tag:blogger.com,1999:blog-27305433423744166402024-03-09T18:46:32.611-08:00Network HackedKylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.comBlogger42125tag:blogger.com,1999:blog-2730543342374416640.post-65834479706863643432023-01-03T00:31:00.000-08:002023-01-03T00:31:42.747-08:00CEO Life<p>It's been two years since I quit my job in Jan 2021 to run my own business InfoSect. I thought I'd do a blog post looking at my second year, but also step back to see my entire journey in running my own business.</p><p>Re-reading my first year blog <a href="https://www.networkhacked.com/2021/07/stepping-off-cliff-edge.html" target="_blank">here</a>, I think the focus of the first year was space and infrastructure. Although space and infrastructure continue to develop and grow into my 2nd year, I think if I was to reflect on the year, our biggest focus was people. So I'll kick off analysing how this is going.</p><h4 style="text-align: left;"><span style="font-size: medium;">Staffing</span></h4><p>Below shows the staffing numbers for InfoSect since I started in 2021. The grey line is the actual numbers at the end of each month. The orange line is the trendline. We've had steady team growth over the past two years and what is probably more significant is the demographics of our team is changing as we lean toward hiring more senior staff members. As we enter 2023, we're now sitting on the borderline of small vs medium business size.</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEeD8rtE2oyHAlzyoGsUPpPnO734rS_W97d9-BhIHQQmWYYnfkWTaym3hWeAaIn0sUuR17qSLtBSM5Ks-3YluAyaneXncbOI9E8kDDqx6Z1CglAX8fkkMx_m-XtieFVazajP3xMBzKulzp0oKXcB0RB20dglvCL6qDNFu-E9f-SCuY7iPnUyorFJOs/s752/staff-numbers.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="406" data-original-width="752" height="346" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEeD8rtE2oyHAlzyoGsUPpPnO734rS_W97d9-BhIHQQmWYYnfkWTaym3hWeAaIn0sUuR17qSLtBSM5Ks-3YluAyaneXncbOI9E8kDDqx6Z1CglAX8fkkMx_m-XtieFVazajP3xMBzKulzp0oKXcB0RB20dglvCL6qDNFu-E9f-SCuY7iPnUyorFJOs/w640-h346/staff-numbers.png" title="# Staff 2021-22" width="640" /></a></div><p>I've managed some significant team sizes in my past roles, but growing a team from scratch for a new business is a completely different task. This year I learnt the lesson of ensuring you focus on the culture of your team at this very formative stage. The culture is driven from within the team, the people you hire and how they interact with others. Once outnumberd, the capability of leadership to influence culture becomes reduced. </p><p>This <a href="https://twitter.com/justinkan/status/1397730747398557696?s=20&t=Qd9giE7qpMt_URIGrBtKmg" target="_blank">twitter thread</a> about the downfall of Atrium after raising $75M in venture capital commented on exactly the same thing:<span style="background-color: white;"> </span></p><p><span face="TwitterChirp, -apple-system, "system-ui", "Segoe UI", Roboto, Helvetica, Arial, sans-serif" style="background-color: rgba(255, 255, 255, 0.03); font-size: 15px; white-space: pre-wrap;"></span></p><blockquote><i style="background-color: #f9cb9c;">At Atrium, we hired too many people too fast and we failed to set a cohesive culture early. This is incredibly hard to change later on.</i></blockquote><p></p><p>After a few challenging decisions and some help from our friends at <a href="https://www.theexpertleader.com/" target="_blank">The Expert Leader</a>, InfoSect is entering 2023 with a solid foundation and strong culture focused on trust, respect and accountability. </p><h4 style="text-align: left;"><span style="background-color: white;"><span style="white-space: pre-wrap;"><span style="font-size: medium;">Space & Infrastructure</span></span></span></h4><p><span style="background-color: white;"><span style="white-space: pre-wrap;">In July 2022 we expanded into another warehouse in our complex, more than doubling our space. This allowed us to physically separate the spaces we used for research vs where we conduct our training and community activites. Our larger, light filled classroom is shown during setup below (we've upgraded the chairs since then too).</span></span></p><p><span style="background-color: white;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilLZwMUYUPBULron6Binm0bqacTVOG9ZaV2O91FnsnEDiYFpT5S1xoz7blI3H-92Xyd19HJz2DBQGpJ0UBUdOiY9aWRz68GTqKhbZa8ujXtg1C_N6JCwrAoeCJxW2LrG-3UvXDOrZNlvOw2ZpAPST-gjC2as5xr21TZrpiKppeJDvaguykjk0kdas9/s4032/unit10.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2268" data-original-width="4032" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilLZwMUYUPBULron6Binm0bqacTVOG9ZaV2O91FnsnEDiYFpT5S1xoz7blI3H-92Xyd19HJz2DBQGpJ0UBUdOiY9aWRz68GTqKhbZa8ujXtg1C_N6JCwrAoeCJxW2LrG-3UvXDOrZNlvOw2ZpAPST-gjC2as5xr21TZrpiKppeJDvaguykjk0kdas9/w640-h360/unit10.png" title="Unit 10 Classroom, July 2022" width="640" /></a></div><p><span style="background-color: white;"><span style="white-space: pre-wrap;">The extra space was sorely needed. You can only imagine having upto 10 random students wandering through your workspace to head to the bathroom while trying to hold a customer meeting in the meeting room that is en route to the bathroom. Of course this kicked off another set of desk builds, new boardroom tables and all the stuff we had experienced in 2021. Fortunately for us, we have hired someone to do this for us now. We now have a Business Manager that manages our facilities, ensuring they are maintained and safe for use.</span></span></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">If I reflect on this, a side effect of getting bigger and having more people, something that seemed to take a year and a lot of focus, suddenly feels a lot smoother and easier (at least from where I'm sitting!).</span></span></p><h4 style="text-align: left;"><span style="background-color: white;"><span style="white-space: pre-wrap;"><span style="font-size: medium;">Training</span></span></span></h4><p><span style="background-color: white;"><span style="white-space: pre-wrap;">The number of training courses we deliver has stablised now. The chart below shows the total number of students taught over the past 4 years, and we see a smaller increase from 2021 to 2022, with 2022 accountable for 35% of training over the past 4 years. </span></span><span style="background-color: white; white-space: pre-wrap;">This was our </span><a href="https://blog.infosectcbr.com.au/2022/01/infosect-training-demographics-for-2021.html" style="background-color: white; white-space: pre-wrap;" target="_blank">training demographics</a><span style="background-color: white; white-space: pre-wrap;"> from 2021. </span></p><p><img height="395" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABLAAAALmCAYAAABSJm0fAAAAAXNSR0IArs4c6QAAIABJREFUeF7s3QmUFNX59/FnZlhmgJF9QAGBUQEXNKASF0RwFxSNgooCAipxSTRRRPDvq9FEBZG4xgUFAaNRUUGIa1xAQtSobCKGRWbYcYAZNtmZfs9TTbU9NV3dPdPV3VVd33sOR2Vqufdzb01O/XLvraxAIBAQCgIIIIAAAggggAACCCCAAAIIIIAAAi4VyCLAcmnPUC0EEEAAAQQQQAABBBBAAAEEEEAAAUOAAIuBgAACCCCAAAIIIIAAAggggAACCCDgagECLFd3D5VDAAEEEEAAAQQQQAABBBBAAAEEECDAYgwggAACCCCAAAIIIIAAAggggAACCLhagADL1d1D5RBAAAEEEEAAAQQQQAABBBBAAAEECLAYAwgggAACCCCAAAIIIIAAAggggAACrhYgwHJ191A5BBBAAAEEEEAAAQQQQAABBBBAAAECLMYAAggggAACCCCAAAIIIIAAAggggICrBQiwXN09VA4BBBBAAAEEEEAAAQQQQAABBBBAgACLMYAAAggggAACCCCAAAIIIIAAAggg4GoBAixXdw+VQwABBBBAAAEEEEAAAQQQQAABBBAgwGIMIIAAAggggAACCCCAAAIIIIAAAgi4WoAAy9XdQ+UQQAABBBBAAAEEEEAAAQQQQAABBAiwGAMIIIAAAggggAACCCCAAAIIIIAAAq4WIMBydfdQOQQQQAABBBBAAAEEEEAAAQQQQAABAizGAAIIIIAAAggggAACCCCAAAIIIICAqwUIsFzdPVQOAQQQQAABBBBAAAEEEEAAAQQQQIAAizGAAAIIIIAAAggggAACCCCAAAIIIOBqAQIsV3cPlUMAAQQQQAABBBBAAAEEEEAAAQQQIMBiDCCAAAIIIIAAAggggAACCCCAAAIIuFqAAMvV3UPlEEAAAQQQQAABBBBAAAEEEEAAAQQIsBgDCCCAAAIIIIAAAggggAACCCCAAAKuFiDAcnX3UDkEEEAAAQQQQAABBBBAAAEEEEAAAQIsxgACCCCAAAIIIIAAAggggAACCCCAgKsFCLBc3T1UDgEEEEAAAQQQQAABBBBAAAEEEECAAIsxgAACCCCAAAIIIIAAAggggAACCCDgagECLFd3D5VDAAEEEEAAAQQQQAABBBBAAAEEECDAYgwggAACCCCAAAIIIIAAAggggAACCLhagADL1d1D5RBAAAEEEEAAAQQQQAABBBBAAAEECLAYAwgggAACCCCAAAIIIIAAAggggAACrhYgwHJ191A5BBBAAAEEEEAAAQQQQAABBBBAAAECLMYAAggggAACCCCAAAIIIIAAAggggICrBQiwXN09VA4BBBBAAAEEEEAAAQQQQAABBBBAgACLMYAAAggggAACCCCAAAIIIIAAAggg4GoBAixXdw+VQwABBBBAAAEEEEAAAQQQQAABBBAgwGIMIIAAAggggAACCCCAAAIIIIAAAgi4WoAAy9XdQ+UQQAABBBBAAAEEEEAAAQQQQAABBAiwGAMIIIAAAggggAACCCCAAAIIIIAAAq4WIMBydfdQOQQQQMDbAtu3b5dAIGA0om7dupKTk5NQg3bt2iX79u2rcI1Er6v103qGl5o1a0peXl5Cdc2EkyPZONUutxpbx9ghhxziVJNjXied945ZORcdUFZWJhs3bpQtW7aI/vu2bdtEx1N+fr7x5/DDD5fmzZu7qMaZV5W9e/fK7t27Qw1L9Pdw5gnRIgQQQACBZAgQYCVDlWsigAACCMj8+fPl1VdfDUlcdNFF0q1bt4Rknn32WSkqKqpwjU6dOkm/fv2qfd3PP/9c/vnPf1Y4/8gjj5ShQ4dW+5qZcuLixYtl4sSJSWlOnTp15E9/+lNSrp3IRR988EHZunVr6BJ33nmnNG3aNJFLxn1uOu8ddyXTdODOnTvl22+/lS+++EI2bdoUsxa5ubnSsWNHOffcc6VBgwYxj+eAigIapq5evVratWsXkea1116TuXPnhn52+eWXy69//WsYEUAAAQQQSKoAAVZSebk4Aggg4E8BDQAefvhhKS8vDwH06tVLzjzzzIRAdNbFmDFjKl3jhhtukKOOOqrK1968ebOMHj26wnnZ2dly1113ScOGDat8vUw74fvvv5dJkyYlpVleCbCGDRsmBQUFSTGwXtQaYKXy3ilpYDVuorMA33vvPZk1a1Y1zg6ecvrpp8vFF18s+mxToguo99dffy3Tpk2TJk2ayO233x7xhH/84x8yb9680M8uu+wyOeWUU+BFAAEEEEAgqQIEWEnl5eIIIICA/wT0Beipp56SNWvWVGi8EwGWXvCzzz6T999/v8K1NQy5++67pVatWnGD29WTmQS/EBJgiaQyRCLAqvj4/vzzzzJhwgRjJlCipW3btqJBd40aNRK9VMaer97PPfec/PTTT0YbdRkmAVbGdjcNQwABBDwpQIDlyW6j0ggggIB7BSIFTFpbpwIsDZ4ee+wx2bBhQwUEXb6i4VO8Zc6cOfLOO+9UOJylgxX1NIR86623YpKuXbu2wjG6fKtx48ZRz2vUqJEMGDAg5rVTfUA6Q6R03jvVzrHup7M4H330UdmzZ0+lQ3Um1WGHHSYtWrQw/jRr1kx27Nghq1atMsIu/ef+/fsrndehQwcZMmRIrFv79udqp//ng1kIsHw7FGg4Aggg4FoBAizXdg0VQwABBLwnsH79eiNcilScCrD02nZLCW+++WZp06ZNTDjd/HnUqFEVljjqzIz/+7//Mzabp1RNQPey0j2KzHLppZfKaaedVrWLuOTo7777rsIeWF26dKnSzL5EmpHOeydS72Sc+/TTTxtBlLWcfPLJcskll0TtEw2vZs6cKR999FGl86+77jpp3759Mqrs+WsSYHm+C2kAAgggkPECBFgZ38U0EAEEEEiNgL406n5S4Rtgh9/ZyQBLr6svqLo3TnjRL8aNGDEi5jKhSC/H1157rRx77LGpwcqwu2RSgJVhXePJ5vznP/8x9mAKLzqrr3///rabikdq6PLly2XcuHEVfqQbuutyY0plAQIsRgUCCCCAgNsFCLDc3kPUDwEEEPCIwNtvvy1ffvmlbW2dDrDslhKeccYZxobNduWrr76qtCzuV7/6lVx99dUekXZfNQmw3NcnXq3R9u3bRZdShn8AQtuiH1aItSw1Ups//fRT+eCDDyr86I9//KMceuihXiVKWr0JsJJGy4URQAABBBwSIMByCJLLIIAAAn4WWLp0qbz44oshgnr16hkzJcI/s+50gKU3i/QVQf37W2+9VVq2bFmpS7Zt2yYPPfRQhZfjeDaAP3DggLGxse4JpX90CaJ+mU7v0apVK9H9nLKysqo8BHTWWklJiXFtXX6p/64v7rVr15amTZsayyH1T6zN6fU8c68gXQKp9dE6a78sXLjQ+JnuZ9OxY8ekvLgnEmDpjD3tFy26jNMMFvRlesGCBYaJWuv+ZLqHkV1xylKXp+7evTt0G+1ja9/qGNAAVYt+rVLHuxbdBFvrrPuzabu0Hw8//HBjjOheTbE2EI/n3uHH6Ng1Qx1tv266v3LlSmN86jjSuuv99Z96bFWKnr948WJZt26dbNq0yRhDei3dDF3/abZFx+7evXuNS4fXpyr3Cj820szK888/X84+++xqXVKfg/vvv79Cn0YKubV9OtbMonts5eTkSFlZmdGnK1askPr16xtt79Spk21f6rjQ/tc/aqfX1Nlj2gc6BvS6+t92JXxs6TE6dqKV0tJSY9yZRWehaj3tinpovcxijgtdAqzPXPjMN72Wzkw1iz6bZr9H+wqh1knHYXFxsfE7Oj8/3/idpL9/9PcQBQEEEEAAgeoKEGBVV47zEEAAAQQMAX3xefjhhytstvz73//e+BR7+IysZARYev9Zs2bJu+++W6E3dJmQLiXUzZ7Dy/PPPy8//vhjhb+76aabjJdyuzJ79myZMWNG1N7Wl8DBgwdL69at4xoV+lKsm6NrwBSraBv08/TqV7NmzYiH/7//9/9C/vqSPGjQIHniiSeMja2t5bjjjpOBAwfGum2Vfp5IgDVp0iQjeDGLjqXx48eLLv+yFn0xv+OOOyoEAE5bxtpIXcO2v/zlL6GqnX766Ubf6Iv/f//7X1s37Ued5Xf88cfbHhPr3nriAw88EOpXDTnvvPNO0SV306dPrzRrKfxG3bt3lwsvvDCuoFXH/L/+9a8KoY+10roPlbZdl+OZG6ZrSKHPXSJlzJgxxh53ZrF7lqtyD31+tU3aBxoIa701TAkv+rtKZ5Ga5be//a0RwHz44YeVbqUhjv7c+rzr8W+88YYR+EUrJ554ovzmN7+pFEyro3V5Y6zZYmPHjg19NVDvecQRRxh1sysaSk6cODH0Y/3dp78nws3tzg1fZh0pwNKA+YUXXoh6LQ2j9feP/pOCAAIIIIBAVQUIsKoqxvEIIIAAAhUEdOZVeBBz1llnyQUXXGC8DKYiwNIZD48//rgxgym89OzZU/Sl3SyLFi2SyZMnVzima9eu0rt374g9qkuZ9HidSRBv0ftp263BWfj5H3/8ccTNpWPdQ1/49JP2ka4dHmDpDAd9EbZ7idZ9vsJnVcS6bzw/dzLA0rDObimqzlzR2TTmjKhkWMYKkawBVufOnY3ZOTrrKZ4S7WuZse6t17cGWDqjR2cIxVN0FtD1119vOxtLZ1298soropvJx1M0iNF7OxVgRZpRqcuBdcZUIkUDGp0JpYGTzqqKVKwBVrRxqOeHL2nU9r/66quiv2PiLRp661c4NXAKL08++aQxy9Ms0Waf6UzBe++9t8L5+vtBQ2C7GaGvv/66fPvtt6Fz1FfbnmiApRvj6/85EOnrj1YTreMtt9wSc3ZZvJYchwACCCDgHwECLP/0NS1FAAEEHBfQGSdvvvlm6Lo6I0RnyOgLSqoCLL15pBdfrYN+VVCXr+gSJ501E740TGd26EtopBdanVWmx0d6GdNlYXpNXSZj3adH66IzO/TFNFLRJZWvvfZapR9pXXW5jl5bl56F1zP84Kuuuko0MLGW8AArVidrgKHLO50sTgZY0erVrVs3ueiii4xDkmUZK0SyBljVcdQZMtbgQq8T6956THiAVZ17a8iq4W6kouGVXRims9801I005s1rJToD6/PPP5d//vOfFaqmM5L0WU12sQZY0e7XrFkz4/ecWfSZDl8uHX6uPte6PNFc4mu9rvV5tM4o1SWEOqM1UtGg8eWXX670Iz3ebumhBl7hv1/0d6TOyFq7dm1M4vC6WmdgRTpZf5/ZtVtdtG+jhf0xK8QBCCCAAAK+EyDA8l2X02AEEEDAGQENjXS5T/gLrS5n0hBLSyoDLL1fpJdfc7aRLu/SZVbhJdrSnClTphhLIMOLLj3q16+fseeRFp35pS99ugTO+uVFnV1gXV6kYZjOHgp/odOlSH379pUTTjihwoucBmi6hGvOnDkV6mAXENgFWPpyePTRR8uuXbuMWUL6QqkBSHX264o2apIVYOnyJt3T63//+58RJprjK5mWsUKkaAGWBoO6nFADDh0fuqRM93RasmRJBT49TsMAa4l1bz3eLsDSkOfyyy83lsPqUlPdg2nevHnG/cOLjgEdh9bgQGfP6BLb8KLj85prrjHGkB6vz7qOI52ZGClkTTTAmjp1qnzxxRehKmjIcc899zjzCyvGVaIFWPo7TWevqZH2/6WXXiqnnXaaccX58+cbs6/Ci1pp2KzLdc09o/Q8XcpoDQh1/zQNkcwgXZfE6gyq8KLjItLyYetsKvOc8847T84555xKLdZZqo899ljo75s0aSLDhw8P/Xcim7ibF9H26qxWnZ2nddYx88MPP4jW1Tpm7ILclHQ4N0EAAQQQ8KQAAZYnu41KI4AAAukV0JcSfRHSDZzNYu6JY/53qgMsu6WEukTGuodVtGU5+uL/17/+tQLwmWeeaQQTkYrO7powYYLxYm8WfeEdNmxYhaAo0hLG3/3ud8am0Hblk08+qbQHz5///GcjiAovkQIsnYGhQZoZVGjoozNozADOyRHkdIClL8E6O8PcHF37VpdEmuFoMi1jhUh2AZbdUjd9Vv72t78ZG2SHF53hZ92cP9a99fxIAZYGTLosNNJsFv0Cn36JL7xcd911oku+wsuoUaOMWYVmUXv9GEKk2U+6afizzz5bYdNzPS/RAEufIw0rzaIhsI7hVBS7AGvo0KHGBwTMoktF1UbHqDro8xge4utMNa2z3awx66xVva6GTRo6mUU/NBG+JFX319M+thbrc2f+XH+n6O8Wa/noo49El92aRTfG19+FZkk0wIq2NDBSMBc+ozIVfcw9EEAAAQS8L0CA5f0+pAUIIIBAygV0Y2MNV6K9aKY6wNK62H2VMBxIv6T1hz/8wXYWkoYN4ftehS+LtIPWGVMaLIS/yOqG3b/61a9Cp+gsDZ2tYRYNEDRIiFYibeqsm2RrUBBerAGWvkjqcalYeqX1cDrACt8sOpJPMi1jhUiRAizdn0yXlNnNbIt0jgac1o2sY91bLawBVvhSWbuxZD3HGjbr/lCPPvpohdN1Gax1o/PwA/RLdrr3XHhJNMDS4FgDZLPozESdARar6Jf19u3bFzrM/EJk+Hnhf6fhkzU8jBRg6T5Yl112me3tIy1jjfVRCL3YSy+9ZMxKCi86Ky4vL8/4K11GqTNKzRJp3zQNGzV0tCs6i8u6PNq64bvuqRf+VcBEAyy7oM2so3XGWDL244s1Vvg5AggggIC3BQiwvN1/1B4BBBBIuYD1JUdfBjUs0eU+4SUdAZbeP9pXA/VlX/e9spuFpC+5+vPwEu+eUdb2nnrqqcaXxsyiIYEuOdTNknU2kS5B0mWJsYo1nIoUfFiPiffFP9a94/25kwGWbm6t14tWkmkZK0SKFEbFCty0Lda9h3R2ky5LCy+x7q3HWsMo6ziL5KZL/sI3GNevEfbo0SN0qHUzfOvSMru+sAYxiQZY1radfPLJxhLbWOW9996rtFQy1jnaH+YMPz02UoAVa/8tayCjyzc1wIpVIgXtN998c+j3gfV3bKSllLokWpdGm0WD+fAPWdx4441SWFgY+rnOFtOQzCyRnrNEAqx4xozVOF6vWJ78HAEEEEDAPwIEWP7pa1qKAAIIJCygy+X0//XXr3qZRWdIaGBiLekKsDSE0i95RdqUWPcI0tkMdkX3stIQIbxEWuoV6XzrXjj68qgvkdUpOpNLv0SmX3fUcCF8Zpd11oRe3xpgWZckVacOVTnHyQDLbvlTVeoTfmxVLWOFSPHOprLW17pEL9I+abHurdeMNZsqkpP1WTz33HNF/5hFlwMWFRWF/tu6tMzO3rqUM9EAS/fUC/8ani6b01k9sUp1AizdWys8dI8UYI0ePTrqfnHW/rL7XRip/k899VSFZaXhv5v0d5gGbOH75ek+Wbo80SzhX3/V/xNBz9dAzSzm12DN/9Y9/XRvP7NogK57eYWXRAKsWLPV9D76+0zrbRad/aW/zygIIIAAAgjEK0CAFa8UxyGAAAIIiPXLU7pJ8cCBAyPKpCvA0spEmuGgX33TTYOjleXLl8u4ceMqHBL+0hjtXOsX2uLZgFoDQZ01oXuJ6awi/af+Cd//xnrPeAIs6/LFZA9dJwMs3fz5yiuvrHKVnbKMFSJFCrB0zyJzs267iluXx4XPuDHPiXVvPc4aYA0ZMkQ6dOgQ1cu6JM0acFrDNfXXfohVrMsIEw2wwkMZvXeLFi3ktttui1UNSUaAFev51XBJg+PwonXVOsdTrL9LTz/9dNGlnWax/lyXMmpIpEUDrpEjR4aCbe1//bmOQ7PojCz9UIVZrPuLRVrqmEiAZbdxfLiFLs3WJdpmsX7NMR43jkEAAQQQ8LcAAZa/+5/WI4AAAnELWGdb5ObmGhtt6z8jlXQGWFofnTmlYYNZLrroItFNg6MV67KcuHFsDow0g0NfPhcuXGjMrArfBD/ee8UTYFXlRTre+0Y7zskAq2fPntK9e/e4qpUMy1ghkjXA0uAqPDiwq3iyAizde0uDgGjl3XfflVmzZoUOsQZY1hl81o3L7a6tX5XTmUJmSTTAeuutt+Srr74KXU+X+IVf364eOrsofM8o63G6P1b4BvX681gzsGIF3pH2oArfxyrWALYu27Teb/HixTJx4sTQZTSk0rBSizUIMr+KaA03za8X6ixE/V1tzuTUMas/s+7ZlkiAZd1XLVL7CbBijQp+jgACCCAQS4AAK5YQP0cAAQQQMAT0BUg3FTeL7nnSrl07W53vv/9edEmeWfQlW1/SzHLGGWdI48aNk6ZbnQDL+qKfaOWsL7TqoUuHwoO1aPfQPbvClw/qsfEEWNaX80TbEet8JwOseGf/JMuyqgGWfhFSv0QXqyQrwNI922I9R7ECLN3DLnyc6UzF8GfVrm26ebrOBDJLogGWfi1Rv5oYXu68887Q1ydjGdv93Lr/kx4XK8Dq1KmT9OvXz/aWkWbiPfLII3FX8d///rdMnz49dLx+NfT3v/996L/1d63W0ewX/V2gG7Nr6GT9iIY5Bqx7cpn791lnlurHJXSWprUkEmCFzxCzQyDAint4cCACCCCAgI0AARZDAwEEEEAgLoHhw4fHdVy8B8Wz8XW814p0XHUCLOsG8PrSqJtkV7f06tUrtLRs165doiFGeKhnva5+NVCX/ug+ULqHlv5TwxH9yqFZCLBEkmnpxwDLuoQw3iWo1qW6iQZYupz2scceq/BYxLsfV7RnNBkBVqQvhOpMtvz8/Lh+XViXdUba7+uFF16QZcuWha73u9/9zvidEB6Ghm/GvmDBAnnllVdCx+v/SXDxxRfL1KlT5Ysvvgj9vd3vXgKsuLqOgxBAAAEE0ihAgJVGfG6NAAIIeEnADwHWkiVLZPz48aFuieeLePH24csvvyzfffddhcN1nx1dLnfUUUcZs0w0MLMW6+wYAiyRZFr6McCy7o9k/Uqh3Ri3zuxJNMDS++hyzPA94HQZoW5gnpOTE++jVum4ZARYehPr0stIG/PbVXrSpEmis1TNoh+X0I3Yw8t///tfefPNN0N/pRuz6x+dmWWW8C+OarB73333hX6mv1N0Blv40kL9HaPhfqQ92wiwqj3EOBEBBBBAIEUCBFgpguY2CCCAgNcF/BBglZWVGct0wovOgNJlYrGKLvXRF8i8vLyIQZT1Zbd169Zyww03SK1atWwvrRuTh7+s6oG6MbPO0gov1mtn+hLCZFr6McCyLjGM9+t/1iV/TgRYn332mbz//vsVxnekL+bFeh7Df56sAOuJJ56o8LXTPn36SJcuXeKqmi433LRpU+jYSDPNrPXWZdi6l194yH7VVVdJ586dQ9exXleXJeqyZbPosm9dWhipEGDF1XUchAACCCCQRgECrDTic2sEEEDASwIa7oTvgRWr7vpSrBsRm0W/sqUvombRl91EZlXEun91lhDqpuC6n0x4iWfzdz0+fFNm3dhePxGvX5rTsnHjRhkzZkyF6+qLpe57E63oDA2dqRFeIm3Q7qcAK9mWfgywrEvPdLzF2ntKN0bX2T7hvxOcCLB27NhhzBCy7v02ePBg0WCtOiXS0sRE98DSeli/FKjt198f1s3RrXVesWKFPPfccxX+2m7jfOveaSeffLLopvVm0U3udZaaWWbMmCG6FNos+lXEtWvXhv472h5zBFjVGV2cgwACCCCQSgECrFRqcy8EEEDARwJe/Aqhdo9+5l03GzaLLrnRJUzR9rbRmVK6kXn4y/yxxx4ruteMlqVLl8qLL75YofdjzezSF/hHH320wiwNvUCkZUp+CrCSbenHAEuDW213+McFwr96F+nX1kcffWSEtuHFiQBLrzd37lx57bXXKt1WZymdd955MQMi80R9hr788ktjs3RrIOZEgDV//nx59dVXK9Qznv3DdJ8vDdXMYvdVQP35J598YmzaHqnUr1/f+N0UXnTPLN07y65E+1KiNejTD3XYzby1hnds4u6j/3GnqQgggEAaBQiw0ojPrRFAAIFMFvBqgPXTTz/J2LFjK3SNzmLQGSC6Z5W16JfYNPRas2ZNhR+Fz7CK9MWySy+9tMKMtPCTNQjTF0Trnll6jC471D2zwoufAqxkW/oxwNKxFCmM0XE2YMAA0RmFZtEgSAOh//znP5WeBacCLL1wpH3O9O8LCgqkR48ecvzxx0vNmjUj/grdvn270R4Nf8I/gBB+sBMBll4vUhg1ZMgQOfLIIyvVTe2mTZtmhGrhJdL+V+bPI804NH92yimniAZH1t8d+sXYSMX6pUPrMdZN+TW818Ar0hJqAqxM/l9v2oYAAgi4V4AAy719Q80QQAABTwt4NcBSdOtXu/TvdJaEftFLX0x1ZoIuodLZQPoyH77ptB4b6UVRXyqtSzD1erqs0lxKqWGYLuf64IMPKl3THAyRZnj4KcBSh2Ra+jXA0llYuv+bdSzruNcgq2HDhqJ7MukMH7tQyMkAS2c1Pv3007Jhw4aIvwc1XGnTpo00btzYqJs+W/qFz1WrVhlLdqMVXRasX+gLX+qnoZL+zjJLp06dpF+/fjF/B0danqgndevWTXSD9cMOO0x2795tzOrUvb00IA8v+qGIkSNHRt1nz7oc2jzf7muCuueVLge0Fv19o+22K5H2CtNZXubSTf1dpUujtRBgxRwaHIAAAgggkAQBAqwkoHJJBBBAAAExXgbDZxr06tVLzjzzzJTRVGcPLLNye/bskdGjR4vux1PVoi98utG6vpiGF52xorMvIhWd2aWzM+K5X6RZF34LsJJp6dcAS8elzm57/vnnYwZAds+E+dW7qj4zdsfrM6Ghz6xZsxy5pNZPQx+dxWUt1Q2w9DoaYv/73/+uch01hLvppptEP+gQrbzzzjsyZ86cSofo77hIH4EI348v/CRdbqi/n6IV6++S8GPPOeccYwmnFgKsKnc3JyCAAAIIOCBAgOUAIpdAAAEEEKgs4OUAS1ujM0DTo49gAAAgAElEQVT0xTF8w+RY/awvh7p0MNJSQz33pZdekh9++CHWZUI/1z1/Dj/8cOM8s0TaL8dvAVYyLf0cYKmrzmTSfZ0WLVoUdZzqrBzdUHzy5Mmh42ItUYt74FsOXL58ubz++uvGDKvqlAYNGkjPnj2NGVF2G6wnEmBpnXTJ4htvvBH3hy70d4UuB44UplnbWFRUJM8++2yFv9YvEt5xxx0ROXQ585NPPlnhZ9H2swo/8KuvvpK33nor4nWPOeYYGTRokPEzAqzqjETOQQABBBBIVIAAK1FBzkcAAQQQiChgnZVwySWXiH6JMFVl1KhRUlpaGrpdtD2notVJX551SWG0ZUkaWOkLsi47ivUFsnnz5hnBmN0yLA2ojjvuOLnwwgtDS6Ose9roDK9DDz00VG3dQD78evp1uLp166aK2vhqXPgG4H369JEuXbrEdf9XXnnFWDZplmuuucYIGuIpybC0jhv9qpwuUzOLdZmVzrRT/1jFuqzr1ltvlZYtW1Y4Lda99WBrwKZjQwOaaEU3Adf9oMxywQUXyFlnnRX1nCVLlogGJ8XFxcZX7HRWos5g0mV77du3N/agsn4ls127dnL99dfHoqj2z3VZnAZN2u+xvoiq+3ZpyKbPpG5IH6toUD1lypTQYRrO9e3bN9ZpFX6uMyj1Gmpn3TTePFD7Spfx6UxKuz28rDfV5Z06eyq8zTqbVWe1RiqRjtcw/Pzzz4+rPfoVQ92kX/s8vGjYNmzYMOOvtJ3h4b5aqVm0ouPoiSeeCB2i41+fAwoCCCCAAALxChBgxSvFcQgggAACvhbQl0INsXTPm02bNhkBkb7Qa7ihsyliBVfhePpyq9cw/+jPdK8cDaVSGTxlQodimb5e/OKLL4xw1yy/+tWvRPdoS3bRPtfZWGVlZcYfDY70+czLyzNmP+ozGc/MpmTWUwNdDWx0Dy8NpXV/MP19ke56VaXNWnfdv0uLBm9qq8seKQgggAACCKRLgAArXfLcFwEEEEAAAQQQcIGAfrVPl4Rp8KNL03SWlXV2WKRq6rK+b7/9NvSj7t27GzMRKQgggAACCCCAQDIECLCSoco1EUAAAQQQQAABjwjobCZdmmiWeJZF6swcXToZvlTuxhtvlMLCQo+0mmoigAACCCCAgNcECLC81mPUFwEEEEAAAQQQcFhgxIgRFcKoaHsaHThwwNhUfNWqVaFa6NKyhx56iCVmDvcLl0MAAQQQQACBXwQIsBgNCCCAAAIIIICAzwWefvrpCoGUcnTs2FG6detm7N1Uu3Zt2bJliyxbtkw+/vjjCpv267HRNhX3OS3NRwABBBBAAAGHBAiwHILkMggggAACCCCAgFcFdDP0MWPGxPy6X6T26cbkt99+O7OvvNr51BsBBBBAAAGPCBBgeaSjqCYCCCCAAAIIIJBMgeXLl8uLL75YYSlhrPsdffTRcs0110itWrViHcrPEUAAAQQQQACBhAQIsBLi42QEEEAAAQQQQCBzBHbt2iWzZ8+WmTNnRp2NdcQRR0jXrl3l2GOPzZzG0xIEEEAAAQQQcLUAAZaru4fKIYAAAggggAACqRcIBAKiXycsLS2VzZs3y969e+WQQw6R+vXrG3ti5eXlpb5S3BEBBBBAAAEEfC1AgOXr7qfxCCCAAAIIIIAAAggggAACCCCAgPsFCLDc30fUEAEEEEAAAQQQQAABBBBAAAEEEPC1AAGWr7ufxiOAAAIIIIAAAggggAACCCCAAALuFyDAcn8fUUMEEEAAAQQQQAABBBBAAAEEEEDA1wIEWL7ufhqPAAIIIIAAAggggAACCCCAAAIIuF+AAMv9fUQNEUAAAQQQQAABBBBAAAEEEEAAAV8LEGD5uvtpPAIIIIAAAggggAACCCCAAAIIIOB+AQIs9/cRNUQAAQQQQAABBBBAAAEEEEAAAQR8LUCA5evup/EIIIAAAggggAACCCCAAAIIIICA+wUIsNzfR9QQAQQQQAABBBBAAAEEEEAAAQQQ8LUAAZavu5/GI4AAAggggAACCCCAAAIIIIAAAu4XIMByfx9RQwQQQAABBBBAAAEEEEAAAQQQQMDXAgRYvu5+Go8AAggggAACCCCAAAIIIIAAAgi4X4AAy/19RA0RQAABBBBAAAEEEEAAAQQQQAABXwsQYPm6+2k8AggggAACCCCAAAIIIIAAAggg4H4BAiz39xE1RAABBBBAAAEEEEAAAQQQQAABBHwtQIDl6+6n8QgggAACCCCAAAIIIIAAAggggID7BQiw3N9H1BABBBBAAAEEEEAAAQQQQAABBBDwtQABlq+7n8YjgAACCCCAAAIIIIAAAggggAAC7hcgwHJ/H1FDBBBAAAEEEEAAAQQQQAABBBBAwNcCBFi+7n4ajwACCCCAAAIIIIAAAggggAACCLhfgADL/X1EDRFAAAEEEEAAAQQQQAABBBBAAAFfCxBg+br7aTwCCCCAAAIIIIAAAggggAACCCDgfgECLPf3ETVEAAEEEEAAAQQQQAABBBBAAAEEfC1AgOXr7qfxCCCAAAIIIIAAAggggAACCCCAgPsFCLDc30fVquFHH30ky5Ytk1NPPVU6d+5se41vvvlGFixYIKWlpdKpUyc56aSTpEGDBtW6JychgAACCCCAAAIIIIAAAggggAACyRAgwEqGapqvuWjRIunYsaNRi4cfflhGjBhRqUZlZWUyYMAAeffddyv97MUXX5Trrrsuza3g9ggggAACCCCAAAIIIIAAAggggEBQgAArw0bC7t275de//rUsXLjQNsDav3+/nHvuuTJz5kzjmF69eklhYaF8+OGHsnTpUuPvnnnmGbnpppsyTIfmIIAAAggggAACCCCAAAIIIICAFwUIsLzYa1HqPHz4cBkzZkzoiEgzsKZMmSJXXHGFccz48eNlyJAhxr/v2rVLrrzySpkxY4bk5+fLhg0bpE6dOhkmRHMQQAABBBBAAAEEEEAAAQQQQMBrAgRYXuuxKPX99NNP5eyzz65wRKQAq2vXrjJnzhxp166dLFmypMLxq1atktatWxt/N2HCBBk8eHAGCdEUBBBAAAEEEEAAAQQQQAABBBDwogABlhd7LUKddU+rDh06SElJiYwePVqef/55WbFiRaU9sHSJYV5ennGFRx55RO68885KV+vWrZvMnj1bzj//fPnggw8yRIhmIIAAAggggAACCCCAAAIIIICAVwUIsLzac5Z669K/N954Q04//XRjb6v27dtHDLDmzZsX+iqhztjq0aNHJQHd9F1DsIKCAvnpp58yRIhmIIAAAggggAACCCCAAAIIIICAVwUIsLzac2H1/vvf/258UVDLjz/+aGzIfsQRR0QMsD7++GNjA3ct8+fPlxNOOKGSgIZX5pcLdcP3nJycDFCiCQgggAACCCCAAAIIIIAAAggg4FUBAiyv9tzBehcVFRmBlZbwPavsAqypU6fKZZddZhyv+121atWqksALL7wgQ4cONf5++/btUq9ePY8rUX0EEEAAAQQQQAABBBBAAAEEEPCyAAGWh3tPZ0d1797d2JD9kksukWnTpoVaYxdgvfnmm9K3b1/jON0vq2nTppUEXnnlFenfv7/x96WlpdKwYcMqKX377bdVOp6DEUAAAQQQQAABBBBAAAEEEEDAPQInnniieypzsCYEWK7rkvgrNGrUKBk5cqTk5+fL8uXLjT2rzBLPEkKdvdWmTZtKN3z22Wfl5ptvNv5eN32vXbt2/JUSEQKsKnFxMAIIIIAAAggggAACCCCAQIICgYDI/vJs2V+eZXulrKyA1MgO/qFEFyDAYoQ4JvD999/LcccdZ1xv0KBB0qdPnwrX7tevn7H87+qrrzb+NGjQwNjgfdGiRdKxY0fj2Llz50qnTp0q1enBBx+Ue+65x/j7gP4WoCCAAAIIIIAAAggggAACCCDgQoFde0VWlJRL0cZy29rl1RRpW5AthQXZLmwBVYpXgBlY8Uq57LgZM2ZI7969465V586djZlRmzZtCi0b1A3dzz777ErXuP322+Wxxx4z9tbSTeEpCCCAAAIIIIAAAggggAACCLhJYOfegKwoCUhxtOCqVpYUFmRJ26YEV27qu+rWhQCrunJpPu/TTz+Va6+91rYWa9asCf2sZcuWxkyr6dOnS3l5eeirgnfffbfobCtrad++vSxdutT4suHkyZPT3FJujwACCCCAAAIIIIAAAggggEBQ4Oc9weBq5Sb7GVd1amdJYdMsaUNwlVHDhgAro7rzl8bY7YGlR9x2223y5JNPGntmrVu3LhRo6c90WaG51nXSpEkycODADBWiWQgggAACCCCAAAIIIIAAAl4R2LE7IEUbowdXdTW4KsiS1k2YceWVfq1KPQmwqqLloWOjBVi64ftRRx1ltEa/Njh+/HipVauWFBcXG0sKV6xYYYRbK1eulNzcXA+1mqoigAACCCCAAAIIIIAAAghkkoAGVzrjatVm+xlX9XJ1mSDBVSb1e6S2EGBlaA9HC7C0yeYsLLP5xx9/vCxcuDCk8f7778sFF1yQoTo0CwEEEEAAAQQQQAABBBBAwM0C23cFZMXGgKyOEVzpjKvDGzPjys196VTdCLCcknTZdcwAa/To0TJ8+PCItfvb3/4mI0eONL5WaJZ27drJU089Jeedd57LWkR1EEAAAQQQQAABBBBAAAEEMl1gmwZXJQFZU2o/4yo/L7jHVSuCq0wfDhXaR4Dlq+6u3NhAICBFRUWydu1aadWqlfEnJyfH5yo0HwEEEEAAAQQQQAABBBBAIJUCW3fqHlflsqY0YHvbQzS4KsiWlo2yUlk17uUSAQIsl3QE1UAAAQQQQAABBBBAAAEEEEDAbwJbNLgqKZe1ZfbBVf06uscVwZXfxoa1vQRYfh8BtB8BBBBAAAEEEEAAAQQQQACBFAts+Vn3uCqXdVGCqwYaXBVkS4uGzLhKcfe48nYEWK7sFiqFAAIIIIAAAggggAACCCCAQOYJlGlwVVIu67fYz7hqUFf3uMqWwwiuMm8AJNAiAqwE8DgVAQQQQAABBBBAAAEEEEAAAQRiC5TuCM642hAluGqowVVBthzagBlXsUX9dwQBlv/6nBYjgAACCCCAAAIIIIAAAgggkBKBzTuCe1xt2Go/46pRveCMq+YEVynpE6/ehADLqz1HvRFAAAEEEEAAAQQQQAABBBBwqcCm7cGvCv4UJbhqXC+4x1Xz+sy4cmk3uqpaBFiu6g4qgwACCCCAAAIIIIAAAggggIB3BTS40j2uSrbZz7hqkh/8qmAzgivvdnQaak6AlQZ0bokAAggggAACCCCAAAIIIIBAJgls3Bbc40r/aVc0uNI9rgoOYcZVJvV9qtpCgJUqae6DAAIIIIAAAggggAACCCCAQIYJ6EwrnXGlM6/sStNDgntc6T8pCFRXgACrunKchwACCCCAAAIIIIAAAggggIBPBXRvK93jKlpwpTOtdMaVzryiIJCoAAFWooKcjwACCCCAAAIIIIAAAggggIBPBDS40hlX+nVBu6J7W+keVwRXPhkUKWomAVaKoLkNAggggAACCCCAAAIIIIAAAl4V2LAluMdVaZTgSr8mqF8V1K8LUhBwWoAAy2lRrocAAggggAACCCCAAAIIIIBAhgis1+CqpFzKfrafcdW8QXCPq0YEVxnS6+5sBgGWO/uFWiGAAAIIIIAAAggggAACCCCQNoF1ZcE9rqIFV4dqcFWQLQ3rMuMqbR3loxsTYPmos2kqAggggAACCCCAAAIIIIAAAtEE1mpwVVIuW3baz7g6rGFwjyuCK8ZSKgUIsFKpzb0QQAABBBBAAAEEEEAAAQQQcKHA2tLgHldbowRXLTS4KsiWBnWYceXCLsz4KhFgZXwX00AEEEAAAQQQQAABBBBAAAEEIgus0eCqpFy27bKfcdWiUXCPq/oEVwyjNAoQYKURn1sjgAACCCCAAAIIIIAAAgggkA6B1ZvLZcXGgGyPEly1bJQthQVZckgeM67S0Ufcs6IAARYjAgEEEEAAAQQQQAABBBBAAAGfCKzaXC5FJQHZvtt+xlWrxtlS2DRL8gmufDIqvNFMAixv9BO1RAABBBBAAAEEEEAAAQQQQKDaAis3lUvRxoDsiBJcHd44W9oWZEl+LjOuqg3NiUkTIMBKGi0XRgABBBBAAAEEEEAAAQQQQCC9AhpcrSgJyM977GdctW6SLW2bZkk9gqv0dhZ3jypAgMUAQQABBBBAAAEEEEAAAQQQQCDDBIo3Bve42hkjuNI9rurWZsZVhnV/RjaHACsju5VGIYAAAggggAACCCCAAAII+FGgSIOrknLZtde+9W2aBve4qkNw5cch4tk2E2B5tuuoOAIIIIAAAggggAACCCCAAAJBAQ2tNLyKFly11eCqIFvyaqGGgPcECLC812fUGAEEEEAAAQQQQAABBBBAAAEJBMQIrTS82r3PHkRDKw2vCK4YNF4WIMDycu9RdwQQQAABBBBAAAEEEEAAAd8JlGtwVaJ7XJXLHpvgKitLjNBKw6vcmr4josEZKECAlYGdSpMQQAABBBBAAAEEEEAAAQQyT6C8XIzQSmdc7d0fuX3ZGlwV6B5X2VKb4CrzBoGPW0SA5ePOp+kIIIAAAggggAACCCCAAALuFzigwdXBGVf77IKrbDFCK51xVauG+9tEDRGoqgABVlXFOB4BBBBAAAEEEEAAAQQQQACBFAjsPxCccaXLBfcdiHzDHA2uDs64qklwlYJe4RbpEiDASpc890UAAQQQQAABBBBAAAEEEEAggoCGVcYeVyXlsr88MlGNnOCMK10uWDMHRgQyX4AAK/P7mBYigAACCCCAAAIIIIAAAgh4QED3tTK/KqjLBiMVDavMPa40xKIg4BcBAiy/9DTtRAABBBBAAAEEEEAAAQQQcKWABlfmHle6UXukovtamV8V1GWDFAT8JkCA5bcep70IIIAAAggggAACCCCAAAKuENiz75c9rsoD9sGVucdVNsGVK/qNSqRHgAArPe7cFQEEEEAAAQQQQAABBBBAwKcCuzW4Kik3lgsGbIKr2jV/2eMqO8unUDQbgTABAiyGAwIIIIAAAggggAACCCCAAAIpENi195c9ruxul6vBVUFwc3ZyqxR0CrfwjAABlme6iooigAACCCCAAAIIIIAAAgh4UUCDK3PGlV3982r9sseVF9tInRFItgABVrKFuT4CCCCAAAIIIIAAAggggIAvBXbuCciKjQEp3mizM7uI5NXKksKCLGODdgoCCNgLEGAxOhBAAAEEEEAAAQQQQAABBBBwUOBnDa5KArJyk31wVad2lhQ2zZI2BFcOynOpTBYgwMrk3qVtCCCAAAIIIIAAAggggAACKRPYsTs442pVlOCqrgZXBVnSugkzrlLWMdwoIwQIsDKiG2kEAggggAACCCCAAAIIIIBAugS27w5IUUlAVm22n3FVLzc44+pwgqt0dRP39bgAAZbHO5DqI4AAAggggAACCCCAAAIIpEdg+67gjKvVUYKr/NwsaVuQJYc3ZsZVenqJu2aKAAFWpvQk7UAAAQQQQAABBBBAAAEEEEiJwDYNrkrKZU1pwPZ++XnBGVetCK5S0ifcJPMFCLAyv49pIQIIIIAAAggggAACCCCAgAMCW3fqjKtyWRsluDpEg6uCbGnZKMuBO3IJBBAwBQiwGAsIIIAAAggggAACCCCAAAIIRBHYslP3uCqXtWX2M67q19EZV9nSguCKsYRAUgQIsJLCykURQAABBBBAAAEEEEAAAQS8LlD2c0CKNpbLuijBVYM6usdVtrRoyIwrr/c39Xe3AAGWu/uH2iGAAAIIIIAAAggggAACCKRYQIMr3eNq/Rb7GVcN62ZJ26bZchjBVYp7h9v5VYAAy689T7sRQAABBBBAAAEEEEAAAQQqCJTuCO5xtSFGcKV7XB3agBlXDB8EUilAgJVKbe6FAAIIIIAAAggggAACCCDgOoHNGlyVlMtPW+1nXDWqF9zjqjnBlev6jwr5Q4AAyx/9TCsRQAABBBBAAAEEEEAAAQQsApu2B/e4ihZcNdbgqiBbmtVnxhUDCIF0ChBgpVOfeyOAAAIIIIAAAggggAACCKRcYKMGVyXlUrLNfsZVk/zgHlcEVynvHm6IQEQBAiwGBgIIIIAAAggggAACCCCAgC8ENm4L7nGl/7QrTTW4KsiWgkOYceWLQUEjPSNAgOWZrqKiCCCAAAIIIIAAAggggAAC1RHQmVa6x5UuGbQNrg4J7nHVlOCqOsScg0DSBQiwkk7MDRBAAAEEEEAAAQQQQAABBNIhoHtb6R5X0YIrnWmle1zpkkEKAgi4V4AAy719Q80QQAABBBBAAAEEEEAAAQSqIbBBg6uSctGvC9oV3dtKZ1w1JriqhjCnIJB6AQKs1JtzRwQQQAABBBBAAAEEEEAAgSQIbNgS3OOqNEpw1bx+cI8r/bogBQEEvCNAgOWdvqKmCCCAAAIIIIAAAggggAACEQTWa3BVUi5lP9vPuGreIDjjqhHBFWMIAU8KEGB5stuoNAIIIIAAAggggAACCCCAwLqy4IyrLVGCq0M1uCrIloZ1mXHFiEHAywIEWF7uPeqOAAIIIIAAAggggAACCPhQYG1ZcI+rLTvtZ1wd1jA446oBwZUPRwhNzkQBAqxM7FXahAACCCCAAAIIIIAAAghkoMCa0uBXBbdGCa5aNAzucdWgDjOuMnAI0CQfCxBg+bjzaToCCCCAAAIIIIAAAggg4AUBDa50j6ttu+xnXLVsFAyu6ucRXHmhT6kjAlUVIMCqqhjHI4AAAggggAACCCCAAAIIpERg9eZyWbExINujBlfZUliQJYcQXKWkT7gJAukSIMBKlzz3RQABBBBAAAEEEEAAAQQQiCiwSoOrkoDs2G0/46pV42BwlZ/LjCuGEQJ+ECDA8kMv00YEEEAAAQQQQAABBBBAwGUCy38ql9e+2CffFB2QHWEzrOwjq2ADiKtc1pEuqE693Cw5uTBHrjq1phzRLNsFNaIKyRAgwEqGKtdEAAEEEEAAAQQQQAABBBCwFdDw6tbJu2TPPpAQcE4gt2aWPDkwlxDLOVJXXYkAy1XdQWUQQAABBBBAAAEEEEAAgcwX+Mu0PfLZ4v2Z31BamHKBs46pIf93ae2U35cbJl+AACv5xtwBAQQQQAABBBBAAAEEEEAgTODisTtl555YiwUhQ6DqAron2rTb61T9RM5wvQABluu7iAoigAACCCCAAAIIIIAAApkhsKJEN2cvl4en78mMBtEKVwp8cnddV9aLSiUmQICVmB9nI4AAAggggAACCCCAAAIIRBEIBERWbCyXopJy2X1wz6vH3ifAYtAkT4AAK3m26bwyAVY69bk3AggggAACCCCAAAIIIJChAuUBMUIrnXG1x7LdFQFWhna6S5pFgOWSjnC4GgRYDoNyOQQQQAABBBBAAAEEEEDAzwIHykWKNgaDq702+7QTYPl5hCS/7QRYyTdOxx0IsNKhzj0RQAABBBBAAAEEEEAAgQwT0ODK3ONq34HIjcvJFmnbNFtumbgrw1pPc9wkQIDlpt5wri4EWM5ZciUEEEAAAQQQQAABBBBAwHcC+w/8ssdVtOCqsCBb9E/NHJGzH/rZd040OHUCBFips07lnQiwUqnNvRBAAAEEEEAAAQQQQACBDBHQsEpnXOk+V/vLIzeqRo5IYdNgcKX/bhYCrAwZBC5tBgGWSzsmwWoRYCUIyOkIIIAAAggggAACCCCAgJ8EdF8rc48rXTYYqegsKw2t2mpwlV35CAIsP42Y1LeVACv15qm4IwFWKpS5BwIIIIAAAggggAACCCDgcQH9kqD5VUH9wmCkUqtGcI8rDa90vyu7QoDl8cHg8uoTYLm8g6pZPQKsasJxGgIIIIAAAggggAACCCDgB4E9+4J7XOlywYBNcFVbg6uDe1xlZ8VWIcCKbcQR1RcgwKq+nZvPJMByc+9QNwQQQAABBBBAAAEEEEAgTQK7Nbg6uMeVTW4ltWv+ssdVVhzBldkUAqw0dapPbkuAlZkdTYCVmf1KqxBAAAEEEEAAAQQQQACBagns2vvLVwXtLpCrwdXBPa6qkFuFLkeAVa2u4aQ4BQiw4oTy2GEEWB7rMKqLAAIIIIAAAggggAACCCRDYOfegBSVBIwN2u1KXq3gjCtdLphIIcBKRI9zYwkQYMUS8ubPCbC82W/UGgEEEEAAAQQQQAABBBBwRGDnnoCs2BiQ4ijBVZ1awT2udIN2JwoBlhOKXMNOgAArM8cGAVZm9iutQgABBBBAAAEEEEAAAQSiCvyswVVJQFZusp9xVad2lhQ2zZI2DgVXZoUIsBicyRQgwEqmbvquTYCVPnvujAACCCCAAAIIIIAAAgikXGDH7uCMq1VRgqu6GlwVZEnrJs7MuLI2kgAr5d3uqxsSYGVmdxNgZWa/0ioEEEAAAQQQQAABBBBAoILAdg2uSgKyerP9jKt6ucEZV4cnKbgyK0SAxeBMpgABVjJ103dtAqz02XNnBBBAAAEEEEAAAQQQQCDpAtt2BTdnX11qH1zl52ZJ24IsObxxcmZcWRtJgJX0bvf1DQiwMrP7CbAys19pFQIIIIAAAggggAACCPhcQIOrFSXlsqY0YCtxSF6WtG2aJa1SFFyZFSHA8vngTHLzCbCSDJymyxNgpQme2yKAAAIIIIAAAggggAACyRDYujMYXK0tix5cFRZkS8tGWcmoQsxrEmDFJOKABAQIsBLAc/GpBFgu7hyqhgACCCCAAAIIIIAAAgjEK7DlYHC1LkpwVb+Obs6eLS0apie4MttCgBVvr3JcdQQIsKqj5v5zPBVgPf/88/Laa6/FpZqdnS3169eXRo0aSceOHaVXr15y5JFHxnUuByGAAAIIIIAAAggggAACXhEo+1n3uCqXdVvsZ1w1OBhcHZbm4IoAyyujytv1JMDydv/Z1d5TAdawYcNk7Nix1e6Jf4hGHXcAACAASURBVP3rX3LOOedU+3xORAABBBBAAAEEEEAAAQTcIlB6MLhaHyW4alhXN2fPlsMapHfGldWMGVhuGUWZWQ8CrMzsV08FWP/5z39k+PDhMmfOHKM32rVrJ2eeeaa0bNlStmzZIosXL5YPP/ww1FNXX321bN68ucLfzZw50ziHggACCCCAAAIIIIAAAgh4UaB0R3CPqw1b7WdcNToYXB3qsuDK9CbA8uLI806dCbC801dVqamnAqzvvvtOjj/+eKN948aNk8GDB0uNGjUqtHfBggVy0UUXyZo1a+Tll1+W/v37y6JFi+Taa6+VuXPnyoABA2Ty5MlVMeJYBBBAAAEEEEAAAQQQQCDtApsPBlc/RQuu6gX3uGpe310zrqx4BFhpH04ZXQECrMzsXk8FWHfddZc88sgjxiys0aNH2/bI7NmzpVu3bsYMrSVLlhjH6aytrl27GrO1Vq9enZm9SasQQAABBBBAAAEEEEAg4wQ2bQ/OuCrZZj/jqvHB4KqZy4Mrs3MIsDJumLqqQQRYruoOxyrjqQBLAygNoj7//HM544wzbBEOHDgQmpmlSwt1M/c9e/ZIbm6ucc769eulefPmjiFyIQQQQAABBBBAAAEEEEDAaYGN24Obs0cLrprkB2dcFRzi7hlXVhsCLKdHC9cLFyDAyszx4KkAq0uXLvL111/L1KlT5dJLL7XtEQ2tGjZsaPx827Ztkp+fL7t375a8vDzj74qKiqRNmzaZ2aO0CgEEEEAAAQQQQAABBDwtoIGVBlcaYNmVpvnBzdm9FlyZ7SHA8vQQdX3lCbBc30XVqqCnAizd82rixInSuXNn0WWCderUidhoXWI4ZsyYCksIdfP2Hj16GMfv3btXatasWS0wTkIAAQQQQAABBBBAAAEEkiGgwZUuFdQlg7bB1SHBGVcaYHm5EGB5uffcX3cCLPf3UXVq6KkAy9zHSht6zDHHyIMPPig6K6ugoEDKyspk2bJl8vjjj8uUKVMMi/vvv1/uvfde+fvf/y533HGHlJSUyFlnnSWffPJJdaw4BwEEEEAAAQQQQAABBBBwXEA3ZdfgSjdptys600qDK10ymAmFACsTetG9bSDAcm/fJFIzTwVY2lD9suDAgQNjtvnCCy+U6dOnG3thNWvWzAivtHz22WfSvXv3mOdzAAIIIIAAAggggAACCCCQTIENB4Or0ijBlW7KrsGVbtKeSYUAK5N6031tIcByX584USPPBVja6G+++UauvfZaWbx4cSUD3e9KZ1799re/NZYY7ty5U+rWrWssO3z44YflvPPOc8KNayCAAAIIIIAAAggggAAC1RJYvyW4x1Xpz/YzrpofDK4aZVhwZYIRYFVr6HBSnAIEWHFCeewwTwZYprFu1v7dd9/J999/Lw0aNJDCwkI59thjjcDKLIFAQPbv38+eVx4bmFQXAQQQQAABBBBAAIFME9DgSpcKlkUJrg5tENycvVHdzJpxZe1LAqxMG93uag8Blrv6w6naeDrAcgqB6yCAAAIIIIAAAggggAACyRJYVxYMrrbstJ9xpcGVLhVsmOHBlWlMgJWs0cZ1VYAAKzPHgWcDrJUrV4rOwNLZVdHKCSecYOyDRUEAAQQQQAABBBBAAAEEUimw9mBwtTVKcHVYw2Bw1aBOZs+4sroTYKVyJPrvXgRYmdnnnguw9AuCw4cPl7lz58bVI8XFxdK6deu4juUgBBBAAAEEEEAAAQQQQCBRgTWlwT2utu6yn3HV4mBwVd9nwZVpS4CV6Cjj/GgCBFiZOT48FWAtX75cjjrqqCr1BAFWlbg4GAEEEEAAAQQQyAiB5T+Vy2tf7JNvig7IjighQkY0lkYkVaBebpacXJgjV51aU45olh31XqsPBlfbooy5lo2Ce1zVz/PXjCsrHAFWUoet7y9OgJWZQ8BTAdaIESNk9OjRRk/ceeedcs4550jLli2jbtCuG7vn5ORkZu/RKgQQQAABBBBAAIFKAhpe3Tp5l+zZBw4Czgnk1sySJwfmRgyxVm8ulxUlAdm+237GVatG2dK2IEsO8XlwZfYIAZZzY5MrVRYgwMrMUeGpAOvss8+WTz/9VG699VZ54oknMrNHaBUCCCCAAAIIIIBAQgJ/mbZHPlscfZ/UhG7Ayb4VOOuYGvJ/l9YOtX/VweBqR7TgqnG2FBZkSX6uv2dcWQcNAZZvH6OUNJwAKyXMKb+JpwKsLl26yNdffy3vvPOO9O7dO+VY3BABBBBAAAEEEEDA/QKX/HWnRAsU3N8CauhWAQ2hpt1eR1ZuCs64+nmP/Yyrww8GV7oEkVJZgACLUZFMAQKsZOqm79qeCrD++Mc/yuOPPy7jxo2TG264IX1q3BkBBBBAAAEEEEDAtQK8GLu2azKiYvdcmhs1uGrdJDjjqm5tgqtoHc5zmhGPg2sbQYDl2q5JqGKeCrDef/996dmzp+i+VvPnz5f8/PyEGs/JCCCAAAIIIIAAApknwItx5vWpm1r0xwt/WUIYXq82TYJ7XBFcxddbPKfxOXFU9QQIsKrn5vazPBVgBQIB+fOf/yz33XefFBQUyN133y1HHnmkNGvWTLKzI38R5Pjjj5caNWq4vR+oHwIIIIAAAggggIBDArwYOwTJZSIKWAOstk2DwVWdWsy4qsqQ4TmtihbHVlWAAKuqYt443lMB1l133SWPPPJIlWSLi4uldevWVTqHgxFAAAEEEEAAAQS8K8CLsXf7zgs1NwMsDa4KC7Ilr5YXau2+OvKcuq9PMqlGBFiZ1Ju/tMVTAdawYcNk7NixVeoJAqwqcXEwAggggAACCCDgeQFejD3fha5uwFPX5hnBVW5NV1fT9ZXjOXV9F3m6ggRYnu4+28p7KsDavHmzlJaWVqkndL+snJycKp3DwQgggAACCCCAAALeFeDF2Lt954Wa82LsTC/xnDrjyFUiC/CcZubI8FSAlZldQKsQQAABBBBAAAEEnBTgxdhJTa5lFeDF2JkxwXPqjCNXIcDy0xggwPJTb9NWBBBAAAEEEEDABwK8GPugk9PYRAIsZ/B5Tp1x5CoEWH4aA64NsD766CM5//zzjb544403pG/fvjJy5EgZNWpUlfpn9erV0rJlyyqdw8EIIIAAAggggAAC3hXgxdi7feeFmhNgOdNLPKfOOHIVAiw/jQHXBljvv/++9OzZ0+iLV199Vfr16yds4u6noUlbEUAAAQQQQACB6gnwYlw9N86KT4AAKz6nWEfxnMYS4ueJCPCcJqLn3nNdG2CtW7dOPv74Y0PujDPOkLZt28o333wjixcvrpJmnz59pE6dOlU6h4MRQAABBBBAAAEEvCvAi7F3+84LNefF2Jle4jl1xpGrRBbgOc3MkeHaACszuWkVAggggAACCCCAQLIFeDFOtrC/r8+LsTP9z3PqjCNXIcDy0xggwPJTb9NWBBBAAAEEEEDABwK8GPugk9PYRAIsZ/B5Tp1x5CoEWH4aA54LsPbv3y8ffPCBTJ8+XTZt2iT639HKhAkTpEmTJn7qU9qKAAIIIIAAAgj4WoAXY193f9IbT4DlDDHPqTOOXIUAy09jwFMBVnl5uVx66aUyY8aMuPuouLhYWrduHffxXj2wrKxM/v3vf8vSpUulYcOGcsopp0iHDh0kOzs7apN0X7EFCxZIaWmpdOrUSU466SRp0KCBVxmoNwIIIIAAAgggILwYMwiSKUCA5Ywuz6kzjlyFAMtPY8BTAdbEiRNl8ODBof7RkKZNmzZSs2ZN2z57/PHHpVGjRhndpy+99JLcdtttsn379grtbNmypXz00Udy9NFHV2q/Bl4DBgyQd999t9LPXnzxRbnuuusy2ozGIYAAAggggEDmCvBinLl964aWEWA50ws8p844chUCLD+NAU8FWAMHDpSXX35ZjjnmGCOYadGihZ/6KmJb3377bbn88stDP/vNb34jO3fulA8//ND4u/z8fJk1a5Yxu8osuuzy3HPPlZkzZxp/1atXLyksLDTO0RlcWp555hm56aabfO8LAAIIIIAAAgh4T4AXY+/1mZdqTIDlTG/xnDrjyFUIsPw0BjwVYJ1wwgmycOFCef7552Xo0KF+6qeIbdUgSmeX6cwrnW01d+5cadq0qXHs8uXL5aijjjL+XWdT6awqs0yZMkWuuOIK4z/Hjx8vQ4YMMf59165dcuWVVxpLNDX42rBhg9SpU8f3zgAggAACCCCAgLcEeDH2Vn95rbYEWM70GM+pM45chQDLT2PAUwHWZZddJlOnTpV33nlHevfu7ad+ithWnVnVvXt342dPP/203HLLLRWOM2esFRQUyPr160P7YXXt2lXmzJkj7dq1kyVLllQ4Z9WqVaE9w3QD/PAlm74HBwABBBBAAAEEPCHAi7EnusmzlSTAcqbreE6dceQqBFh+GgOeCrDGjh0rw4YNkxtvvFGeffZZP/VTxLaWlJQYywN/+OEHuf3226VevXoVjnvggQfkvvvuM2ZT6SbtNWrUkN27d0teXp5x3COPPCJ33nlnpWt369ZNZs+eLeeff77xxUcKAggggAACCCDgJQFejL3UW96rKwGWM33Gc+qMI1chwPLTGPBUgPXTTz/JaaedJitWrJCnnnrKCLI0lKFUFti4caPxJUK16t+/v7F3mJZ58+ZJ586djX//9NNPpUePHpVOHjFihIwePVp05paaUxBAAAEEEEAAAS8J8GLspd7yXl0JsJzpM55TZxy5CgGWn8aApwIsDVw0iNGvEWrRmUW6z5Nu5p6dnR2x33TvpyZNmviiT7du3Sr/+te/jFlTb7zxhrE3lhp99tlncuKJJxoGH3/8sbGBu5b58+eL7itmLRpeaYilRffZysnJ8YUfjUQAAQQQQACBzBDgxTgz+tGtrSDAcqZneE6dceQqBFh+GgOeCrB0+aAuI6xKKS4uDu3pVJXzvHisbr5u3Rvsiy++MGZimUX3ENO9xLTofletWrWq1NQXXnghtEm+hmDWpYletKHOCCCAAAIIIOAfAV6M/dPX6WgpAZYz6jynzjhyFQIsP40BTwVYr732mrz33ntV6p/HH3/c+FKfH8q0adNk3LhxUqtWLWN5oIZPWp588kljg3edpfbmm29K3759jb/XPbTMrxaG+7zyyivGskMtundWw4YN/cBHGxFAAAEEEEAgQwR4Mc6QjnRpMwiwnOkYnlNnHLkKAZafxoCnAiw/dUyibd22bZtcf/31MmXKFONSuqRQg6vwJYRFRUXSpk2bSrfSDfJvvvlm4+910/fatWtXqTrffvttlY7nYAQQQAABBBBAwEmB4R92cPJyXAuBCgKPnP8/RBwQ4Dl1AJFL2ArwnCY+OMxtiBK/knNXIMByztJ1V9IZWLo/mP6zV69e8s9//lMWLVokHTt2NOo6d+5c6dSpU6V6P/jgg3LPPfcYfx8IBKrcLgKsKpNxAgIIIIAAAgg4KMCLsYOYXKqSAC/GzgwKnlNnHLlKZAGe08RHBgFWFQx1BtGSJUuMM4488khjGduaNWtk/fr1VbiKGAFNpn+pcMeOHbb7VOl+V7rvVWFhofz444+yadOm0LJBnY119tlnV/K8/fbb5bHHHgudUyVwDkYAAQQQQAABBNIswNKkNHdAht+eJYTOdDDPqTOOXCWyAM9pZo4M187Aev/996Vnz56G+quvvir9+vUTNnGvOAj/+te/yh133GF8aVD3qooU1GlApfthnXzyyfLf//5XysvLQ18VvPvuu0VnW1lL+/btZenSpTJgwACZPHlyZo58WoUAAggggAACGSvAi3HGdq0rGsaLsTPdwHPqjCNXIcDy0xggwPJwb4d/UVCXB+oywfCiM9g6dAjuAaFB16OPPmr8+2233WZs7F5QUCDr1q0LBVr6M11WaE4VnDRpkgwcONDDQlQdAQQQQAABBPwowIuxH3s9dW0mwHLGmufUGUeuQoDlpzHg2gBr165dRriipXnz5lK3bl0pKyszZhpVpegm5Tk5OVU5xTPHbtmyRXS2lH5NUMOoCRMmyHnnnSc1a9Y09rq68sorZfHixUZ79J9HH3208e/Lly+Xo446yvh3/drg+PHjjS8XFhcXG0sKV6xYYVxv5cqVkpub6xkPKooAAggggAACCKgAL8aMg2QKEGA5o8tz6owjVyHA8tMYcG2A5adOSKStM2fOlB49eoQuocsJW7VqFQqu9AcvvfSSDBo0qMJtzFlY5l8ef/zxsnDhwtAxuoTzggsuSKRqnIsAAggggAACCKRFgBfjtLD75qYEWM50Nc+pM45chQDLT2MgIwOsAwcOGBu+T5s2zQhu6tevn9F9qsv+brnlFvnyyy8rtFP3vXr22WdDSwKtCH/7299k5MiRxlcKzdKuXTt56qmnjJlcFAQQQAABBBBAwIsCvBh7sde8U2cCLGf6iufUGUeuQoDlpzHguQBL93UaNWqU6Bf0tm7dWqmvwsMY/aEui2vdurUv+nTz5s2ybNkyyc7ONpYWxhPcBQIBKSoqkrVr1xozt/RPpi659MUgoJEIIIAAAgggwBJCxkBSBQiwnOElwHLGkasQYPlpDHgqwArf8yneTtKZWC1atIj3cI5DAAEEEEAAAQQQ8LgAL8Ye70CXV58Ay5kO4jl1xpGrEGD5aQx4KsAaPXq0jBgxwugfXep21VVXyQMPPGD89/33329sOq57Qukm5Fo2bNggzZo181N/0lYEEEAAAQQQQMD3ArwY+34IJBWAAMsZXp5TZxy5CgGWn8aApwKsgQMHyssvvyznn3++fPDBB0Y/6QbmGlp99tln0r17d9m5c6f06dNHdBNyDbXuvfdeP/UnbUUAAQQQQAABBHwvwIux74dAUgEIsJzh5Tl1xpGrEGD5aQx4KsDq0qWLfP3118bG5DfeeKPRTzojS2dmjR07Vm6//Xbj73bv3i15eXnGv+/YsUPq1q3rpz6lrQgggAACCCCAgK8FeDH2dfcnvfEEWM4Q85w648hVCLD8NAY8GWDNmjVLunXrZvTThAkT5LrrrpMBAwbI5MmTQ33Xu3dvmTFjhnzzzTe2X+HzU0fTVgQQQAABBBBAwC8CvBj7pafT004CLGfceU6dceQqBFh+GgOeCrAGDx4sEydOlMcff1xuu+02o59mz55thFktW7aU1atXh/pOQy0Nt/7+97/LNddc46c+pa0IIIAAAggggICvBXgx9nX3J73xBFjOEPOcOuPIVQiw/DQGPBVgmZu4d+7cWT755BNp0KCBbNy4UQoKCow+W7hwoXTs2FEOHDgghx12mJSUlMj06dPl4osv9lOf0lYEEEAAAQQQQMDXArwY+7r7k954AixniHlOnXHkKgRYfhoDngqw1qxZI8ccc4xs375d8vPzZdKkSfKb3/xGzL2xdBaWzryaOnWqEWZp+eGHH6RDhw5+6lPaigACCCCAAAII+FqAF2Nfd3/SG0+A5Qwxz6kzjlyFAMtPY8BTAZZ2jC4J1P2utIwfP16GDBki7777rlx00UWV+u2SSy6RadOm+ak/aSsCCCCAAAIIIOB7AV6MfT8EkgpAgOUML8+pM45chQDLT2PAcwGWdk5xcbE899xz0qdPHznppJOM/nr77bdl5MiRsnTpUuO/r776ann66aelYcOGfupP2ooAAggggAACCPhegBdj3w+BpAIQYDnDy3PqjCNXIcDy0xjwVIC1bNky+fjjj6Vv377SpEmTiP20efNmY3lhrVq1/NSPtBUBBBBAAAEEEEDgoAAvxgyFZAoQYDmjy3PqjCNXIcDy0xjwVID1wAMPyH333Wf0z759+6RGjRp+6ivaigACCCCAAAIIIBCHAC/GcSBxSLUFCLCqTVfhRJ5TZxy5CgGWn8aApwIsc7P2Cy+8UN577z0/9RNtRQABBBBAAAEEEIhTgBfjOKE4rFoCBFjVYqt0Es+pM45chQDLT2PAUwHWoEGDjC8PtmvXTv73v/9JVlaWn/qKtiKAAAIIIIAAAgjEIcCLcRxIHFJtAQKsatNVOJHn1BlHrkKA5acx4KkAa9GiRXLaaafJ9u3bRWdh3XPPPVJYWCjNmjUjzPLTqKWtCCCAAAIIIIBAFAFejBkeyRQgwHJGl+fUGUeuQoDlpzHgqQBrwoQJ8sQTT8jChQsr9ZFu3B6p/PDDD9KiRQs/9SltRQABBBBAAAEEfC3Ai7Gvuz/pjSfAcoaY59QZR65CgOWnMeCpAGvYsGEyduzYKvVPcXGxtG7dukrncDACCCCAAAIIIICAdwV4MfZu33mh5gRYzvQSz6kzjlyFAMtPY8BTAdaXX34pCxYsqFL/9O/fX+rWrVulczgYAQQQQAABBBBAwLsCvBh7t++8UHMCLGd6iefUGUeuQoDlpzHgqQCrqh0TCATYG6uqaByPAAIIIIAAAgh4XIAXY493oMurT4DlTAfxnDrjyFUIsPw0BjwVYE2cOFGmTZtmbN5+0kkn2faTBldnnHGGzJkzR3QPrA4dOvipT2krAggggAACCCDgawFejH3d/UlvPAGWM8Q8p844chUCLD+NAU8FWOYeWNOnT5eLL77Ytp/27Nkjubm5xs8//fRT6dGjh5/6lLYigAACCCCAAAK+FuDF2Nfdn/TGE2A5Q8xz6owjVyHA8tMYcHWANWrUKCkpKQn1x4cffiiLFy+WCy+80HZW1b59+2TevHnG7Cst//vf/6R9+/Z+6lPaigACCCCAAAII+FqAF2Nfd3/SG0+A5Qwxz6kzjlyFAMtPY8DVAdbzzz8vN954Y7X7o2XLlqJfIczJyan2NTgRAQQQQAABBBBAwFsCvBh7q7+8VlsCLGd6jOfUGUeuQoDlpzHg6gBr//79cs0118j69euNPlmyZIkxI6tdu3bSrFmziP2kYVVeXp60bt1aRowYYfyTggACCCCAAAIIIOAfAV6M/dPX6WgpAZYz6jynzjhyFQIsP40BVwdY1o6Idw8sP3UgbUUAAQQQQAABBBCoKMCLMSMimQIEWM7o8pw648hVCLD8NAY8FWDpFwVXrFghJ598shQUFPipn2grAggggAACCCCAQJwCvBjHCcVh1RIgwKoWW6WTeE6dceQqBFh+GgOeCrD81DG0FQEEEEAAAQQQQKB6ArwYV8+Ns+ITIMCKzynWUTynsYT4eSICPKeJ6Ln3XAIs9/YNNUMAAQQQQAABBBCohgAvxtVA45S4BXgxjpsq6oE8p844cpXIAjynmTkyCLAys19pFQIIIIAAAggg4FsBXox92/UpaTgvxs4w85w648hVCLD8NAYIsPzU27QVAQQQQAABBBDwgQAvxj7o5DQ2kQDLGXyeU2ccuQoBlp/GAAGWn3qbtiKAAAIIIIAAAj4Q4MXYB52cxiYSYDmDz3PqjCNXIcDy0xhwbYD1zjvvyFtvvSW9evWSK6+80k99QlsRQAABBBBAAAEEEhDgxTgBPE6NKUCAFZMorgN4TuNi4qBqCvCcVhPO5ae5NsC6//775U9/+pNce+21MnHiRIPx4YcflmeeeUYmTZokZ511lstpqR4CCCCAAAIIIIBAOgR4MU6Hun/uyYuxM33Nc+qMI1eJLMBzmpkjw7UB1l133SWPPPKIdO7cWb799ltDf9iwYTJ27FiZPn26XHzxxZnZI7QKAQQQQAABBBBAICEBXowT4uPkGAK8GDszRHhOnXHkKgRYfhoDrg2wpkyZIldccYXRF7qM8IwzzpAZM2bInDlzZMiQIdKpU6e4+mnQoEFSr169uI7lIAQQQAABBBBAAAHvC/Bi7P0+dHMLCLCc6R2eU2ccuQoBlp/GgGsDrPXr10v79u1l+/btCfVHcXGxtG7dOqFrcDICCCCAAAIIIICAdwR4MfZOX3mxpgRYzvQaz6kzjlyFAMtPY8C1AZZ2wvLly2XEiBHyww8/yKZNm6SkpMTom/z8fMnLy4urn+bNmyeHHXZYXMdyEAIIIIAAAggggID3BXgx9n4furkFBFjO9A7PqTOOXIUAy09jwNUBlrUj2APLT0OTtiKAAAIIIIAAAtUT4MW4em6cFZ8AAVZ8TrGO4jmNJcTPExHgOU1Ez73neirAeu655+T111+XBx98UE477TT3qlIzBBBAAAEEEEAAgbQJ8GKcNnpf3JgXY2e6mefUGUeuElmA5zQzR4anAqzwLti/f78sW7bM+LNy5UqpU6eONG3aVLp06SLNmzfPzN6iVQgggAACCCCAAAIxBXgxjknEAQkI8GKcAF7YqTynzjhyFQIsP40BTwZYs2bNkqFDh8rSpUsj9lXfvn1l4sSJRqhFQQABBBBAAAEEEPCXAC/G/urvVLeWAMsZcZ5TZxy5CgGWn8aA5wKsl156SYYMGRKzj84991yZNm0aIVZMKQ5AAAEEEEAAAQQyS4AX48zqT7e1hgDLmR7hOXXGkasQYPlpDHgqwCouLpa2bdsa/dOyZUt56KGH5MwzzzS+Mrh9+3bRn+s+WePGjTOOGTRokGjgRUEAAQQQQAABBBDwh8BPWwNy9d92+qOxtDItAgRYzrATYDnjyFUIsPw0BjwVYD3wwANy3333GeHVggULpFGjRhH7SpcPDh48WPLz86WsrExycnL81Ke0FQEEEEAAAQQQ8J3Ahi0BWbGxXEp3BOSx9/f4rv00OHUCBFjOWBNgOePIVQiw/DQGPBVgXXbZZTJ16lSZPHmyDBgwIGo/nXDCCbJw4UKZP3++6L9TEEAAAQQQQAABBDJPYL0GVyXlUvZzINQ4AqzM62c3tYgAy5neIMByxpGrEGD5aQx4KsA69thjZfHixfLFF1/IKaecErWfrrnmGnn11Vfl5Zdflv79+/upT2krAggggAACCCCQ8QLrygJStLFicGU2mgAr47s/rQ0kwHKGnwDLGUeuQoDlpzHgqQCrd+/eMmPGDGNfK93fKloxw67Zs2dL165d/dSntBUBBBBAAAEEEMhYgbUaXJWUy5adv8y4sjaWACtju98VDSPAcqYbCLCciiEbWwAAIABJREFUceQqBFh+GgOeCrDuvfde+fOf/ywFBQXy/fffS5MmTSL21QsvvCBDhw41frZp0yZp3Lixn/qUtiKAAAIIIIAAAhknsLY0uMfV1ijBVYuGWdK2IFsuf5xN3DNuALioQQRYznQGAZYzjlyFAMtPY8BTAda6deukRYsWRv9oiPWXv/xFunXrZmzq/vPPP0tRUZHxFULdxF3LkCFDZPz48X7qT9qKAAIIIIAAAghklMAaDa5KymXbLvsZVy0aZUlh02ypXyfLaDsvxhk1BFzXGAIsZ7qE59QZR65CgOWnMeCpAEs7ZsKECXLdddfF7CMNtb777jtp0KBBzGM5AAEEEEAAAQQQQMBdAqs3l8uKjQHZHiW4atkoWwoLsuSQvGBwZRZejN3Vl5lWGwIsZ3qU59QZR65CgOWnMeC5AEs7Z968ecbG7Lqhe6QyfPhwufvuu6V+/fp+6kvaigACCCCAAAIIeF5g1eZyKSoJyPbd9jOuWjXOlsKmWZJvCa4IsDzf/Z5oAAGWM91EgOWMI1chwPLTGPBkgGV20Pr162XZsmWycuVKyc3NlcLCQjniiCOYdeWnEUxbEUAAAQQQQCAjBFZuKpeijQHZESW4OrxxtrQtyJL83IozrqwAvBhnxJBwbSMIsJzpGp5TZxy5CgGWn8aApwMsP3UUbUUAAQQQQAABBDJRQIOrFSUB+XmP/Yyr1k2ypW3TLKkXI7gyfXgxzsSR4p42EWA50xc8p844chUCLD+NAQIsP/U2bUUAAQQQQAABBFwiULwxuMfVzhjBle5xVbd29BlX1ibxYuySTs7QahBgOdOxPKfOOHIVAiw/jQECLD/1Nm1FAAEEEEAAAQTSLFCkwVVJQHbttZ9x1aZpcI+rOlUMrsym8WKc5k7O8NsTYDnTwTynzjhyFQIsP40BAiw/9TZtRQABBBBAAAEE0iSwokT3uCqXXXvtK9BWg6uCbMmrlVgleTFOzI+zowsQYDkzQnhOnXHkKgRYfhoDBFh+6m3aigACCCCAAAIIpFAgEBAjtNLwavc++xtraKXhVaLBlXkHXoxT2Mk+vBUBljOdznPqjCNXIcDy0xggwPJTb9NWBBBAAAEEEEAgBQLlGlyV6B5X5bLHJrjKyhIjtNLwKrems5XixdhZT65WUYAAy5kRwXPqjCNXIcDy0xggwPJTb9NWBBBAAAEEEEAgiQLl5WKEVjrjau/+yDfK1uCqQPe4ypbaDgdX5h15MU5iJ3NpIcByZhDwnDrjyFUIsPw0BjIqwPrxxx9F/5x66qmSn5/vp36krQgggAACCCCAQNoEDmhwdXDG1T674CpbjNBKZ1zVqpHcqvJinFxfv1+dAMuZEcBz6owjVyHA8tMY8FyAtWXLFnnllVfkzTfflM8++8zoq507d8rZZ58tX375Zajv/vCHP8hjjz3mp76krQgggAACCCCAQEoF9h8IzrjS5YL7DkS+dY4GVwdnXNVMcnBl1oAX45QOA9/djADLmS7nOXXGkasQYPlpDHgqwCovL5eePXvKhx9+aPRRSUmJNG3aVG666SZ57rnnKvWbBlgaZFEQQAABBBBAAAEEnBPQsMrc40pDrEilRk5wxpUuF6yZ49y947kSL8bxKHFMdQUIsKorV/E8nlNnHLkKAZafxoCnAiydedW/f3+jfzp37mwEWTVq1JCGDRsaf3fyySfL/fffL2+88YZMnDjR+Lu9e/dKzZpJ2mDBTyOFtiKAAAIIIICA7wV0Xyvzq4K6bDBS0bDK3ONKQ6x0FF6M06Hun3sSYDnT1zynzjhyFQIsP40BTwVYv//97+Xpp5+WAQMGGAFVdna2vP3223L55Zcbffb555/LGWecYYRWtWvXNv7uu+++k+OOO85PfUpbEUAAAQQQQAABRwU0uDL2uCopF/3CYKSi+1qZXxXUZYPpLLwYp1M/8+9NgOVMH/OcOuPIVQiw/DQGPBVg9ejRQ2bOnCnvvPOO9O7d2+inoUOHygsvvGBs2l5aWmrMyNJy0UUXybvvviv/+Mc/5KqrrvJTn9JWBBBAAAEEEEDAEYE9+37Z4ypacGXucZWd5uDKbDQvxo50PxexESDAcmZo8Jw648hVCLD8NAY8FWCdcMIJsnDhQpk/f77ovwcCAWnevLmxF9YVV1whr7/+eqjvzGPfeustueyyy/zUp7QVAQQQQAABBBBISGC3Blclwc3ZbSZcSe2av+xxlZ2V0O0cP5kXY8dJuWCYAAGWM8OB59QZR65CgOWnMeCpAKtPnz6igZTOuLr++utlzpw50rVrV6O/XnrpJRk0aJDx78XFxdK2bVvj37/66ivp0qWLn/qUtiKAAAIIIIAAAtUS2LX3lz2u7C6Qq8FVQXBzdpflVqEq82Jcre7npDgFCLDihIpxGM+pM45chQDLT2PAUwHWM888I7fccovRP7/73e/kvffekxUrVhj/vWnTJmMZ4Ysvvmhs5K6zsgoKCowwKy8vz099SlsRQAABBBBAAIEqCezcG5CikoCxQbtdyav1yx5XVbp4Gg7mxTgN6D66JQGWM53Nc+qMI1chwPLTGPBUgLVjxw458cQTZenSpRX6aMyYMTJs2DBZs2aNtGrVKvSzcePGyQ033OCn/qStCCCAAAIIIIBA3AI79wRkxcaAFEcNrrKksCDL2KDdK4UXY6/0lDfrSYDlTL/xnDrjyFUIsP4/e+cCXUV1Pe59Q3gFAgRIkGckKlAfULBSK8ICXyhIqVoBBVSwVqlvSwsK+FZAC6KiUCsKiBalior8kGoRi/JH8VGp5SUkvNUA4REIr5D7X2cuN0KSm9xkzklm5nyzlgtIZvad8+2918z9PHPGphrwlcBSidm1a5c8/PDD8s9//tOZYaXWvho2bJiTs4KCAqlWrZq0aNFCxo4dK4MGDbIpl4wVAhCAAAQgAAEIxEVgvxJX2WHZuCP2jKukmiHJSA3JyT4SV9HB88U4rjJgpwoSQGBVEFyRw+hTPRyJgsCyqQZ8JbC+++47+fDDD+Xqq6+Wxo0bl5in9evXS0ZGhoRCXl2VwabyYqwQgAAEIAABCHiJwL6DkRlXm0oRV3WUuEoLSXpj/8y4KsqYL8ZeqrrgnQsCS09O6VM9HImCwLKpBnwlsNTMqwceeMDJz5EjRyQxMdGmXDFWCEAAAhCAAAQgUCECuQcja1xt2hl7xlXdWpEZV618LK6icPhiXKEy4aA4CSCw4gRVxm70qR6OREFg2VQDvhJY6m2Cy5cvl8suu8xZwJ0NAhCAAAQgAAEIQCA2gdwDkRlXm0sRV8m1QtI6LSStGvl3xlVRAnwxpitMEkBg6aFLn+rhSBQElk014CuBdcMNN8iMGTOkTZs2snr1ah4TtKlSGSsEIAABCEAAAnET2KvEVXZYtuTEnnGVXDsy46plgMRVFBBfjOMuFXasAAEEVgWglXAIfaqHI1EQWDbVgK8E1rfffivnnXee5ObmOrOwRo8e7ax31aRJE2SWTVXLWCEAAQhAAAIQKJHAnjw146pAtuaEYxKqp8RVWoK0aBjc9UL5YkyDmCSAwNJDlz7Vw5EoCCybasBXAuull16Sp59+WlasWFEsR8nJySXmbdWqVdK8eXObcspYIQABCEAAAhCwjMDuPLXGVYFs3RVbXNVPUjOuEqR5gMVVNO18MbasASp5uAgsPcDpUz0ciYLAsqkGfCWwhg8fLhMmTChXfjZs2CDp6enlOoadIQABCEAAAhCAgB8I7NoflqztBbKtFHHVIEmtcZUgzVOCO+OqaK74YuyH6vXvOSKw9OSOPtXDkSgILJtqwFcCa9myZfLNN9+UKz+DBg2SOnXqlOsYdoYABCAAAQhAAAJeJqDEVWZ2gXy/O/aMq5Q6IWmdmiDNLBJX0ZzxxdjL1ev/c0Ng6ckhfaqHI1EQWDbVgK8Elk2JYawQgAAEIAABCECgKIGcfZE1rn4oQ1ypNa6aNrBnxlVRTnwxpndMEkBg6aFLn+rhSBQElk01EGiB9dVXX8kZZ5whNWvWtCmnjBUCEIAABCAAgYAR2KnEVXaB/Lgn9oyrhnUja1ydZLG4iqadL8YBawCPDQeBpSch9KkejkRBYNlUA74TWIcOHZLXX39d/v3vf8uBAwckPz+/MF/hcNj59759+0Qt3r5lyxZhDSybypmxQgACEIAABIJFYEduZI2r0sRVIyWu0hKkSX17Z1wVzTpfjIPVB14bDQJLT0boUz0ciYLAsqkGfCWwlJzq2rWrqLWw4t0QWPGSYj8IQAACEIAABLxCYLsSV9kFkr039oyrxsmRNa4QV8Wzxhdjr1RyMM8DgaUnr/SpHo5EQWDZVAO+EljTp0+XIUOGFOanS5cu8umnnzr/vvjii50F3rOzswt/v3DhQrngggskMTHRppwyVghAAAIQgAAEfEpg+97IGlfqz1hbqhJXaQmSVo8ZV7EY8cXYpw3gk9NGYOlJFH2qhyNREFg21YCvBNawYcNk6tSp0r59e1Fy6qSTTnLWuFq5cqWo9a46duwo3333nSOt1OODs2fPlv79+9uUT8YKAQhAAAIQgIAPCaiZVmqNK/XIYExxVS+yxlUq4qrMDPPFuExE7OCCAALLBbzjDqVP9XAkCgLLphrwlcDq0aOHLF68WB599FEZNWqUk6fbb79dJk+e7Iitm2++2fnZpk2bJD09XdLS0hyRVb16dZtyylghAAEIQAACEPAJAbW2lZpxtbMUcaVmWqk1rtQjg2zxEeCLcXyc2KtiBBBYFeNW9Cj6VA9HoiCwbKoBXwmsDh06yIoVK+Tjjz+Wbt26OXl67rnn5LbbbpM//OEPzt+j2/nnn+88XqhmZ/3sZz+zKaeMFQIQgAAEIAABjxP4YU9kjSv1dsFYm1rbSs24aoS4Knc2+WJcbmQcUA4CCKxywCplV/pUD0eiILBsqgFfCax+/frJnDlz5OWXX5YbbrjBydM///lP6dmzp/NYoVoDK7opoTVlyhT5xz/+IVdddZVNOWWsEIAABCAAAQh4lMAPuyMzrnJKEVcn1Y+scaXeLshWMQJ8Ma4YN46KjwACKz5OZe1Fn5ZFiN+7IUCfuqHn3WN9JbAefPBBeeihh+SKK66QN998U0KhkGzcuFFOPvlkh/COHTukUaNGzt/btm0ra9eulTfeeEOuvvpq72aAM4MABCAAAQhAIPAEvlfiKrtAdu2PPePqpAaRGVcNEVeu64Evxq4REqAUAnwx1lMe9KkejkQpmQB9GszK8JXA+vzzz+WXv/ylkwk16+rxxx+Xn//859K0aVPn7YPqZ3/605/kvffek0mTJjn7qWPOOeecYGaPUUEAAhCAAAQg4GkC23ZFxNXuvNjiqqkSV2kJklKHGVe6kskXY10kiVMSAb4Y66kL+lQPR6IgsGyqAV8JLJWYkSNHyvjx450cqTWv1KOCTz/9tNx1113F8nb66ac7jxUmJibalFPGCgEIQAACEIBAFRPYuiuyxlVp4qpZSmTGVQPElfZs8cVYO1ICHkcAgaWnHOhTPRyJgsCyqQZ8J7COHDnirGv1l7/8xXkb4WWXXSZHjx51Zl499dRThbnLyMiQuXPnOmtjsUEAAhCAAAQgAIHKILAlJyKu9hyIPeOqeUpkjasGScy4MpUTvhibIktcRQCBpacO6FM9HImCwLKpBnwnsI5PTjgcdtbBim7btm2TL774wlkHq2PHjpKUlGRTLhkrBCAAAQhAAAJVRECJK/Wo4N5SxFWLhiFpnZog9RFXxrPEF2PjiK3+AASWnvTTp3o4EgWBZVMN+Fpg2ZQoxgoBCEAAAhCAgPcIbN5ZIJnZYck9GHvGVYuGCZKRFpJ6tZlxVVkZ5ItxZZG283MQWHryTp/q4UgUBJZNNeBbgfXJJ5/IvHnzZM2aNbJq1SoZM2aMDBo0SAYPHiz9+vWTXr16SbVq1WzKJWOFAAQgAAEIQKCSCGw6Jq72lSKuWjaKiKvkWoirSkpL4cfwxbiyidv1eQgsPfmmT/VwJAoCy6Ya8J3A2rlzp9x2220ye/bsE/I0efJkGTp0aOFjgwMGDJAZM2ZIjRo1bMonY4UABCAAAQhAwCCBjTsKJCs7LPsOxZ5x1eqYuKqLuDKYidJD88W4ytBb8cEILD1ppk/1cCQKAsumGvCVwFJrXvXt29eZeRXdkpOTJTc3V5TAuvbaayU9Pd35t9rUGwvHjh1rUz4ZKwQgAAEIQAACBghsOCau9pcirtIbJ0jrtJDUrcmMKwMpKFdIvhiXCxc7l5MAAqucwGLsTp/q4UgUBJZNNeArgTVnzhzn8UC1TZ06Va655hoZP368PP74447AuvXWW2Xz5s1y8803y4IFC5z9cnJyJCUlxaacMlYIQAACEIAABDQR2LA9ssZV3uHYM65OPiau6iCuNFF3H4Yvxu4ZEiE2AQSWnuqgT/VwJAoCy6Ya8JXAGjZsmCOujp9ZNWrUqBMElkrevn37RM3MUtuSJUvk/PPPtymnjBUCEIAABCAAAZcEso6JqwOliavUyBpXSTWYceUSt/bD+WKsHSkBjyOAwNJTDvSpHo5EQWDZVAO+ElidO3eW5cuXnyClShJYKoGXX365zJ8/X1555RVncXc2CEAAAhCAAAQgUBaBzGw146pADh6JvWdrR1wlSG2W2SwLZ5X9ni/GVYbeig9GYOlJM32qhyNREFg21YCvBFa3bt0cebVo0SLp0aOHk6dYAuvSSy+VhQsXynvvvSe9e/e2KaeMFQIQgAAEIACBchAIh0Uyt6vF2UsXV0paqf9qVS9HcHatEgJ8Ma4S7NZ8KAJLT6rpUz0ciYLAsqkGfCWw7r77bpk0aZJcf/31Mn369JgCa9WqVXL66ac7v1+3bp2ccsopNuWUsUIAAhCAAAQgEAeBgrA40krNuDqUX/IBoZBIRqpanB1xFQdSz+zCF2PPpCKQJ4LA0pNW+lQPR6IgsGyqAV8JLLUwe69evZz8jBkzxpl99fDDD5+wBtbSpUtlyJAhsnbtWsnIyHD+rFatmk05ZawQgAAEIAABCJRC4GiBSGSNqwI5HENcJYTEkVZqxlXNRHD6jQBfjP2WMX+dLwJLT77oUz0ciYLAsqkGfCWwVGKUnIrOvjo+UW3atJHExERZuXJl4Y8/+eQT6dKli035ZKwQgAAEIAABCMQgoMRVdI2rI0dL3qlagkh0jasaiCvf1hJfjH2bOl+cOAJLT5roUz0ciYLAsqkGfCewcnNzZcSIETJlypSYeVJvIFS/HzhwoE25ZKwQgAAEIAABCJRAIP/oT2tclSauomtcVWfitu/riC/Gvk+hpweAwNKTHvpUD0eiILBsqgHfCaxocr755ht56623ZPXq1c5/SUlJ0q5dOznzzDNl6NChkpKSYlMeGSsEIAABCEAAAkUIKFmlZlypda7yC0rGk1jtpzWuEFfBKSG+GAcnl14cCQJLT1boUz0ciYLAsqkGfCWwMjMzJS0tTerWrWtTjhgrBCAAAQhAAALlIKDWtYqucaUeGyxpU7JKzbhS61wlJpQjOLv6ggBfjH2RJt+eJAJLT+roUz0ciYLAsqkGfCWwhg8fLhMmTJAbb7zReROhWt8qIYG7TpsKlrFCAAIQgAAEYhFQbxKMvlVQvWGwpE2taxVd40qtd8UWTAJ8MQ5mXr0yKgSWnkzQp3o4EgWBZVMN+FJgRRPUokULufnmm521rlq3bm1T3hgrBCAAAQhAAALHCBw6ElnjSj0uGI4hrtSbBKNvFVRvGGQLNgG+GAc7v1U9OgSWngzQp3o4EgWBZVMN+Epg/fjjj/LGG2/Iiy++KCtWrDghT927d3dmZvXt21fUIu5sEIAABCAAAQgEm8BBJa6OrXEVw1tJzeqRNa7U44IhxFWwC+K40fHF2JpUV8lAEVh6sNOnejgSBYFlUw34SmAdnxglsF577TV5+eWXJTs7+4ScqUXcr7vuOunatSuPGNpUzYwVAhCAAASsIHDg8E9vFYw14FpKXB1b4wpvZUVZnDBIvhjbl/PKHDECSw9t+lQPR6IgsGyqAd8KrGiS8vPzZdGiRTJr1ix55ZVXTsidesTw97//vSOz0tPTbcorY4UABCAAAQgEjkDe4bBkZYedBdpjbbVr/PRWwcABYEBxE+CLcdyo2LECBBBYFYBWwiH0qR6OREFg2VQDvhdYxydLzcQaMWKETJ8+vVgOr7jiChk7dqy0bdvWpvwyVghAAAIQgIDvCew/pKRVWDaUIq6SakTWuFILtLNBgC/G1IBJAggsPXTpUz0ciYLAsqkGfC+w9u/fL/PmzXNmYM2fP/+E3KkZWDVq1JDMzEzn52ptrLffflsuuOACm3LMWCEAAQhAAAK+JKDEVWZ2WDbuiD3jKqlmSDJSQ3Iy4sqXOTZ10nwxNkWWuIoAAktPHdCnejgSBYFlUw34UmCpxwYXL14sr776aomzrdQaWNdff72cf/75EgqFZOnSpTJgwADZsmWLZGRkyPr1623KMWOFAAQgAAEI+IrAvoNhydwelk2liKs6SlylhSS9MTOufJXcSjpZvhhXEmhLPwaBpSfx9KkejkRBYNlUA74SWGvWrJFp06bJjBkzii3c3qVLF/nd734nV155pdSrV69YDhcsWCC9evVyfr5x40Zp1aqVTXlmrBCAAAQgAAHPE8g9GFnjatPO2DOu6taKzLhqhbjyfD6r8gT5YlyV9IP/2QgsPTmmT/VwJAoCy6Ya8JXAGj58uEyYMKEwP2lpaXLLLbfIoEGD5LTTTis1b19++aX84he/cPbJycmRlJQUm/LMWCEAAQhAAAKeJbD3QERcbc6JLa6Sa4WkdVpIWjVixpVnE+mhE+OLsYeSEcBTQWDpSSp9qocjURBYNtWALwXWtddeK0OGDJHu3btLYmJiXPnatm2bs0aWehvhJZdcEtcx7AQBCEAAAhCAgDkCSlypNa62lCKu6tUOSevUkLREXJlLRAAj88U4gEn10JAQWHqSQZ/q4UgUBJZNNeArgaUeIVSzrpg9ZVOJMlYIQAAC3iWw7scCmf3/jsjyzKOi1m1ig0BFCagZZr/IqCbX/Kq6nNKEWWYV5Rg9ji/GbglyfGkEEFh66oM+1cORKAgsm2rAVwLLpsQwVghAAAIQ8DYBJa/umHlADh3x9nlydv4iUKu6yDPX1UZiuUwbX4xdAuTwUgkgsPQUCH2qhyNREFg21QACy6ZsM1YIQAACENBG4NG3D8lHK/O1xSMQBKIEepyeKKN/UxMgLgjwxdgFPA4tkwACq0xEce1An8aFiZ0qSIA+rSA4jx+GwPJ4guI9vT179shnn30m69evl3379smpp54qZ511lvNnadsXX3wh33zzjbOwfceOHZ2F7hs0aBDvx7IfBCAAAWsJ9J2Yx2OD1mbf7MCTa4fk7buTzH5IwKPzxTjgCa7i4fHFWE8C6FM9HIlSMgH6NJiVgcAKQF5feOEFUW9ozM3NLTaa2267TR599FGpX7/+Cb/btWuXDB482FnYvuj24osvyo033hgAMgwBAhCAgDkC3HibY0tkEW683VUB/emOH0eXToD+1FMh9KkejkRBYNlUAwgsn2d71qxZjohSm1rg/sorr5Q6derIBx98ICtWrHB+3rdvX3n77bcLR5qfny8XX3yxLF682PlZ7969JSMjQxYuXChr1651fvb888/LsGHDfE6H04cABCBgjgA33ubY2h45JCIf3lfHdgyuxk9/usLHwWUQQGDpKRH6VA9HoiCwbKoBBJaPs52Xl+fIKrWde+658n//93+Fb2g8evSo/PnPf5aJEyc6v3/vvfccUaW2OXPmSL9+/Zy/T5s2TYYOHer8/cCBA9K/f3+ZN2+eJCcnyw8//CBJSTzC4OMS4dQhAAGDBLjxNgjX8tAILPcFQH+6Z0iE2AQQWHqqgz7Vw5EoCCybagCB5eNsqxlUPXr0cEawfPlyZ/2q47cjR45Io0aNnEcLR48eLY888ojz6/PPP18+/fRTadOmjaxZs+aEYzZt2iTp6enOz1566SUZMmSIjwlx6hCAAATMEeDG2xxb2yMjsNxXAP3pniEREFima4A+NU3Y7viI5mDmPxACa+vWrXLrrbdKQkKCM7uoWrVqwcxWkVH94x//kLFjx8qWLVtEMUhMTCw27g4dOjiPEqrHDGfOnCkHDx6U2rVrO/s98cQT8qc//anYMd26dZMlS5ZIz5495f3337eCJYOEAAQgUF4C3HiXlxj7x0sAgRUvqdj70Z/uGRIBgWW6BuhT04Ttjo/ACmb+AyGwVq5cKWeccYaTocOHD0v16tWDma1yjmrHjh2Smpp6gqz6+uuvpVOnTs7PFi1aVDiD6/jQI0eOlPHjxztrav3444/l/FR2hwAEIGAHAW687chzVYwSgeWeOv3pniEREFima4A+NU3Y7vgIrGDm37MCa9u2bY5giWfbuHGj84ic2tRjb8cLLLWoua3rON1+++0yefJkh8uyZcvkl7/8pXz44YfOAu5q+89//iNqhlbRTckrJbHUphZ8t2VGWzy1xj4QgAAEogS48aYWTBFAYLknS3+6Z0gEBJbpGqBPTRO2Oz4CK5j596zAWrBggfTq1cs19Q0bNhSu6eQ6mI8C/O1vf5Pf//73zhnfdNNN8sILLzh/nzt3rvOmQrWp9a5atmxZbFTHH6vWz6pbt66PRs6pQgACEKgcAtx4Vw5nGz8FgeU+6/Sne4ZEQGCZrgH61DRhu+MjsIKZf88KrC+++ELOOecc19Q3b94sLVq0cB3HTwHUWlfXX3+9c8oZGRny1VdfSf369Z1/q3Wzrr76aufv2dnZhY8YHj++V199VQYNGuT8KCcnp/DNhvEy+PLLL+Pdlf0gAAEI+JbAnxe28+25c+LeJqAE1vieq719kh4/O/rT4wny+ek9QX9qySB9qgUjQWIQoE/dl8bZZ5/tPojmCJ4VWGqcavHxa665RtQaV2r7y1/+IneXrIdiAAAgAElEQVTddVexR9pYAytSFeFwWB577DEZM2aM828l7tTbBlu1alVYNsc/QpiVlSUnn3xysZKaMmWK/OEPf3B+rhZ9r1mzZrnKDoFVLlzsDAEI+JQAN94+TZwPThuB5T5J9Kd7hkSITYAvxnqqgz7Vw5EoJROgT91XBgKrAgwPHDggo0aNkqeeeso5unv37vLyyy+fIF4QWCJHjhyRYcOGybRp0xxO7du3F/UYZrNmzU6g/u2338pZZ53l/EzNzOrYsWOxrCgJFl1TTEkxNghAAAIQKE6ARx+oClMEeITQPVn60z1DIsQmwKNJeqqDPtXDkSglE6BPg1kZnp6BdTxyNXNo4MCBzmNvalOPyQ0ePNj5u+0CS61TpR4LXLhwocOjZ8+e8sYbb0i9evWKVe3xbyZUTC+88MJi+9xzzz2OMFSPH65fvz6Ylc+oIAABCLgkwI23S4AcHpMAAst9cdCf7hkSAYFlugboU9OE7Y6PwApm/n0jsBT+nTt3OrOM5syZ42TjqquukqlTpzpS64wzznB+dvjw4RPeQhjMtP00qry8POndu7csXrzY+eEtt9wizzzzTEwGBQUFhY9g3nfffc4jh0W3tm3bytq1ax1BqEQhGwQgAAEIFCfAjTdVYYoAAss9WfrTPUMiILBM1wB9apqw3fERWMHMv68EVjQF06dPlyFDhjj/TEtLk7vvvlvuvfdeKwWWGvukSZOcsT/wwAPy4IMPllmpd955pyO5FLtt27adsKaYeqww+qzrjBkz5LrrriszHjtAAAIQsJEAN942Zr1yxozAcs+Z/nTPkAgILNM1QJ+aJmx3fARWMPPvS4GlUqEebVNv2lOLlB+/2TQD6+uvv5ZOnTo5w1cLtkfXvyqpVFNTUwvXu1q3bp2cdtppzm7qbYPquBo1asiGDRucRwozMzMdubVx40apVatWMCufUUEAAhBwSYAbb5cAOTwmAQSW++KgP90zJAICy3QN0KemCdsdH4EVzPz7VmCpdOTn58u4ceMK37qnfmaTwOrfv7+z1lU8W9++feXtt98u3DU6Cyv6A7Xou3rrY3RTC8Bfeuml8YRmHwhAAAJWEuDG28q0V8qgEVjuMdOf7hkSAYFlugboU9OE7Y6PwApm/n0tsKIp+fLLL+Xzzz+XhIQEuemmm5w/bdjUul9qAft4tiuuuELeeuutE3Z97rnnnEcv1SLw0a1Nmzby7LPPyiWXXBJPWPaBAAQgYC0BbrytTb3xgSOw3COmP90zJAICy3QN0KemCdsdH4EVzPwHQmAFMzWVM6pwOCxZWVmydetWadmypfNftWrVKufD+RQIQAACPibAjbePk+fxU0dguU8Q/emeIREQWKZrgD41Tdju+AisYOYfgRXMvDIqCEAAAhAwTIAbb8OALQ6PwHKffPrTPUMiILBM1wB9apqw3fERWMHMPwIrmHllVBCAAAQgYJgAN96GAVscHoHlPvn0p3uGREBgma4B+tQ0YbvjI7CCmX8EVjDzyqggAAEIQMAwAW68DQO2ODwCy33y6U/3DImAwDJdA/SpacJ2x0dgBTP/CKxg5pVRQQACEICAYQLceBsGbHF4BJb75NOf7hkSAYFlugboU9OE7Y6PwApm/j0rsN555x158803pXfv3tK/f/9g0mdUEIAABCDgWwLcePs2dZ4/cQSW+xTRn+4ZEgGBZboG6FPThO2Oj8AKZv49K7AeeughefDBB+X666+X6dOnO/THjh0rzz//vMyYMUMuuOCCYGaEUUEAAhCAgC8IcOPtizT58iQRWO7TRn+6Z0gEBJbpGqBPTRO2Oz4CK5j596zAGjFihDzxxBPSqVMn+fLLLx36w4cPlwkTJsi7774rffr0CWZGGBUEIAABCPiCADfevkiTL08SgeU+bfSne4ZEQGCZrgH61DRhu+MjsIKZf88KrDlz5ki/fv0c6uoxwq5du8q8efPk008/laFDh0rHjh3jysgNN9wgdevWjWtfdoIABCAAAQjES4Ab73hJsV95CSCwykus+P70p3uGREBgma4B+tQ0YbvjI7CCmX/PCqzvv/9e2rZtK7m5ua7Ib9iwQdLT013F4GAIQAACEIBAUQLceFMTpgggsNyTpT/dMyQCAst0DdCnpgnbHR+BFcz8e1ZgKdzr1q2TkSNHyqpVq2THjh2SnZ3tZCE5OVlq164dV0a+/vpradasWVz7shMEIAABCEAgXgLceMdLiv3KSwCBVV5ixfenP90zJAICy3QN0KemCdsdH4EVzPx7WmAVRc4aWMEsQkYFAQhAwI8EuPH2Y9b8cc4ILPd5oj/dMyQCAst0DdCnpgnbHR+BFcz8+0pgTZ06VV5//XV57LHH5LzzzgtmRhgVBCAAAQj4ggA33r5Iky9PEoHlPm30p3uGREBgma4B+tQ0YbvjI7CCmX9fCaySUrBz507ZtGmTJCUlSePGjaVRo0bBzBSjggAEIAABTxHgxttT6QjUySCw3KeT/nTPkAgILNM1QJ+aJmx3fARWMPPvS4GlpNXo0aPl1VdfLbbIe5s2beSuu+6SYcOGBTNjjAoCEIAABDxBgBtvT6QhkCeBwHKfVvrTPUMiILBM1wB9apqw3fERWMHMv+8E1rJly+SSSy4p8+2ESnA98sgjwcwao4IABCAAgSonwI13lacgsCeAwHKfWvrTPUMiILBM1wB9apqw3fERWMHMv68E1r59+6RDhw6SmZnpZGPo0KFy0UUXSYsWLWTv3r2SlZUlzz77rKxdu9b5/eOPPy733ntvMDPHqCAAAQhAoEoJcONdpfgD/eEILPfppT/dMyQCAst0DdCnpgnbHR+BFcz8+0pgTZo0Se6++24nE59//rmcc845xbKSn58vd955pzz//POO2Nq8eXMwM8eoIAABCECgSglw412l+AP94Qgs9+mlP90zJAICy3QN0KemCdsdH4EVzPz7SmBdd9118sorr8gTTzwhf/rTn2Jm5NChQ3LqqafKli1bnNlarVu3Dmb2GBUEIAABCFQZAW68qwx94D8YgeU+xfSne4ZEQGCZrgH61DRhu+MjsIKZf18JLPX44IoVK+TTTz+V8847r9SM9O/fX9544w35+9//LgMGDAhm9hgVBCAAAQhUOoHcg2HJzA7LPbMOVPpn84F2EEBguc8zX4zdMyQCAst0DdCnpgnbHR+BFcz8+0pgXXjhhbJo0SKZO3eu/OY3vyk1I926dZMlS5bIwoULnUXf2SAAAQhAAAJuCOw9EBFXW3IKnDBPLTjkJhzHQiAmAQSW++Lgi7F7hkRAYJmuAfrUNGG74yOwgpl/Xwkstf6VWgera9eujshKTEwsMStLly6VLl26OL/btGmTtGzZMpjZY1QQgAAEIGCcwJ4DYcnKLpAtOeETPguBZRy9tR+AwHKfer4Yu2dIBASW6RqgT00Ttjs+AiuY+feVwFq+fLl07tzZyUSfPn1k3LhxcvrppxdmRi3gPmvWLLnjjjskNzdXzj33XFEyKxRSt4JsEIAABCAAgfgJ7MlTM64KZOuuE8VVNAICK36W7Fk+Agis8vEqaW++GLtnSAQElukaoE9NE7Y7PgIrmPn3lcBSKRg2bJhMnTq1MBtpaWmSnp4u+/fvl5UrV56QpdWrV0vbtm2DmTlGBQEIQAACRgjsPiautsUQV+pD6yeF5ME3Dxr5fIJCAIHlvgb4YuyeIREQWKZrgD41Tdju+AisYObfdwKroKDAEVi33nprzIycc845Mnny5MLZWsFMHaOCAAQgAAGdBHbtj8y4+n53yTOu1Gc1SApJRlqCNEsJCTfeOukT63gCCCz39UB/umdIBASW6RqgT00Ttjs+AiuY+fedwIqmYfPmzfLZZ5+JmmWVlZUltWrVktNOO03atWsnF198sVSrVi2YGWNUEIAABCCglUDO/sgaV6WJq5Q6EXHVtMFPj6Rz4601DQQ7jgACy3050J/uGRIBgWW6BuhT04Ttjo/ACmb+fSuwgpkORgUBCEAAApVFYOe+iLj6YU/sGVcN64SkdRFxFT0/brwrK1P2fQ4Cy33O6U/3DImAwDJdA/SpacJ2x0dgBTP/CKxg5pVRQQACEIBADAI7c8OSub1AfixFXDWqGxFXJ9WP/RIQbrwpMVMEEFjuydKf7hkSAYFlugboU9OE7Y6PwApm/hFYwcwro4IABCAAgSIEdihxlV0g2Xtjz7hS4ko9KtikFHEVDcuNNyVmigACyz1Z+tM9QyIgsEzXAH1qmrDd8RFYwcw/AiuYeWVUEIAABCBwjMD2vZEZV+rPWFvj5Ii4SqsXe8ZV0WO58abETBFAYLknS3+6Z0gEBJbpGqBPTRO2Oz4CK5j5R2AFM6+MCgIQgID1BNRMK7XG1fbc2OIq9Zi4Si2HuIqC5cbb+hIzBgCB5R4t/emeIREQWKZrgD41Tdju+AisYOYfgRXMvDIqCEAAAtYSUGtbZW0vEPXIYKxNzbRSa1wpgVXRjRvvipLjuLIIILDKIlT27+nPshmxR8UJ8MW44uyOP5I+1cORKCUToE+DWRkIrGDmlVFBAAIQsI6AEldqjSv1dsHSxJV6VFA9Muh248bbLUGOj0UAgeW+NuhP9wyJEJsAX4z1VAd9qocjURBYNtWAbwXWrl27ZP369bJjxw5Rf69du7acdNJJkpaWJq1atZLExESb8shYIQABCFhL4IfdkTWuckoRV2pRdiWu1CLtujZuvHWRJE5RAggs9zVBf7pnSAQElukaoE9NE7Y7PqI5mPn3lcDKzMyUGTNmyIIFC2T58uUxM5KcnCxXXXWV9OnTRy677DJHbrFBAAIQgECwCHy/O7LGVc7+2DOuTmoQkozUBGmoUVxFKXLjHax68tJoEFjus0F/umdIBASW6RqgT00Ttjs+AiuY+feFwPryyy/lL3/5i8yePbvcWWjRooU8/fTTcuWVV5b7WA6AAAQgAAHvEdi2K7LG1a5SxFVTJa7SEiSljr4ZV0VJcOPtvdoIyhkhsNxnkv50z5AICCzTNUCfmiZsd3wEVjDz72mBtXfvXhk1apRMnjy5kL4SUv369ZM2bdqI+rv6r2nTplJQUCA5OTnyww8/OLOzlixZIvPnzy88rnv37jJx4kTp2LFjMDPJqCAAAQgEnIASV2qNq915sWdcNUsJSetUs+Iqipkb74AXXBUOD4HlHj796Z4hERBYpmuAPjVN2O74CKxg5t+zAuvf//63XH311ZKdnS3qkcDbb7/dmUXVqVMnCYXi+z/qeXl58tZbb8kLL7zgCC213XTTTTJp0iRJSkoKZkYZFQQgAIGAEdiaE1njak8Z4krNuGqQFN/1QQcibrx1UCRGSQQQWO7rgv50z5AICCzTNUCfmiZsd3wEVjDz71mBpYSVmnn16KOPyh133OFILDfb559/LiNGjJDFixfLt99+K2eccYabcBwLAQhAAAKGCWxR4iq7QPYeiD3jqnnDyBpX9StRXEWHzY234QKwODwCy33y6U/3DImAwDJdA/SpacJ2x0dgBTP/nhVYH330kbRt21aaNWumlbxaAL5z587SqFEjrXEJBgEIQAACeghs3lkgWdvDpYqrFkpcpSVIvdqVN+Oq6Oi48daTb6IUJ4DAcl8V9Kd7hkRAYJmuAfrUNGG74yOwgpl/zwqsYOJmVBCAAAQgEIvAJiWussOSezD2jKuWjRKkdWqoSsVV9Py58aaWTRFAYLknS3+6Z0gEBJbpGqBPTRO2Oz4CK5j5R2AFM6+MCgIQgIBvCGzaUSCZ28OyrxRx1UqJq7SQJNequhlXRYFy4+2bEvPdiSKw3KeM/nTPkAgILNM1QJ+aJmx3fARWMPMfCIG1efNm542DmZmZcuTIEcnIyJALLriAda6CWbOMCgIQCAiBjUpcZYdl/6HYM65aNU6QjNSQ1PWQuIri58Y7IIXowWEgsNwnhf50z5AICCzTNUCfmiZsd3wEVjDz73uB9eKLLzpvFixpu+++++Sxxx4LZuYYFQQgAAGfEtiwPTLjKq8UcZWuxFVaSOrU9M6Mq6K4ufH2aQH64LQRWO6TRH+6Z0gEBJbpGqBPTRO2Oz4CK5j597XA+t///idnnnmmk5m+fftKx44dJRQKyXfffSezZs1yfj537lz5zW9+E8zsMSoIQAACPiKQtT2yxlXe4dgzrk5Ojcy4SvKwuIoi58bbR8Xns1NFYLlPGP3pniEREFima4A+NU3Y7vgIrGDm39cC6+mnn5a77rpLRo4cKWPHjj0hQ7Nnz5ZrrrlGbrjhBnn55ZeDmT1GBQEIQMAHBDKz1VsFC+TA4dgn2zo1ssZVUg3vzrgqevbcePug+Hx6iggs94mjP90zJAICy3QN0KemCdsdH4EVzPx7VmA9+OCDkpCQIHfccYc0aNCgRPr333+/PPLII/K3v/1Nfve7352wz9dffy2dOnWSPn36yLvvvhvM7DEqCEAAAh4loOZYZWWrNa4K5OCR2CeZkabeKpggtWt4dCClnBY33v7LmV/OGIHlPlP0p3uGREBgma4B+tQ0YbvjI7CCmX/PCqzbb79dJk+eLMnJyTJ69Gi59dZbpU6dOidk4c0335Tf/va30qJFC3nyySedxwmrV68uWVlZouTW8uXL5aGHHnL+zgYBCEAAAuYJFISPiavtBXIohrhSX85bp6k1rhKkVnXz52TqE7jxNkWWuAgs9zVAf7pnSAQElukaoE9NE7Y7PgIrmPn3rMDatm2bjB8/Xp555hmHvBJZjz/+uNx4441Su3Zt52fqjYO9e/eWDz74oMTsqLcRfvXVV1K/fv1gZo9RQQACEPAIASWu1Gwr9d/h/JJPKhQSR1plpCZITR+Lq+jouPH2SPEF8DQQWO6TSn+6Z0gEBJbpGqBPTRO2Oz4CK5j596zAiuLesGGDPProozJt2jTnR2lpac6bBa+77jqpUaOG5OXlyUsvvSQzZ86U1atXO/ucdtppcvnllzvrY6WkpAQzc4wKAhCAgAcIHC2IiCu1xlUscZUQFVdpCVIj0QMnrekUuPHWBJIwxQggsNwXBf3pniEREFima4A+NU3Y7vgIrGDm3/MCK4p9zZo18vDDD8trr73m/Eg9NqgWbh8wYIAkJgboG1Ew64xRQQACASOQX/DTGldHjpY8uGoJkRlXao2rIImr6Gi58Q5YUXtoOAgs98mgP90zJAICy3QN0KemCdsdH4EVzPz7RmBF8a9YscJZ0+qdd95xftSmTRtnRtaVV17pLPrOBgEIQAAC5ggoWeUszr69QPJjiKvEhJ/WuKpezdy5VHVkbryrOgPB/XwElvvc0p/uGRIBgWW6BuhT04Ttjo/ACmb+fSewomn47LPPZMyYMYXrX7Vv395ZI6tXr14SUgutsEEAAhCAgDYCR/LFkVbqcUH12GBJm5JVzuLsqQmSGGBxFR07N97ayotARQggsNyXBP3pniEREFima4A+NU3Y7vgIrGDm3/MCa8+ePfLJJ584bxZUi7arhdnPO+88SU1NdTLy8ccfy6hRo+TTTz91/n3uuec6a2ZdeOGFwcwYo4IABCBQiQTUulbRNa5KE1fO4uxpCaIeG7Rl48bblkxX/jgRWO6Z05/uGRIBgWW6BuhT04Ttjo/ACmb+PS2w3n77bWex9tzc3GL0X3zxReeNhNFtwYIFMnr0aOetg2rr3r2782ihkl1sEIAABCBQPgKHjkRmXKnHBdUbBkva1LpW0TWubBJXURbceJevptg7fgIIrPhZxdqT/nTPkAgILNM1QJ+aJmx3fARWMPPvWYG1bt06522CalOPB3bq1Mn5u3rT4LJly5y/q5lZXbp0KcxMQUGBKOl17733ytq1a52f33bbbfLss88GM3uMCgIQgIBmAgeP/LTGVTiGuKoZFVdpCaLeMGjrxo23rZk3P24ElnvG9Kd7hkRAYJmuAfrUNGG74yOwgpl/zwqsp59+Wu66664SBdRTTz0l99xzj9x+++3yzDPPFMtMfn6+zJ492xFZp556qnz00UfBzB6jggAEIKCJwIHDIlnH1riKFbJW9Z/WuGKpQRFuvDUVH2GKEUBguS8K+tM9QyIgsEzXAH1qmrDd8RFYwcy/ZwXWn//8Z3nyyScdEdW/f/8T6H/99dfOjKy+ffs6M65ibYcPH3YeKVTrYrFBAAIQgEBxAkpcRde4isWndlRcpVm0wFUcxcKNdxyQ2KVCBBBYFcJ2wkH0p3uGREBgma4B+tQ0YbvjI7CCmX/PCqyZM2fK9ddfL6effrq88MILzp+JiYmSmZnpzL5atGiRPPjgg/LAAw8EMzOMCgIQgIBBAnmHwpK5PSwbtsd4paCI1K4Rkoy0kLRORVyVlApuvA0WqOWhEVjuC4D+dM+QCAgs0zVAn5ombHd8BFYw8+9ZgbV3717p2rWrrFixokTyaWlp8t///lfUn2wQgAAEIBAfgf1KXGWHZeOO2OIqqWZIMlJDcjLiqlSo3HjHV3PsVX4CCKzyMyt6BP3pniEREFima4A+NU3Y7vgIrGDm37MCS+Hevn278xjh1KlTC99EmJycLP369ZP7779fWrVqFcysMCoIQAACmgnsOxiWrO2li6s6SlylhSS9MTOu4sHPjXc8lNinIgQQWBWhduIx9Kd7hkRAYJmuAfrUNGG74yOwgpl/Twus45Hn5eU5/0xKSgpmJhgVBCAAAQMEcpW4yg7Lpp2xZ1zVraUeE0RclRc/N97lJcb+8RJAYMVLKvZ+9Kd7hkRAYJmuAfrUNGG74yOwgpl/3wisYOJnVBCAAATMEMg9EFnjanMZ4krNuGrViBlXFckCN94VocYx8RBAYMVDqfR96E/3DImAwDJdA/SpacJ2x0dgBTP/nhVY48ePl5SUFBk6dKizeLuOTS0ArxZ9V4u/n3LKKTpCEgMCEICApwjsVeIqOyxbcmLPuEquHVnjqiXiylXuuPF2hY+DSyGAwHJfHvSne4ZEQGCZrgH61DRhu+MjsIKZf88KrDvvvFOeeeYZ5+2DjzzyiPzmN7+RhISKzRLYsGGDE+upp55ysrhq1Spp165dMDPKqCAAASsJ7MlTa1wVyJaccMzx11PiKi1BWjRUX4/Z3BLgxtstQY6PRQCB5b426E/3DImAwDJdA/SpacJ2x0dgBTP/nhVYubm5ct9998nkyZMd8uptgzfccINcccUV0rlz5zJllloAfvHixTJt2jRZuHChE6N9+/YyadIk6dGjRzCzyaggAAHrCOxW4iq7QLbuii2u6iepNa4QV7qLgxtv3USJFyWAwHJfC/Sne4ZEQGCZrgH61DRhu+MjsIKZf88KrCjuTz75RG688UZZu3ZtYQbUmwiVjEpPT3feRNiiRQspKCiQHTt2yNatW2XJkiXF9p84caIjwHQ9jhjMcmBUEICAXwjs3q/WuCqQbaWIqwZKXKUlSPMUZlyZyCs33iaoElMRQGC5rwP60z1DIiCwTNcAfWqasN3xEVjBzL/nBZbCfvToUVmwYIE88cQTjpwqzzZixAgZOXKkNGjQoDyHsS8EIAABTxLYpcRVdoF8vzv2jKsGddQaVwnSDHFlNIfceBvFa3VwBJb79NOf7hkSAYFlugboU9OE7Y6PwApm/n0hsI5H/7///c95NPBf//qXfPPNN6IeFVSPG6pNzcRSs7LOPvts6d27t3Tr1k1q1aoVzMwxKghAwCoCOfsiM65+KEVcpShxlZYgTRsw46oyioMb78qgbOdnILDc553+dM+QCAgs0zVAn5ombHd8BFYw8+87gVVSGg4fPizVq1eXUIgvbcEsU0YFAXsJ7NwXWePqhz2xZ1w1rBuZcXUS4qpSC4Ub70rFbdWHIbDcp5v+dM+QCAgs0zVAn5ombHd8BFYw8x8IgRXM1DAqCEDAZgI7ciNvFfyxFHHVqG5kjauT6iPvq6JWuPGuCup2fCYCy32e6U/3DImAwDJdA/SpacJ2x0dgBTP/CKxg5pVRQQACPiWgxJVa4yp7b+wZV42TI28VbIK4qtIsc+NdpfgD/eEILPfppT/dMyQCAst0DdCnpgnbHR+BFcz8I7CCmVdGBQEI+IzA9r2RNa7Un7E2Ja7UGldp9Zhx5YX0cuPthSwE8xwQWO7zSn+6Z0gEBJbpGqBPTRO2Oz4CK5j5R2AFM6+MCgIQ8AkBNdNKzbhSM69iban1ImtcqT/ZvEOAG2/v5CJoZ4LAcp9R+tM9QyIgsEzXAH1qmrDd8RFYwcw/AiuYeWVUEICAxwmota3UGleliSs100rNuFIzr9i8R4Abb+/lJChnhMByn0n60z1DIiCwTNcAfWqasN3xEVjBzD8CK5h5ZVQQgIBHCai3Caq3Cqq3C8ba1NpWao0rxJVHk3jstLjx9nZ+/Hx2CCz32aM/3TMkAgLLdA3Qp6YJ2x0fgRXM/COwgplXRgUBCHiMwA+7I2tc5ZQirtTbBNVbBdXbBdm8T4Abb+/nyK9niMBynzn60z1DIiCwTNcAfWqasN3xEVjBzL/vBVY4HJbs7GypU6eO1K1bV/Lz8yUxMTGY2WJUEICA7wh8r8RVdoHs2h97xtVJDSJrXDVEXPkqv9x4+ypdvjpZBJb7dNGf7hkSAYFlugboU9OE7Y6PwApm/n0psPLy8mTSpEny5ptvyldffeVkZvLkyXLrrbdKkyZNZPDgwTJy5Ehp3LhxMLPGqCAAAc8T2LYrMuNqdyniqqkSV2kJklKHGVeeT2gJJ8iNtx+z5o9zRmC5zxP96Z4hERBYpmuAPjVN2O74CKxg5t93AmvFihXSu3dv2bJlywkZUQJr4MCBkpKS4vy8TZs2smjRImnevHkwM8eoIAABTxLYuiuyxtXuvNgzrpqlRNa4Qlx5MoVxnxQ33nGjYsdyEkBglRMYgtk9MCKUiwBfjMuFK+bOXEf1cCRKyQTo02BWhq8Elpp51bFjR1m7dq2TjS5dukhubq4oqaUE1pAhQ6R79+6yfPly5/f9+vWT16fDhDQAACAASURBVF9/PZiZY1QQgICnCGzNicy42lOKuGquxFVagjRIYsaVp5JXwZPhxruC4DisTAIIrDIRlbkD/VkmInZwQYAvxi7gHXcofaqHI1EQWDbVgK8E1rPPPit33HGHJCcny9KlS+XMM8+UUaNGyeOPP174CKFaA0v9+4EHHnDyuHHjRmnVqpVNOWWsEIBAJRLYosRVdoHsPRB7xlXzhpE1ruojrioxM+Y/ihtv84xt/QQElvvM05/uGRIhNgEElp7qoE/1cCQKAsumGvCVwFJrW82aNUuef/55GTZsmJOnogJL/UxJrIYNGzqzsz744AO56KKLbMopY4UABCqBwOadBZK5PSy5pYirFkpcpSVIvdrMuKqElFT6R3DjXenIrflABJb7VNOf7hkSAYFlugboU9OE7Y6PaA5m/n0lsDp06OA8Lvj555/LOeecE1NgqV+oxwfnzJkjM2fOdBZ1Z4MABCCgg8CmnQWSlR2W3IOxZ1y1bJQgGakhSUZc6UDu2RjceHs2Nb4/MQSW+xTSn+4ZEgGBZboG6FPThO2Oj8AKZv59JbAuv/xymT9/vrz77rvSp0+fUgVW586dnbWw1ELuPXr0CGb2GBUEIFBpBDbuKJCs7WHZV4q4atUoQVqnhSS5FjOuKi0xVfhB3HhXIfyAfzQCy32C6U/3DImAwDJdA/SpacJ2x0dgBTP/vhJYY8aMkUcffdSZfaXWwEpMTCzxEcL33nuvUHBt27ZNmjZtGszsMSoIQMA4ASWuMrPDsv9Q7BlX6Y0TpHVqSOoiroznw0sfwI23l7IRrHNBYLnPJ/3pniEREFima4A+NU3Y7vgIrGDm31cC67///a+0b9/eyUTXrl3lySeflDfeeEMmTpzoLOLev39/eemll2TEiBHOPj179pT3338/mJljVBCAgFECG7ZH1rjKK0NcZaSFpE5NZlwZTYZHg3Pj7dHEBOC0EFjuk0h/umdIBASW6RqgT00Ttjs+AiuY+feVwFIpmDBhggwfPjyubPAGwrgwsRMEIHAcgSwlrrIL5MDh2FhOTo2scZWEuLK6drjxtjr9RgePwHKPl/50z5AICCzTNUCfmiZsd3wEVjDz7zuBFQ6HnVlXd9xxh2RnZ5eYlYsvvlieeeYZadeuXTCzxqggAAHtBJS0UvKqNHHVWomrtASpXUP7xxPQhwS48fZh0nxyyggs94miP90zJAICy3QN0KemCdsdH4EVzPz7TmBF05CXl+esg7V+/XpRM63UelinnnqqI63UAu5sEIAABMoiEA6LZG5XbxUskINHYu+tpJWSV4irsoja9XtuvO3Kd2WOFoHlnjb96Z4hERBYpmuAPjVN2O74CKxg5t+3AiuY6WBUEIBAZRAoCIsjrZS8OhRDXIVC4kgrJa9qVa+Ms+Iz/EaAG2+/Zcw/54vAcp8r+tM9QyIgsEzXAH1qmrDd8RFYwcy/rwRWZmambNmyJa5MJCQkSHJystSrV09atmzpzNBigwAE7CZwtECcxwTV44KH80tmkaDEVZpa4ypBaiKu7C6YMkbPjTflYYoAAss9WfrTPUMiILBM1wB9apqw3fERWMHMv68Ellq8XS3iXt5NiayBAwfKpEmTpGbNmuU9nP0hAAGfE1DiSkkrNePqSCxxlSCOtFIzrmrgu32e8co5fW68K4ezjZ+CwHKfdfrTPUMiILBM1wB9apqw3fERWMHMv68E1v333y+PPPJIhTPRu3dvmTNnjtSuXbvCMTgQAhDwD4H8oz+tcXXkaMnnXU2Jq2NrXCGu/JNbL5wpN95eyEIwzwGB5T6v9Kd7hkRAYJmuAfrUNGG74yOwgpl/Xwms/Px8+fWvfy0LFiyQjIwMeeyxx+RXv/qVNG3aVPbs2SPfffedTJw4Ud58800nW4sXL5bq1avLlClTZNasWc7PHnjgAXnwwQeDmU1GBQEIOASUrIqucaUkVklbYrXIjCv1uGD1aoCDQPkJcONdfmYcER8BBFZ8nErbi/50z5AICCzTNUCfmiZsd3wEVjDz7yuB9de//lVuueUWadOmjXzxxRfOGlclbffcc4889dRTcvXVV8sbb7zh7KLE1h//+Efp3r27fPTRR8HMJqOCgOUE1LpW0TWu1GODJW1KVkXXuFISiw0CFSXAjXdFyXFcWQQQWGURKvv39GfZjNij4gT4YlxxdscfSZ/q4UiUkgnQp8GsDF8JrGuuuUZmz57tSCklp2Jtu3btkoYNGzqCa/fu3aIWdN+8ebO0atXKOeTQoUNSo0aNYGaUUUHAQgJKXEXXuCqIIa7U44HRtwqqxwbZIOCWADfebglyfCwCCCz3tUF/umdIhNgE+GKspzroUz0ciYLAsqkGfCWwzjjjDFm5cqV88skn0qVLl5h5Onr0aOFbB7dt2+Y8Yqg29UbC3NxcWbt2rZx22mk25ZmxQiCQBA4d+WmNq4JwyUNU4kqtcaUeF0xAXAWyDqpqUNx4VxX54H8uAst9julP9wyJgMAyXQP0qWnCdsdHNAcz/74SWL169XLWv1JrWKm1rGJtS5cudQTX8TOwsrKynHWz1LZz505nhhYbBCDgTwIHlbjKLnAeFwzHEFc1q/+0xlWC+jbIBgHNBLjx1gyUcIUEEFjui4H+dM+QCAgs0zVAn5ombHd8BFYw8+8rgTVhwgQZPny4k4nXXntN+vfv7zweePy2YsUKUW8b3LJli/Ts2VPef/9955HBMWPGyJNPPulIrb179wYzm4wKAgEncODwT2tcxRpqLSWujr1VMIS4CnhFVO3wuPGuWv5B/nQElvvs0p/uGRIBgWW6BuhT04Ttjo/ACmb+fSWw1HpWamaVeoxQbe3bt5fzzz9fUlNTHSmlfr5w4cLCTH3zzTfOPupNhcuWLXN+/tBDD8n9998fzGwyKggElEDe4bBkZYedGVextto1flrjKqAYGJbHCHDj7bGEBOh0EFjuk0l/umdIBASW6RqgT00Ttjs+AiuY+feVwFIp2LdvnwwdOlTmzJkTMyNqltXrr78ul112mRy/HpZ6A+HcuXOlQYMGwcwmo4JAwAjkHQpL5vawbChVXIUkIy3kLNDOBoHKJMCNd2XStuuzEFju801/umdIBASW6RqgT00Ttjs+AiuY+fedwFJpCIfD8vbbb8tnn30my5cvd/5Ts7B+9rOfSY8ePeSWW26ROnXqOBk7ePCgTJo0STp06CAXXXSRVK9ePZiZZFQQCBCB/UpcZYdl447YM66SaoYkIzUkJyOuApR5fw2FG29/5ctPZ4vAcp8t+tM9QyIgsEzXAH1qmrDd8RFYwcy/LwVWMFPBqCAAgX0HIzOuNpUiruoocZUWkvTGzLiiYqqWADfeVcs/yJ+OwHKfXfrTPUMiILBM1wB9apqw3fERWMHMfyAFlnpsUC3irmZp3XDDDVK/fv1gZo9RQSAgBHIPRta42rQz9oyrurUiM65aIa4CknX/D4Mbb//n0KsjQGC5zwz96Z4hERBYpmuAPjVN2O74CKxg5t93AmvNmjUybtw4+fDDD2XPnj3FspKbm3vCzzZs2CDp6enBzB6jgoDPCew9oBZmD8vmUsRVcq2QtE4LSatGzLjyeboDd/rceAcupZ4ZEALLfSroT/cMiYDAMl0D9KlpwnbHR2AFM/++EljqLYRt27aV7OzsuLOhZmI1b9487v3ZEQIQME9AiavM7ALZkhOO+WHJtSMzrloirswnhE+oEAFuvCuEjYPiIIDAigNSGbvQn+4ZEgGBZboG6FPThO2Oj8AKZv59JbDGjx8vI0eOdDLRpk0bGTBggDz88MPOvx966CHZuHGjLF68WDIzM52f/fDDD9KkSZNgZo5RQcCHBPbkqTWuCmRrKeKqnhJXaQnSoqH6CscGAe8S4Mbbu7nx+5khsNxnkP50z5AICCzTNUCfmiZsd3wEVjDz7yuBdd1118krr7wiPXv2lPfff9/JiHrroJJWH330kXTv3l3y8vLkt7/9rSxYsMCRWvfff38wM8eoIOAjArvz1BpXBbJ1V+wZV/WT1IyrBGmOuPJRZu0+VW687c6/ydEjsNzTpT/dMyQCAst0DdCnpgnbHR+BFcz8+0pgde7cWZYvXy5TpkyRW265xcmImpGlZmZNmDBB7rnnHudnBw8elNq1azt/37dvn9SpUyeY2WNUEPA4gV371RpXBbKtFHHVIEmtcZUgzVOYceXxdHJ6RQhw401JmCKAwHJPlv50z5AICCzTNUCfmiZsd3wEVjDz70uB9fHHH0u3bt2cjLz00kty4403yuDBg2XmzJmFWfr1r38t8+bNky+++ELOPvvsYGaPUUHAowSUuFJrXH2/O/aMq5Q6IWmdmiDNEFcezSKnVRYBbrzLIsTvK0oAgVVRcj8dR3+6Z0gEBJbpGqBPTRO2Oz4CK5j595XAGjJkiEyfPl0mTZokd955p5ORJUuWODKrRYsWsnnz5sIsKaml5NasWbNk4MCBwcweo4KAxwjk7IuscfVDGeJKrXHVtAEzrjyWPk6nnAS48S4nMHaPmwACK25UMXekP90zJAICy3QN0KemCdsdH4EVzPz7SmBFF3Hv1KmT/Otf/5IGDRrI9u3bJS0tzcnOihUr5KyzzpKjR49Ks2bNnLcVvvvuu9KnT59gZo9RQcAjBHYqcZVdID/uiT3jqmHdyBpXJyGuPJI1TsMtAW683RLk+FgEEFjua4P+dM+QCAgs0zVAn5ombHd8BFYw8+8rgbVlyxY5/fTTJTc3V5KTk2XGjBlyxRVXSHRtLDULS828mjt3riOz1LZq1Spp165dMLPHqCBQxQR25EbWuCpNXDVS4iotQZrUZ8ZVFaeLj9dMgBtvzUAJV0gAgeW+GOhP9wyJgMAyXQP0qWnCdsdHYAUz/74SWCoF6pFAtd6V2qZNmyZDhw6V+fPny+WXX14sQ3379pW33347mJljVBCoQgLblbjKLpDsvbFnXDVOjqxxhbiqwkTx0UYJcONtFK/VwRFY7tNPf7pnSAQElukaoE9NE7Y7PgIrmPn3ncBSadiwYYNMnTpVfvvb38ovfvELJzNvvfWW3HvvvbJ27Vrn39dee61MnjxZUlJSgpk5RgWBKiCwfW9kjSv1Z6wtVYmrtARJq8eMqypIER9ZiQS48a5E2JZ9FALLfcLpT/cMiYDAMl0D9KlpwnbHR2AFM/++FFilpWLnzp3O44U1atSQcDgsoRBfooNZuoyqMgmomVZqjSv1yGBMcVUvssZVKuKqMlPDZ1UhAW68qxB+wD8ageU+wfSne4ZEQGCZrgH61DRhu+MjsIKZf18JLPUGQvVI4OjRowtnXpWUFiWuunbtKp9++ilrYAWzbq0Y1bofC2T2/zsiy9YdlQOHY4sjK2AwSFcEkmuF5JyMajLgV9XllCYJrmJx8E8EuPGmGkwRQGC5J0t/umdIBASW6RqgT00Ttjs+AiuY+feVwBo+fLhMmDChzDcLHjp0SGrVquVkbNGiRdKjR49gZo9RBZaAkld3zDwgh44EdogMrAoI1Koekmeuq4XE0sSeG29NIAlTjAACy31R0J/uGRIBgWW6BuhT04Ttjo/ACmb+PS2wxo0bJ9nZ2YXkFy5cKCtXrpTLLrss5psFjxw5Il9//bUz+0ptq1evlrZt2wYze4wqsAQeffuQfLQyP7DjY2BVR+CC0xNl1G9qVt0JBOiTufEOUDI9NhQElvuE0J/uGRIBgWW6BuhT04Ttjo/ACmb+PS2w/vrXv8ott9xSYfItWrRwFnyvVq1ahWP48UA15pkzZ8p5550nF110UalD+OKLL+Sbb76RnJwc6dixo/NoZoMGDfw47ECd8+V/yeOxwUBl1DuDUY8Tvn1PkndOyMdnwo23j5Pn8VNHYLlPEP3pniEREFima4A+NU3Y7vgIrGDm39MCKz8/XwYOHCjff/+9Q3/NmjXOjKw2bdpIkyZNSsyIklW1a9eW9PR0GTlypPOnTdu+ffukS5cusmLFCvnTn/4kTzzxRInD37VrlwwePFjmz59f7Pcvvvii3HjjjTZh89xYuaB7LiWBOiEu6HrSSZ/q4UiU4gQQWO6rgv50z5AICCzTNUCfmiZsd3zud4OZf08LrKLI410DK5ipKntU6vHJa665Rt58801n51gCS4nBiy++WBYvXuzs17t3b8nIyBD1iObatWudnz3//PMybNiwsj+UPYwQ4IJuBCtBjxHggq6nFOhTPRyJgsAyUQP0pwmqxIwS4DqqpxboUz0ciVIyAfo0mJXhK4G1atUqyczMlHPOOUfS0tKCmZEKjuqrr76SIUOGODOvolssgTVnzhzp16+fs9u0adNk6NChzt8PHDgg/fv3l3nz5klycrL88MMPkpTEo0YVTImrw7igu8LHwWUQ4IKup0ToUz0ciYLAMlED9KcJqsREYOmtAfpUL0+inUiA+91gVoSvBFYwU+BuVOFwWEaNGiVjx44tFiiWwDr//POdRe7Vo5jqsczjt02bNhU+dvnSSy85Uoyt8glwQa985jZ9Ihd0PdmmT/VwJAoCy0QN0J8mqBITgaW3BuhTvTyJhsCyoQZ8J7A2b94szz77rPz973+XLVu2lJkjtb9azD2om3pssEaNGs7w1Kw0NbtKPWq5fPnyEh8hPHjwoLNGmNrU+lhKchXdunXrJkuWLJGePXvK+++/H1R0nh4XF3RPp8f3J4fA0pNC+lQPR6IgsEzUAP1pgioxEVh6a4A+1cuTaAgsG2rAVwIrNzfXeUtedJ2meBKk3sgX5IXclcBq1KiR3H///XLzzTc7j/517tw5psD6+uuvpVOnTg66RYsWSY8ePYphVIvfjx8/3hFiP/74YzyY2UczAS7omoES7gQCCCw9BUGf6uFIFASWiRqgP01QJSYCS28N0Kd6eRINgWVDDfhKYI0bN07uvfdeJy/nnnuuXHTRRdKyZUupXr16zFypNZ2Cvo6TWpQ9MTGxkEFpAuvDDz90FnBX23/+8x/p0KFDMXZKXimJpTYVW73Zka1yCXBBr1zetn0aAktPxulTPRyJgsAyUQP0pwmqxERg6a0B+lQvT6IhsGyoAV8JrCuvvFLmzp3rvDVP/VmauLIhebHGWJrAUtwUR7Wp9a6UACy6/e1vf5Pf//73zo/VrLe6devajLNKxs4FvUqwW/OhCCw9qaZP9XAkCgLLRA3QnyaoEhOBpbcG6FO9PImGwLKhBnwlsNRsIfWWPbX+1YABA2zIT4XGWJrA+sc//iFXX321Ezc7O1tSU1OLfcarr74qgwYNcn6ek5MjKSkpFToPDqo4AS7oFWfHkWUTQGCVzSiePejTeCixT0UIhETkw/vqVORQjjlGgP6kFEwS4Dqqhy59qocjUUomQJ8GszJ8JbDUG/GmT58us2fPFvVoIFvJBOJ9hDArK0tOPvnkYkGmTJkif/jDH5yfq0Xfa9asCepKJsAFvZKBW/ZxXND1JJw+1cORKMUJILDcVwX96Z4hEWIT4DqqpzroUz0ciYLAsqkGfCWwpk2bJr/73e/kggsukH/961825alcYy1NYH377bdy1llnOfG++uor6dixY7HYjz32mIwePdr5eTgcLtdnq52//PLLch/DAScS+PPCdiCBgDECT/RcbSy2TYHpU5uyXbljVQJrPH3qCjr96QofB5dBgOuonhKhT/VwJErJBOhT95Vx9tlnuw+iOYKvBJZ6495VV10l8+bNkyuuuMKRLBkZGdKgQQPNWPwdrjSBtWPHjsLHBtWC7hdeeGGxwd5zzz3y1FNPOWzXr19fbhgIrHIjK3YAF3T3DIkQmwAXdD3VQZ/q4UiU4gQQWO6rgv50z5AIXEdN1wB9apqw3fG533WffwSWS4YvvPCCvPjii7J8+fK4I23evFlatGgR9/5B2LE0gVVQUFD4VsH77rtP1Gyrolvbtm1l7dq1MnjwYJk5c2YQkPhuDEyp9l3KfHXCPPqgJ130qR6ORClZYLEGlrvKoD/d8ePo0glwHdVTIfSpHo5EKZkAfRrMyvDVDKzhw4fLhAkTypWJDRs2SHp6ermO8fvOpQksNbY777xTnnnmGUlLS5Nt27YVCi31O/VYYdS0zpgxQ6677jq/4/Dd+R8tELlk3H7fnTcn7B8CXND15Iobbz0ciYLAMlED9KcJqsSMEuA6qqcW6FM9HImCwLKpBnwlsD7//HP53//+V678qMXek5KSynWM33cuS2CtW7dOTjvtNGeY6m2Dam2xGjVqiJJ96pHCzMxMR25t3LhRatWq5Xccvjn//AKRrOwCycwukCfeO+Sb8+ZE/UeAG289OePGWw9HoiCwTNQA/WmCKjERWHprgD7Vy5NoJxLgfjeYFeErgRXMFOgfVVkCS31idBZW9NPbt28vK1asKDyZBQsWyKWXXqr/5IhYjED+UZHM7RFxpf6utqcWILAoFXMEuKDrYcuNtx6OREFgmagB+tMEVWIisPTWAH2qlyfREFg21IDvBZZ6S152drbUqVNH6tatK/n5+ZKYmGhD7mKO8Ve/+pUsW7ZMRowYIePGjYu533PPPSf33nuv5ObmFu7Tpk0befbZZ+WSSy6xmmFlDP6IElfZBc6sKzX76vgNgVUZGbD3MxBYenLPjbcejkRBYJmoAfrTBFViIrD01gB9qpcn0RBYNtSALwVWXl6eTJo0Sd58801nzSa1TZ48WW699VZp0qSJs/j4yJEjpXHjxjbk0NUYlQDMysqSrVu3SsuWLZ3/qlWr5iomB5dO4HC+SNaxGVdqvauSNgQWVWSSAAJLD11uvPVwJAoCy0QN0J8mqBITgaW3BuhTvTyJhsCyoQZ8J7DUY269e/eWLVu2nJAfJbAGDhwoKSkpzs/VTKJFixZJ8+bNbcgjY/QBgUNKXB1b46ogXPIJ10gUaZ2aILe8dMAHI+IU/UoAgaUnc9x46+FIFASWiRqgP01QJSYCS28N0Kd6eRINgWVDDfhKYKmZVx07dpS1a9c6uenSpYvz+JuSWkpgDRkyRLp37y7Lly93ft+vXz95/fXXbcgjY/QwgUNHflrjKhxDXNVU4iotQTLSEiQhJMIF3cMJDcCpIbD0JJE+1cORKAgsEzVAf5qgSkwElt4aoE/18iQaAsuGGvCVwFJrM91xxx2SnJwsS5culTPPPFNGjRoljz/+eOEjhGoNLPXvBx54wMmfepNeq1atbMglY/QYgYNKXB1b4yqGt5Ka1UUyUiPiKhT6aQBc0D2WzICdDgJLT0LpUz0ciYLAMlED9KcJqsREYOmtAfpUL0+iIbBsqAFfCSy1ttWsWbPk+eefl2HDhjn5KSqw1M+UxGrYsKEzO+uDDz6Qiy66yIZcMkaPEDhwODLjSj0uGGurpcRVWoIz6+o4b1W4Oxd0jyQzoKeBwNKTWPpUD0eiILBM1AD9aYIqMRFYemuAPtXLk2gILBtqwFcCq0OHDs7jgp9//rmcc845MQWW+oV6fHDOnDkyc+ZMZ1F3NgiYJpB3OCxZ2WFngfZYW+0akRlXSlyVtnFBN50tu+MjsPTknz7Vw5EoCCwTNUB/mqBKTASW3hqgT/XyJBoCy4Ya8JXAuvzyy2X+/Pny7rvvSp8+fUoVWJ07d3bWwlILuffo0cOGXDLGKiKw/1BEXG3YEVtcJdWIrHGlFmiPZ+OCHg8l9qkoAQRWRcmdeBx9qocjURBYJmqA/jRBlZgILL01QJ/q5Uk0BJYNNeArgTVmzBh59NFHndlXag2sxMTEEh8hfO+99woF17Zt26Rp06Y25JIxVjIBJa4ys8OysTRxVTMkGakhOTlOcRUdAhf0Sk6mZR+HwNKTcPpUD0eiILBM1AD9aYIqMRFYemuAPtXLk2gILBtqwFcC67///a+0b9/eyUvXrl3lySeflDfeeEMmTpzoLOLev39/eemll2TEiBHOPj179pT333/fhjwyxkoksO9gRFxt2hl7xlUdJa7SQpLeOL4ZV0VPnwt6JSbUwo9CYOlJOn2qhyNREFgmaoD+NEGVmAgsvTVAn+rlSTQElg014CuBpRIyYcIEGT58eFy54Q2EcWFipzgJ5B4TV5tLEVd1a0VmXLWqoLiKngoX9DiTwm4VIoDAqhC2YgfRp3o4EgWBZaIG6E8TVImJwNJbA/SpXp5EQ2DZUAO+E1jhcNiZdXXHHXdIdnZ2iTm6+OKL5ZlnnpF27drZkEPGaJjA3gORNa4258SecZVcKySt00LSqlHFZlwVHQIXdMNJtTw8AktPAdCnejgSBYFlogboTxNUiYnA0lsD9KlenkRDYNlQA74TWNGk5OXlOetgrV+/XtRMK7Ue1qmnnupIK7WAOxsE3BLYc0xcbSlFXNWrHXIWZm/ZKOT24044ngu6VpwEK0IAgaWnJOhTPRyJgsAyUQP0pwmqxERg6a0B+lQvT6IhsGyoAd8KLCWuqlevLq1atSrMkxJaP/74o6gZWHXr1rUhf4zRAIE9eWqNqwLZuiscM7oSVxlpCdKioV5xFf1ALugGEkvIQgIILD3FQJ/q4UgUBJaJGqA/TVAlJgJLbw3Qp3p5Eg2BZUMN+E5gKUE1ePBg+eCDD5z1sO65557CPN17770ybtw459+zZ892FnVng0C8BHYfE1fbShFX9ZPUGlcJ0tyQuEJgxZst9nNDAIHlht5Px3LjrYcjURBYJmqA/jRBlZgILL01QJ/q5Uk0BJYNNeArgXXgwAE588wzJTMz08nNLbfcIlOmTCnMk1rcXUmt6Pb3v/9dBgwYYEMeGaMLArv2qzWuCmTb7tgzrhoocZWWIM1SzMy4Knr6XNBdJJRDyySAwCoTUVw70KdxYWKnChBQV5oP76tTgSM5JEqA/qQWTBLgOqqHLn2qhyNRSiZAnwazMnwlsJ577jm57bbbnEyoP0ePHi1NmjQ5ITNZWVkybNgwWbhwoaSlpYn6d1JSUjCzx6hcEcg5Jq6+L0VcpdRRi7MnSLMGlSOuuPF2lVIOjpMAdNwYtAAAIABJREFUF/Q4QZWxGzfeejgSpTgBBJb7qqA/3TMkQmwCXEf1VAd9qocjURBYNtWArwTWlVdeKXPnzpXbb7/dectgrG3r1q3SokUL59fLli2TX/7ylzbllLGWQSBnX2SNqx/2xJ5x1fCYuGpayeIKgUX5VgYBbrz1UObGWw9HoiCwTNQA/WmCKjGjBLiO6qkF+lQPR6IgsGyqAV8JrA4dOsiKFStk0aJF0qNHj1LzdOGFFzr7zZo1SwYOHGhTThlrDAI7j4mrH0sTV3UjjwqeVL9yZ1wVPWUu6JSxSQLceOuhS5/q4UgUBJaJGqA/TVAlJgJLbw3Qp3p5Eu1EAtzvBrMifCWwojOw3nnnHfn1r38dl8BasGCBXHrppcHMHqOKi8CO3MiMq+y9sWdcNTomrppUsbiKDogLelypZacKEuCCXkFwRQ6jT/VwJAoCy0QN0J8mqBITgaW3BuhTvTyJhsCyoQZ8JbCia2Cde+658u9//1uqV69eYo4+++wzUfuobdOmTdKyZUsbcskYixDYnhtZnL00cdU4OTLjKq1e1c64Kpo8LuiUs0kCCCw9dOlTPRyJgsAyUQP0pwmqxERg6a0B+lQvT6IhsGyoAV8JrG+//VbOOussJy9du3aVhx9+WDp37uws0h4Oh2X79u2i3jw4ZswYyc3Ndfb5+OOPJRTylpywobCqcoxKWClxpQRWrC01ObI4u9fEVfR8uaBXZQUF/7MRWHpyTJ/q4UgUBJaJGqA/TVAlJgJLbw3Qp3p5Eg2BZUMN+EpgqYRMnz5dhgwZckJukpOTHWFVdMvMzJTWrVvbkEfGKOLMtFKPCqpHBmOKq3qRGVdKYHl544Lu5ez4/9wQWHpySJ/q4UgUBJaJGqA/TVAlJgJLbw3Qp3p5Eg2BZUMN+E5gqaSoda369+9forRSv+/Tp488+eST0rZtWxtyaP0Y1aLsSlypRdpjbWqmlRJX6pFBP2xc0P2QJf+eIwJLT+7oUz0ciYLAMlED9KcJqsREYOmtAfpUL0+iIbBsqAFfCaz8/HwnJ4mJiVJQUCAbNmwQ9Vjh6tWrpVq1anLKKafIaaedJmeccYYNubN+jD8cE1c5pYgrtSi7EldqkXY/bVzQ/ZQt/50rAktPzuhTPRyJgsAyUQP0pwmqxERg6a0B+lQvT6IhsGyoAV8JrNdff11uuukmGTZsmDz22GOOyGKzj8D3uyNrXOXsjz3j6qRj4qqhz8RVNJtc0O2r68ocMQJLD236VA9HoiCwTNQA/WmCKjERWHprgD7Vy5NoCCwbasBXAuuaa66R2bNnS0ZGhqxfv96G/DDG4whsOyaudpUirpo2iCzO3rCOv2ZcFU00F3RK3yQBBJYeuvSpHo5EQWCZqAH60wRVYiKw9NYAfaqXJ9EQWDbUgK8E1q9+9StZtmyZ9O7dW9577z0b8sMYRWTbrsgaV7vzYs+4UuJKPSqY4nNxFU04F3RK3yQBBJYeuvSpHo5EQWCZqAH60wRVYiKw9NYAfaqXJ9EQWDbUgK8E1qRJk+Tuu+928vLpp5/KeeedZ0OOrB3j1mPiak8p4qpZSkRcNUjy94yroknmgm5t2VfKwBFYejDTp3o4EgWBZaIG6E8TVImJwNJbA/SpXp5EQ2DZUAO+ElgbN2501sD64IMPnNxcfPHF0q5dO+eRwpo1a5aYr+uuu07q1KljQy4DM8YtOZEZV3sPxJ5x1fyYuKofMHEVTSIX9MCUsycHgsDSkxb6VA9HoiCwTNQA/WmCKjERWHprgD7Vy5NoCCwbasBXAmv48OEyYcKEcuVFvakwPT29XMewc9UQ2JwTWZy9NHHVomFkjav6tYM146oocS7oVVODtnwqAktPpulTPRyJgsAyUQP0pwmqxERg6a0B+lQvT6IhsGyoAV8JrAcffFAmTpxYrrysWrVKmjdvXq5j2LlyCWzeWSCZ2WHJPRh7xlXLhgnSOi0k9QIurqLkuaBXbg3a9mkILD0Zp0/1cCQKAstEDdCfJqgSE4GltwboU708iYbAsqEGfCWwbEiITWPctKNAMreHZV9p4qpRgmSkhSS5VrBnXBXNOxd0mzqh8seKwNLDnD7Vw5EoCCwTNUB/mqBKTASW3hqgT/XyJBoCy4YaQGDZkGWPjXGjElfZYdl/KPaMq1bHxFVdy8RVNFVc0D1WtAE7HQSWnoTSp3o4EgWBZaIG6E8TVImJwNJbA/SpXp5EQ2DZUAO+FViffPKJzJs3T9asWSPqMcExY8bIoEGDZPDgwdKvXz/p1auXVKtWzYYc+maMG7YXSNb20sVVeuPIjKs6Ne2acVU0iVzQfVPWvjxRBJaetNGnejgSBYFlogboTxNUiYnA0lsD9KlenkRDYNlQA74TWDt37pTbbrtNZs+efUJ+Jk+eLEOHDpWkpCTn5wMGDJAZM2ZIjRo1bMijp8eYpcRVdljyDseecXVy48gaV7aLq2giuaB7uqR9f3IILD0ppE/1cCQKAstEDdCfJqgSE4GltwboU708iYbAsqEGfCWwwuGw9O3b15l5Fd2Sk5MlNzdXlMC69tprnTcOqn+rbeTIkTJ27Fgb8ujJMao3Cqo1rg6UIq5ap0bEVVINu2dcFU0gF3RPlnRgTgqBpSeV9KkejkRBYJmoAfrTBFViIrD01gB9qpcn0RBYNtSArwTWnDlznMcD1TZ16lS55pprZPz48fL44487AuvWW2+VzZs3y8033ywLFixw9svJyZGUlBQbcumZMaq3Cq75vkAOHol9SkpcZaQlSG0myJUIiQu6Z8o5kCeCwNKTVvpUD0eiILBM1AD9aYIqMRFYemuAPtXLk2gILBtqwFcCa9iwYY64On5m1ahRo04QWCpp+/btEzUzS21LliyR888/34ZcemaMH608GnOBdiWt1H+1qnvmdD15IlzQPZmWwJwUAktPKulTPRyJgsAyUQP0pwmqxERg6a0B+lQvT6IhsGyoAV8JrM6dO8vy5ctPkFIlCSyVuMsvv1zmz58vr7zyirO4O1vlESgqsEIhkYxjM65qIq7iSgQX9LgwsVMFCSCwKgiuyGH0qR6OREFgmagB+tMEVWIisPTWAH2qlyfREFg21ICvBFa3bt0cebVo0SLp0aOHk59YAuvSSy+VhQsXynvvvSe9e/e2IZeeGWNUYCUocZWm1rhKkJqJnjk9X5wIF3RfpMm3J4nA0pM6+lQPR6IgsEzUAP1pgioxEVh6a4A+1cuTaAgsG2rAVwLr7rvvlkmTJsn1118v06dPjymwVq1aJaeffrrz+3Xr1skpp5xiQy49M8aPVx+VJvVDzqyrGoirCuWFC3qFsHFQnAQQWHGCKmM3+lQPR6IgsEzUAP1pgioxEVh6a4A+1cuTaAgsG2rAVwJLLczeq1cvJy9jxoxxZl89/PDDJ6yBtXTpUhkyZIisXbtWMjIynD+rVatmQy49M8b8oyKJIHeVDy7orvBxcBkEEFh6SoQ+1cORKAgsEzVAf5qgSkwElt4aoE/18iQaAsuGGvCVwFIJUXIqOvvq+AS1adNGEhMTZeXKlYU//uSTT6RLly425JExBowAF/SAJdRjw0Fg6UkIfaqHI1EQWCZqgP40QZWYCCy9NUCf6uVJNASWDTXgO4GVm5srI0aMkClTpsTMj3oDofr9wIEDbcghYwwgAS7oAUyqh4aEwNKTDPpUD0eiILBM1AD9aYIqMRFYemuAPtXLk2gILBtqwHcCK5qUb775Rt566y1ZvXq1819SUpK0a9dOzjzzTBk6dKikpKTYkD/GGFACXNADmliPDAuBpScR9KkejkRBYJmoAfrTBFViIrD01gB9qpcn0RBYNtSAbwWWDclhjPYS4IJub+4rY+QILD2U6VM9HImCwDJRA/SnCarERGDprQH6VC9PoiGwbKgBXwisgwcPyooVK+TLL78U9XigesPgz3/+c0lISLAhR4zRQgJc0C1MeiUOGYGlBzZ9qocjURBYJmqA/jRBlZgILL01QJ/q5Uk0BJYNNeB5gfX+++9Lv379RK19dfymFmefOnWq88ggGwSCRoALetAy6q3xILD05IM+1cORKAgsEzVAf5qgSkwElt4aoE/18iQaAsuGGvC0wJo/f75cfvnlMfOQlpYm3333ndSrV8+GXDFGiwhwQbco2VUwVASWHuj0qR6OREFgmagB+tMEVWIisPTWAH2qlyfREFg21ICnBdaFF14oixYtcvLwxz/+UXr37i2JiYnOzKvXXnvN+fnIkSNl7NixNuSKMVpEgAu6RcmugqEisPRAp0/1cCQKAstEDdCfJqgSE4GltwboU708iYbAsqEGPCuwtm3bJs2bN3dyMGLECBk3btwJ+bj00ktl4cKF0qZNG1mzZo0NuWKMFhHggm5RsqtgqAgsPdDpUz0ciYLAMlED9KcJqsREYOmtAfpUL0+iIbBsqAHPCqylS5eKWudKbTt27JBGjRqdkI+5c+fKlVde6fysoKBAQqGQDflijJYQ4IJuSaKraJgILD3g6VM9HImCwDJRA/SnCarERGDprQH6VC9PoiGwbKgBzwqsf/7zn9KzZ08nB0ePHi32xkH1RsJf/OIXzu9//PFHUethsUEgKAS4oAclk94cBwJLT17oUz0ciYLAMlED9KcJqsREYOmtAfpUL0+iIbBsqAHPCqwFCxZIr169nByEw+FiuVi/fr2ceuqpzs/XrVsnp5xyig35YoyWEOCCbkmiq2iYCCw94OlTPRyJgsAyUQP0pwmqxERg6a0B+lQvT6IhsGyoAd8KrMzMzEJphcCyoVTtGiMXdLvyXdmjRWDpIU6f6uFIFASWiRqgP01QJSYCS28N0Kd6eRINgWVDDSCwbMgyY/QdAS7ovkuZr04YgaUnXfSpHo5EQWCZqAH60wRVYiKw9NYAfaqXJ9EQWDbUAALLhiwzRt8R4ILuu5T56oQRWHrSRZ/q4UgUBJaJGqA/TVAlJgJLbw3Qp3p5Eg2BZUMN+EJg3XDDDcVysWvXLnnnnXecn/ft21dSUlJKzNfEiRNj/s6GBDNGfxLggu7PvPnlrBFYejJFn+rhSBQElokaoD9NUCUmAktvDdCnenkSDYFlQw34QmC5ScSGDRskPT3dTQiOhUClE+CCXunIrfpABJaedNOnejgSBYFlogboTxNUiYnA0lsD9KlenkRDYNlQA54VWB9//LEMGjTIdQ4+++wzadasmes4BIBAZRLggl6ZtO37LASWnpzTp3o4EgWBZaIG6E8TVImJwNJbA/SpXp5EQ2DZUAOeFVg2wGeMEIhFgAs6tWGSAAJLD136VA9HoiCwTNQA/WmCKjERWHprgD7Vy5NoCCwbagCBZUOWGaPvCHBB913KfHXCCCw96aJP9XAkCgLLRA3QnyaoEhOBpbcG6FO9PImGwLKhBhBYNmSZMfqOABd036XMVyeMwNKTLvpUD0eiILBM1AD9aYIqMRFYemuAPtXLk2gILBtqAIFlQ5YZo+8IcEH3Xcp8dcIILD3pok/1cCQKAstEDdCfJqgSE4GltwboU708iYbAsqEGEFg2ZJkx+o4AF3TfpcxXJ4zA0pMu+lQPR6IgsEzUAP1pgioxEVh6a4A+1cuTaAgsG2oAgWVDlhmj7whwQfddynx1wggsPemiT/VwJAoCy0QN0J8mqBITgaW3BuhTvTyJhsCyoQYQWDZkmTH6jgAXdN+lzFcnjMDSky76VA9HoiCwTNQA/WmCKjERWHprgD7Vy5NoCCwbagCBZUOWGaPvCHBB913KfHXCCCw96aJP9XAkCgLLRA3QnyaoEhOBpbcG6FO9PImGwLKhBhBYNmSZMfqOABd036Xs/7d3JsBSFdcfPooCIkY0giuiKLikwAJRI65IEBU1RgWiBUZETXDBSMUFNXEvxZQbiloKuMVK4r6DUQml0RiDIkiiIApuiMYCFfeNf53O/04us7z3eJyed7v766pUePNmzvT5fufYM7/Xt29QE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpBZXIMjgALenCSBTVhDCwbuehTG45EwcDyUQP0pw+qxMTAsq0B+tSWJ9EwsFKoAQysFFQmx+AIsKAHJ1lQE8bAspGLPrXhSBQMLB81QH/6oEpMDCzbGqBPbXkSDQMrhRrAwEpB5QZynDFjhsyaNUuWLFkivXr1kj59+kiHDh0Sp9Ly6bOgt7wGMc8AA8tGXfrUhiNRMLB81AD96YMqMTGwbGuAPrXlSTQMrBRqAAMrBZWr5Lh06VIZPny4PPLIIxW/nThxoowcOTJRMsVImwW9GDrEOgsMLBtl6VMbjkTBwPJRA/SnD6rExMCyrQH61JYn0TCwUqgBDKwUVC7L8dtvv5UBAwbI9OnT3W8GDRokXbt2lccee0zmzZvnHrvuuutk1KhRCdIpRsos6MXQIdZZYGDZKEuf2nAkCgaWjxqgP31QJSYGlm0N0Ke2PImGgZVCDWBgpaByWY533XWXDBkyxD06adIkOeaYY9y/v/jiCxk6dKg89NBDss4668jixYulXbt2CRJq+ZRZ0Fteg5hngIFloy59asORKBhYPmqA/vRBlZgYWLY1QJ/a8iQaBlYKNYCBlYLKZTnuvvvu8swzz0j37t1l7ty5K/z2rbfeki5durjHJk+eLCNGjEiQUMunzILe8hrEPAMMLBt16VMbjkTBwPJRA/SnD6rExMCyrQH61JYn0TCwUqgBDKwUVM7l+OWXX8paa63lHrnsssvktNNOqyCw5557ytNPPy0DBw6UqVOnJkaoGOmyoBdDh1hngYFloyx9asORKBhYPmqA/vRBlZgYWLY1QJ/a8iQaBlYKNYCBlYLKuRxnzpwpvXv3do9MmzZN+vXrV0HgzDPPlHHjxkmnTp3k/fffT4xQMdJlQS+GDrHOAgPLRln61IYjUTCwfNQA/emDKjExsGxrgD615Uk0DKwUagADKwWVczk+8cQT7gB3HS+99JLssMMOFQTUvFITS4ce+N6qVavEKLV8uizoLa9BzDPAwLJRlz614UgUDCwfNUB/+qBKTAws2xqgT215Eg0DK4UawMBKQeVcjvfdd58ceuih7hE976pz584VBG666SY5/vjj3ePLli2T9u3bJ0ap5dNlQW95DWKeAQaWjbr0qQ1HomBg+agB+tMHVWJiYNnWAH1qy5NoGFgp1AAGVgoq53K8++67ZfDgwe6RDz74QDp27FhB4I477pBhw4a5x5csWSLrrbdeYpRaPl0W9JbXIOYZYGDZqEuf2nAkSnUC9OmqVQb9uWr8eHXDBOhPmwqhT204EoV1NKUawMBKSW0RyV9CuGDBAtliiy0qCFx//fVywgknuMf10Pc2bdqsFKU+ffqs1PN5MgQgAAEIQAACEIAABCAAAQhAAALFITBjxoziTOb/Z4KBVThJ/E5ozpw50qNHD/cmL774ovTq1aviDS+++GI555xz3OPLly9f6QlhYK00Ml4AAQhAAAIQgAAEIAABCEAAAhAoDAEMrMJIke5EPvzww9Jlg7obq3///hUwxowZI1deeaV07dpVXn/99XRhkTkEIAABCEAAAhCAAAQgAAEIQAAChSDADqxCyFC/SXz//feluwqeddZZorutysc222wj8+bNk+HDh8ttt91Wv8nxThBfE49+AAAXK0lEQVSAAAQgAAEIQAACEIAABCAAAQhAoAoBDKwEy+KUU06R8ePHS6dOnWTRokUlQ0tR6GWFO+64o6Ny6623ylFHHZUgIVKGAAQgAAEIQAACEIAABCAAAQhAoEgEMLCKpEad5jJ//nzp1q2beze92+CkSZOkdevWsnDhQndJ4RtvvOHMrTfffFPatm1bp1nxNhCAAAQgAAEIQAACEIAABCAAAQhAoDoBDKxEKyPbhZWl37NnT5k9e3aJxpQpU2S//fZLlA5pQwACEIAABCAAAQhAAAIQgAAEIFAkAhhYRVKjznOZMGGCjB07VpYtW1Z65+7du8s111wj++67b51nw9tBAAIQgAAEIAABCEAAAhCAAAQgAIHqBDCwEq+M5cuXy4IFC+Tdd9+Vzp07u/+1atUqcSqkDwEIQAACEIAABCAAAQhAAAIQgECRCGBgFUkN5gIBCEAAAhCAAAQgAAEIQAACEIAABCBQQQADi6KAAAQgAAEIQAACEIAABCAAAQhAAAIQKDQBDKxCy8PkIAABCEAAAhCAAAQgAAEIQAACEIAABDCwqAEIQAACEIAABCAAAQhAAAIQgAAEIACBQhPAwCq0PEwOAhCAAAQgAAEIQAACEIAABCAAAQhAAAOLGoAABOpC4Ntvv5XnnntO5s+fL++9955svvnmsu2220rv3r1ltdVWqzkHvUvms88+K2+//bZ0795ddtllF9l0002bPOeFCxfKbbfdJn379pWf/OQnNV/39ddfy4svvigvv/yyfPTRR9K1a1f3/HXXXbfJ78UTIRAygeb2qPbLX//6V3n99ddlgw02cD26zTbbyOqrr14Tx8cffyz/+Mc/3Gs+/fRT2XrrraVHjx7u/xsaM2bMkFmzZsmSJUukV69e0qdPH+nQoUPI2Jk7BJpMIIQezSdzyy23uLX79NNPlzZt2jQ5T54IgZAJzJ49W1555RXRz58//OEP3WfXnXbaSdZaa62aadVzHW3O/ELWg7nHRwADKz5NyQgChSPw1FNPyahRo+Tf//53xdz22WcfueGGG6Rbt24r/G758uUyduxYGTduXMVrRo4c6V6zxhprNJirfjHebbfdRBfr0047TS677LKqz1fTatiwYe55+bHOOuvI+PHj5eijjy4cUyYEAUsCzelRff8///nPctxxx8myZctWmI4a01OnTpWOHTtWTPPGG2+U3/zmNxWv0SeedNJJctFFF1UYx0uXLpXhw4fLI488UhFv4sSJov9NYEAgZgJF79Fy9n/4wx9cz+pQw3m99daLWR5yg4AzrEaPHi0PPfRQBQ39o+j1118v++67b8Xv6rWONnd+SAuBohHAwCqaIswHApERePXVV2W77bYrZXXkkUe63Ve6i2LKlCnu8c0228ztfMrvpDjvvPPk/PPPd7/XL8N77bWX6O6Lp59+2j02ePBgufPOO2vS+uabb+SII46Qe+65xz2nloGlO0Dyuz72339/2X777UW/LPzzn/90r33yySdFjTYGBGIk0Nwe/ctf/iIDBw4s9fDBBx8s77//fqnn9K/OuntS/wKdjfyX2k6dOsmhhx4qa6+9tjz++OMlA/mnP/2p3H///aXX6K6TAQMGyPTp091jgwYNcjskH3vsMZk3b5577LrrrnMmOQMCMRIoeo+WM9e+1z8eZQMDK8aqJKc8gc8//9ztssr+UKtrln52XbRokdx+++2lpz7//PPuedmo1zra3PmhMgSKSAADq4iqMCcIRERA/9qkX051N5NeQqjmUDbuvfdeOeyww9yPeolBtttKLzlQk0uH7n666aabSrutLr74YjnnnHPc7/7+97/Lj3/84wpaeingiBEjVthRVcvAOuCAA0pGmn5p1i/POr7//ns599xz3W4QnfvMmTNlq622ikgZUoHAfwk0p0e1P9SYVgOpZ8+eMm3atJJR9cQTTzjDSYf2tPa2Dv0ArWaVDu3bRx99tLQr47vvvnPPu+KKK9zvH374YWdU6bjrrrtkyJAh7t+TJk2SY445xv37iy++kKFDh7q/dmuPLl68WNq1a4esEIiOQNF7NAP+1VdfyaWXXir6B6j8wMCKriRJqIzAJZdcImeddZZ79I9//KP8/Oc/Lz1j7ty5zrTSncpqar3wwgvud/VcR5szP0SGQFEJYGAVVRnmBYEICOS/sOoX01NPPbUiK92Bcd9997kvtGpI6dCdV9kH4HfffVc22WST0uv00kLdMfXGG2+4yxP0fKts6O/OPvts0YW6fFQzsHS3yEYbbeSeOmbMGLn88stXeJnu/PjRj37kvqSffPLJ7nJCBgRiItDcHlXDqn///g6FGkyHH374Clh++ctfil4qqLsr9Rw7vdxXd1D169fPPU93N+r5VfmhuyZ1t5Z+yFeT+sILL3S/3n333eWZZ55x54joF4H8eOutt6RLly7uocmTJzvjmgGBmAiE0KPKWy/B113P1Y4KwMCKqSLJpRqBPffc010hcNBBB8mDDz5Y8ZRrr73WfY7U8cknn7g/utRzHW3O/FAaAkUlgIFVVGWYFwQiIKBfNnUHlZpNDzzwQNXdUnoWjhpHejmRGko69IuxLux6OZ/u0igfF1xwgdsdpUO/9GZnYem/W7du7R7XePrFWuPrl+VqBpZ+2NBFXUe1L9T6uO4K+f3vf+8uWdLLDRkQiIlAc3s02wlZa+eTHuqeXXab7ZS8++67nbn8zjvviBrT1c6w22GHHdwX4cyc/vLLL0sH3+oZdtrH5SP7YK6XM+q5WwwIxESg6D2asVbD+Xe/+5378Ve/+pW7CUpmbGNgxVSR5FJOQP94qp9XX3vtNXeOY7U/1upOYb3MXodeEqw3OqnXOtrc+aE0BIpKAAOrqMowLwgkQEAXVb1jmZpHebMquyuh7sTKPhDncehBzgceeKB7SHdHZQfAZzs49DW6A0S/XO+88841DSw9ODPb5l2+06vah3L9Ms2dlBIoTFIsEajVo4cccogzpffYYw93Xlz50DsqZYc2N3Vn1Icfflg69D0zq/TSXb3kQoea2tkOrvz7nXnmme5SxbwJjoQQSIVAS/dofq3UO4vq7kndUZ0/2wcDK5VqJM9aBLJ1Sn+f/eG1XutoU1SpNr+mvI7nQKAlCGBgtQR13hMCEHAE8mfb6C4n3S2Vv1xCt1yfeOKJFbTyB8TqLiq9xCgbetlffmdHQwaWftjOztDSS5T69u1b8V7HHnusO3dHh+4Q0y/JDAikQqBaj2ru2WV9P/vZz0TPsisferZHq1at3MP6V+bsbJCGuOnlFdrzOvS8PDW38+dpvfTSS6I7tMqHmlf64VuH9n/2vqloRJ5pE2jpHq219mJgpV2XZP8/Anr3vy233NI9kP9jbb3W0ca0qDW/xl7H7yHQUgQwsFqKPO8LgcQJ6CGW2Rk4eraN3pWwbdu28sEHH8iGG27o6JQfhJkhe+WVV0qHweudyKrdljh7bkMG1tKlS2X99dd3Ty2/85k+pruy9AyfbOj28PwdCxOXkPQjJ1CrRzVtPRtOz7rRS4X01uDVxg9+8AN3npWaV2piNTT0Rg3HH3+8e8pxxx3nzs/Soefj6Tl5OvS8q86dO1eEyb9W3699+/aRK0N6EPgvgSL0aC0tMLCoUgiI6O5D3amcnQ2Xv2qgXutoQzo0ND/0g0BRCWBgFVUZ5gWBiAnoXQL33ntv9+VWR/78qffee690aPs999xT+vKax/Hmm2/KFlts4R7ScwWyywmrIWvIwNLn53d9DBs2zJ2tpYfG6xcD3X2lHzayMX/+fO5EGHFdktr/CDTUo/osPb9De2P06NFy9dVXV0WnZpOed1XrDqDZi/RGDL/4xS/cj3rWnL73uuuu637Wc7MGDx7s/q3mdseOHSve64477hDtXR1cqkQVp0KgKD1aizcGViqVSJ61COhl8Xqna/2Mq2PChAlywgknlJ5er3W0ufNDWQgUlQAGVlGVYV4QiJTAlClT3IKejccff9wd9pqN/CWEt99+e+mLaR7Hyy+/LD179nQP1ToXJ3t+YwaW7sLSywjzRlX+vQ477DBRI62hL9CRSkVaiRJorEcVS3bpw8iRI2XixIlVSWU7sGqdZadn9+jOrN/+9rfu9brbUS/l3XzzzUvx8pcQ6t0MM+M6/4a6Ayz7UsA5dYkWbWJpF6lHa6HHwEqsKEl3BQJ60x+9OkBvYqRDb3Kg58PlR73W0WrSNGV+SAqBohLAwCqqMswLAhES0C+6enmQDj1gXT+E77bbbhWZZl98r7nmGndHl/KRv3vgjBkzZMcdd6xJqzEDS1/42WefuTN0br311tKuMN0hpl+K9Syf7KB3vhxHWJSktAKBpvbo0KFD5c4775RaZ2DpWVRrrrmmi33llVfKr3/96xXeRw+xHTVqVOl8OTWk9b8HuvsxP+bMmSM9evRwD+mOk169elUolt3JSX+hphgDAjETKFqP1mKNgRVzFZJbQwT0fNUBAwaUPk/WOs+1Xuto+VybOj9UhkBRCWBgFVUZ5gWBiAjol0q9M+BFF13kstKdFrrzatttt62aZXYuwHnnnecu6Ssf999/v/virOPtt99e4Zyq8uc2xcDKXqPz1HOv9O5pa6+9tnv4kksucWf46Jz1vRgQiJHAyvbomDFjnDGlBvTf/va3CiT/+c9/Sjc8KD/LTi8d1ssC9fw6HQMHDnRmmBrX5SN/Z0LdjdW/f/+K52Rz0csP9a/KDAjESKCoPVqLNQZWjFVITo0RePDBB92ZqtnQz6v5n/Ovr9c6mn/PlZlfY7nyewi0FAEMrJYiz/tCICEC+dvz6uV6uqBnB7VXw5DdWninnXaS559/vuIp2blVekdAvTNgQ6MhA0u/EDz55JOyePFi90U8u0tMPl5mph199NFy8803J6QaqaZEYGV7VM+9ynZVVTt3Kn9ntPyhtXqJ8KBBg2T69OkOrx4CP378+NJurXLm+bsZ1joMPjtHZPjw4aLnaTEgECOBovYoBlaM1UZOzSGQN4f08+nDDz8s+jm21qjXOpq9/8rOrzkMeA0E6kEAA6selHkPCCRMIH8XMb19sB7K3K5duwaJ3HvvvaJnT+nIf/nVn7/66it3kLPu4miKqdSQgfXdd9+53VYaSw+B1jO38kO/ZPfr1889VOtA+YSlJfVICDSnRxctWiSbbrqpIzB58mQZMWLECjQyE1p3LurdA1dbbTX3+1NPPVWuuuoq92/dXam7LBsbp5xyijO59AuBvm+rVq1KL9HLCrNLiPUS4KOOOqqxcPweAsERKHqPVgPKDqzgyowJrwIBXee6dOniIui6p58ft9pqqwYj1nMdbc78VgEHL4WAVwIYWF7xEhwCaRP49NNP3QKudw/ToZcJZXcXKyezxhpryD777OMe1vNzdDeU3sFs++23F710aOONNxbdvXHkkUfKAw884J43a9as0mHutUg3dgmhHkKtX8B16CVNeomSfkF+9tlnZb/99nPmlp7PM3PmTFl99dXTFpTsoyPQ3B5VEFnv6Hl2U6dOlb59+7ozqMaNGydjx451rPJnf2gP9e7du/QBf9KkSTV5qkmdnXeld//s1q2be64azfq61q1by8KFC12/6iG5am7p3Unbtm0bnUYklDaBEHq0mkIYWGnXbWrZH3744aUb/lx66aVVz2vMmOha2b59e/djvdbR5s4vNR3JNwwCGFhh6MQsIRAkgfzdwZqSQP4A5vwlSPpaNZFmz55dCqN3LrvgggsaDduYgaVnXm233Xalwzb1i7COzHTTL+d64KU+hwGB2AisSo/OnTvXXR6hJq+O7t27y0cffVTqHTWkH330UWnTpo37fXZgbVMY6pkheqlxNrJdWNnP5f890APg1XBmQCA2AqH0aDl3DKzYKpF8ahHI3xm7KZReeOGF0h9z6rGOrsr8mpIPz4FAvQlgYNWbOO8HgYQI6F3GbrjhhiZnXH4HsaeeespdmpTdhlgDqaGktyMePXp06bKkht5g1113leeee07OOOMM0b+KVRv/+te/XLxp06at8OshQ4aI3uFs6623bnIOPBECIRFY1R7VyxJ0V5TeGTQ/9O6hetOG/I7L7Dy5pvCpdnfDCRMmuJ1dmWGmcdQ007uV6u3KGRCIkUBIPZrnrzun9U5sOpYuXSodOnSIUR5ygoD86U9/kiOOOKLJJMrvqOt7HV3V+TU5MZ4IgToRwMCqE2jeBgIQaD4B3Q2lf6XaYIMN3KWFvi4T0gPhFyxY4A6U1jua6flYDAhAoHECepnTnDlz3G4r7Z1alwo3HqnhZ6jJrT2qOyc7d+7s/pc/E2tV4/N6CMRKoF49Gis/8oKAbwL0qG/CxI+FAAZWLEqSBwQgAAEIQAACEIAABCAAAQhAAAIQiJQABlakwpIWBCAAAQhAAAIQgAAEIAABCEAAAhCIhQAGVixKkgcEIAABCEAAAhCAAAQgAAEIQAACEIiUAAZWpMKSFgQgAAEIQAACEIAABCAAAQhAAAIQiIUABlYsSpIHBCAAAQhAAAIQgAAEIAABCEAAAhCIlAAGVqTCkhYEIAABCEAAAhCAAAQgAAEIQAACEIiFAAZWLEqSBwQgAAEIQAACEIAABCAAAQhAAAIQiJQABlakwpIWBCAAAQhAAAIQgAAEIAABCEAAAhCIhQAGVixKkgcEIAABCEAAAhCAAAQgAAEIQAACEIiUAAZWpMKSFgQgAAEIQAACEIAABCAAAQhAAAIQiIUABlYsSpIHBCAAAQhAAAIQgAAEIAABCEAAAhCIlAAGVqTCkhYEIAABCEAAAhCAAAQgAAEIQAACEIiFAAZWLEqSBwQgAAEIQAACEIAABCAAAQhAAAIQiJQABlakwpIWBCAAAQhAAAIQgAAEIAABCEAAAhCIhQAGVixKkgcEIAABCEAAAhCAAAQgAAEIQAACEIiUAAZWpMKSFgQgAAEIQAACEIAABCAAAQhAAAIQiIUABlYsSpIHBCAAAQhAAAIQgAAEIAABCEAAAhCIlAAGVqTCkhYEIAABCEAAAhCAAAQgAAEIQAACEIiFAAZWLEqSBwQgAAEIQAACEIAABCAAAQhAAAIQiJQABlakwpIWBCAAAQhAAAIQgAAEIAABCEAAAhCIhQAGVixKkgcEIAABCEAAAhCAAAQgAAEIQAACEIiUAAZWpMKSFgQgAAEIQAACEIAABCAAAQhAAAIQiIUABlYsSpIHBCAAAQhAAAIQgAAEIAABCEAAAhCIlAAGVqTCkhYEIAABCEAAAhCAAAQgAAEIQAACEIiFAAZWLEqSBwQgAAEIQAACEIAABCAAAQhAAAIQiJQABlakwpIWBCAAAQhAAAIQgAAEIAABCEAAAhCIhQAGVixKkgcEIAABCEAAAhCAAAQgAAEIQAACEIiUAAZWpMKSFgQgAAEIQAACEIAABCAAAQhAAAIQiIUABlYsSpIHBCAAAQhAAAIQgAAEIAABCEAAAhCIlAAGVqTCkhYEIAABCEAAAhCAAAQgAAEIQAACEIiFAAZWLEqSBwQgAAEIQAACEIAABCAAAQhAAAIQiJQABlakwpIWBCAAAQhAAAIQgAAEIAABCEAAAhCIhQAGVixKkgcEIAABCEAAAhCAAAQgAAEIQAACEIiUAAZWpMKSFgQgAAEIQAACEIAABCAAAQhAAAIQiIUABlYsSpIHBCAAAQhAAAIQgAAEIAABCEAAAhCIlAAGVqTCkhYEIAABCEAAAhCAAAQgAAEIQAACEIiFAAZWLEqSBwQgAAEIQAACEIAABCAAAQhAAAIQiJQABlakwpIWBCAAAQhAAAIQgAAEIAABCEAAAhCIhQAGVixKkgcEIAABCEAAAhCAAAQgAAEIQAACEIiUAAZWpMKSFgQgAAEIQAACEIAABCAAAQhAAAIQiIUABlYsSpIHBCAAAQhAAAIQgAAEIAABCEAAAhCIlMD/AcyFrMLPOqNCAAAAAElFTkSuQmCC" width="640" /></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">Again, this seems to be a reoccuring theme, but with Silvio no longer the single trainer at InfoSect, these numbers felt a lot easier to manage in 2022. Also, the slow down in training growth and additional trainers has left Silvio and myself more time to focus on the research side of the busines.</span></span></p><h4 style="text-align: left;"><span style="background-color: white;"><span style="white-space: pre-wrap;"><span style="font-size: medium;">Research</span></span></span></h4><p><span style="background-color: white;"><span style="white-space: pre-wrap;">Research is such a loaded term, it can be used synonmously with "hack days" or "free learning", and I think using the terminology may have led to some expectation issues in 2022. </span></span></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">So to clarify, the research we do at InfoSect is highly directed. It has fixed deliverables and in 2022 was responsible for 63% of our revenue. Without a doubt, it is immensely fun and rewarding work. As an aside, if you're going to embark on starting a business, make sure its something you love to do. For us, we love and believe in our work, and so does the team.</span></span></p><p><span style="background-color: white;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPDejMJy0DdjVz-v2PGVGt778BfLPPTEVmtVvwIgqbNMyKnJIzxEZ4Mlj0rJ4oDAZJ3pi56s72nFXVHZrybstIQ16p5V0FE_kPagW5bnGJklZfLchnKTGOF8zC7RZeakL5OltVQ0UT208MJwiJa7n9ENeQw1kpdV1OuudFqoaN08Azc-2VdZL0x-qw/s1496/IMG_0714.jpeg" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="1496" data-original-width="944" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPDejMJy0DdjVz-v2PGVGt778BfLPPTEVmtVvwIgqbNMyKnJIzxEZ4Mlj0rJ4oDAZJ3pi56s72nFXVHZrybstIQ16p5V0FE_kPagW5bnGJklZfLchnKTGOF8zC7RZeakL5OltVQ0UT208MJwiJa7n9ENeQw1kpdV1OuudFqoaN08Azc-2VdZL0x-qw/w253-h400/IMG_0714.jpeg" width="253" /></a></div><p><span style="white-space: pre-wrap;">A highlight for me in 2022, I was feeling rather flat and stressed after catching COVID-19 at KawaiiCon (always a brilliant conference). Silvio and I were quite sick and fell behind in a lot of work. It led to us having to convert our in person ticket to a virtual ticket for the inaugural </span><a href="https://defencescienceinstitute.com/event/australian-defence-science-technology-and-research-summit-adstar/" style="white-space: pre-wrap;" target="_blank">Australian Defence Science, Technology and Research Summit </a><span style="white-space: pre-wrap;">(ADSTAR) conference in Sydney. Out of the blue I received a message from an ex-coleague and friend which is shown to the left.</span></p><p><span style="white-space: pre-wrap;">Having our business mentioned by the Assistant Minister for Defence was definitely a highlight for 2022 - it was nice to see our hard work pay off with such recognition.</span></p><p><span style="white-space: pre-wrap;">We aren't great at marketing and we certainly aren't paying anyone to assist with marketing (can you tell? :P). Our tact is to just do really good work and let that speak for us. And I think in this case it did.</span></p><p>2022 marked the end of our <a href="https://www.minister.defence.gov.au/media-releases/2021-04-12/cyber-centre-defence-capability-contracts-aussie-small-businesses" target="_blank">18 month research grant from DST</a> which we received in 2021, and the end of the project culminated with this mention and this <a href="https://www.dst.defence.gov.au/news/2022/07/26/small-business-has-big-future-thanks-defence-innovation-funding" target="_blank">story</a> released on the 26th July 2022. DST decided to extend our contract by 18 months, so watch this space for more in 2023!</p><span style="white-space: pre-wrap;">Overall, our research side is going great, with similar (less public) stories coming from our other research partners. Although training is extremely rewarding, if I was to predict our business growth in the next 2-3 years - I definitely imagine it will be in this space.</span><p></p><h4 style="text-align: left;"><span style="background-color: white; white-space: pre-wrap;"><span style="font-size: medium;">Business Direction</span></span></h4><p><span style="background-color: white;"><span style="white-space: pre-wrap;">This post is already incredibly longer than it should be and I certainly haven't touched on everything achieved in 2022. But I really want to take a step back and look at the business side of things. </span></span></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">InfoSect by no means is a standard startup business. InfoSect was founded in 2017. Silvio and I grew the business slowly with focus really kicking in from Silvio in 2019 when he went full-time. I think at this point InfoSect was closer to a sole trader business until I moved to full time in 2021. Neither of us are entrepreneurs, instead we are a couple of nerds that wanted the freedom to focus on their passions. So take my analysis below with a huge grain of salt. </span></span></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">Harvard Business Review does a good post on <a href="https://hbr.org/1983/05/the-five-stages-of-small-business-growth" target="_blank">the five stages of small business growth</a>. At this point I would put InfoSect somewhere at the end of Stage II (survival) and heading into Stage III (success).</span></span></p><p><span style="background-color: white;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_Lmyymbk9q_M13ly37PAMPcWYXhqBzApYaPpUPv38zQcbBJkyWIA5FqH2S0HDB3DYLmMVNEIZns2DjxCn3-Op1Lut4uQUo63JJa8ugAeJS-H7MyzCEwDG2vQ6wnRFbzLBsiX4iF1hDMExSiSu7VgX468N5C4CAb0GTiN67zS3wQR-1-cPxL1pcLeD/s650/Screenshot%202022-12-25%20at%208.09.34%20am.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="540" data-original-width="650" height="533" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_Lmyymbk9q_M13ly37PAMPcWYXhqBzApYaPpUPv38zQcbBJkyWIA5FqH2S0HDB3DYLmMVNEIZns2DjxCn3-Op1Lut4uQUo63JJa8ugAeJS-H7MyzCEwDG2vQ6wnRFbzLBsiX4iF1hDMExSiSu7VgX468N5C4CAb0GTiN67zS3wQR-1-cPxL1pcLeD/w640-h533/Screenshot%202022-12-25%20at%208.09.34%20am.png" width="640" /></a></div><p></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">Stage III is the success stage before significant growth and its at this point the owner can choose either substage D or G (shown by the two blue arrows I've drawn in above. This choice is</span></span><span style="background-color: white; white-space: pre-wrap;"> to disengage from the business management or continue driving the business, investing more into it. </span></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">Understandably, a lot of owners want to step back after the hurdle of survival has passed. Either to continue the business with some free time or to consider selling the business. However, in all honesty I believe it's unlikely that either Silvio or I will select the Success-Disengagement pathway because we enjoy the work far too much. (Case in point - wait to see us invest into our new x-ray machine this year!)</span></span></p><h4 style="text-align: left;"><span style="background-color: white;"><span style="white-space: pre-wrap;"><span style="font-size: medium;">Overall</span></span></span></h4><p><span style="background-color: white;"><span style="white-space: pre-wrap;">In reflection of 2022, I would advise anyone thinking of kicking off their own business that once the shine of doing something incredible wears off, there is a really hardwork and decision-making phase that follows. The decisions made at that point will affect the success or failure of your business. This phase is incredibly fun but also needs consideration and commitment. </span></span></p><p><span style="background-color: white;"><span style="white-space: pre-wrap;">My learnings from 2022:</span></span></p><p></p><p style="text-align: left;"></p><p style="text-align: left;"></p><ul style="text-align: left;"><li><span style="background-color: white; white-space: pre-wrap;">Keep learning in areas where you are weak. Some of my favourtie resources in 2022 were:</span></li><ul><li><a href="https://www.theexpertleader.com/" style="white-space: pre-wrap;" target="_blank">The Expert Leader</a></li><li><a href="https://www.aicd.com.au/" style="white-space: pre-wrap;" target="_blank">AICD</a></li><li><a href="https://www.booktopia.com.au/the-five-dysfunctions-of-a-team-patrick-m-lencioni/book/9780787960759.html" style="white-space: pre-wrap;" target="_blank">The Five Dysfunctions of a Team</a><span style="background-color: white; white-space: pre-wrap;">, by Patrick M Lencioni</span></li></ul><li>Have trusted outside support and advice</li><li>Make friends with other small businesses, it makes the journey easier</li><li>Don't forget to look up, breath and enjoy the ride</li></ul><p></p><p></p><div>Overall, would I do it again? </div><div>To be completely honest, some moments in 2022 running InfoSect were hard and I reminisced about my old team and job. However, amongst the highs and the lows - and where the business is positioned right now at the end of 2022, it is undoubtedly still one of the best decisions I have made.</div><p></p>Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-19724360781369202362021-07-24T20:08:00.007-07:002021-07-25T04:13:02.267-07:00Stepping off the cliff edge... <p>On January 11 2021, in the middle of a pandemic, I quit my very fulfilling and stable Government job to run my own company. Six months on, how do I feel about this decision. What is it like doing this? </p><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzbS91KDjf8Et5BLZNHB7gl9RT7eVYLm7r2J-HsIoyeoBTyO8ikoITJHBByVwm4RmhixYZEx2WcPOIvhyKW0iNdI4PfDcp8kiZ3LLV-rto5hACBfSeWNgc1Yh0ShdqY4KcHJ8IDlSvNQE/s1024/IMG_0353.JPG" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="683" data-original-width="1024" height="266" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzbS91KDjf8Et5BLZNHB7gl9RT7eVYLm7r2J-HsIoyeoBTyO8ikoITJHBByVwm4RmhixYZEx2WcPOIvhyKW0iNdI4PfDcp8kiZ3LLV-rto5hACBfSeWNgc1Yh0ShdqY4KcHJ8IDlSvNQE/w400-h266/IMG_0353.JPG" width="400" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">InfoSect founders: Silvio & Kylie</td></tr></tbody></table><br /><h3 style="text-align: left;">Background </h3><p>At the start of 2021 I was a Technical Director in the Australian Government. I had worked there since 2009. My job was energising and rewarding. I certainly hadn't plateaued and I had been given remit of some really exceptional work.</p><p></p><p>In 2017, my husband Silvio and I bought a warehouse in Fyshwick and started a hackerspace called InfoSect. We were inspired by groups like the L0pht in the USA. We just wanted a place to hangout with other hackers and do cool research.</p><p></p><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjis8HtRMkzDfvNbejXIx8GupIVrkg4pUz1VGKAVaqE9-hgWhYRH3SehIKcTMbxp-NnmDmXkZHIwlPB3zZBmB3qlZyErI0K9lsW2jBOOP7M7NJmimego1MwVOuEOWo_iCbQUFx6COtUszc/s2708/new-warehouse.JPG" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1161" data-original-width="2708" height="274" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjis8HtRMkzDfvNbejXIx8GupIVrkg4pUz1VGKAVaqE9-hgWhYRH3SehIKcTMbxp-NnmDmXkZHIwlPB3zZBmB3qlZyErI0K9lsW2jBOOP7M7NJmimego1MwVOuEOWo_iCbQUFx6COtUszc/w640-h274/new-warehouse.JPG" width="640" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">April 2017 - purchase of InfoSect warehouse</td></tr></tbody></table><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: justify;"><span style="text-align: left;">Silvio worked at University of NSW (UNSW) as the Director of Education, he taught in the Cyber Security Centre as well as reviewing their course content. In October 2019, Silvio decided to teach at InfoSect instead of at UNSW. </span></div><div class="separator" style="clear: both; text-align: justify;"><span style="text-align: left;"><br /></span></div><div class="separator" style="clear: both; text-align: justify;"><span style="text-align: left;">There were a lot of reasons for this but that's his story to tell. I suspect mostly a desire to focus on highly specialised, niche content drove that decision. As his training at InfoSect grew, he began to be approached to perform research as well as train. </span></div><p style="text-align: left;">Silvio hired two part-time staff for InfoSect to help him in 2020. At this point, almost all of my evenings and weekends were starting to be spent helping him run the business. </p><p>So I made the huge decision to give my notice and resign my full-time, rewarding career.</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjev11z2flBbkNzJo_tIgmMO67D1uu18wJYw0WzsosZRY3_nTMUMt-HTVhMEECgKre_mKEme-x2RLiZXCgMIJEPkWI2XVgKpoGinX3P8GZB-2gleeDA0mp4QpkR_h8oxrhdLJsqNPW7UOI/s616/IMG_9728.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="325" data-original-width="616" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjev11z2flBbkNzJo_tIgmMO67D1uu18wJYw0WzsosZRY3_nTMUMt-HTVhMEECgKre_mKEme-x2RLiZXCgMIJEPkWI2XVgKpoGinX3P8GZB-2gleeDA0mp4QpkR_h8oxrhdLJsqNPW7UOI/s320/IMG_9728.jpg" width="320" /></a></div><h3 style="text-align: left;">Expectations</h3><p>It was the start of 2021, I was on a new adventure. My expectations revolved mostly around freedom. I was going to be free to set my own hours, choose my own work and of course, present and publish how I wanted.</p><p>I bought myself a gym membership for 2021. I am most definitely not a morning person, but in my new job I thought I could go to the gym at 9 or 10am and then catch up hours at night. I was so used to working at night helping with the business at this point, I thought this would be easy.</p><p>I wanted to do research. So many projects waiting for me, so many things I wanted to explore.</p><p>And of course, I wanted to make a difference. I wanted to build something that filled a gap in cyber security. I wanted to leave a legacy.</p><h3 style="text-align: left;">Six months already?</h3><div>Hopefully you're all on the edge of your seat wondering what my first 6 months of this major change was actually like.</div><div><br /></div><div>We did so much in my first 6 months.</div><div style="text-align: left;"><br /></div><div style="text-align: left;">InfoSect was a hackerspace, we'd used it for community events and storing a lot of conference gear (particularly with the COVID19 postponement of BSides Canberra in 2020). We had a small office space downstairs and a classroom upstairs. But we knew we needed to give ourselves more space and make it more professional to work in and meet clients in. </div><div><br /></div><div>We kicked off a sizable renovation the day after BSides Canberra 2021 (12th of April) which went for around 2 months. The major part of this rennovation was building an extra floor in the warehouse space at InfoSect, but there were so many additional parts of this fitout that Silvio coined the tongue-in-check phrase "It never ends and then you die".</div><div><br /></div><div>Part of this journey included multiple trips to the tip, clawing old, deprecated gear out of Silvio's unwilling clutches.</div><div><br /></div><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiik47V7SdndB08WPVkvJBb3zIZatZUGMFQQAxNOh5vB92xxcQOyaXsVyHlmZNfRUOm9my084qVCAKtDwUAHbVE9ytzqDYgPJGavt5UJWPTc8kokqSEO91sfrdOKH1l7tgMRw6p6p8ikNw/s2896/warehouse2.jpg" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1086" data-original-width="2896" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiik47V7SdndB08WPVkvJBb3zIZatZUGMFQQAxNOh5vB92xxcQOyaXsVyHlmZNfRUOm9my084qVCAKtDwUAHbVE9ytzqDYgPJGavt5UJWPTc8kokqSEO91sfrdOKH1l7tgMRw6p6p8ikNw/w640-h240/warehouse2.jpg" width="640" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">Before & After InfoSect Rennovation</td></tr></tbody></table><br /><div>We taught so much. Since I started full-time at InfoSect we have taught 11 weeks of training in 3 different timezones. That's about 46% of our time in courses. </div><div><br /></div><div>This business as usual continued during our 8 weeks of renovations, at which point we duplicated our online streaming training setup at home so that courses weren't interrupted by the sound of drilling, hammering and saws.</div><div><br /></div><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh42vp5AXQaihtGQ87v4OTB2k0AbKW7PEzr4uSLxZtvpkfDbjuRvn9p7qJ0SbI6TT86qwWRQSpiscHF1_nUaUoPMBSnEcO-_Clnjs-Hbnwa57PLlLfLDpvXISfIOg7Wcyh8Iaz9Qb1Xi6A/s2048/teaching.jpg" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1536" data-original-width="2048" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh42vp5AXQaihtGQ87v4OTB2k0AbKW7PEzr4uSLxZtvpkfDbjuRvn9p7qJ0SbI6TT86qwWRQSpiscHF1_nUaUoPMBSnEcO-_Clnjs-Hbnwa57PLlLfLDpvXISfIOg7Wcyh8Iaz9Qb1Xi6A/w640-h480/teaching.jpg" width="640" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">InfoSect In-Person & Virtual Training 2021</td></tr></tbody></table><br /><div>We did hands-on security research every chance we could</div><div><br /></div><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuPsSYUPdWUeXXtVMAaD6l81xMeCX_zBs5sRyLaLLtXWMM8j3R_TxmE4ftvcFfL1woNLBIeRuE33GH6AMq3uZVeLCA2Px_ZCtGWFlq4FVW1UWO4mISNe3E7dEr93DCETzZbpJXr5FA0G4/s2520/hacked.jpg" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1247" data-original-width="2520" height="316" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuPsSYUPdWUeXXtVMAaD6l81xMeCX_zBs5sRyLaLLtXWMM8j3R_TxmE4ftvcFfL1woNLBIeRuE33GH6AMq3uZVeLCA2Px_ZCtGWFlq4FVW1UWO4mISNe3E7dEr93DCETzZbpJXr5FA0G4/w640-h316/hacked.jpg" width="640" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">IoT & OT Labs Built</td></tr></tbody></table><br /><div><i><b>Our customers said, 'you're fantastic, but how can we give you work when you're so overloaded already'. So we grew.</b></i></div><div><br /></div><div>We put in more desks. We started with a desk for me downstairs... and then electronics work benches upstairs, and then more desks... and more desks. You get the picture.</div><div><br /></div><div>In fact, in the last 6 months I have built so many flatpacks I'm starting to think I could start a career out of doing this. I'm going to point out, that although Silvio features in all the photos below, I'd do the bulk of the building and then he'd come along for the final touches or the parts that needed two people and I'd take a quick photo.</div><div><br /></div><div>As well as desks we assembled a new vistors couch, lectern and buffet for downstairs. We also installed a conferencing system because these are essential in current COVID times.</div><div><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjujv9UdOCB9XwVFJrOZgpijV1OHrdVLH8FgMoXNGxP5VBeqW-Xol1HmpBTef1yk49n0vF4BVdzNcHOZ70QKlkaU-oUTLSsYOBazehbCeRBO_1iD1jOHyoVYcUS32MNE1hZxm2bkF-yHY/s2048/desks.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1045" data-original-width="2048" height="326" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjujv9UdOCB9XwVFJrOZgpijV1OHrdVLH8FgMoXNGxP5VBeqW-Xol1HmpBTef1yk49n0vF4BVdzNcHOZ70QKlkaU-oUTLSsYOBazehbCeRBO_1iD1jOHyoVYcUS32MNE1hZxm2bkF-yHY/w640-h326/desks.jpg" width="640" /></a></div><br /><div><br /></div><div>The new space was shaping up great, but we really needed people. </div><div><br /></div><div>In mid-2020, after Silvio had been at InfoSect for almost a year, we sat down and had a chat together on what we wanted from InfoSect. It had morphed from hackerspace to professional training and was doing well. But at this point it was solely Silvio. It was essentially, a glorified sole-trader. And it was a lucrative business with only one person to pay. </div><div><br /></div><div>Some professional advice we had received on the business for future and growth was along the lines, <i>'you are making plenty of money for a single person - this won't scale if you hire more people'</i>. I looked at Silvio and repeated the advice, <i>'as individuals, we are better financially if its just you at InfoSect'</i>. He looked at me and said, <i>'but I don't want to work alone. I want a posse of cool people to work with, to do cool things with'</i>.</div><div><br /></div><div>In the last 6 months we have hired 3 extra people with 1 more person in the pipeline. That brings our little team to 8 people.</div><div><br /></div><div>We are really fortunate that we have cultivated a team culture that is collaborative, clever and dedicated. We're at the point that we are having our own little InfoSect mini-conferences and enjoying working with each other. I think Silvio is realising his dream of having his posse of smart people to work with. </div><div><br /></div><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNnWli-wNqUlHjIEI8xFp7vKGMjErEBDJwv7iEC5ukq1qe1PNblk10ssmyHE0YNu0OjoVTvFqQ6H6moFyC0OAKR6kU5ZXTLTqfzUeNBXNaNg5ohH4RCz5qfJ7J_rRfqBJYRwnGA20o0ck/s3533/staff.jpg" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="890" data-original-width="3533" height="162" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNnWli-wNqUlHjIEI8xFp7vKGMjErEBDJwv7iEC5ukq1qe1PNblk10ssmyHE0YNu0OjoVTvFqQ6H6moFyC0OAKR6kU5ZXTLTqfzUeNBXNaNg5ohH4RCz5qfJ7J_rRfqBJYRwnGA20o0ck/w640-h162/staff.jpg" width="640" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">InfoSect Staff: Jayden, Josh, Silvio, Kylie, Sam, Josie and Di</td></tr></tbody></table><br /><div>This is bringing me close to finalising what has happened over the last 6 months. But there is actually another huge body of work I embarked on.</div><div><br /></div><div><b><i>Our customers said 'you need to provide security diagrams for your work systems' and 'comply with the Essential 8'</i></b></div><div><br /></div><div>This was great actually, I had jumped the fence and had to apply all of the best practice I had been recommending in the past. So I hardened, and hardened, and hardened some more...</div><div><br /></div><div>The last 6 months has seen a huge uplift in InfoSect's systems, governance and compliance. This is a journey every small business needs to go on and could be an entire blog post in itself. As well as founder and Manging Director, I am also InfoSect's IT Security Manager (ITSM), IT Security Administrator (ITSA) and many other roles that are keeping me busy.</div><h3 style="text-align: left;">Reality</h3><div>I need to wind this up, I could probably add so much more from the last 6 monts - it has been really busy. In reality, building my own business and working for myself is nothing at all what I was expecting when I surrendered my pass and was escorted out of my old office. In fact I haven't had a chance to use my 2021 gym membership at all.</div><div><br /></div><div>The highlights of running my own business includes:</div><div><br /></div><div><ul style="text-align: left;"><li>I have less time. I actually didn't think that was possible. When something needs doing for a customer, course or deadline - I'm doing it whether its Saturday, Sunday or midnight.</li></ul><ul style="text-align: left;"><li>The range of what I do has increased so much. I guess until we're bigger, we're all going to be pitching in to provide solutions for every component of the business.</li></ul><ul style="text-align: left;"><li>The buck stops with me (oh, and also Silvio I guess). It's always at the back of my mind that until we are bolstered and have gained momentum, the success and failure of InfoSect is heavily based on the commitment and work Silvio and I do in these early days. And luck - I feel like we have so much luck on our side every day.</li></ul><ul style="text-align: left;"><li>Working with Silvio is fantastic. He is so genuine and smart. He literally wants everyone around him to learn more and love what they're doing as much as he does. I was concerned working with my husband would have us spending too much time together, but we've fallen into an easy, fun, workable relationship.</li></ul><div><br /></div><div>My advice to any one else considering doing something as crazy as me in the near future.</div></div><div><ul style="text-align: left;"><li>Do it - it's an amazing experience. Like most experiences in life, until you do it you can't really comprehend what it will be like.</li></ul><ul style="text-align: left;"><li>Prepare for highs and lows. Some days Silvio and I are literally dancing around celebrating a win for InfoSect, other days we are having sleepless nights worrying about something. It's more rollercoaster than any other job I've had, but definitely worth it.</li></ul><ul style="text-align: left;"><li>Pick your business partner well. This person is going to be sharing the best and worst times with you. You are going to be spending a lot of time together. The ability to work together, divide tasks and feel like you are both contributing equally is super important.</li></ul><ul style="text-align: left;"><li>Make sure you're doing something you love. I guess this is obvious. I imagine this is like when you pick your topic for your PhD. You're going to be spending a lot of time doing your business, so make sure you love it.</li></ul><ul style="text-align: left;"><li>Understand that you will need to be flexible in what you do. You may identify as a specialist, but the reality is - you are going to have to use all your knowledge to fill in the gaps that the business has. You will need to learn about business management, customer engagement, contracts, finance and of course, flat pack assembly. If you're open to learning new things, this can be fun.</li></ul><div>And here is the big question. If I rewound to 6 months ago, would I do it again? The answer is a big resounding <b><span style="font-size: medium;">"<i>yes"</i></span></b>.</div></div><div class="separator" style="clear: both; text-align: center;"><br /></div><br /><div><br /></div><div><br /></div><div><br /></div><p><br /></p>Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-5316398523065761472020-08-04T14:25:00.002-07:002020-08-04T14:25:28.890-07:00Setting up eve-ng on Google Cloud for Virtualised Network testingI've setup eve-ng on google cloud for the 0xCC training conference. Here are some walkthroughs on how to get started with your own lab for learning/testing networking configurations.<br />
<h3>
1. Initial Eve-ng Setup</h3>
Most of this is documented well in the following guide, there are just a few adjustments to the guide that I recommend when running something in a cloud environment.<br />
<br />
Follow steps 1 - 4 in the google cloud install steps. <a href="https://www.eve-ng.net/index.php/documentation/installation/google-cloud-install/">https://www.eve-ng.net/index.php/documentation/installation/google-cloud-install/</a><br />
<br />
After you've done step 4, that is you've created the virtual instance but eve-ng isn't installed yet, lock down access to your instance. Eve-ng installs itself with weak credentials.<br />
<br />
Browse to the networking options in google cloud, select VPC network -> Firewall.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiO3pRN7boJWE_Q86jwyGUL2YwKj5_PlLtaR-owVkgRsajPCI-wUxhaGpGDXuDI6VRbYJmGYOPev4g1FKFcVdbWHTBmi9dr4xwBQ5HoPL3LCGKUVTFFNX-kfrcMZ8yWvtNRd_i4U61eORc/s1600/vpc-networking.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="319" data-original-width="468" height="218" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiO3pRN7boJWE_Q86jwyGUL2YwKj5_PlLtaR-owVkgRsajPCI-wUxhaGpGDXuDI6VRbYJmGYOPev4g1FKFcVdbWHTBmi9dr4xwBQ5HoPL3LCGKUVTFFNX-kfrcMZ8yWvtNRd_i4U61eORc/s320/vpc-networking.png" width="320" /></a></div>
<br />
The rules that apply, apply just to this project, therefore, I removed the RDP rule and I locked down SSH and HTTP to just my IP address. Do this by clicking on the rule, selecting edit and entering your IP address in "IP ranges field" under "source filters".<br />
<br />From here continue on with the instructions 5 and 6 in the documentation. However, after rebooting the eve-ng install, change the root password.<br />
<br />
By default the root password is root/eve - use commands similar to below to change it:<br />
<br />
<blockquote class="tr_bq">
<span style="font-family: "courier new", courier, monospace;">sudo -i</span><span style="font-family: "courier new", courier, monospace;">passwd </span><span style="font-family: inherit;">(follow the prompts to change)</span></blockquote>
When you log into the web interface, also change the weak default password from admin/eve.<br />
<h3>
2. Setting up Images to deploy</h3>
<h4>
<br /></h4>
<h4>
<br /></h4>
<h4>
</h4>
<h3>
3. To route from the simulation to the Internet</h3>
To allow the kali image and the routers to hit the Internet. I routed interface pnet9 through to pnet0 (the management interface). After doing the below - the Internet could be used by connecting to Cloud9 in the simulation.<br />
<br />
Setting up pnet9 and the routing:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzloiouqipedUWcKNDrKtTdtKFHcH9cUnfSNtK2OMpcvQU7EZ5BzuWULc8C1Ltz7Ivg70dbwmHPTkOk9gu3C4fxvtZYMkb8AT8ldnqfw_nL6XkXmbUR9YW71xX8sGtOmibI54KNAArN4I/s1600/setting-up-routing.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="85" data-original-width="772" height="70" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzloiouqipedUWcKNDrKtTdtKFHcH9cUnfSNtK2OMpcvQU7EZ5BzuWULc8C1Ltz7Ivg70dbwmHPTkOk9gu3C4fxvtZYMkb8AT8ldnqfw_nL6XkXmbUR9YW71xX8sGtOmibI54KNAArN4I/s640/setting-up-routing.png" width="640" /></a></div>
<br />
Make it persistent by:<br />
<br />
<div style="background-color: white; border: 0px; box-sizing: inherit; clear: both; color: #242729; font-family: arial, "helvetica neue", helvetica, sans-serif; font-size: 15px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: inherit; margin-bottom: 1em; padding: 0px; vertical-align: baseline;">
Edit /etc/sysctl.conf and search for the following lines:</div>
<pre style="border-radius: 3px; border: 0px; box-sizing: inherit; color: #242729; font-family: consolas, menlo, monaco, "lucida console", "liberation mono", "dejavu sans mono", "bitstream vera sans mono", "courier new", monospace, sans-serif; font-size: 13px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: inherit; margin-bottom: 1em; max-height: 600px; overflow-wrap: normal; overflow: auto; padding: 12px 8px; vertical-align: baseline; width: auto;"><code style="border: 0px; box-sizing: inherit; font-family: consolas, menlo, monaco, "lucida console", "liberation mono", "dejavu sans mono", "bitstream vera sans mono", "courier new", monospace, sans-serif; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline; white-space: inherit;"># Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1</code></pre>
<span style="background-color: #f9f9f9; color: #3f4042; font-family: monospace, courier; font-size: 14.4px;">apt-get install iptables-persistent</span><br />
<span style="background-color: #f9f9f9; color: #3f4042; font-family: monospace, courier; font-size: 14.4px;"><br /></span>
<br />
<pre class="command" style="background-color: #f9f9f9; border-radius: 4px; border: 1px dashed rgb(47, 111, 171); box-sizing: border-box; font-family: "courier new", courier, mono; font-size: 16px; font-style: italic; line-height: 1.1em; margin-bottom: 10px; margin-top: 10px; overflow-wrap: break-word; overflow: auto; padding: 1em; white-space: pre-wrap; word-break: break-all;"><code style="font-style: inherit; font-weight: inherit; line-height: 16px; margin: 0px; padding: 0px;">/etc/network/interfaces:</code></pre>
<pre class="command" style="background-color: #f9f9f9; border-radius: 4px; border: 1px dashed rgb(47, 111, 171); box-sizing: border-box; font-family: "courier new", courier, mono; font-size: 16px; font-style: italic; line-height: 1.1em; margin-bottom: 10px; margin-top: 10px; overflow-wrap: break-word; overflow: auto; padding: 1em; white-space: pre-wrap; word-break: break-all;"><code style="font-style: inherit; font-weight: inherit; line-height: 16px; margin: 0px; padding: 0px;"><pre style="background-color: whitesmoke; border-color: rgb(204, 204, 204); border-radius: 4px; border-style: solid; border-width: 1px; box-sizing: border-box; color: #333333; font-family: menlo, monaco, consolas, "courier new", monospace; font-style: normal; line-height: 18.5667px; margin-bottom: 10px; overflow-wrap: break-word; overflow: auto; padding: 9.5px; white-space: pre-wrap; word-break: break-all;">iface pnet9 inet static
address 192.168.255.1
netmask 255.255.255.0
</pre>
</code></pre>
<br />
Configuring a DHCP server:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzORNSAi9yVPF9340XJGdi5cZXkT_epEymrNaimb1FuL8ZhAOmDg1MWs56ATGW0HmQevpA91gKt8BvlResPlo0_RojuemDKzCyq8hUlCuypmilc2gW3X_wBg2H7yr_bxQYAktGrPLzT3k/s1600/setting-up-routing3.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="257" data-original-width="445" height="230" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzORNSAi9yVPF9340XJGdi5cZXkT_epEymrNaimb1FuL8ZhAOmDg1MWs56ATGW0HmQevpA91gKt8BvlResPlo0_RojuemDKzCyq8hUlCuypmilc2gW3X_wBg2H7yr_bxQYAktGrPLzT3k/s400/setting-up-routing3.png" width="400" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrPG2ar1UzVWGv_0j3sN-anQR5_TjNY6tlOQC_HGKqWbB7hHXZ4-J9q9Ifpfsfkc85eaKtVfNekJXgm25_i4kRYb2FR5FkfWlID0a-w2bJN7J5_LOG8nxa2keT5RXW6fsXSVoAduyQ8tY/s1600/setting-up-routing2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="226" data-original-width="902" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrPG2ar1UzVWGv_0j3sN-anQR5_TjNY6tlOQC_HGKqWbB7hHXZ4-J9q9Ifpfsfkc85eaKtVfNekJXgm25_i4kRYb2FR5FkfWlID0a-w2bJN7J5_LOG8nxa2keT5RXW6fsXSVoAduyQ8tY/s640/setting-up-routing2.png" width="640" /></a></div>
<br />
Running the command <span style="font-family: "courier new", courier, monospace; font-size: x-small;">systemctl enable isc-dhcp-server</span> will also ensure it starts on reboot.<br />
<br />
<h3>
4. Clone the VM</h3>
I created an instance for each student. The easiest way I found to clone a VM in Google Cloud was to first create a snapshot and then create an instance from the snapshot.<br />
<br />
1. Create a snapshot from the VM to clone<br />
2. Click on snapshot, select "create instance"<br />
<div>
<br /></div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-87200246574775234852020-02-15T15:29:00.003-08:002020-02-15T19:11:58.407-08:00(Women-in-Tech)++So many times I've been asked how do we increase the number of women in tech roles and for years I've had no idea what the answer was - I had no idea why I was the only female in my teams. However, I've more recently paid attention to the tech teams that are 100% male vs the tech teams that have a good diverse balance, and I think I know what is different.<br />
<br />
<b><i>Technical Female Leadership</i></b><br />
<br />
So much focus goes into women in management leadership roles, however if your organisation has no senior female technical leads, then you will never be able to tip the balance.<br />
<br />
<br />
<ul>
<li><b><i>You can't be what you can't see.</i></b> This mantra has been repeated so many times it almost hurts to write, yet to be honest - it hasn't stuck for the technical fields. The simple fact is, a female is much more likely to sidestep into a non-technical role if there is no obvious pathway for her in her career. Or worse, not even join your organisation in the first place. And really, who'd blame her?</li>
</ul>
<ul>
<li><b><i>Female technical leaders are less likely to have unconscious bias</i></b> and are more likely to mentor and drive both males and females equally. They will have high expectations of both genders. Therefore, your female techs will be given the same difficult projects and same training opportunities. A female tech isn't there to meet your quota, she wants the same work as the guys and if she's not given the same opportunities - she will leave.</li>
</ul>
<ul>
<li>Female technical leads have a<b><i> vested interest in improving the gender diversity problem</i></b>. She wants to tip the scales and see more women in tech. So she will actively grow a diverse team for you.</li>
</ul>
<ul>
<li><b><i>A female senior technical lead is likely part of multiple women in tech communities</i></b> and groups. (I joined my first one in 1995 at ANU before starting engineering and have been in at least a dozen since). She's flying your banner just by being in those groups and showing that your organisation is diverse. She knows technical women and as a leader, she knows she can encourage them to apply for tech roles when they are advertised.</li>
</ul>
<div>
Can a senior male technical lead do a good job of mentoring and growing a diverse technical team? Possibly - though there is less evidence of this.</div>
<div>
<br /></div>
<div>
If you're reading this and already formulating excuses for why you don't have female tech leads, I've heard them all before. "<i>There is no pipeline, the women leave tech roles before reaching this level</i>" or my (sic) favourite "<i>We'd have to drop the standard to recruit female technical leads</i>"</div>
<div>
<br /></div>
<div>
<div>
I want you to stop, pause, think about the attitude and biases you're projecting with these excuses. Consider whether you genuinely want change or you just want to look like you want change. If you seriously want change - then make change.</div>
</div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-75418764340372302572019-10-23T05:54:00.001-07:002019-10-23T05:58:42.284-07:00Segment Routing<br />
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;">Segment Routing (SR) is a proposed solution to
replace MPLS in the wireline networks which is picking up a lot of traction.</span></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="font-family: inherit;"><span style="font-size: 12pt;">RFC 8402 is the Segment Routing
Architecture standard which was accepted & published in July last year, it
had been worked on for around 5 years before becoming an RFC. It is considered
a relatively new protocol. </span><span style="font-size: 12pt;">There are currently 42 draft IETF</span><span style="font-size: 12pt;"> standards in progress for various features around the SR architecture. Lots of information can be found on SR at </span><a href="https://www.segment-routing.net/">https://www.segment-routing.net/</a></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="font-family: inherit;"><br /></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;">It works currently by leveraging either
MPLS or IPv6 to represent segments in a network.</span></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;">A segment can be a network link, the link
between two router. It can be a node, identifying the router itself, or it can
represent a service – which is essentially the customer network. </span></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;">Each segment in the network is
represented by a Segment Identifier or SID. As you can see in the diagram below, Segment routing works together with an IGP. IGP stands for Interior
Gateway Protocol, which is an umbrella term for the routing protocols that
share routing information within a common routing domain. Segment Routing
currently leverages<span style="mso-spacerun: yes;"> </span>IGPs to spread
information of the SIDs throughout the network. The two IGPs that SR can use at
the moment are OSPF and IS-IS. When SR uses OSPF, the SIDs are distributed in
the extended prefix Link State Advertisements. When using IS-IS they are
distributed using the router capability advertisements</span></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijUmpPX50nbedL4bHatHXD8pggMq7VaK6sevafB1UZUsn_Qrjegr-ksFfidCqFUnTxg7kBJnpl1yLlEvL5J_VgyFgcND6bTuLTFd0IUH2RmGG71WBunGgTrwuuE4OI3qS741v3Z51WaY4/s1600/sr1.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="color: black; font-family: inherit;"><img border="0" data-original-height="181" data-original-width="393" height="145" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijUmpPX50nbedL4bHatHXD8pggMq7VaK6sevafB1UZUsn_Qrjegr-ksFfidCqFUnTxg7kBJnpl1yLlEvL5J_VgyFgcND6bTuLTFd0IUH2RmGG71WBunGgTrwuuE4OI3qS741v3Z51WaY4/s320/sr1.png" width="320" /></span></a></td></tr>
</tbody></table>
<br />
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-align: center; unicode-bidi: embed; word-break: normal;">
<a href="https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKRST-2124.pdf"><span style="color: black; font-family: inherit; font-size: xx-small;">https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKRST-2124.pdf</span></a></div>
<span style="font-family: inherit;"><br /></span>
<br />
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">In
SR, every node has a unique identifier called the node SID. This identifier is
globally unique and would normally be configured on a loopback address on the
device.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">In
IPv4 networks, the SID is encoded as a standard MPLS label, whereas in IPv6 it
is encoded as an IPv6 address associated with the segment.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">I’m going to work through an example that focuses on SR-MPLS. This has been done in <a href="http://virl.cisco.com/index.php" target="_blank">VIRL</a> and I will attach the VIRL file at the end of this blog post.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">You
can see in this network the SID allocated to each of the routers.</span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYr6vvl1aEDZZbTw3sLfF47KIew4b4SGDpZ7VEIXIjAcrsHibKnUnNJRYoCCVIsxnA9lB0_jWZk_C2PrsDJwacpLORa8cLT-_wz3IZXgp0-ky7pGwv75a5gH_-YVn4teRh8DTu_5A7jQI/s1600/sr2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: black; font-family: inherit;"><img border="0" data-original-height="230" data-original-width="600" height="243" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYr6vvl1aEDZZbTw3sLfF47KIew4b4SGDpZ7VEIXIjAcrsHibKnUnNJRYoCCVIsxnA9lB0_jWZk_C2PrsDJwacpLORa8cLT-_wz3IZXgp0-ky7pGwv75a5gH_-YVn4teRh8DTu_5A7jQI/s640/sr2.png" width="640" /></span></a></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">There
is a concept of the global block in
segment routing which begins at 16000, in my case I’ve kicked the
numbering off at 19000, just because I could. The last digit of the SID
corresponds to the router number in this network.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">By
default in this network, when a router goes into the ingress router it will
take the best path through the network as determined by IS-IS. In this case, it
is vi R1, R2, R3 and finally through R4.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">To
demonstrate one of the features of SR, I’m going to force a packet to go via
R5.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">In the configuration below I’ve set up a
tunnel through to R4 which an explicit path titled SIDLIST1.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">In the example you can see I’m explicitly
stating the pathway to be 19002, 19003 and then 19005 before going to 19004.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> interface
tunnel-te1 </span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> ipv4 unnumbered Loopback0 </span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> autoroute
destination 100.0.0.4 </span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> destination 100.0.0.4 </span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> path-option 1 explicit name SIDLIST1
segment-routing</span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
</div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> explicit-path
name SIDLIST1 </span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> index 10 next-label 19002 </span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> index 20 next-label 19003 </span></div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> index 30 next-label 19005 </span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
</div>
<div style="direction: ltr; line-height: normal; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; text-indent: 0in; unicode-bidi: embed; word-break: normal;">
<span style="font-family: "courier new" , "courier" , monospace;"> index 40 next-label 19004</span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
</div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">The options for defining path are fairly
extensive. It can be configured to avoid a router, to always go through a
particular router and many other options. But for now we’ll see what happens
when we apply this to the lab network.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-family: inherit;"><span style="font-size: 12pt;">I have the explicit SID list configured
and what I’ve done is tapped each link and opened the traffic in </span><span style="font-size: 12pt;">wireshark</span><span style="font-size: 12pt;"> so
we can see exactly what the packet looks like as it goes through a segment
routed network.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-family: inherit;"><span style="font-size: 12pt;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">I have set up a ping from R7 to R8 across
the SR network. The packet goes straight into the ingress router. The router
will look up the route and then put the appropriate stack of segments within
the packet and forward to the next router. This is were I first tap it.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhukqxMMHZra-9FKqF0lfBfs5xxpcmifzXCEZttDZwgdJyOPiX0CwVM5nuAQq5WlJRF44th2y1m9_fHQX2ZuFupkIAY1JB8a3-VPziCUrF5bN4xA_j6Q3kRY5SlRxP4Fa6axrR0Ets2Lkw/s1600/sr3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: black; font-family: inherit;"><img border="0" data-original-height="720" data-original-width="1280" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhukqxMMHZra-9FKqF0lfBfs5xxpcmifzXCEZttDZwgdJyOPiX0CwVM5nuAQq5WlJRF44th2y1m9_fHQX2ZuFupkIAY1JB8a3-VPziCUrF5bN4xA_j6Q3kRY5SlRxP4Fa6axrR0Ets2Lkw/s640/sr3.png" width="640" /></span></a></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">Here (above) between R1 and R2 you can see the
stack of MPLS labels indicating the segment route to take.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">The active segment is on the top and is
the segment that the router inspects when it arrives at R2. In this case R2
will see 19003 and will forward the packet on to R3. Before forward it will
remove the top label.</span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDuJg25CkEO7FYZv_Q91EwHh6xaTdSh9OmJVrYTwvzLfVz-rtb66GwW52cKC14jcLP9JKxb6cHUOTZPVGrEDGiSWwFl1RHqP04Ma6dJvzdfmTNvBLFkH-Usmq_nisjM7HGK_RVEop0-ZE/s1600/s4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: black; font-family: inherit;"><img border="0" data-original-height="720" data-original-width="1280" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDuJg25CkEO7FYZv_Q91EwHh6xaTdSh9OmJVrYTwvzLfVz-rtb66GwW52cKC14jcLP9JKxb6cHUOTZPVGrEDGiSWwFl1RHqP04Ma6dJvzdfmTNvBLFkH-Usmq_nisjM7HGK_RVEop0-ZE/s640/s4.png" width="640" /></span></a></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">Between R2 and R3 (above) we can see that stack
is slightly smaller and the active SID is now 19005. This means R3 will forward
the packet to R5, once again removing one of the labels.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_YxdAoTCAS-mxQDIiEtpFavzVo4eBCgOJa8iyMHJzjgdHSS_QaahjYF1keRdh2-saJG0ToIU2Hw1u2DV_pvrU9fsepsn2hed81nUOXdNRhj-GPrXzUeQwv1C2hMoBgS7f3KgMaha116c/s1600/sr5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: black; font-family: inherit;"><img border="0" data-original-height="720" data-original-width="1280" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_YxdAoTCAS-mxQDIiEtpFavzVo4eBCgOJa8iyMHJzjgdHSS_QaahjYF1keRdh2-saJG0ToIU2Hw1u2DV_pvrU9fsepsn2hed81nUOXdNRhj-GPrXzUeQwv1C2hMoBgS7f3KgMaha116c/s640/sr5.png" width="640" /></span></a></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">Between R3 and R5 (above) we see the active SID
is now 19004, meaning that R5 will forward to R4 removing the SID before doing
so.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpkNDBYyKvClHV8dKPfrJlrutbX5j271fHQrSio0qe27_BTD8d3ok2WcPsAgeEoE-lylLDWi7NnPwMgf4c70q7joPANOJxijdRliG7z9zb1GBhGu0UellXwYhYkCbrvmxDylKRn9uc2ek/s1600/sr6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: black; font-family: inherit;"><img border="0" data-original-height="720" data-original-width="1280" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpkNDBYyKvClHV8dKPfrJlrutbX5j271fHQrSio0qe27_BTD8d3ok2WcPsAgeEoE-lylLDWi7NnPwMgf4c70q7joPANOJxijdRliG7z9zb1GBhGu0UellXwYhYkCbrvmxDylKRn9uc2ek/s640/sr6.png" width="640" /></span></a></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-family: inherit;"><span style="font-size: 12pt;">Above we see between R5 and R4 all the
SIDs have been removed, there is just a final label which represents the
customers </span><span style="font-size: 12pt;">vrf</span><span style="font-size: 12pt;">, and
so R4 knows to forward to R8.</span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
</div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;">In summary, we can see how segment
routing uses the MPLS labels to represent SIDS and how it is possible to
configure explicit routes through the providers network.</span></span><br />
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span>
<span style="font-size: 12pt;"><span style="font-family: inherit;"><a href="https://drive.google.com/open?id=1h-6XsLS4n5ex7ZqMxqGfQl6LnpNZH6qn" target="_blank">Click here for the VIRL demo file</a></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; unicode-bidi: embed; word-break: normal;">
<span style="font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td class="tr-caption" style="text-align: center;"></td></tr>
</tbody></table>
<br />
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="direction: ltr; language: en-US; margin-bottom: 0pt; margin-left: 0in; margin-top: 0pt; mso-line-break-override: none; punctuation-wrap: hanging; text-align: left; unicode-bidi: embed; word-break: normal;">
<span style="color: black; font-size: 12pt;"><span style="font-family: inherit;"><br /></span></span></div>
<br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-74285845127949448062019-01-29T18:18:00.000-08:002020-02-15T15:38:53.335-08:000x001AI completed a Bachelor of Engineering with Honours specialising in Telecommunications and Digital Systems between 1995 - 1999.<br />
<div>
I worked as a Design and then Senior Engineer in Network Development and Optimisation for OnAir Networks and then later in Terminal Interworking within Cellular Engineering. I loved it.</div>
<div>
After 9 months of maternity leave I tendered my resignation to care for my 3 children that I opted to have within 3.5 years to ensure I wasn't too long out of work.</div>
<div>
I completed a Masters in Computer Networking, multiple Cisco certifications and a couple of security certifications.</div>
<div>
I've worked as a Network & Security specialist from 2009 until current.</div>
<div>
I am currently working as the Director of a highly technical section.</div>
<div>
This is my history and here is what I've learnt from spending the last 0x001A years as a minority in my career.</div>
<div>
<br /></div>
<div>
<ul>
<li>My view of women in STEM events has evolved throughout my career. I've had times I hated them. Times I thought they achieved nothing and were a waste of time. I still see my former thoughts echo'd back in other tech women that just want to do their jobs. Today - they are not everything, but they raise awareness that there is a lack of women in tech roles and if only one more female is enabled from an event, then they are worth it. </li>
</ul>
<ul>
<li>When you meet another woman in tech, it can sometimes feel awkward. I'm so used to working with men that when I get to work with a female, I'm not so sure how to act. Some women love having an ally others will see you as competition. And some people will compare the only two women on the team, with comments like "Jenny is more technical than Sally". Don't compete with other women. We have enough to deal with.</li>
</ul>
<ul>
<li>When you start a new role, its harder to get credibility than a male. Not getting good projects, not being given full TACACS access, questioned on new engagements - it happens. As a female, its easier not to move around as much. Because once you've proven yourself and its understood you know your job very well - its easier to stay where you are. But don't. Put yourself out there - believe in yourself. </li>
</ul>
<ul>
<li>You will be mansplained to - multiple times. It's frustrating when that tech director painfully explains how to use ls on a linux system. This isn't a reflection on you, this is a reflection on them. This is their embarrassment not yours. Don't take this responsibility on, its not yours. Move on and ignore them.</li>
</ul>
<ul>
<li>There is an expectation that because you are female that you have better social skills, higher emotional intelligence and can represent and lead other generations. This is sexist. I had someone tell me that as a female I had a duty to behave better, kinder and nicer than everyone else. I don't. I'm shy, I'm introvert and I don't owe any more to the community than any other person doing their job in tech.</li>
</ul>
<ul>
<li>Take credit for your work. For many years I would allow other people to take credit for my work. When my name was forgotten in the credits, I would dismiss it and say it was okay. It's not okay. Don't be modest and accepting - women have the right to be as proud of their work as men do. If they say, "Sorry we forgot to give you credit", don't say its okay - tell them to correct the situation and do the right thing. Women are adverse to boastfulness. Don't be afraid of being proud of your work.</li>
</ul>
<ul>
<li>Remember why you're doing it. You will have bad days. You will be undermined and minimised. You will be talked over and mansplained. You will be dismissed as attending the "partners program" at tech conferences - the partners program being for wives and girlfriends of attendees. Forget all that and remember why you are here. When this happens, I put on my headphones, I sit at my computer and I lose myself in my tech. Because no matter what people say or think - this is my job, this is what I love doing and this is what I will continue doing.</li>
</ul>
<div>
Now get out there and do your tech jobs ladies!!</div>
</div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-84311762892313219642018-06-24T03:51:00.001-07:002018-06-24T04:00:58.510-07:00OzSecCon 2018<h2 style="text-align: center;">
</h2>
On 2-3rd of June 2018 I attended OzSecCon in Melbourne. I'm not really a locksport enthusiast by any stretch of the imagination, I'm happy to fiddle with a lock and pick during social night - but I don't go out of my way to find the locksport village at a conference. However - the atmosphere at OzSecon was overall amazing. Notwithstanding, it is hosted by Topy - the Australian who has lugged his locksport stores up, down, east and west across Australia, at his own personal expense, hosting the locksport villages at AusCert, Ruxcon, PlatypusCon, BSides Canberra and probably many more I'm forgetting. He is the drive behind growing Locksport in Australia - so if you are remotely into Locksport, OzSecCon is where you should be.<br />
<br />
I've done a brief writeup of the talks and workshops I attended below.<br />
<br />
<h4 style="text-align: center;">
DAY ONE </h4>
<h3>
‘Keynote: Red Teaming’, by Jek Hyde</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjH32VejTCb56iCSjt7YXW8U_RP9ZAOzALmv1c9FZZqpEMY5ccW_mqd_zt4zdCcaknPEGSJ9WbCb8JEs3lDYeOAi6y7ZLxaklaL4n2tkBr0q8NCDm0y5litDUtfM9Y33iVsm_Hx-nQL9_A/s1600/IMG_6999.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="727" data-original-width="1600" height="290" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjH32VejTCb56iCSjt7YXW8U_RP9ZAOzALmv1c9FZZqpEMY5ccW_mqd_zt4zdCcaknPEGSJ9WbCb8JEs3lDYeOAi6y7ZLxaklaL4n2tkBr0q8NCDm0y5litDUtfM9Y33iVsm_Hx-nQL9_A/s640/IMG_6999.JPG" width="640" /></a></div>
<br />
<br />
Jek works on Walmart Red team. She made it clear that her position on
the red team is to achieve physical access - not work on computers.
She referred to herself as a “Professional burglar”. She discussed secure facilities syndrome - in
which facilities tend to be very hard to get into but once in, is all
soft and squishy on the inside due to wanting to promote a good culture.
She did a walkthrough of a pentest she did in Canada. Started with
dumpster diving. Found out about meeting, made a fake pass, wore fake
pregnant belly, used a Bose cloner to clone a pass and got in.<br />
Installed keyloggers, Dropbox, rubby ducky & listening devices.
Heard a lady going out for lunch and used her office to gain access to
systems. Key takeaway point was that physical and logical are treated
separately when they affect each other so much and should be looked at
together.<br />
<br />
<h3>
‘Manipulation aids in opening safe locks’, by Jaakko Fagerlund</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWlyFR1eb7SQX-NqjW9b_sjee6nZv-B5ORzSvIqCpTtQbDK5FagiEKYXX0KMAISJESYP_saENYcvrQJwncpeBC4GK7-Tx0AeaSVtLLlZiMK-lu7XeuBazWhjaIm4uAxv_Sr23Mbg9FtPs/s1600/IMG_7002.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="480" data-original-width="640" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWlyFR1eb7SQX-NqjW9b_sjee6nZv-B5ORzSvIqCpTtQbDK5FagiEKYXX0KMAISJESYP_saENYcvrQJwncpeBC4GK7-Tx0AeaSVtLLlZiMK-lu7XeuBazWhjaIm4uAxv_Sr23Mbg9FtPs/s320/IMG_7002.jpg" width="320" /></a></div>
Jaakko is from Finland and is a machinist by trade and loves breaking all things mechanical.<br />
Discussed through the techniques of cracking dial combination safes. The
wheels within the dial can be different shapes and graphing (turning
the wheel through each number). Right contact point (sloped) is the one
that is most useful to measure. Showed graphs on the non-roundness of
wheels - 0.5mm deviation at some points. Exploits are based on dialing
tolerances, cheap electronics, reading wheels in the order W3, W2, W1.<br />
Advanced exploits use electronics to graph the wheel pack, ultimate way
is a manipulation robot (autodialler with a microphone - softdrill)<br />
<br />
<h3>
</h3>
<h3>
‘Cognitive biases and how to be less wrong’, by Alex Hogue</h3>
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDggQ_TSRd_W5GzEQPN4PNzN7zJZC89VIxpJALmAaeFcFieFnc1M45a-YyuJrMu6LR6aIY7oApDxSAO-cBfyyiaYeFUDe4V239C2hS1-Eu4C-kAJC_TKd1x89B4rmavgJgqo4ldnMqSlk/s1600/IMG_7006.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="480" data-original-width="640" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDggQ_TSRd_W5GzEQPN4PNzN7zJZC89VIxpJALmAaeFcFieFnc1M45a-YyuJrMu6LR6aIY7oApDxSAO-cBfyyiaYeFUDe4V239C2hS1-Eu4C-kAJC_TKd1x89B4rmavgJgqo4ldnMqSlk/s320/IMG_7006.jpg" width="320" /></a>Alex discussed base rate rejection. He explained that people are more likely to look at the
evidence without looking at the base rate. Eg. creaks in a plane ==
evidence of impeding crash despite base rate of crashes being low<br />
He also discussed confirmation bias. Eg. Verifying your hypothesis only with
tests that will result in positive confirmation. This can be beaten by using null
hypothesis - proving yourself wrong.<br />
Availability Heuristic - if there are more examples in public media,
then people assume it is more common eg. Ransomware. Leads to “after a
disaster we prepare more”<br />
Others: scarcity bias, loss aversion, sunk-cost fallacy, the halo
effect, outcome bias, inattentional blindless, bias bias, cognitive
dissidence creates more bias.<br />
Alex concluded with a very entertaining slight of hand routine done to a volunteer from the audience.<br />
<br />
<h3>
‘Tamper resistance bypasses’, by Connor and Emily Morrison</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgepMDxG_ygIRb9GjUMKzzNJmzI43CiZq3WcpVEO1TTXhY20oKZzsWMpRk7V5enKueh1-tkW0JZgJPziCqI1c_3Fql2vXv3cwOyvI7K7itNYLOiC7DsFDkIgtt3c4HhP3DyHM3ZDvDrhEs/s1600/IMG_7008.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="1200" data-original-width="1600" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgepMDxG_ygIRb9GjUMKzzNJmzI43CiZq3WcpVEO1TTXhY20oKZzsWMpRk7V5enKueh1-tkW0JZgJPziCqI1c_3Fql2vXv3cwOyvI7K7itNYLOiC7DsFDkIgtt3c4HhP3DyHM3ZDvDrhEs/s320/IMG_7008.jpg" width="320" /></a></div>
Covered different types of tamper evident seals with some recorded demos of removing them<br />
<br />
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h3>
</h3>
<h3>
</h3>
<h3>
</h3>
<h3>
‘How to disappear completely’, by Attacus</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwNgg9SRRaRwxnqWTZuoDAh6Z6ZsaubD8p3znElQm9DbTllgTpXGOsqyn-sJfivXoARMoQriywcOUs2sazHT4aykgs_pI35xLek3ExrBLqtw-7c-X56tDZR7dnlPDcyKWvSpz3UY_zdQE/s1600/IMG_7009.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="480" data-original-width="640" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwNgg9SRRaRwxnqWTZuoDAh6Z6ZsaubD8p3znElQm9DbTllgTpXGOsqyn-sJfivXoARMoQriywcOUs2sazHT4aykgs_pI35xLek3ExrBLqtw-7c-X56tDZR7dnlPDcyKWvSpz3UY_zdQE/s400/IMG_7009.jpg" width="400" /></a></div>
Atticus provided an overview of “Senseface” - which is a product that detects faces. She showed an admin
interface of a Westfield Info booth that records faces estimating gender
and age for advertising purchases. Atticus discussed Detection vs Recognition. Detection
is allowed without consent because it doesn’t relate to personal or
sensitive information. She spoke about the Identity-matching Services Bill
2018 - the Capability will be provided to Home Affairs for national
security, identity safety etc. She noted that the Attorney-General's department is in discussion about selling facial records to private companies.<br />
Second part of talk moved to techniques of avoid facial recognition.
Talked about how facial recognition worked and old school mitigation
techniques include, wearing a balaclava, wearing sunglasses or pulling
weird faces to avoid facial recognition.<br />
<a data-saferedirecturl="https://www.google.com/url?hl=en&q=http://cvdazzle.com&source=gmail&ust=1529921022279000&usg=AFQjCNFxK6YfeqS6fwFBPvaFFjwjzfKh8g" href="http://cvdazzle.com/" rel="noreferrer" target="_blank">cvdazzle.com</a> - Adam Harvey, <a data-saferedirecturl="https://www.google.com/url?hl=en&q=http://ahprojects.com&source=gmail&ust=1529921022279000&usg=AFQjCNHaM9ANhRsA1BkEo5jQAvudhOKoRg" href="http://ahprojects.com/" rel="noreferrer" target="_blank">ahprojects.com</a> provides solutions to avoiding facial recognition.<br />
<br />
<h3>
‘Back in time: Finnish lock industry’, by Thomas Covenant</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNmmrjeDIEM8J87uAZHXvA51vDMCjPAuc-EOaShAAOJJl4mgJlyolf6NcPbOIVIcUJlAZL-xKovT52zrVmqXaHP6kKeVmqL7wvmFr7CnZT7H1Mv46PJzO5flz26seZHLpnx7MU1fTJ3UI/s1600/IMG_7014.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="480" data-original-width="640" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNmmrjeDIEM8J87uAZHXvA51vDMCjPAuc-EOaShAAOJJl4mgJlyolf6NcPbOIVIcUJlAZL-xKovT52zrVmqXaHP6kKeVmqL7wvmFr7CnZT7H1Mv46PJzO5flz26seZHLpnx7MU1fTJ3UI/s320/IMG_7014.jpg" width="320" /></a></div>
Thomas covered off the history of locks in Finland, which is a leading region
of lock production because of the rockiness of the country.<br />
Karelian locks (a region ceded to the Soviet Union from Finland) date back to medieval Finland.<br />
She talked through wooden locks, development of metal and ornamental locks and the spiritual beliefs around locks keeping people safe.<br />
1920s industrialisation heralded Abloy locks in Finland. Designed by
Finnish man who repaired a cash till, and saw the rotating disks. 1918
patent registered, sold in 1919 for 34 euros<br />
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<br /></div>
<h4 style="text-align: center;">
DAY TWO</h4>
<div style="text-align: center;">
<br /></div>
<h3>
‘The ALC Galaxy Lock: an in-depth look’, by Adam Foster</h3>
Adam talked about how he bought and disassembled a galaxy lock, released by the Australian Lock
Company (ALC). He discussed how it worked and possible ways to attack it.
He stated that he had managed to pick it but he hadn't recorded it and couldn’t replicate.<br />
<br />
<h3>
‘Challenge locks’, by nullwolf</h3>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgB7tu2ZrlX2NwZbtPEIgpDImpIdc6eEQZPSjRgj2LEPEXsw5lQ-Pq8sbTbBns4WoalWKShyphenhyphenwB8G6ITFeOe2uXaV62IfOI8glpYysRsQGJexFlxtD5BIulzDifiVGS4TtyO2iAprGQvSX4/s1600/IMG_7027.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="479" data-original-width="640" height="239" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgB7tu2ZrlX2NwZbtPEIgpDImpIdc6eEQZPSjRgj2LEPEXsw5lQ-Pq8sbTbBns4WoalWKShyphenhyphenwB8G6ITFeOe2uXaV62IfOI8glpYysRsQGJexFlxtD5BIulzDifiVGS4TtyO2iAprGQvSX4/s320/IMG_7027.jpg" width="320" /></a>
Nullwolf started off explaining reasons why you would build challenge locks - Reddit lock-picking awards profile flair for
building challenge locks. He covered off on the rules for building a
challenge lock eg. At least 6 modifications, working key<br />
Covered shopping list required.<br />
Using a dremel to do pin sculpting<br />
<br />
<h4>
</h4>
<h4>
</h4>
<br />
<br />
<br />
<br />
<br />
<h3>
Impressioning Workshop</h3>
I attempted the impressioning workshop... twice! I was terrible at it. But I learnt a lot about the technique and skill involved to impression a key.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDB27DqmDypDTgNeeTccP4TBwmDbyQ_C5_DvV55Q-biUqstY1l5OeOF51a39YlU-2dZBDQSYCPrevPQmD4u6JiamvzpXoYrPZMZpimYdGkN0s2OAY3cW9780UPTAbEylnjiBhTBbWDMcQ/s1600/IMG_7024.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="640" data-original-width="480" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDB27DqmDypDTgNeeTccP4TBwmDbyQ_C5_DvV55Q-biUqstY1l5OeOF51a39YlU-2dZBDQSYCPrevPQmD4u6JiamvzpXoYrPZMZpimYdGkN0s2OAY3cW9780UPTAbEylnjiBhTBbWDMcQ/s320/IMG_7024.jpg" width="240" /></a></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY3sBNW7oDngl2ukN7hsWdZLvKnZyf-1_cdYVKQW3PefSX4gEMlZjz59MGdLkjvawOUiX7t8BH6lpAFcZGez3uAkXM0sVhMdul4X5th6G2cj59oH4fKZZfP1pEAtLDUfZqRqk8b6ZsXQI/s1600/IMG_7029.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="640" data-original-width="480" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY3sBNW7oDngl2ukN7hsWdZLvKnZyf-1_cdYVKQW3PefSX4gEMlZjz59MGdLkjvawOUiX7t8BH6lpAFcZGez3uAkXM0sVhMdul4X5th6G2cj59oH4fKZZfP1pEAtLDUfZqRqk8b6ZsXQI/s320/IMG_7029.jpg" width="240" /></a> <br />
<br />
<br />
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<h3>
Milling your own cutaway lock </h3>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqO8m4PBKxSKhM6AX1cwFzu01O3DD4GOhF-IS6kRztMD73zgIzQnCC9uZyY1wau12ve1JmVFgJ_CFjppEFHXU4mxfW_pMp9flBPiykokLea-KHQnmI39gJy4rqgy532scgHrLiOTo-OU8/s1600/IMG_7031.JPG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="640" data-original-width="360" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqO8m4PBKxSKhM6AX1cwFzu01O3DD4GOhF-IS6kRztMD73zgIzQnCC9uZyY1wau12ve1JmVFgJ_CFjppEFHXU4mxfW_pMp9flBPiykokLea-KHQnmI39gJy4rqgy532scgHrLiOTo-OU8/s320/IMG_7031.JPG" width="180" /></a>This is when I realised the value of OzSecCon being run at Melbourne Polytech. Access to all the machining tools allowed a live demo of creating cut away locks (plus many more machining demos that I missed). @anarchy_won did the demo and was patient and willing to answer any questions we had on mill types, techniques and other hints. It was fantastic seeing his passion and knowledge.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
As well as the talks and workshops, OzSecCon had an inclusive and welcoming environment. I was greeted with friendliness and helpfulness the whole conference. I attended the female lunch and the Friday night party - both were really enjoyable. The party was catered with Turkish and a neverending bartab!<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUdKNV8DgQXOZlhyphenhyphenbKky6NwdRSU842CgB-W__aNDGwvEek0daJ0jJoyOgessqDpnkw04wIHg8__3Pr7LOt13FrtBXBjkwf2jFIahMTI1rCZPqUNd2GW_CgegH9Y702Etu_ndHhwIVL4rM/s1600/IMG_7015.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="480" data-original-width="640" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUdKNV8DgQXOZlhyphenhyphenbKky6NwdRSU842CgB-W__aNDGwvEek0daJ0jJoyOgessqDpnkw04wIHg8__3Pr7LOt13FrtBXBjkwf2jFIahMTI1rCZPqUNd2GW_CgegH9Y702Etu_ndHhwIVL4rM/s320/IMG_7015.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFzFlqDlqbYcNvp1ReAAJLj6kEebO_u5wQf7-CDUVA0voBqZEk8xJtDojOckzVJ1uAqEruj8o-gmV72JjC6WMV302suEwrzY5jhmA8xdPKuuvwpkX1f1l36EYoZ9_e0B5PY-drA_v3iME/s1600/IMG_7016.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="481" data-original-width="640" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFzFlqDlqbYcNvp1ReAAJLj6kEebO_u5wQf7-CDUVA0voBqZEk8xJtDojOckzVJ1uAqEruj8o-gmV72JjC6WMV302suEwrzY5jhmA8xdPKuuvwpkX1f1l36EYoZ9_e0B5PY-drA_v3iME/s320/IMG_7016.jpg" width="320" /></a></div>
<br />
Overall, I've heard the locksport community likened to what the computer hacker community was 20 years ago. A little edgy and considered borderline inappropriate. However, like the trailblazers that made computer hacking mainstream, OzSecCon is breaking down barriers and making this important topic visible and accessible to everyone. Well done Topy & the OzSecCon Crew!!<br />
<br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-26399728081326733862018-05-28T03:10:00.002-07:002018-05-28T03:11:05.827-07:00BGP route injection - extending VIRL externally<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dxUUewSYcCJnH6nxxLHwkWOSMl9A1sb8Ke1w-kpOf0KqyL-MmGFrlg_9vjMKLDb1PqyU-O1pbjAwJGzIkmfLQ' class='b-hbp-video b-uploaded' frameborder='0'></iframe></div>
<br />
This simulation a demonstration of route injection in a BGP network with 6 AS' - which I demonstrated at CrikeyCon 2018. However, at that time I hadn't been able to extend outside of the VIRL environment so had to browse via wget commands on the server CLI.<br />
<br />
Today I had the time to configure my VIRL instance to extend to outside the environment to external devices (in this case a Windows VM).<br />
<br />
In retrospect, this wasn't very difficult. But there is very little clear documentation on how to do this. The steps to achieve this were.<br />
<br />
1. Configure the flat network under the VIRL Web GUI. Here we specify the IP address range of the external network and the interface on the VIRL VM/machine that we want to link to the external connection. Note down the flat network address.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpLaIl_-vV4G9piqYlRUR1KOBj11-oVJQf6AHpX72wiqV8LlEyb-NCd69Hl5uHVTLctIzqSjC36cLJggZk1AfFiOAZpbn7PAkpSweArjzMPieNyMTMUZxWhs_Wgls5wx83OzwUam3pcUQ/s1600/step1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="533" data-original-width="559" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpLaIl_-vV4G9piqYlRUR1KOBj11-oVJQf6AHpX72wiqV8LlEyb-NCd69Hl5uHVTLctIzqSjC36cLJggZk1AfFiOAZpbn7PAkpSweArjzMPieNyMTMUZxWhs_Wgls5wx83OzwUam3pcUQ/s400/step1.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
3. On the VIRL CLI we now find the bridged interface that has been allocated the flat IP Address 172.16.1.254<br />
<br />
<span style="font-size: x-small;"><span style="font-family: "courier new" , "courier" , monospace;"> virl@virl:~$ ifconfig<br />br1 Link encap:Ethernet HWaddr 00:0c:29:37:1c:0e<br /> inet addr:<span style="background-color: yellow;">172.16.1.254</span> Bcast:172.16.1.255 Mask:255.255.255.0 </span></span><br />
<br />
4. Then make sure eth1 has been associated to the appropriate bridge<br />
<span style="font-size: x-small;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span>
<span style="font-size: x-small;"><span style="font-family: "courier new" , "courier" , monospace;">virl@virl:~$ brctl show<br />bridge name bridge id STP enabled interfaces<br />br1 8000.000c29371c0e no dummy1<br /> eth1</span></span><br />
<br />
if this isn't the case use the command <span style="font-size: x-small;"><span style="font-family: "courier new" , "courier" , monospace;">brctl addif br1 eth1</span></span> and check again<br />
<br />
5. Add a flat device to your simulation. If connecting to a linux server and wanting to access the rest of the network, make sure you enable routing (ipv4_forward & iptables rules).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzoXlER3opt9TP_J5UFQ1eoazO-YI1P2CYv2SJQ8TjtqWpFCFa-lvYigtG29qi3z9FoHwzEZ91jQZn7aVDi7iLPTz3gx1L8QpGKsnDphaDpvruiTO1PwuD8dVQnfKiC94kB-6kJkk2XJ4/s1600/flat-2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="83" data-original-width="231" height="114" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzoXlER3opt9TP_J5UFQ1eoazO-YI1P2CYv2SJQ8TjtqWpFCFa-lvYigtG29qi3z9FoHwzEZ91jQZn7aVDi7iLPTz3gx1L8QpGKsnDphaDpvruiTO1PwuD8dVQnfKiC94kB-6kJkk2XJ4/s320/flat-2.png" width="320" /></a></div>
<br />
6. Ensure the network is configured to use the flat network that you've just setup<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1qkbRndOZagc5YBkf2AuqSqHQ9wL67EmQTL2RTo4u1_DjXtfkRQpZGzsVTKqGKAmD1FNdGOdz3tryeiw6vIwVdi9wg5WSKIUj__Yj4msPIEE01XIJb79i_iagYTBdICx19Sl56T4sUkY/s1600/flat-3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="157" data-original-width="557" height="179" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1qkbRndOZagc5YBkf2AuqSqHQ9wL67EmQTL2RTo4u1_DjXtfkRQpZGzsVTKqGKAmD1FNdGOdz3tryeiw6vIwVdi9wg5WSKIUj__Yj4msPIEE01XIJb79i_iagYTBdICx19Sl56T4sUkY/s640/flat-3.png" width="640" /></a></div>
<br />
7. When the simulation starts you should be able to attach to eth2 however you intend to, and ping/ssh to every device in your simulation (provided you have setup routing within the simulation to enable this)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUokmn69P8K1b4FmYGZGmyVRRCpIc9XZmhyAdNjn4w-hWdFf8Vtd1rI5LeaXJbPRRcY9UqPkPqn3Th4-lxIfFf8CtnvFBHhrE1c-UkCmGudKVxmflVVEwPVNhD7plG8u4Sklpfhtj7cIk/s1600/flat-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="81" data-original-width="253" height="128" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUokmn69P8K1b4FmYGZGmyVRRCpIc9XZmhyAdNjn4w-hWdFf8Vtd1rI5LeaXJbPRRcY9UqPkPqn3Th4-lxIfFf8CtnvFBHhrE1c-UkCmGudKVxmflVVEwPVNhD7plG8u4Sklpfhtj7cIk/s400/flat-1.png" width="400" /></a></div>
<br />
<br />
I wish someone had walked me through this last Feb when I was fairly time poor - but now it's done. I hope it helps someone. Happy simulating!! Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-63758199642285884142018-05-06T01:47:00.000-07:002018-05-06T01:47:14.978-07:00Getting Familiar with Scapy<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzf3zM5ZfibEjuoMuI7JnUEodb8vP4gE2N2f2Fbf67gPBc19la6TuKE5AwdthohLszDdKlBgSUKGTi1QvrELTjFhyphenhyphenRn92WUdUXFNDIGDiTKj5klqU_wk4ULuC7EQgZq3SpzmDFLX1QZiw/s1600/Screenshot+from+2016-09-13+17-27-48.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="168" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzf3zM5ZfibEjuoMuI7JnUEodb8vP4gE2N2f2Fbf67gPBc19la6TuKE5AwdthohLszDdKlBgSUKGTi1QvrELTjFhyphenhyphenRn92WUdUXFNDIGDiTKj5klqU_wk4ULuC7EQgZq3SpzmDFLX1QZiw/s640/Screenshot+from+2016-09-13+17-27-48.png" width="640" /></a></div>
<h3 style="text-align: center;">
<span style="font-family: "courier new" , "courier" , monospace;">Getting Familiar with Scapy</span></h3>
<a href="https://blogs.sans.org/pen-testing/files/2016/04/ScapyCheatSheet_v0.2.pdf">https://blogs.sans.org/pen-testing/files/2016/04/ScapyCheatSheet_v0.2.pdf</a><br />
<h4>
Navigating Classes/Layers:</h4>
<span style="font-family: inherit;">Check the details of each class/layer using ls():</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> ls(IP)<br />version : BitField = (4)<br />ihl : BitField = (None)<br />tos : XByteField = (0)<br />len : ShortField = (None)<br />id : ShortField = (1)<br />flags : FlagsField = (0)<br />frag : BitField = (0)<br />ttl : ByteField = (64)<br />proto : ByteEnumField = (0)<br />chksum : XShortField = (None)<br />src : Emph = (None)<br />dst : Emph = ('127.0.0.1')<br />options : PacketListField = ([])</span><br />
<br />
<span style="font-family: inherit;">Check commands available using lsc()</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-family: inherit;">Format is</span> command(packet)</span><br />
<h4>
<span style="font-family: "courier new" , "courier" , monospace;"></span></h4>
<h4>
<span style="font-family: "courier new" , "courier" , monospace;">Sending a Packet:</span></h4>
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> pkt=IP(dst="google.com")/ICMP()</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">sr - send & receive</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">srp - send & receive layer 2</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> sr1(pkt)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Begin emission:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">..................Finished to send 1 packets.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">........................................................................................................................................................................................................................................................................................................................................................................................................................^C</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Received 426 packets, got 0 answers, remaining 1 packets</span><br />
<br />
sr1 = send and receive 1 packet, will send one and wait for one response<br />
<br />
Using just send will just send and not wait for a response<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> send(pkt)<br />.<br />Sent 1 packets.</span><br />
<br />
Using sendp will send the packet at layer 2 (all classes with p are at the layer 2 level)<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> sendp(pkt)</span><br />
.<br />
Sent 1 packets.<br />
<br />
To see the result, sr always has tuples<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> (ans,unans) = sr(IP(dst='google.com')/ICMP())</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">Iterations:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> pkts = IP(dst='192.168.0.0/28')<br />>>> [pkt for pkt in pkts]<br />[<IP dst=192.168.0.0 |>, <IP dst=192.168.0.1 |>, <IP dst=192.168.0.2 |>, <IP dst=192.168.0.3 |>, <IP dst=192.168.0.4 |>, <IP dst=192.168.0.5 |>, <IP dst=192.168.0.6 |>, <IP dst=192.168.0.7 |>, <IP dst=192.168.0.8 |>, <IP dst=192.168.0.9 |>, <IP dst=192.168.0.10 |>, <IP dst=192.168.0.11 |>, <IP dst=192.168.0.12 |>, <IP dst=192.168.0.13 |>, <IP dst=192.168.0.14 |>, <IP dst=192.168.0.15 |>]<br />>>> <br /> </span><br />
<h4>
<span style="font-family: "courier new" , "courier" , monospace;">Reading/logging traffic:</span></h4>
<br />
<span style="font-family: "courier new" , "courier" , monospace;">Sniff packets on the interface:</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> pkts = sniff(count=24)</span><span style="font-family: "courier new" , "courier" , monospace;">>>> pkts<br /><Sniffed: TCP:19 UDP:4 ICMP:0 Other:1></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">Write the packets to a pcap file: </span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> wrpcap('./cap.pcap', pkts)<br /> </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Write the pcap file back to a rpkts variable: </span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> rpkts = rdpcap('./cap.pcap')<br />>>> rpkts<br /><cap.pcap: TCP:19 UDP:4 ICMP:0 Other:1></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br />Use str() and hexdump() to also see the raw packet</span><br />
<br />
<h4>
</h4>
<h4>
Fuzzing:</h4>
verify which fields will be fuzzed by doing something similar to:<br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;">>>> (IP(dst='8.8.8.8')/fuzz(UDP()/BOOTP())).show()</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
State machine!!<br />
http://www.secdev.org/projects/scapy/doc/advanced_usage.html#automata<br />
<br />
<br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-7472986998763419352018-05-06T01:18:00.001-07:002018-05-06T01:18:36.882-07:00Photo Journey<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><h2 style="text-align: start;">
<span style="text-align: center;"><span style="font-size: small;">2016 - Opening Ceremony of the first BSides Canberra</span></span></h2>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizXicvrPXxIYlDC-ReZGQcsIPWUmqmwPXnI5rM6exZiL0-f6lHajr0LLMq0EobRc2dh7bQADHZ0ysGuJW2hYVzCy8RBUqVUnSsDxIvTwhV1PAWlrjVrvfr6lBCcGoTCgJveCuq1t5rxvg/s1600/opening.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" data-original-height="720" data-original-width="960" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizXicvrPXxIYlDC-ReZGQcsIPWUmqmwPXnI5rM6exZiL0-f6lHajr0LLMq0EobRc2dh7bQADHZ0ysGuJW2hYVzCy8RBUqVUnSsDxIvTwhV1PAWlrjVrvfr6lBCcGoTCgJveCuq1t5rxvg/s640/opening.jpg" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><div style="font-size: 12.8px;">
2016 - Opening Ceremony of the first BSides Canberra</div>
<h2 style="text-align: left;">
<span style="text-align: center;"><span style="font-size: small;">2015 - Sydney CCIE bootcamp:</span></span></h2>
</td></tr>
</tbody></table>
<ul>
<li><br /></li>
</ul>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><h2>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha41qNb90cuc6eZKMkjSb10WTk1CndzKr-_nBU0-nvge6nJpCJ4J19uUtMYGSrKiGDqa9AuItBfRvcedcAnTSItXDNtHb-sRPTFDf7iIjDWACPcAPSsBr2Nm-AMHkQlmxAIfLi9P_NAbg/s1600/ccie-bootcamp.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-size: small;"><img border="0" data-original-height="285" data-original-width="380" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha41qNb90cuc6eZKMkjSb10WTk1CndzKr-_nBU0-nvge6nJpCJ4J19uUtMYGSrKiGDqa9AuItBfRvcedcAnTSItXDNtHb-sRPTFDf7iIjDWACPcAPSsBr2Nm-AMHkQlmxAIfLi9P_NAbg/s640/ccie-bootcamp.png" width="640" /></span></a></h2>
</td></tr>
<tr><td class="tr-caption"><h2 style="text-align: left;">
<span style="font-size: small;"><span style="text-align: center;">2012 - Participating in my first CTF - Ruxcon</span></span></h2>
</td></tr>
</tbody></table>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKjhmbudZ-ZacU1ZqVMBWVEySwCZgHXxKdb9jaXEOaYX0RcGlAWNMuQtL-J75ZmxnrbOkBTPG62hieOqLabb7tiSPBvc0hef72b5eHSlOnXVjbdGHV5FlIqWm5y9OCNB13JMOicZriN5o/s1600/ctf.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="255" data-original-width="383" height="426" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKjhmbudZ-ZacU1ZqVMBWVEySwCZgHXxKdb9jaXEOaYX0RcGlAWNMuQtL-J75ZmxnrbOkBTPG62hieOqLabb7tiSPBvc0hef72b5eHSlOnXVjbdGHV5FlIqWm5y9OCNB13JMOicZriN5o/s640/ctf.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="font-size: 12.8px;">2012 - Participating in my first CTF - Ruxcon</td></tr>
</tbody></table>
<div>
<h2>
<span style="text-align: center;"><span style="font-size: small;">1995 - ANU hosting Women in Engineering</span></span></h2>
<span style="text-align: center;">M</span><span style="text-align: center;">e on far left in black</span></div>
<div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2Fkzjnj6EkYenFji9tF8Z2htIhPMvmKFLbqND-bcP2Xfsv5SGW33qW3Kp1irqXaREGn8zmytaMyXffybTE6HrHL-AWF0kpTNVdz6Vj8bo8iqC2AkXxSmCJavC-x_1pyooJOyy0fhPcrE/s1600/women+in+engineering.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="636" data-original-width="463" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2Fkzjnj6EkYenFji9tF8Z2htIhPMvmKFLbqND-bcP2Xfsv5SGW33qW3Kp1irqXaREGn8zmytaMyXffybTE6HrHL-AWF0kpTNVdz6Vj8bo8iqC2AkXxSmCJavC-x_1pyooJOyy0fhPcrE/s640/women+in+engineering.png" width="464" /></a></td></tr>
<tr><td class="tr-caption" style="font-size: 12.8px;"><br /></td></tr>
</tbody></table>
<br />
<div style="text-align: center;">
</div>
</div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-80958213320640806242018-04-30T04:59:00.001-07:002018-04-30T04:59:19.166-07:00L2 Attacks against Virtual Devices - CHCon 2017My presentation at Christchurch Hackercon (ChCon) 2017 on L2 attacks against virtual device.<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="270" src="https://www.youtube.com/embed/iNckg7jk54o" width="480"></iframe>Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-85204287389235685042018-04-29T20:24:00.002-07:002018-04-29T20:24:47.715-07:00BGP Route Injection<br />
<br />
A recording of my CrikeyCon 2018 talk on using VIRL to demonstrate BGP route redirection:<br />
<br />
<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="270" src="https://www.youtube.com/embed/sa3H6DVW0AI" width="480"></iframe>Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com1tag:blogger.com,1999:blog-2730543342374416640.post-11501325629133037282018-01-07T22:04:00.000-08:002018-01-07T22:04:05.102-08:00Trialing Cisco Talos' Mutiny<span style="font-family: Arial,Helvetica,sans-serif;">These instructions are based off the Cisco Talos video tutorial: <a href="https://www.youtube.com/watch?v=FZyR6MgJCUs&sns=em" target="_blank">https://www.youtube.com/watch?v=FZyR6MgJCUs&sns=em</a> </span><br />
<h4>
Setup the Server</h4>
<br />
<span style="font-family: Arial,Helvetica,sans-serif;">On Ubuntu in the home directory run the following commands:</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> </span><br />
<span style="font-family: "Courier New",Courier,monospace;">git clone https://github.com/Cisco-Talos/mutiny-fuzzer.git<br />git clone https://github.com/Cisco-Talos/Decept<br />cd mutiny-fuzzer/<br />tar xvzf radamsa-0.3.tar.gz <br />cd radamsa-0.3/<br />make<br />cd .. </span><br />
<h4>
Run the sample App</h4>
<span style="font-family: "Courier New",Courier,monospace;">cd ~/mutiny-fuzzer/sample_apps/pidlisten/source/<br />python pid_listener.py </span><br />
<span style="font-family: "Courier New",Courier,monospace;">python test_client.py 8888 (in a new terminal)</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvMuQphhoLqyrf26KJnZi0M0seeDVzOoKfmOcMyw37OnztMNJD2esyn6DWNvKpdC7fYC0AaFW3D0aDmNYd6dX9QNNkPnVVNyEbwSPibqncmDFbZr5hgvrzd_uKgN4ydUxgE9RimrK8s14/s1600/Screenshot+from+2018-01-08+16-42-51.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="459" data-original-width="720" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvMuQphhoLqyrf26KJnZi0M0seeDVzOoKfmOcMyw37OnztMNJD2esyn6DWNvKpdC7fYC0AaFW3D0aDmNYd6dX9QNNkPnVVNyEbwSPibqncmDFbZr5hgvrzd_uKgN4ydUxgE9RimrK8s14/s1600/Screenshot+from+2018-01-08+16-42-51.png" /></a></div>
<h4>
Use the Decept Proxy to get sample input:</h4>
<span style="font-family: Arial,Helvetica,sans-serif;">Test Decept: </span><br />
<span style="font-family: "Courier New",Courier,monospace;">cd ~/Decept/<br />python decept.py 127.0.0.1 8888 127.0.0.1 9999 --timeout .2</span><br />
<span style="font-family: "Courier New",Courier,monospace;">cd ~/mutiny-fuzzer/sample_apps/pidlisten/source/ (in a new term)<br />python pid_listener.py </span><br />
<span style="font-family: "Courier New",Courier,monospace;">python test_client.py 8888 (in a new terminal)</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX9jR34ZITq5CIyN7u7N_azv5YKs0SdJsP79mWv8VFMeR3v1u1jXntZszCd9_t_Q2f4ItYCOsGDK-SfKDPrF_H9KiFuItNWBEHA0JzOpq36ZXaqXO58tnNNZlYBp7zLUH8nDF0z3RwF-E/s1600/Screenshot+from+2018-01-08+16-46-12.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="301" data-original-width="600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX9jR34ZITq5CIyN7u7N_azv5YKs0SdJsP79mWv8VFMeR3v1u1jXntZszCd9_t_Q2f4ItYCOsGDK-SfKDPrF_H9KiFuItNWBEHA0JzOpq36ZXaqXO58tnNNZlYBp7zLUH8nDF0z3RwF-E/s1600/Screenshot+from+2018-01-08+16-46-12.png" /></a></div>
<br />
<br />
<span style="font-family: Arial,Helvetica,sans-serif;">Generate sample input: </span><br />
<span style="font-family: "Courier New",Courier,monospace;">pythonNew decept.py 127.0.0.1 8888 127.0.0.1 9999 --timeout .2 --fuzzer fuzzer.pid</span><br />
<span style="font-family: "Courier New",Courier,monospace;">cd ~/mutiny-fuzzer/sample_apps/pidlisten/source/<br />python pid_listener.py </span><br />
<span style="font-family: "Courier New",Courier,monospace;">python test_client.py 8888 (in a new terminal)</span><div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKYk_mfS9Niwk8UlxnjBd9q84VIWLn-vaV-rEQKB8ODaxOKuG24hqguctaZK1pCrhwhjUxuZEAU4uAmVoyGK8qP-ugWjD2jRNwzK2Y-Ay3FRN6O_7CFFVk5wzFlYVgFD8EligLylHdGl8/s1600/Screenshot+from+2018-01-08+16-47-19.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="445" data-original-width="600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKYk_mfS9Niwk8UlxnjBd9q84VIWLn-vaV-rEQKB8ODaxOKuG24hqguctaZK1pCrhwhjUxuZEAU4uAmVoyGK8qP-ugWjD2jRNwzK2Y-Ay3FRN6O_7CFFVk5wzFlYVgFD8EligLylHdGl8/s1600/Screenshot+from+2018-01-08+16-47-19.png" /></a></div>
<br />
<br />
<span style="font-family: Arial,Helvetica,sans-serif;">Modify input and move to correct diretory:</span><br />
<span style="font-family: "Courier New",Courier,monospace;">vi fuzzer.pid <br />mv fuzzer.pid ../mutiny-fuzzer/</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7XA1DoJvwKOGprGAKUur5zyp2dYwEZxK7viI_TTyZkXALSVlbLuJ5FrOb9BQOz9TFGsPs-W4rqi_BPC5yAV3Za48d9JLis0olA_ennBLStk1AWrUEE7IX-agumzjp1Gtw8l6-pkri51A/s1600/Screenshot+from+2018-01-08+16-49-25.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="643" data-original-width="600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7XA1DoJvwKOGprGAKUur5zyp2dYwEZxK7viI_TTyZkXALSVlbLuJ5FrOb9BQOz9TFGsPs-W4rqi_BPC5yAV3Za48d9JLis0olA_ennBLStk1AWrUEE7IX-agumzjp1Gtw8l6-pkri51A/s1600/Screenshot+from+2018-01-08+16-49-25.png" /></a></div>
<span style="font-family: "Courier New",Courier,monospace;"> </span><br />
<h4>
Run Mutiny: </h4>
<span style="font-family: "Courier New",Courier,monospace;">python mutiny.py fuzzer.pid </span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimrnHX4lGFgRVAjFZRjbiZ30DFMt6Ixsxfk7dncHYFVjOOEyYTa_Inj44_spgW6rvx4v-LdQE4nQeI_Pvi1uoi4eR9ULCXrAThUOSO6TLzPxL6eJDjX3oUBsvVI91zXJexDYvLObZcaKY/s1600/Screenshot+from+2018-01-08+16-09-28.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1018" data-original-width="675" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimrnHX4lGFgRVAjFZRjbiZ30DFMt6Ixsxfk7dncHYFVjOOEyYTa_Inj44_spgW6rvx4v-LdQE4nQeI_Pvi1uoi4eR9ULCXrAThUOSO6TLzPxL6eJDjX3oUBsvVI91zXJexDYvLObZcaKY/s1600/Screenshot+from+2018-01-08+16-09-28.png" /></a></div>
<span style="font-family: "Courier New",Courier,monospace;"> </span><br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com11tag:blogger.com,1999:blog-2730543342374416640.post-27244722519722204392016-05-27T19:19:00.000-07:002016-05-27T19:19:55.456-07:00Setting up a FC target using LIO<br />
<br />
<br />
<br />
<br />
<header class="entry-header" style="background-color: white; border: 0px; line-height: 14px; margin: 0px 0px 1.71429rem; padding: 0px; vertical-align: baseline;"><div style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; clear: both; font-family: 'open sans', helvetica, arial, sans-serif; font-weight: normal; line-height: 1.2; margin: 0px; padding: 0px; vertical-align: baseline;">
<div style="text-align: center;">
<span style="color: black;"><span style="border-color: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-style: initial; font-size: large;"><u>How I SetUp a FC Target on Linux</u></span></span></div>
</div>
<div style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; clear: both; font-family: 'open sans', helvetica, arial, sans-serif; font-size: 1.57143rem; font-weight: normal; line-height: 1.2; margin: 0px; padding: 0px; vertical-align: baseline;">
<span style="color: black;"><span style="border-color: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-style: initial; font-size: 22px;"><br /></span></span></div>
<div style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; clear: both; font-family: 'open sans', helvetica, arial, sans-serif; font-weight: normal; line-height: 1.2; margin: 0px; padding: 0px; vertical-align: baseline;">
<span style="font-size: large;">1. Install Fedora 23 & targetcli</span><br />
<span style="color: #444444; font-size: 14px; line-height: 24.0001px;"><br /></span>
<span style="color: #444444; font-size: 14px; line-height: 24.0001px;">Install Fedora 23. Use yum to install the following packages:</span><br />
<span style="color: #444444; font-size: 14px; line-height: 24.0001px;"><br /></span>
<span style="color: #444444; font-size: 14px; line-height: 24.0001px;"><i>yum install targetcli </i></span><br />
<span style="color: #444444; font-size: 14px; line-height: 24.0001px;"><i>yum install scsi-target-utils</i></span><br />
<br /></div>
<div style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; clear: both; font-family: 'open sans', helvetica, arial, sans-serif; font-size: 1.57143rem; font-weight: normal; line-height: 1.2; margin: 0px; padding: 0px; vertical-align: baseline;">
<span style="color: black;"><span style="border-color: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-style: initial; font-size: 22px;">2. Configure your FC HBA as a target (not initiator)</span></span></div>
<div class="comments-link" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: 0.928571rem; line-height: 1.84615; margin: 1.71429rem 0px 0px; padding: 0px; vertical-align: baseline;">
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 1.71429;">The most crucial bit is to verify that the qla2xxx driver has initiator mode disabled — it should be operating in target mode only. You can check this with:</span><br />
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; font-style: italic; line-height: 1.71429;"><br /></span>
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; font-style: italic; line-height: 1.71429;">cat /sys/module/qla2xxx/parameters/qlini_mode</span><br />
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 1.71429;"><br /></span>
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 1.71429;">It should say ‘disabled’. If it doesn’t, create a file called /usr/lib/modprobe.d/qla2xxx.conf and put:</span><br />
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; font-style: italic; line-height: 1.71429;"><br /></span>
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; font-style: italic; line-height: 1.71429;">options qla2xxx qlini_mode=disabled</span><br />
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 1.71429;"><br /></span>
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 1.71429;">in it. Then, run ‘dracut -f’ to rebuild your initrd, and reboot.</span><br />
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 1.71429;"><span style="font-family: "open sans" , "helvetica" , "arial" , sans-serif; line-height: 24.0001px;"><br /></span></span>
<span style="color: #444444; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 1.71429;"><span style="font-family: "open sans" , "helvetica" , "arial" , sans-serif; line-height: 24.0001px;">targetcli won’t let you create a qla2xxx fabric if qlini_mode is wrong.</span></span></div>
</header><br />
<div class="entry-content" style="background-color: white; border: 0px; color: #444444; line-height: 1.71429; margin: 0px; padding: 0px; vertical-align: baseline;">
<div style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: 'open sans', helvetica, arial, sans-serif; line-height: 1.71429; margin-bottom: 1.71429rem; padding: 0px; vertical-align: baseline;">
<div style="font-size: 14px;">
<span style="color: black; font-size: large; line-height: 19.2px;">3. Use targetcli to configure the LUN</span></div>
<div style="font-size: 14px;">
<span style="line-height: 1.71429;"><br /></span></div>
<div style="font-size: 14px;">
<span style="line-height: 1.71429;">Start targetcli by running:</span><br />
<span style="line-height: 1.71429;"><br /></span>
<span style="line-height: 1.71429;"><i>targetcli</i></span><br />
<span style="line-height: 1.71429;"><br /></span>
<span style="line-height: 1.71429;">Once in targetcli, you can type 'help' to review the available commands and 'ls' to review the current structure.</span><br />
<span style="line-height: 1.71429;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgW3tz800bK9EvP35ITaGo-MfeN6hR110nrErzjqa9fXxStp3kltYMWMWL2JOw8_9kCBO7G-N-unoYjV4w2lWQAMLBj8BUo-zsXactyq4Wbi5ktEaSPYfO5LTb3vaDOQhDr3My5XvHxEp8/s1600/FC-target-in-linux.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgW3tz800bK9EvP35ITaGo-MfeN6hR110nrErzjqa9fXxStp3kltYMWMWL2JOw8_9kCBO7G-N-unoYjV4w2lWQAMLBj8BUo-zsXactyq4Wbi5ktEaSPYfO5LTb3vaDOQhDr3My5XvHxEp8/s640/FC-target-in-linux.jpg" width="640" /></a></div>
<span style="line-height: 1.71429;"><br /></span></div>
</div>
</div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-4574027056700359362016-05-02T21:03:00.001-07:002016-05-02T21:03:21.420-07:00FC Security Investigation<div class="separator" style="clear: both; text-align: left;">
I've been really lucky to be able to present my investigations into FC security at <a href="http://acsc2016.com.au/program/?IntCatId=27&IntContId=7741#fibre" target="_blank">ACSC 2016</a>,<a href="http://www.bsidesau.com.au/2016talks.html" target="_blank"> BSides Canberra 2016</a> and <a href="http://wahckon.org.au/" target="_blank">WAHCKon[3]</a>.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Here are some of the recorded demos from my talk.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: large;"><b><u>Fabric Login on Protocol Analyzer</u></b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dxkbiDxWqzI7HpuugqP7-uTPTo6owNq4xkAHW6L1IIyDcyNog5d-9Lh3YbH-lWAW2v1vqtF4d4yz-rqMs9YFA' class='b-hbp-video b-uploaded' frameborder='0'></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: large;"><u><b>SAN Enumeration</b></u></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dznUZrtoDT_GFjEZRjp5RMeUbucVYbe4lrAojWojTI-fnb3EhpSiMfuP6UjOs0GHulEeXkKYmaWqkhHd0lSLQ' class='b-hbp-video b-uploaded' frameborder='0'></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<b><u><span style="font-size: large;">WWN Spoofing</span></u></b></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dxHieCgr29hhgFsNKeL_URlYUDYr1pvAWG8z3tCdgHPuZcvRvdw-AVdrTeAfX-ukhzbbc0AEroDgsT-73YsmA' class='b-hbp-video b-uploaded' frameborder='0'></iframe></div>
<br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-71043513747451900792016-05-02T20:27:00.001-07:002018-05-06T01:32:58.858-07:00Living with a Hacker<div class="p1">
A couple of years ago I joined toastmasters to overcome my fear of public speaking. Not sure it worked, but I did find a copy of my second speech (5 mins) and thought it was pretty funny.</div>
<div class="p1">
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br /></div>
<div class="p1">
-----------------------------------</div>
<div class="p1">
<br /></div>
<div class="p1">
<div style="text-align: center;">
<b><u>Living with a Hacker</u></b></div>
</div>
<div class="p2">
<br /></div>
<div class="p1">
Madame, fellow toastmasters and guests.</div>
<div class="p2">
<br /></div>
<div class="p1">
My talk tonight was motivated by Silvio’s talk a few weeks ago about his association with computer security and xxx’s talk a few months ago now about living with bad flatmates. I wouldn’t say Silvio is a bad flatmate as such but he is definitely an interesting person to live with. I guess I was asking for it when I met him at a hacker conference in Melbourne some time ago. So with out further ado, the good, the bad and the ugly of living with a hacker.</div>
<div class="p2">
<br /></div>
<div class="p1">
Let’s start with the good. There is a certain uniqueness to being able to decompile a program binary into an intermediate language, pull out feature sets and do comparisons to malware families using machine learning. It’s safe to say Silvio’s skill set is very unique and companies are prepared to pay well for his services. However… despite this, he is always broke. This is due to his hacker nature that drives him to purchase every new and exciting electronic gadget that can either be hacked or can assist him in his hacking. To date we have a $2200 piece of equipment that looks like a set of kitchen scales that will read firmware off NAND chips, two different $500 odd FPGA development boards, two software defined radio boards including this one which had a small accident but cost around $1,200. The list is endless. In fact, we have 6 odd meters of desks, a 2 meter high tool chest, 6 shelves and a tool trolley all dedicated to holding his equipment. And that’s just inside the house, the shed is another matter. In our house, no electrical object can ever be thrown out, after all - every piece of junk is a potential hacking project.</div>
<div class="p2">
<br /></div>
<div class="p1">
This brings me to my second point I want to make about what to expect when living with a hacker. Everything is taken apart. For example, last month Silvio bought two IP phones. Fantastic, I thought, as our current household phone was out of action. About a week later I decide to set up the IP phone so that we can use it. Here is my next exhibit. When I asked what happened to it he matter-of-factly answers, “I disassembled it”… when I asked why he answered, “to see if I could connect to it with UART”. Of course. I wish I could’ve brought in our current ADSL modem, needless to say when the TPG technician came over about some noise on our line he was impressed the modem was still functioning.<br />
<br /></div>
<div class="p2">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzX0mOxA7HXlvJCPGChz3CEMyyxjAT34lGevYMsOH9uXRRvGqwemHln43oFPSdIQ6zIY1nsXfXBFPhoxau6CMutjEBkpWdf9zrTVAE3ikhIdAzqcGuiIvlGXkxUO1g5J4MiOz2aSWeazc/s640/blogger-image--656636544.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzX0mOxA7HXlvJCPGChz3CEMyyxjAT34lGevYMsOH9uXRRvGqwemHln43oFPSdIQ6zIY1nsXfXBFPhoxau6CMutjEBkpWdf9zrTVAE3ikhIdAzqcGuiIvlGXkxUO1g5J4MiOz2aSWeazc/s320/blogger-image--656636544.jpg" width="240" /></a></div>
<div class="p1">
<br />
But hacking is not limited to just physical components, with the introduction of software defined radio, my hacker housemate has begun hacking the airwaves. I remember one night sitting at home, watching TV in dim mood lighting, my hacker housemate was away giving a lecture. Suddenly and unexpectedly my lamp turns on. Creepy. Turns out, my hacker had reverse engineered a wireless remote that turned on and off lights and set up some code on his computer that turned on the lights at random times. Lesson 3, expect the unexpected.</div>
<div class="p2">
<br /></div>
<div class="p1">
I should’ve known better when my hacker housemate asked if he could drop me at work and borrow my car for the day. For any other housemate this might seem like an innocent request, but of course, if your housemate is a hacker this comes with a twist. Two months later my car <a href="https://www.wired.com/2014/08/wireless-car-hack/" target="_blank">featured in the media</a> having been unlocked without the remote. A few times my remote became unsynced from the car, but I put my foot down sternly when a hacker fanboy suggested to my housemate that he might have gotten even further if he had opted to take the dashboard off the car to get to the receiver. Lesson 4, never assume the hacker is borrowing you stuff for the purpose for which it is intended.</div>
<div class="p2">
<br /></div>
<div class="p1">
So we’ve covered software, hardware, radio… but a hacker wants to be extensible in his skill set. I haven’t yet mentioned his chemistry adventures. I know what you’re thinking, what on earth does chemistry have to do with hacking? This is a complicated matter and pulls on several areas. I’ll see if I can explain this as clearly as possible. On most circuit boards there are little black square chips that are called integrated circuits, they are pretty much a printed electronic circuit that serves a specific function and have saved programs on them. They have protections in place to stop hackers from pulling off the code to find weaknesses in it. But that won’t stop my hacker housemate - apparently putting the chip into highly concentrated, heated nitric acid will melt away the plastic, expose the silicon circuit which you can then reverse to determine the program and if it has any weaknesses. This leads me to my next story of my hacker housemate in a black vinyl apron, chemical spill board, chemistry hot plate, several beakers and a gas mask. I’m not kidding, it looked like something from Breaking Bad. Fuming nitric acid is extremely dangerous with the possibility of burning your throat and lungs irreparably if inhaled. But all this is worth it, just so you can realise your dreams of placing a back door in an alarm system so that doing 3 star jumps in the front of the sensor will turn it off. Last lesson - living with a hacker is dangerous for your health.</div>
<div class="p2">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCTDAcmRsFx4t_-pXCk96w6tXDe4LoQGUaDBkwz1MgEYn1_YJ2TqqClt9ARgRLHqfa7kQvKCrC3zZGobDmzkVZFUH0VyGADMPzgdl0bwl0va372HKWH8eDNyp0ia6F9kdhJITPVNSKly8/s1600/silvio.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCTDAcmRsFx4t_-pXCk96w6tXDe4LoQGUaDBkwz1MgEYn1_YJ2TqqClt9ARgRLHqfa7kQvKCrC3zZGobDmzkVZFUH0VyGADMPzgdl0bwl0va372HKWH8eDNyp0ia6F9kdhJITPVNSKly8/s320/silvio.jpg" width="320" /></a></div>
<br /></div>
<br />
<div class="p1">
But in all seriousness. Despite living in a house that is electronically better equipped than a small electronics manufacturing company. Despite the cover of everything electronic being unscrewed and circuitry exposed. Despite the fright of random unexpected automation around the house and my stuff being exploited. Even despite the possibility of an impeding AFP raid or worse, burnt lungs. Despite all these adventures and more, living with a hacker is the most fun thing I’ve done.</div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-90774213785862765232015-12-30T15:54:00.002-08:002018-05-06T01:33:45.462-07:00Yersinia Spanning Tree Protocol (STP)<div>
STP is a layer 2 protocol that prevents loops from occurring in a switched network. Each switch involved in the process sends out BPDU packets to elect a root bridge and from here, ports are given a role of either root, designated, alternate, backup or disabled.</div>
<div>
Ports that are either root or designated are active ports in the topology, whereas alternate, backup and disabled ports do not forward packets.</div>
<div>
The root switch has all designated ports and each other switch has one root port which is the fastest path to the root bridge and any number of other port types.<br />
More details on the STP protocol can be read at: <a href="http://www.cisco.com/c/en/us/tech/lan-switching/spanning-tree-protocol/index.html" target="_blank">Cisco STP Summary</a></div>
<div>
<br /></div>
<div>
When the STP protocol screen is opened in Yersinia ncurses, each unique BPDU seen by the active interface is listed. The up and down arrows can be used to click on the BPDU to inspect the contents.</div>
<div>
<br /></div>
<div>
In the example below, the first BPDU seen is from the switch that my linux box is connected to. Opening this BPDU it can be seen that the RootId matches what is on the switch.</div>
<div>
<br /></div>
<div>
Further down, surrounded by green is the details that Yersinia has populated into a BPDU that it will send in an attack. In the example below, it can be seen that the populated RootId is <span style="font-family: "courier new" , "courier" , monospace;">5080.760F0E14AC58</span> which is lower than the RootId in the received BPDU (<span style="font-family: "courier new" , "courier" , monospace;">8028.0014A9B0E800</span>). Which means the switch will receive a superior BPDU when this packet is sent.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpDYebrQjl3nOh2kve1pcbx1JSGOBkWzXp4m0k7CPBkWpilOjZK1_Balv53bHyILfUtqnhRPgsdqXh4tv3fgzP2dR9-8PU360IvwqPyAUo1XdYvaTkUqt3MQBxCOl-G64JAF-UzzKJgCQ/s1600/STP-example1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpDYebrQjl3nOh2kve1pcbx1JSGOBkWzXp4m0k7CPBkWpilOjZK1_Balv53bHyILfUtqnhRPgsdqXh4tv3fgzP2dR9-8PU360IvwqPyAUo1XdYvaTkUqt3MQBxCOl-G64JAF-UzzKJgCQ/s1600/STP-example1.png" /></a></div>
<div>
<br />
Clicking '<span style="font-family: "courier new" , "courier" , monospace;">x</span>' in Yersinia shows the available attacks for the active protocol. In this case, STP has 6 available attacks to choose from.<br />
<br />
<div style="-webkit-text-stroke-width: 0px; color: black; font-family: 'Times New Roman'; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 1; word-spacing: 0px;">
</div>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="-webkit-text-stroke-width: 0px; font-family: 'Times New Roman'; letter-spacing: normal; margin-bottom: 0.5em; margin-left: auto; margin-right: auto; orphans: auto; padding: 6px; text-align: center; text-indent: 0px; text-transform: none; widows: 1; word-spacing: 0px;"><tbody>
<tr><td style="text-align: center;"><div style="margin: 0px;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhV5KpEKgp78nFypt_vufLca7pRlNS6RxFVhCo0J_BQls6OYdWKUaUxUDjoqjjeD-0cW1CkKoNfaa6klthzf7F_5b85jG_JOvit9hkfOQH3NtXtg1uiw7AvU1RM6dfjggywzW8Fn9JZHco/s1600/STP.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhV5KpEKgp78nFypt_vufLca7pRlNS6RxFVhCo0J_BQls6OYdWKUaUxUDjoqjjeD-0cW1CkKoNfaa6klthzf7F_5b85jG_JOvit9hkfOQH3NtXtg1uiw7AvU1RM6dfjggywzW8Fn9JZHco/s400/STP.png" width="400" /></a></div>
</td></tr>
<tr><td class="tr-caption" style="font-size: 12.8px; padding-top: 4px; text-align: center;"><div style="margin: 0px;">
Yersinia Spanning-Tree Protocol attack options</div>
</td></tr>
</tbody></table>
</div>
<u><span style="font-family: "arial" , "helvetica" , sans-serif;"><b>Attack 0: sending conf BPDU</b></span></u><br />
<u><span style="font-family: "arial" , "helvetica" , sans-serif;"><b><br /></b></span></u>
This attack simply sends a single BPDU of the format shown in the green frame above. It will appear to the switch as a superior BPDU, but because it is only one BPDU the root bridge will only transition until the Max Age times out (in this case 20 seconds).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF2wa1KWWPulcWOhID3CRf4nKxae6crrS65rIcvyZIOs0t6W3tG1P4ITCwegHPXlJjpF4njUEoEhq53gseOA6nuJ2ejRwB_R-3NfrzKy5CDAfTUmPTm6vASqOCYS-8S3TIvPaNQnmNM_Q/s1600/STP-attack1.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="498" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF2wa1KWWPulcWOhID3CRf4nKxae6crrS65rIcvyZIOs0t6W3tG1P4ITCwegHPXlJjpF4njUEoEhq53gseOA6nuJ2ejRwB_R-3NfrzKy5CDAfTUmPTm6vASqOCYS-8S3TIvPaNQnmNM_Q/s640/STP-attack1.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Switch behaviour when attack 1 is launched</td></tr>
</tbody></table>
The screenshot above shows the behaviour of the switch when it receives the BPDU. It receives the BPDU, acknowledges the new root bridge on Fa0/31, 20 seconds later it returns to being the root bridge.<br />
<br />
<u><b><span style="font-family: "arial" , "helvetica" , sans-serif;">Attack 1: sending tcn BPDU</span></b></u><br />
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="font-family: inherit;">A TCN (Topology Change Notification) BPDU lets the rootbridge know that something has changed in the network. It is always forwarded through the root port until it arrives at the root bridge, which then sends out a BPDU with the TC (Topology Change) bit set. <span style="background-color: white; line-height: 16.25px;">The TC bit is set by the root for a period of max_age + forward_delay seconds, which is 20+15=35 seconds by default.</span></span></div>
<div>
<span style="background-color: white; font-family: "arial" , "helvetica" , "helvetica neue" , "helveticaneue" , "lucida grande" , sans-serif; font-size: 13px; line-height: 16.25px;"><br /></span></div>
<div>
<span style="background-color: white; font-family: "arial" , "helvetica" , "helvetica neue" , "helveticaneue" , "lucida grande" , sans-serif; font-size: 13px; line-height: 16.25px;"><br /></span></div>
<div>
<span style="background-color: white; font-family: "arial" , "helvetica" , "helvetica neue" , "helveticaneue" , "lucida grande" , sans-serif; font-size: 13px; line-height: 16.25px;"><br /></span></div>
<div>
<span style="background-color: white; font-family: "arial" , "helvetica" , "helvetica neue" , "helveticaneue" , "lucida grande" , sans-serif; line-height: 16.25px;"><b><u>Further Research:</u></b></span></div>
<div>
<span style="background-color: white; font-family: "arial" , "helvetica" , "helvetica neue" , "helveticaneue" , "lucida grande" , sans-serif; line-height: 16.25px;"><b><u><br /></u></b></span></div>
<div>
<span style="font-family: inherit;"><span style="background-color: white; line-height: 16.25px;">Looking at the MST protocol</span></span></div>
<div>
<span style="font-family: inherit;"><span style="background-color: white; line-height: 16.25px;">How to take advantage of being the Root bridge (all your broadcasts belong to me)</span></span></div>
<div>
<span style="background-color: white; line-height: 16.25px;"><span style="font-family: inherit;">PVST+ simulation weakness that can be exploited</span></span></div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-45431074838657695002015-12-30T01:03:00.000-08:002015-12-30T03:56:20.523-08:00Yersinia in the Network<blockquote class="tr_bq">
<i>"Yersinia is a network tool designed to take advantage of some weaknesses in different network protocols"</i> - <a href="http://www.yersinia.net/" target="_blank">http://www.yersinia.net/</a></blockquote>
<div>
I think Yersinia is a pretty cool tool and over the Christmas break I decided to see how easy it is to exploit each of the network protocol it implements.</div>
<div>
<br></div>
<div>
After installing Yersinia, to run it with the ncurses GUI (which is good for beginners), type:</div>
<blockquote class="tr_bq">
<span style="font-family: Courier New, Courier, monospace;">yersinia -I</span></blockquote>
From here you can press "<span style="font-family: Courier New, Courier, monospace;">h</span>" to see the options. Basic commands is "<span style="font-family: Courier New, Courier, monospace;">g</span>" to select the protocol you want to attack (or use <span style="font-family: Courier New, Courier, monospace;">F2</span> - <span style="font-family: Courier New, Courier, monospace;">F9</span> to click through them). When you are on the protocol page, press "<span style="font-family: Courier New, Courier, monospace;">x</span>" to list the available attacks and "<span style="font-family: Courier New, Courier, monospace;">l</span>" to list which attacks are currently running.<br>
<br>
I'm going to go through each protocol attack and how they work in my subsequent blogs posts. As of writing, in Yersinia v0.7.3 the protocols listed below are implemented. Each protocol will be a link to my blog post with more detail.<br>
<div>
<br></div>
<div>
Yersinia can be used to test the following protocols on the network:</div>
<div>
<ul>
<li>Spanning Tree Protocol (STP)</li>
</ul>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVrJ2nhTmgheOOe4ooPrFPIvgCms-W3ZG-jH2XJzo3rQFVIshMKSaX8v77OU0o_I-rhDqy3zmh-ydhWcJlnyJvAI8PzwsswDjFEaU8ZfJ9DVe2FKtrZfadhyphenhyphen3ghhV_Eva0MvLl1GwfNEk/s1600/STP.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVrJ2nhTmgheOOe4ooPrFPIvgCms-W3ZG-jH2XJzo3rQFVIshMKSaX8v77OU0o_I-rhDqy3zmh-ydhWcJlnyJvAI8PzwsswDjFEaU8ZfJ9DVe2FKtrZfadhyphenhyphen3ghhV_Eva0MvLl1GwfNEk/s320/STP.png" width="320"></a></div>
<div>
<br></div>
<div>
<ul>
<li>Cisco Discovery Protocol (CDP)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUMLoxVKSROsJdQMEL46WoLbxfMUgtvvJd6Gn20bsSv0whHoUNPxzlYvMxCPwxWKxvI8afeq92f1FbUMRXQK1MesYs9h_zSus4MROBAw7IVocB4ZP69S9l9CaILhcLZQGG-o4btjIoB0U/s1600/CDP.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="194" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUMLoxVKSROsJdQMEL46WoLbxfMUgtvvJd6Gn20bsSv0whHoUNPxzlYvMxCPwxWKxvI8afeq92f1FbUMRXQK1MesYs9h_zSus4MROBAw7IVocB4ZP69S9l9CaILhcLZQGG-o4btjIoB0U/s320/CDP.png" width="320"></a></div>
<div>
<br></div>
<ul>
<li>Dynamic Trunking Protocol (DTP)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRNFQFN8-slinL98cD9THA5ViW6ncqnDZMVgN8EZjRimJccvylYDhdAX0pCHRM_5LhgxBWxgzrP1FF9hy5gondme4Egw9-8ILuSPBU_WRfdPivNVNjBdeEGCq4mLYA1URGrZeXlpM3LdI/s1600/DTP.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="195" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRNFQFN8-slinL98cD9THA5ViW6ncqnDZMVgN8EZjRimJccvylYDhdAX0pCHRM_5LhgxBWxgzrP1FF9hy5gondme4Egw9-8ILuSPBU_WRfdPivNVNjBdeEGCq4mLYA1URGrZeXlpM3LdI/s320/DTP.png" width="320"></a></div>
<div>
<ul>
<li>Dynamic Host Configuration Protocol (DHCP)</li>
</ul>
</div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijMzrkzKZBz5VqxpH4l_lOZslzGb-XSzM3_TYhGqlr9IiDtHpEe7uyiFI7h0VDZtJyRnjiM3Jf3t3T6rxzqj9o4In0okDcOKSpTQoHO6KpRCrNKBcPT8U35UhJWy1UeWFaUgUyRNPsmfw/s1600/DHCP.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="194" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijMzrkzKZBz5VqxpH4l_lOZslzGb-XSzM3_TYhGqlr9IiDtHpEe7uyiFI7h0VDZtJyRnjiM3Jf3t3T6rxzqj9o4In0okDcOKSpTQoHO6KpRCrNKBcPT8U35UhJWy1UeWFaUgUyRNPsmfw/s320/DHCP.png" width="320"></a></div>
<div>
<ul>
<li>Hot Standby Router protocol (HSRP)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrLt0AF7SA3AUpxVzXOx3-0a3gZwhqYVpI1qeEjbULLKlU6DqP0rBXMEF2_J3sNz-SZLmDe4gLUpKaCX4CEW_gTEdx8ruLb2ddDUm294BLZADsev2RqUl7Qoy_kv1JoXLXvRNfWEwz5TA/s1600/HSRP.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="195" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrLt0AF7SA3AUpxVzXOx3-0a3gZwhqYVpI1qeEjbULLKlU6DqP0rBXMEF2_J3sNz-SZLmDe4gLUpKaCX4CEW_gTEdx8ruLb2ddDUm294BLZADsev2RqUl7Qoy_kv1JoXLXvRNfWEwz5TA/s320/HSRP.png" width="320"></a></div>
<div>
<ul>
<li>IEEE 802.1Q</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdoxc6sVMZyyIB1TMg6szaltm3tjJq2Vrkmk8k_kOI9wtNAXElGpAjjv_3tQKkLzx382XjN0pgJjN9ERT7k0mBNS2VxPSpuZz0ACqGqkjamLI-0fM7kDu9tUoTQ6qPgQGTKw-OiU5ODUE/s1600/8021Q.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="193" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdoxc6sVMZyyIB1TMg6szaltm3tjJq2Vrkmk8k_kOI9wtNAXElGpAjjv_3tQKkLzx382XjN0pgJjN9ERT7k0mBNS2VxPSpuZz0ACqGqkjamLI-0fM7kDu9tUoTQ6qPgQGTKw-OiU5ODUE/s320/8021Q.png" width="320"></a></div>
<div>
<ul>
<li>IEEE 802.1X</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNjGenYGL-zaffYOYCDQF9p_Gbn5wMWC7SwOIVEmV4EvX4Y_kIa1ILqrU-2VUcgrGa_rnnxJrfGwEFa41XxerXzrGlpKvPWljAIWTyDgzxbTIzQsGkchN0d4PgqSlUsSQkjOZg3qzj4JI/s1600/8021X.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="193" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNjGenYGL-zaffYOYCDQF9p_Gbn5wMWC7SwOIVEmV4EvX4Y_kIa1ILqrU-2VUcgrGa_rnnxJrfGwEFa41XxerXzrGlpKvPWljAIWTyDgzxbTIzQsGkchN0d4PgqSlUsSQkjOZg3qzj4JI/s320/8021X.png" width="320"></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<ul>
<li style="text-align: left;">Inter-Switch Link Protocol (ISL)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigNpzh9arO53x950cqj-xuDp_AkvOwGDtbZKtA8SmZU7kSLF3suiwk1h3xT7M-s-PueT-fYzLHJKQzthHbd17SyPSPc8zxHeRHoRj9uDmuG6Z8AAVEsxc2CDJeUEAXhJXTBaBvc-SxO8I/s1600/ISL.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="191" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigNpzh9arO53x950cqj-xuDp_AkvOwGDtbZKtA8SmZU7kSLF3suiwk1h3xT7M-s-PueT-fYzLHJKQzthHbd17SyPSPc8zxHeRHoRj9uDmuG6Z8AAVEsxc2CDJeUEAXhJXTBaBvc-SxO8I/s320/ISL.png" width="320"></a></div>
<div style="text-align: left;">
<br></div>
<br>
<div class="separator" style="clear: both; text-align: left;">
</div>
<ul>
<li>V<span style="font-family: inherit;">LAN Trunking Pr</span>otocol (VTP)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhJ9lODC7hBloTm31BFG8cVPaKUG4c3iumVvBHyYNTRde7pLE4DFCP6rOoO7FcucL2al0N4CWiYIfM_XxfV_Pefa9NmEqkI_3FaF1Y6sgGDWNzX8fZlvBy0Jy-9E4ErjynPBBrLHGCaBs/s1600/VTP.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhJ9lODC7hBloTm31BFG8cVPaKUG4c3iumVvBHyYNTRde7pLE4DFCP6rOoO7FcucL2al0N4CWiYIfM_XxfV_Pefa9NmEqkI_3FaF1Y6sgGDWNzX8fZlvBy0Jy-9E4ErjynPBBrLHGCaBs/s320/VTP.png" width="320"></a></div>
<div>
<br>
<ul>
<li><span style="font-family: inherit;"><span style="background-color: white; color: #222222; font-size: 16px; line-height: 18.0364px;">Multiprotocol Label Switching (</span><span style="background-color: white; color: #222222; font-size: 16px; line-height: 18.0364px;">MPLS</span><span style="background-color: white; color: #222222; font-size: 16px; line-height: 18.0364px;">)</span></span></li>
</ul>
</div>
<br>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwNjnJR9g1XTaEC_tN_6hQCkEP58jyLufq-i437bSxSoUsureQX4TKGfTh5lhyphenhyphenNuoZxYtEFYGUdpIOqpdAhqYwXRzc3V5BbkGbVPck6JQ7aUNGYjIIk6S56PqVARHUc4XB0-ZNuS2cDQw/s1600/MPLS.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwNjnJR9g1XTaEC_tN_6hQCkEP58jyLufq-i437bSxSoUsureQX4TKGfTh5lhyphenhyphenNuoZxYtEFYGUdpIOqpdAhqYwXRzc3V5BbkGbVPck6JQ7aUNGYjIIk6S56PqVARHUc4XB0-ZNuS2cDQw/s320/MPLS.png" width="320"></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br></div>
<div class="separator" style="clear: both; text-align: left;">
After I fully understand the exploitation of all these protocols, I'd like to add to Yersinia. :)</div>
<div class="separator" style="clear: both; text-align: center;">
<br></div>
<div class="separator" style="clear: both; text-align: center;">
<br></div>
<div class="separator" style="clear: both; text-align: center;">
<br></div>
</div>
</div>
</div>
Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-65850148404593039962015-09-28T04:03:00.004-07:002015-09-28T04:03:41.847-07:00MST and Port Priority on VIRLI really wanted to cement my knowledge of MST and Port Priorities, and VIRL was perfect for this. All I did was use two switches connected with dual links. I defined 4 new vlans and then put two in MST 1 and two in MST 2.<br />
<br />
What I noticed though was that both MST 1 and MST 2 were using Gi0/1 to forward, even though I had set SW1 as the root for MST1 and SW2 as the root for MST2. So I used port-priorities to configure MST1 to use Gi0/1 and MST2 to use Gi0/2.<br />
<br />
The configuration of port-priorities is shown below:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDb2OVcUpZQwycjuF-i_eHFV6yIC_2HKq8BBQYG-eUpUvHChLppl4qLKdReayppYx_69cyCKyIo91v_sWjIlrg2pA8MiexsXx0hYxfKxaQ10NCdkoXgs4uCf3QZD85Azqzx8T1MRRXKFI/s1600/mst-VIRL.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDb2OVcUpZQwycjuF-i_eHFV6yIC_2HKq8BBQYG-eUpUvHChLppl4qLKdReayppYx_69cyCKyIo91v_sWjIlrg2pA8MiexsXx0hYxfKxaQ10NCdkoXgs4uCf3QZD85Azqzx8T1MRRXKFI/s640/mst-VIRL.png" width="640" /></a></div>
<br />
VIRL was perfect to investigate and cement MST and port-priorities for me, and I didn't have to waste any of my INE rack rental time or purchase switches (which seem to be so much more expensive then routers for my CCIE lab)Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-61571551139451713962015-09-27T22:21:00.002-07:002015-12-30T03:57:47.380-08:00VIRL TroubleshootingVIRL is fantastic to use, but I have had some issues with it lately so I thought I might detail the fairly simple solutions I found.<br>
<br>
<br>
<u><b>Virtual Interface Creation Failed Error on launching simulation:</b></u><br>
<br>
First one happened when I clicked yes to the update prompt. It ran through updates and then when I open Maestro and tried to launch a simulation I got the following error:<br>
<br>
<span style="background-color: white; color: red; font-family: Consolas; font-size: 13.3333px;">Node "R1" state changed from BUILDING to ERROR with message: Virtual Interface creation failed: File "/usr/lib/python2.7/dist-</span><wbr style="background-color: white; color: red; font-family: Consolas; font-size: 13.3333px;"><span style="background-color: white; color: red; font-family: Consolas; font-size: 13.3333px;">packages/nova/compute/manager.</span><wbr style="background-color: white; color: red; font-family: Consolas; font-size: 13.3333px;"><span style="background-color: white; color: red; font-family: Consolas; font-size: 13.3333px;">py", line 297, in decorated_function</span><br>
<span style="background-color: white; color: red; font-family: Consolas; font-size: 13.3333px;"><br></span>
<span style="background-color: white;"><span style="font-family: inherit;">The correct way to do the upgrade can be found <a href="http://community.dev-innovate.com/t/virl-april-release-upgrade-instructions-and-release-notes/3144" target="_blank">here</a>. But since I was stuck in some quasi-half upgrade stage, all I had to do was run the following commands:</span></span><br>
<span style="background-color: white;"><span style="font-family: inherit;"><br></span></span>
<br>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 10.5pt;"><span style="font-family: Courier New, Courier, monospace;">sudo vinstall vinstall</span></span></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 10.5pt;"><span style="font-family: Courier New, Courier, monospace;">sudo salt-call saltutil.sync_all</span></span></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 10.5pt;"><span style="font-family: Courier New, Courier, monospace;">sudo vinstall salt</span></span></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 10.5pt;"><span style="font-family: Courier New, Courier, monospace;">sudo salt-call state.sls openstack</span></span></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 10.5pt;"><span style="font-family: Courier New, Courier, monospace;">sudo salt-call state.sls openstack.setup</span></span></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br></div>
</div>
<div style="background-color: white; color: #212121; font-size: 16px;">
<div class="MsoNormal" style="font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 10.5pt;"><span style="font-family: Courier New, Courier, monospace;">sudo salt-call state.sls openstack.restart</span></span></div>
</div>
<span style="background-color: white; color: red; font-family: Consolas; font-size: 13.3333px;"><br></span>
<span style="background-color: white;"><span style="font-family: inherit;">Now my VIRL is launching simulations properly again.</span></span><br>
<span style="background-color: white;"><span style="font-family: inherit;"><br></span></span>
<span style="background-color: white;"><span style="font-family: inherit;"><b><u>Connection Refused to console:</u></b></span></span><br>
<span style="background-color: white;"><span style="font-family: inherit;"><br></span></span>
<span style="background-color: white;"><span style="font-family: inherit;">This one is so annoying, because it appears like everything is working but when you try to get to the console of the running devices you get the following error:</span></span><br>
<span style="background-color: white;"><span style="font-family: inherit;"><br></span></span>
<br>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKfNGpgOFrKEbQu8NvJZK4KKHZ-9gccoYvScF_4x2HTJfuozZFGm-6YNBQFQJUHygOa-RQRLHhq1cFxxlp5jOHRsmIreV9UGChoQwM5s6kIxoZuMrGJZadOoiN3reRLZtpyb52BIt9rLk/s1600/virl-console-error.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="267" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKfNGpgOFrKEbQu8NvJZK4KKHZ-9gccoYvScF_4x2HTJfuozZFGm-6YNBQFQJUHygOa-RQRLHhq1cFxxlp5jOHRsmIreV9UGChoQwM5s6kIxoZuMrGJZadOoiN3reRLZtpyb52BIt9rLk/s640/virl-console-error.png" width="640"></a></div>
<span style="background-color: white;"><span style="font-family: inherit;"><br></span></span>
<span style="background-color: white;"><span style="font-family: inherit;"><br></span></span><br>
<span style="background-color: white;"><span style="font-family: inherit;">This had a crazy simple solution. I had a VPN running on the VM which was interfering with the routes to the console. The easiest way to fix this was to disable the VPN. And now I can get to the console again. :)</span></span>Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-80038389086019979642015-09-27T21:40:00.001-07:002015-09-27T22:19:35.651-07:00WAN Circuits<b><u>HDLC:</u></b><br />
- default serial encapsulation<br />
- no advanced features<br />
- problems with vendor interoperability<br />
- very easy config "<span style="font-family: Courier New, Courier, monospace;">no shut</span>", configure clockrate<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiY6B_MGo4RNrzcrWNlOgioRajLjvRrLG-mokDs9rJ2BcEtCofAXBsN1jM52TRfJaUXU4jvM_tpbfrw9cDTisTF7CfvyLU4JUhnMnM3pI0z2YcDAmfEjXuCIS-PfEAxdbpMxKoBxo7MbEs/s1600/hdlc.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiY6B_MGo4RNrzcrWNlOgioRajLjvRrLG-mokDs9rJ2BcEtCofAXBsN1jM52TRfJaUXU4jvM_tpbfrw9cDTisTF7CfvyLU4JUhnMnM3pI0z2YcDAmfEjXuCIS-PfEAxdbpMxKoBxo7MbEs/s320/hdlc.jpg" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">HDLC</td></tr>
</tbody></table>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<br />
<b><u>PPP:</u></b><br />
- negotiation, authentication (PAP, CHAP), PPPoE<br />
- easy to configure, '<span style="font-family: Courier New, Courier, monospace;">encapsulation ppp</span>'<br />
- <span style="font-family: Courier New, Courier, monospace;">debug ppp negotiation</span><br />
- pap: password authentication protocol<br />
- challenger: "<span style="font-family: Courier New, Courier, monospace;">ppp authentication pap</span>"<br />
- reponse: "<span style="font-family: Courier New, Courier, monospace;">no ppp pap refuse</span>", "<span style="font-family: Courier New, Courier, monospace;">ppp pap sent-username... password</span>"<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaR3in2Vj8wwdzQnstuWnwV4XmJ1aMSyyWIbO9imatYmolCROSL-MTMgsAFURJF314LOQmAatqSVtVKyjeocRZKKwnFe6kVm6zmvUyeATTXSHdRGHID2vPtj-6tHdHgsDWpT_UoED6Tvc/s1600/ppp.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="109" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaR3in2Vj8wwdzQnstuWnwV4XmJ1aMSyyWIbO9imatYmolCROSL-MTMgsAFURJF314LOQmAatqSVtVKyjeocRZKKwnFe6kVm6zmvUyeATTXSHdRGHID2vPtj-6tHdHgsDWpT_UoED6Tvc/s320/ppp.jpg" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">PPP</td></tr>
</tbody></table>
<br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-74567297025833342562015-09-27T21:32:00.000-07:002015-09-27T21:32:10.132-07:00MST Revision<span style="background-color: white;">Required information for an MST instance:</span><br />
<br />
<ul>
<li><span style="background-color: white;">instance name</span></li>
<li><span style="background-color: white;">revision number</span></li>
<li><span style="background-color: white;">mst to vlan mappings</span></li>
</ul>
<br />
<br />
<u>intra region:</u><br />
vlan to stpis are manually defined<br />
undefined vlans fall into CIST (MST 0)<br />
<br />
<u>inter region:</u><br />
details between regions are not know<br />
<br />
MST is backwards compatible with legacy CST and PVST+<br />
behaves like inter-region MST<br />
CST root must be within the MST domain<br />
<br />
migration, start from root bridge and work your way out<br />
<br />
<u>Config Steps:</u><br />
1. define the following in MST config mode:<br />
region name<br />
revision number<br />
VLAN to isntance mappings<br />
2. Enable MST globally<br />
<br />
Same election process as CST/PVST+<br />
<br />
Changing BID priority, port cost, port priority - all done for the instance<br />
eg. spanning-tree mst <span style="color: red;">[instance]</span> priority<br />
<br />
BEST PRACTICE: 3 spanning-tree instances in MST<br />
<br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-75020827080609318872015-08-30T04:29:00.003-07:002015-08-30T04:31:02.826-07:00Layer 2 Final RevisionThis weekend I consolidated my Layer 2 knowledge by finishing off the first 3 chapters of the Official CCIE Study Guide. I was pretty confident in Layer 2 stuff, but I still managed to pick up a few reminders of gotchas below.<br />
<h4>
Etherchannel Notes from this weekend:</h4>
To check the load balancing accross the links use the following command:<br />
<blockquote class="tr_bq">
show port-channel traffic</blockquote>
:D<br />
<br />
Reminder - for Layer 3 port-channels, configure 'no switchport' on the physical interfaces first before configuring the port-channel<br />
<h4>
Layer 2 reminders:</h4>
Ethernet V2 and IEEE802.3 frames are different.<br />
Ethernet V2 have a 2-byte Type field.<br />
IEEE802.3 have a 2-byte Length field & 3 x 1-byte fields - Destination Service Access Point (DSAP), Source Service Access Point (SSAP) and Control. These are called LLC fields.<br />
<h4>
VTP gotchas this weekend -</h4>
without any configuration, the default is server mode<br />
without any domain name a switch will assume the domain name of the first received VTP update<br />
Although VTPv3 supports extended vlans, it does not prune them :O<br />
VLAN database mode ALWAYS only allows manipulating normal range VLANs, regardless of the VTP version and VTP mode<br />
<br />
PPP header = 2 bytes<br />
PPPoE header = 6 bytes<br />
<br />
Private VLANs can always communicate with trunk ports<br />
<br />
STP: port costs are only applied to RECEIVED BPDUs, not sent BPDUs<br />
<br />
Here are my results from the post chapter quizzes... not stunning, but mostly just misreading questions or forgetting something small:<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaWfpc8OHfeM9tCCJj41gEY3gqJjN1AK60lmEPFr-TC0dxZ1Wu3kamYlp8kIgd1T66vjSBEdAUB9-4441TVsV43bbqZ3TNADrgfwNeBCiN5RqjfXHy3Ukznu8_lNg_KD8J44qITEjp3B4/s1600/chapter01-results.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="456" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaWfpc8OHfeM9tCCJj41gEY3gqJjN1AK60lmEPFr-TC0dxZ1Wu3kamYlp8kIgd1T66vjSBEdAUB9-4441TVsV43bbqZ3TNADrgfwNeBCiN5RqjfXHy3Ukznu8_lNg_KD8J44qITEjp3B4/s640/chapter01-results.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Switched Networking Basics Quiz</td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLnAdQ__Od6q11dCQZ8xYKH4LxgK2DEfd3RcfHI_d4pdMOUpQsp1l01A3tTDjG9kVGPlRFYC2Gg6KHHMlVE2q23UbskUFFM-DtQL9iIAlp7DZ-nhiFdEMSCKOUu2Il3dOqD00LSl1W3fE/s1600/chapter02-results.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="456" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLnAdQ__Od6q11dCQZ8xYKH4LxgK2DEfd3RcfHI_d4pdMOUpQsp1l01A3tTDjG9kVGPlRFYC2Gg6KHHMlVE2q23UbskUFFM-DtQL9iIAlp7DZ-nhiFdEMSCKOUu2Il3dOqD00LSl1W3fE/s640/chapter02-results.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Virtual LANs and VLAN Trunking Quiz</td></tr>
</tbody></table>
<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRj0FGLO6D1tGBaj322uZsnknGSqyJkWg-UqKl04byD39NGm31802fkQ-IlHCgBiPaKeNWSdjJCxVpHz0PVSyeWu8shyphenhyphendhZW2nYhTt8fRVpVdbEYd36lkgTtV2gJYbW1SOaQhBiwou9BA/s1600/chapter03-results.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="450" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRj0FGLO6D1tGBaj322uZsnknGSqyJkWg-UqKl04byD39NGm31802fkQ-IlHCgBiPaKeNWSdjJCxVpHz0PVSyeWu8shyphenhyphendhZW2nYhTt8fRVpVdbEYd36lkgTtV2gJYbW1SOaQhBiwou9BA/s640/chapter03-results.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Spanning Tree Protocol Quiz</td></tr>
</tbody></table>
<br />Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com1tag:blogger.com,1999:blog-2730543342374416640.post-8984123641591193842015-07-18T22:11:00.004-07:002015-07-18T22:11:50.645-07:00IP RoutingI have VIRL installed on my HP Microserver running ESX, but having a few problems with running the simulations. :( I can't seem to telnet to the console port when the simulation is running. But that's a problem for another post and day. I really needed to do some solid lab work so went back to <a href="http://ine.com/" target="_blank">INE</a> labs for a bit.<br />
<br />
Today I reviewed static IP routing and the differences between setting next-hop, exit interface or both. <br />
<br />
A few points I learnt are:<br />
<ul>
<li>in DMVPN the hub can not use only exit-interface, it must use next-hop;</li>
<li>static routes using exit interface on a multipoint interface can have ARP issues;</li>
</ul>
I also reviewed the use of SLAs in creating redundancy in the routing table.Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com0tag:blogger.com,1999:blog-2730543342374416640.post-46681315417619695012015-07-06T04:00:00.000-07:002015-07-06T04:00:47.291-07:00Basic ASA VIRL LabToday I tried out the ASA - and it worked pretty well. It doesn't support context switching, which is a bit sad - but other than that, it seemed to do everything else I tried.<br />
<br />
I figured, from now on I'll share my VIRL file and if people are really interested they can download and try it out themselves. Maybe I'll even write a blog post on how to open a virl file, but it's pretty easy.<br />
<h3>
Basic ASA Configuration & Failover Lab</h3>
<div>
You know this is working when you can ping R6 Lo0 (1.1.1.6) from R4 - bring down ASA1 and it continues to work.</div>
<a href="https://drive.google.com/file/d/0BwgoPXUTW1HUSHI3UENRV3RzbXM/view?usp=sharing" target="_blank">Click here to download VIRL file</a><br />
<br />
In this lab I've configured standby and failover on the ASAs, ASA1 is the Primary, ASA2 is the Secondary. The VIRL lab looks like this:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgauPJH0IV9C8NdtHybVTzku5MMTjOiy5GY23cWzo4zQ3JLX3KKvtImgvDmcX8YWVQNJ5blXkFhzWx_TA-i3VgTq62jiu2qXC8UeE5IzaAxZW16NmtwFg96c1DPs6IuUrmkbVjt2LMtFw0/s1600/asa-basics-layout.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="364" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgauPJH0IV9C8NdtHybVTzku5MMTjOiy5GY23cWzo4zQ3JLX3KKvtImgvDmcX8YWVQNJ5blXkFhzWx_TA-i3VgTq62jiu2qXC8UeE5IzaAxZW16NmtwFg96c1DPs6IuUrmkbVjt2LMtFw0/s640/asa-basics-layout.jpg" width="640" /></a></div>
But with the configuration of an inside and outside vlan on SW1, it looks logically like this:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrjAo7V_74Xo8TcyAXHFZ0JY5TjTdhYHsZMn_dq4xqYJ3Uk6mNIr8raAjAs7-mUnXerZV7TiP3s13B1OQI_bjmanJkmVZFRzxIr0goTDi-L6AjMi889fkq64V4FLss0mHkOHU6U-0zs2E/s1600/ASA-failover.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="227" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrjAo7V_74Xo8TcyAXHFZ0JY5TjTdhYHsZMn_dq4xqYJ3Uk6mNIr8raAjAs7-mUnXerZV7TiP3s13B1OQI_bjmanJkmVZFRzxIr0goTDi-L6AjMi889fkq64V4FLss0mHkOHU6U-0zs2E/s400/ASA-failover.jpg" width="400" /></a></div>
When you load the VIRL file, the network is fully configured to work. To practice configuring the ASAs I recommend you open the console for both of the ASAs and run: "clear config all" (take a copy of the working running-config before doing this if you want)<br />
<br />
Then the following steps should get the ASAs back to a working state:<br />
<br />
<ul>
<li>Configure a hostname on ASA1</li>
<li>Configure the IP addresses on Gi0/0 and Gi0/1 as shown above, naming them outside and inside respectively. Configure a default route pointing at the R6 IP address.</li>
<li>Configure OSPF between ASA1 and R4</li>
<li>Configure NAT on the ASA</li>
<li>Configure ASA1 as a routed firewall</li>
<li>Configure ASA for active/standby failover</li>
</ul>
<div>
I should give more detail, but I'm new at this =P I will admit that the majority of my working life as a network engineer I've used ASDM to configure firewalls (boo! hiss!) - this gave me an opportunity to run through the basics on the CLI.</div>
<br />
<br />
<span id="goog_1326881823"></span><span id="goog_1326881824"><br /></span>Kylie McDevitthttp://www.blogger.com/profile/13933972877126450721noreply@blogger.com4