many other apps), I would like to know it > (maybe if you have a link) > > Thanks > > ThunderMusic >
Ok, I found the WindowsPrincipal class, and it's serializable. Does an
instance of this class guaranty the user is logged on a computer and has been authenticated or is there a way to query the domain server if the user is a rightful user? I mean, I must be sure the user making the request (or query) is who he claims to be and is logged on the domain. My app does not allow impersonnation, but I don't want anybody trying to impersonnate someone on my network and claim being, let's say, the president of the company and start making anything he wants with the remote objects... you know what I mean? I need a way to secure things so only an authenticated user or a user I can authenticate can have access to the objects the service is providing. And I definitly need to know the domain groups this user belongs to... Thanks ThunderMusic [quoted text, click to view] "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... > Hi, > > I have to develop an application that will consist of a service and a > windows forms application... the service could be on a distant server but > I need to authenticate the user as being part of the same domain. so when > the application starts, I can send something to the remote service and > query for some objects and the service can give me the objects if I'm the > right user (part of the right group). I don't want to send username and > password nor password hash over the network so if there is a better way > (just like SQL server does or many other apps), I would like to know it > (maybe if you have a link) > > Thanks > > ThunderMusic >
ThunderMusic,
Unfortunately, no, it does not allow that. All it is is a representation of a user. Anyone could theoretically make one and send it to you. It doesn't tell you if it is logged on or not. -- - Nicholas Paldino [.NET/C# MVP] - mvp@spam.guard.caspershouse.com [quoted text, click to view] "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message news:uhQRdjToGHA.4176@TK2MSFTNGP05.phx.gbl... > Ok, I found the WindowsPrincipal class, and it's serializable. Does an > instance of this class guaranty the user is logged on a computer and has > been authenticated or is there a way to query the domain server if the > user is a rightful user? I mean, I must be sure the user making the > request (or query) is who he claims to be and is logged on the domain. My > app does not allow impersonnation, but I don't want anybody trying to > impersonnate someone on my network and claim being, let's say, the > president of the company and start making anything he wants with the > remote objects... you know what I mean? I need a way to secure things so > only an authenticated user or a user I can authenticate can have access to > the objects the service is providing. And I definitly need to know the > domain groups this user belongs to... > > Thanks > > ThunderMusic > > "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message > news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... >> Hi, >> >> I have to develop an application that will consist of a service and a >> windows forms application... the service could be on a distant server >> but I need to authenticate the user as being part of the same domain. so >> when the application starts, I can send something to the remote service >> and query for some objects and the service can give me the objects if I'm >> the right user (part of the right group). I don't want to send username >> and password nor password hash over the network so if there is a better >> way (just like SQL server does or many other apps), I would like to know >> it (maybe if you have a link) >> >> Thanks >> >> ThunderMusic >> > >
ok, so is there a way I can get the token Windows send us when we log on and
send it to my service so the service can verify with the domain server if this token is valid? thanks ThunderMusic "Nicholas Paldino [.NET/C# MVP]" <mvp@spam.guard.caspershouse.com> wrote in message news:OPBgFlToGHA.1244@TK2MSFTNGP05.phx.gbl... [quoted text, click to view] > ThunderMusic, > > Unfortunately, no, it does not allow that. All it is is a > representation of a user. Anyone could theoretically make one and send it > to you. It doesn't tell you if it is logged on or not. > > > -- > - Nicholas Paldino [.NET/C# MVP] > - mvp@spam.guard.caspershouse.com > > "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message > news:uhQRdjToGHA.4176@TK2MSFTNGP05.phx.gbl... >> Ok, I found the WindowsPrincipal class, and it's serializable. Does an >> instance of this class guaranty the user is logged on a computer and has >> been authenticated or is there a way to query the domain server if the >> user is a rightful user? I mean, I must be sure the user making the >> request (or query) is who he claims to be and is logged on the domain. My >> app does not allow impersonnation, but I don't want anybody trying to >> impersonnate someone on my network and claim being, let's say, the >> president of the company and start making anything he wants with the >> remote objects... you know what I mean? I need a way to secure things >> so only an authenticated user or a user I can authenticate can have >> access to the objects the service is providing. And I definitly need to >> know the domain groups this user belongs to... >> >> Thanks >> >> ThunderMusic >> >> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message >> news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... >>> Hi, >>> >>> I have to develop an application that will consist of a service and a >>> windows forms application... the service could be on a distant server >>> but I need to authenticate the user as being part of the same domain. so >>> when the application starts, I can send something to the remote service >>> and query for some objects and the service can give me the objects if >>> I'm the right user (part of the right group). I don't want to send >>> username and password nor password hash over the network so if there is >>> a better way (just like SQL server does or many other apps), I would >>> like to know it (maybe if you have a link) >>> >>> Thanks >>> >>> ThunderMusic >>> >> >> > >
ok, I answered a part of my question :
System.Security.Principal.WindowsIdentity.GetCurrent().Token.... So now is there a way I can deal with this in my service? can I sen the Windows Identity instance over remoting? thanks ThunderMusic [quoted text, click to view] "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message news:OAuk53ToGHA.4784@TK2MSFTNGP04.phx.gbl... > ok, so is there a way I can get the token Windows send us when we log on > and send it to my service so the service can verify with the domain server > if this token is valid? > > thanks > > ThunderMusic > > "Nicholas Paldino [.NET/C# MVP]" <mvp@spam.guard.caspershouse.com> wrote > in message news:OPBgFlToGHA.1244@TK2MSFTNGP05.phx.gbl... >> ThunderMusic, >> >> Unfortunately, no, it does not allow that. All it is is a >> representation of a user. Anyone could theoretically make one and send >> it to you. It doesn't tell you if it is logged on or not. >> >> >> -- >> - Nicholas Paldino [.NET/C# MVP] >> - mvp@spam.guard.caspershouse.com >> >> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message >> news:uhQRdjToGHA.4176@TK2MSFTNGP05.phx.gbl... >>> Ok, I found the WindowsPrincipal class, and it's serializable. Does an >>> instance of this class guaranty the user is logged on a computer and has >>> been authenticated or is there a way to query the domain server if the >>> user is a rightful user? I mean, I must be sure the user making the >>> request (or query) is who he claims to be and is logged on the domain. >>> My app does not allow impersonnation, but I don't want anybody trying to >>> impersonnate someone on my network and claim being, let's say, the >>> president of the company and start making anything he wants with the >>> remote objects... you know what I mean? I need a way to secure things >>> so only an authenticated user or a user I can authenticate can have >>> access to the objects the service is providing. And I definitly need to >>> know the domain groups this user belongs to... >>> >>> Thanks >>> >>> ThunderMusic >>> >>> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message >>> news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... >>>> Hi, >>>> >>>> I have to develop an application that will consist of a service and a >>>> windows forms application... the service could be on a distant server >>>> but I need to authenticate the user as being part of the same domain. >>>> so when the application starts, I can send something to the remote >>>> service and query for some objects and the service can give me the >>>> objects if I'm the right user (part of the right group). I don't want >>>> to send username and password nor password hash over the network so if >>>> there is a better way (just like SQL server does or many other apps), I >>>> would like to know it (maybe if you have a link) >>>> >>>> Thanks >>>> >>>> ThunderMusic >>>> >>> >>> >> >> > >
ThunderMusic,
I have to ask, why not use one of the two solutions I posted earlier? Trying to do this yourself will lead to a good number of holes in your solution. -- - Nicholas Paldino [.NET/C# MVP] - mvp@spam.guard.caspershouse.com [quoted text, click to view] "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message news:O1t%23y6ToGHA.4616@TK2MSFTNGP05.phx.gbl... > ok, I answered a part of my question : > System.Security.Principal.WindowsIdentity.GetCurrent().Token.... So now > is there a way I can deal with this in my service? can I sen the Windows > Identity instance over remoting? > > thanks > > ThunderMusic > > "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message > news:OAuk53ToGHA.4784@TK2MSFTNGP04.phx.gbl... >> ok, so is there a way I can get the token Windows send us when we log on >> and send it to my service so the service can verify with the domain >> server if this token is valid? >> >> thanks >> >> ThunderMusic >> >> "Nicholas Paldino [.NET/C# MVP]" <mvp@spam.guard.caspershouse.com> wrote >> in message news:OPBgFlToGHA.1244@TK2MSFTNGP05.phx.gbl... >>> ThunderMusic, >>> >>> Unfortunately, no, it does not allow that. All it is is a >>> representation of a user. Anyone could theoretically make one and send >>> it to you. It doesn't tell you if it is logged on or not. >>> >>> >>> -- >>> - Nicholas Paldino [.NET/C# MVP] >>> - mvp@spam.guard.caspershouse.com >>> >>> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message >>> news:uhQRdjToGHA.4176@TK2MSFTNGP05.phx.gbl... >>>> Ok, I found the WindowsPrincipal class, and it's serializable. Does an >>>> instance of this class guaranty the user is logged on a computer and >>>> has been authenticated or is there a way to query the domain server if >>>> the user is a rightful user? I mean, I must be sure the user making the >>>> request (or query) is who he claims to be and is logged on the domain. >>>> My app does not allow impersonnation, but I don't want anybody trying >>>> to impersonnate someone on my network and claim being, let's say, the >>>> president of the company and start making anything he wants with the >>>> remote objects... you know what I mean? I need a way to secure things >>>> so only an authenticated user or a user I can authenticate can have >>>> access to the objects the service is providing. And I definitly need to >>>> know the domain groups this user belongs to... >>>> >>>> Thanks >>>> >>>> ThunderMusic >>>> >>>> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in >>>> message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... >>>>> Hi, >>>>> >>>>> I have to develop an application that will consist of a service and a >>>>> windows forms application... the service could be on a distant server >>>>> but I need to authenticate the user as being part of the same domain. >>>>> so when the application starts, I can send something to the remote >>>>> service and query for some objects and the service can give me the >>>>> objects if I'm the right user (part of the right group). I don't want >>>>> to send username and password nor password hash over the network so if >>>>> there is a better way (just like SQL server does or many other apps), >>>>> I would like to know it (maybe if you have a link) >>>>> >>>>> Thanks >>>>> >>>>> ThunderMusic >>>>> >>>> >>>> >>> >>> >> >> > >
You may want to investigate the MSDN sample about using SSPI with remoting,
it should do exactly what you are wanting to do http://msdn.microsoft.com/webservices/remoting/default.aspx?pull=/library/en-us/dndotnet/html/remsspi.asp -Robert [quoted text, click to view] "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... > Hi, > > I have to develop an application that will consist of a service and a > windows forms application... the service could be on a distant server but > I need to authenticate the user as being part of the same domain. so when > the application starts, I can send something to the remote service and > query for some objects and the service can give me the objects if I'm the > right user (part of the right group). I don't want to send username and > password nor password hash over the network so if there is a better way > (just like SQL server does or many other apps), I would like to know it > (maybe if you have a link) > > Thanks > > ThunderMusic >
[quoted text, click to view]
ThunderMusic wrote: > Hi, > > I have to develop an application that will consist of a service and a > windows forms application... the service could be on a distant server but > I need to authenticate the user as being part of the same domain. so when > the application starts, I can send something to the remote service and > query for some objects and the service can give me the objects if I'm the > right user (part of the right group). I don't want to send username and > password nor password hash over the network so if there is a better way > (just like SQL server does or many other apps), I would like to know it > (maybe if you have a link) > > Thanks > > ThunderMusic Hi ThunderMusic, This may be of help: <UrlWillWrap> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetch11.asp </UrlWillWrap> -- Hope this helps,
sure - .NET 2.0 NegotiateStream supports all this.
read more her: http://www.leastprivilege.com/SecureRemoting.aspx --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com [quoted text, click to view] > Hi, > > I have to develop an application that will consist of a service and a > windows forms application... the service could be on a distant server > but I need to authenticate the user as being part of the same domain. > so when the application starts, I can send something to the remote > service and query for some objects and the service can give me the > objects if I'm the right user (part of the right group). I don't want > to send username and password nor password hash over the network so if > there is a better way (just like SQL server does or many other apps), > I would like to know it (maybe if you have a link) > > Thanks > > ThunderMusic >
lol
--------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com [quoted text, click to view] > Just check on the client, put a strong name on the client. You can > event do some link demands. > > Schneider > > "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in > message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... > >> Hi, >> >> I have to develop an application that will consist of a service and a >> windows forms application... the service could be on a distant >> server but >> > I > >> need to authenticate the user as being part of the same domain. so >> when >> > the > >> application starts, I can send something to the remote service and >> query >> > for > >> some objects and the service can give me the objects if I'm the right >> user (part of the right group). I don't want to send username and >> password nor password hash over the network so if there is a better >> way (just like SQL server does or many other apps), I would like to >> know it (maybe if you >> > have > >> a link) >> >> Thanks >> >> ThunderMusic >>
i think you are mixing some stuff here...
--------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com [quoted text, click to view] > Just check on the client, put a strong name on the client. You can > event do some link demands. > > Schneider > > "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in > message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... > >> Hi, >> >> I have to develop an application that will consist of a service and a >> windows forms application... the service could be on a distant >> server but >> > I > >> need to authenticate the user as being part of the same domain. so >> when >> > the > >> application starts, I can send something to the remote service and >> query >> > for > >> some objects and the service can give me the objects if I'm the right >> user (part of the right group). I don't want to send username and >> password nor password hash over the network so if there is a better >> way (just like SQL server does or many other apps), I would like to >> know it (maybe if you >> > have > >> a link) >> >> Thanks >> >> ThunderMusic >>
because WCF is still beta and the enterprise I work for avoid using beta
versions because they had big problems with them in the past... and not COM+ because noone knows anything about it here... the only thing we know is remoting... even if it's "a dead technology" we can't afford using WCF and have eventual problems. Our apps will stay local to the enterprise and is not targeted to the public, but we just want to make sure that noone will be able to clone one of our users from the domain... (well, at least, as most as possible) maybe if you have some link I can look at to start using COM+/Enterprise Services.... Is it as easy as Remoting? I mean, providing the client app with interfaces and then get a remote copy of the object and calling the interfaces methods? (We would work by marshaling, not as WellKnownObjects) thanks ThunderMusic "Nicholas Paldino [.NET/C# MVP]" <mvp@spam.guard.caspershouse.com> wrote in message news:OumtSOUoGHA.4784@TK2MSFTNGP04.phx.gbl... [quoted text, click to view] > ThunderMusic, > > I have to ask, why not use one of the two solutions I posted earlier? > Trying to do this yourself will lead to a good number of holes in your > solution. > > -- > - Nicholas Paldino [.NET/C# MVP] > - mvp@spam.guard.caspershouse.com > > "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message > news:O1t%23y6ToGHA.4616@TK2MSFTNGP05.phx.gbl... >> ok, I answered a part of my question : >> System.Security.Principal.WindowsIdentity.GetCurrent().Token.... So now >> is there a way I can deal with this in my service? can I sen the Windows >> Identity instance over remoting? >> >> thanks >> >> ThunderMusic >> >> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message >> news:OAuk53ToGHA.4784@TK2MSFTNGP04.phx.gbl... >>> ok, so is there a way I can get the token Windows send us when we log on >>> and send it to my service so the service can verify with the domain >>> server if this token is valid? >>> >>> thanks >>> >>> ThunderMusic >>> >>> "Nicholas Paldino [.NET/C# MVP]" <mvp@spam.guard.caspershouse.com> wrote >>> in message news:OPBgFlToGHA.1244@TK2MSFTNGP05.phx.gbl... >>>> ThunderMusic, >>>> >>>> Unfortunately, no, it does not allow that. All it is is a >>>> representation of a user. Anyone could theoretically make one and send >>>> it to you. It doesn't tell you if it is logged on or not. >>>> >>>> >>>> -- >>>> - Nicholas Paldino [.NET/C# MVP] >>>> - mvp@spam.guard.caspershouse.com >>>> >>>> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in >>>> message news:uhQRdjToGHA.4176@TK2MSFTNGP05.phx.gbl... >>>>> Ok, I found the WindowsPrincipal class, and it's serializable. Does an >>>>> instance of this class guaranty the user is logged on a computer and >>>>> has been authenticated or is there a way to query the domain server if >>>>> the user is a rightful user? I mean, I must be sure the user making >>>>> the request (or query) is who he claims to be and is logged on the >>>>> domain. My app does not allow impersonnation, but I don't want anybody >>>>> trying to impersonnate someone on my network and claim being, let's >>>>> say, the president of the company and start making anything he wants >>>>> with the remote objects... you know what I mean? I need a way to >>>>> secure things so only an authenticated user or a user I can >>>>> authenticate can have access to the objects the service is providing. >>>>> And I definitly need to know the domain groups this user belongs to... >>>>> >>>>> Thanks >>>>> >>>>> ThunderMusic >>>>> >>>>> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in >>>>> message news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... >>>>>> Hi, >>>>>> >>>>>> I have to develop an application that will consist of a service and a >>>>>> windows forms application... the service could be on a distant >>>>>> server but I need to authenticate the user as being part of the same >>>>>> domain. so when the application starts, I can send something to the >>>>>> remote service and query for some objects and the service can give me >>>>>> the objects if I'm the right user (part of the right group). I don't >>>>>> want to send username and password nor password hash over the network >>>>>> so if there is a better way (just like SQL server does or many other >>>>>> apps), I would like to know it (maybe if you have a link) >>>>>> >>>>>> Thanks >>>>>> >>>>>> ThunderMusic >>>>>> >>>>> >>>>> >>>> >>>> >>> >>> >> >> > >
seems pretty interesting... I'll read it and give you feedback as if it
helped me, but I think it will.. ;) thanks a lot ThunderMusic [quoted text, click to view] "Robert Ginsburg" <robert.ginsburg@ver3.com> wrote in message news:ewLtsgUoGHA.4728@TK2MSFTNGP03.phx.gbl... > You may want to investigate the MSDN sample about using SSPI with > remoting, it should do exactly what you are wanting to do > http://msdn.microsoft.com/webservices/remoting/default.aspx?pull=/library/en-us/dndotnet/html/remsspi.asp > > -Robert > "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message > news:eREVPUToGHA.1204@TK2MSFTNGP04.phx.gbl... >> Hi, >> >> I have to develop an application that will consist of a service and a >> windows forms application... the service could be on a distant server >> but I need to authenticate the user as being part of the same domain. so >> when the application starts, I can send something to the remote service >> and query for some objects and the service can give me the objects if I'm >> the right user (part of the right group). I don't want to send username >> and password nor password hash over the network so if there is a better >> way (just like SQL server does or many other apps), I would like to know >> it (maybe if you have a link) >> >> Thanks >> >> ThunderMusic >> > >
"ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in
news:uCIizHcoGHA.3636@TK2MSFTNGP03.phx.gbl: [quoted text, click to view] > the only thing we know > is remoting... even if it's "a dead technology"
[quoted text, click to view] > I would honestly not use or recommend remoting as a distributed object > technology. If you have to develop your app now (meaning, get it out the > door tomorrow), then I would suggest using COM+/Enterprise Services. Remoting isn't a distributed object technology; it's a communication protocol. In fact for .net to .net comms on lan, the recommendation is to use remoting AND com+/es. - Oisin
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
| home · blog · groups | Questions? Comments? Contact the dn |