Copy Link
Add to Bookmark
Report

Net-Sec Issue 023

eZine's profile picture
Published in 
Net Sec newsletter
 · 5 years ago

  

Net-Sec newsletter
Issue 23 - 24.07.2000
http://net-security.org

Net-Sec is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week.
Visit Help Net Security for the latest security news - http://www.net-security.org.


Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter

Table of contents:

1) General security news
2) Security issues
3) Security world
4) Featured articles
5) Security books
6) Defaced archives



============================================================
Sponsored by VeriSign - The Internet Trust Company
============================================================
Upgrade your server security to 128-bit SSL encryption!

Get VeriSign's FREE guide, "Securing Your Web Site
for Business." You will learn everything you need to
know about using 128-bit SSL to encrypt your e-commerce
transactions for serious online security. Click here!
http://www.verisign.com/cgi-bin/go.cgi?a=n046610570016000
============================================================




General security news
---------------------


----------------------------------------------------------------------------

NEW ENCRYPTION REGULATIONS
The Clinton administration today said it plans to change laws governing the
export of powerful encryption technologies to allow export of all
information-scrambling products to any end user in the European Union and to
eight other trading partners.
Link: http://www.computeruser.com/news/00/07/18/news12.html
Link: http://www.wired.com/news/politics/0,1283,37617,00.html


WHEN HACKING IS GUESSING
A survey by credit card giant Visa has found that 67% of passwords chosen to
protect information are easy to guess names or numbers. It revealed that the
majority of people choose their birth date, nickname or favourite sports team
as a password.
Link: http://news.bbc.co.uk/hi/english/sci/tech/newsid_837000/837802.stm


THE BIOMETRIC CONSORTIUM 2000 CONFERENCE
"In addition to the speakers and panel sessions, over fifteen Supporting
Organizations will have exhibits and demonstrations available. The Conference is
open to the Biometric Consortium members and to the general public. We are
very pleased to announce that Stephen Walker, a widely recognized expert and
leader in information security technology and policy, is scheduled to deliver the
opening address."
Link: http://www.nist.gov/itl/div895/isis/bc/bc2000/


"CARNIVORE" AND OTHER CYBERSNOOP PROGRAMS
In what may be the first request of its kind, the American Civil Liberties Union is
asking the Federal Bureau of Investigation to disclose the computer source code
and other technical details about its new Internet wiretapping programs. In a
Freedom of Information Act (FOIA) request sent today to the FBI, the ACLU is
seeking all agency records related to the government e-mail "cybersnoop"
programs dubbed Carnivore, Omnivore and Etherpeek, including "letters,
correspondence, tape recordings, notes, data, memoranda, email, computer
source and object code, technical manuals, [and] technical specifications."
Link: http://www.aclu.org/news/2000/n071400a.html


ERIC CORLEY FACES PIRACY TEST CASE
A court case pitting Hollywood against Eric Corley has started in the US, in what
is being seen as a test case against alleged digital piracy. Movie giants including
Disney, Universal and Paramount, accuse Eric Corley (aka Emmanuel Goldstein) of
posting links to software on his website, allowing users to break the copy
protection system on digital video discs.
Link: http://news.bbc.co.uk/hi/english/sci/tech/newsid_839000/839609.stm


POWERGEN IN SECURITY SCANDAL
UK utility, Powergen, has admitted to a massive security breach that left the
debit card details of thousands of customers open to a potential multimillion
pound fraud. The security hole was discovered by a Powergen customer and
silicon.com viewer, John Chamberlain, when he went to the company's site to
pay his bill online. Chamberlain - an IT manager - said he was surprised to
discover three files on the web server, containing the names, addresses and
card details of more than 7,000 home and business users, including his own.
Link: http://www.silicon.com/public/door?REQUNIQ=963958275&6004REQEVENT=&REQINT1=38650&REQSTR1


BUREAU NAMES NEW eFBI CHIEF
The FBI has named a new assistant director to oversee the design and launch
of eFBI, a recently renamed and resurrected program that will give bureau
agents the ability to share and sift through information via the World Wide Web.
Link: http://www.fcw.com/fcw/articles/2000/0717/web-efbi-07-18-00.asp


STAGES IS YET UNKNOWN? NOT.
Malaysian The Star magazine has an article on viruses that were sent trough
State Department's office of public mailing list. Reporter writes that e-mails have
"life stages" written in the subject line, and to him it is "yet unknown virus which
can destroy a computer's hard drive". Of course Stages worm is known to all of
us for a while.
Link:http://thestar.com.my/tech/story.asp?file=/2000/7/18/technology/hacksum18&sec=technology
Link:http://net-security.org/text/viruses/962240637,93160,.shtml


MY EXPERIENCE WITH BEING CRACKED
"I emailed my findings to the systems admin and the owner of the ISP, including
the backdoor password and how to use it, with the suggestion that they should
backup everything, wipe the machine, and load a current version of Red Hat
(6.0 at the time) with the latest patches. They replied that they would look into it."
Link: http://www.rootprompt.org/article.php3?article=678


PENENBERG'S LETTER
Black Market Enterprises published a copy of Adam Penenberg's letter of
resignation to Forbes' owner, Tim Forbes.
Link: http://www.b-m-e.com/features.411.forbes_penenberg_doj.html#letter


ANOTHER BRICK IN THE WALL
Brian Martin from Attrition did another great article entitled "Another brick in the
wall - Fighting a losing battle on the front lines of security".
Link: http://www-4.ibm.com/software/developer/library/su-wall.html


FIRST AUTOCAD VIRUS FOUND
Kaspersky Lab, an international anti-virus software development company,
announces the discovery of a first computer virus that affects the world's most
popular PC-based design software AutoCAD.
Link: http://www.net-security.org/text/viruses/autocad.shtml


BT UNDER DoS ATTACKS
"This is my payback to BT for ripping this country off. I'm tired of being cut off
the net at 12 just because I have a cable line heres my payback :\," - said
someone in an e-mail message sent to The Register staff.
Link: http://www.theregister.co.uk/content/6/12097.html


MESSAGING RIVALS CALL AOL ON PRIVACY, SECURITY ISSUES
A group of America Online's instant messaging rivals accused the Internet giant
of using inflated security and privacy concerns to stall progress on technology
standards that would allow its services to work with those of competitors.
Link: http://news.cnet.com/news/0-1005-200-2312096.html


'NEW BREED' DROWNING OUT HACKER CULTURE?
Weld Pond, a research scientist working with the security firm @Stake Inc., talks
about script kiddies and their numbers compared to those who actually have the
hacking skills to find the vulnerabilities in a supposedly secure system.
Link: http://www.zdnet.com/zdnn/stories/comment/0,5859,2605327,00.html


MORE ON SPAM
This time, Louis Trager from Inter@ctive Week, did yet another rant on spam
entitled "Spam, Spam, Baloney And Spam".
Link: http://mcafee.snap.com/main/page/pcp/cd/0,85,-1713-1517323-413516,00.html


LINUX DISTRIBUTION SECURITY REPORT
How are the various Linux distributions doing in terms of general security?
Link: http://www.securityportal.com/cover/coverstory20000724.html

----------------------------------------------------------------------------




Security issues
---------------

All vulnerabilities are located at:
http://net-security.org/text/bugs


----------------------------------------------------------------------------

ROXEN SECURITY ALERT
Roxen 2.0 up to version 2.0.68 has a vulnerability where using URLs containing null
characters can gain the browser access to information he is not authorized to.
Link: http://www.net-security.org/text/bugs/964399028,33871,.shtml


[MANDRAKE] INN UPDATE
A vulnerability exists when verifycancels is enabled in /etc/news/inn.conf. This
vulnerability could be used to gain root access on any system with inn installed.
This new version also does not install inews as setgid news or rnews as setuid
root. Many other security paranoia fixes have been made as well.
Link: http://www.net-security.org/text/bugs/964398854,44315,.shtml


"PERSISTENT MAIL-BROWSER LINK" VULNERABILITY
Microsoft has released a patch that eliminates a security vulnerability affecting
Microsoft Outlook Express. The vulnerability could allow a malicious user to send
an email that would "read over the shoulder" of the recipient as he previews
subsequent emails in Outlook Express
Link: http://www.net-security.org/text/bugs/964176207,44621,.shtml


UPDATED PATCH FOR FOR "MALFORMED E-MAIL HEADER" PROBLEM
On July 18, 2000, Microsoft released the original version of this bulletin, to
advise customers of the issue and recommend that they install either of the
two service packs that will eliminate the vulnerability. On July 20, 2000, the
bulletin was updated to announce the availability of patches that eliminate
the vulnerability.
Link: http://www.net-security.org/text/bugs/964176103,14653,.shtml


O'REILLY WEBSITE PROFESSIONAL OVERFLOW
The indexing utility webfind.exe distributed with O'Reilly WebSite Professional
contains an unchecked buffer allowing for the remote execution of arbitrary
code on vulnerable hosts.
Link: http://www.net-security.org/text/bugs/964141648,97231,.shtml


[@STAKE] IKEY 1000 PROBLEMS
Rainbow Technologies' iKey 1000 (http://ikey.rainbow.com) is a portable USB
(Universal Serial Bus) smartcard-like device providing authentication and digital
storage of passwords, cryptographic keys, credentials, or other data. Using
the legitimate user's PIN number and the physical USB key, access to the
public and private data within the key will be granted. The iKey also allows
administrator access using the MKEY (Master Key) password. Administrator
access to the iKey, normally used for initialization and configuration, will
allow all private information stored on the key to be accessed.
Link: http://www.net-security.org/text/bugs/964141537,67366,.shtml


HP JETDIRECT - INVALID FTP COMMAND DOS
If you connect to the ftp service on your HP printer and send it the
following string: quote AAAAAAAAAAA < cr> The printer crashes. It may
require that you turn the power off and on again to get the printer to work
again. The display will show an error message similar to this: 86:0003 (the
bit after the colon seems to vary a bit, we've also gotten :0004, :000B).
Link: http://www.net-security.org/text/bugs/964103346,59356,.shtml


REMOTELY EXPLOITABLE BUFFER OVERFLOW IN OUTLOOK
The vulnerability could enable a malicious sender of an e-mail message with
a malformed header to cause and exploit a buffer overrun on a user's machine.
The buffer overrun could crash Outlook Express, Outlook e-mail client, or
cause arbitrary code to run on the user's machine.
Link: http://www.net-security.org/text/bugs/964100872,57148,.shtml


----------------------------------------------------------------------------




Security world
--------------

All press releases are located at:
http://net-security.org/text/press

----------------------------------------------------------------------------

SYMANTEC'S WEB SUPPORT NAMED ONE OF THE BEST - [17.07.2000]

Symantec Corp. today announced that for the third consecutive year, the
company's technical support Web site, has been selected as one of the year's
ten best online Web support sites by the Association of Support Professionals,
an international organization dedicated to the advancement of the technical
support profession.

Press release:
< http://www.net-security.org/text/press/963845931,19665,.shtml >

----------------------------------------------------------------------------

AXENT TO SECURE NOKIA WAP SERVER - [17.07.2000]

AXENT Technologies, Inc., one of the world's leading Internet security solutions
providers for e-business, announced that customers worldwide can leverage
Enterprise Security Manager, AXENT's market-leading security assessment
solution, to help secure the Nokia wireless application protocol (WAP) server.
Like all servers, the Nokia WAP server, which provides the content for wireless
devices such as cell phones, personal data assistants, and laptops, can be
compromised through vulnerabilities in their operating systems. Now with
ESM, companies can find and secure these vulnerabilities, and be assured of
the security and availability of the WAP server providing the wireless content.

Press release:
< http://www.net-security.org/text/press/963846068,8460,.shtml >

----------------------------------------------------------------------------

PC-CILLIN 2000 ACHIEVES ICSA CERTIFICATION FOR W2K - [17.07.2000]

Trend Micro Inc., a leader in enterprise and personal antivirus and content
security for the Internet age, today announced that its consumer desktop
antivirus software, PC-cillin(R) 2000, has been granted ICSA Certification by
the Anti-Virus Product Developers Consortium. Antivirus product certification
testing was recently revised to include products that protect the Windows 2000
operating system. To achieve ICSA Anti-Virus Certification, products are tested
for their ability to detect 100% of the "in the wild" viruses as they enter the
system and also during periodic file and directory scans.

Press release:
< http://www.net-security.org/text/press/963846158,52053,.shtml >

----------------------------------------------------------------------------

ALADDIN SHIPS SECURE USB AUTHENTICATION TOKEN - [19.07.2000]

Aladdin Knowledge Systems, a global leader in the field of Internet content and
software security, has announced that its new USB security token, eToken R2,
is now being shipped to customers worldwide. Aladdin also announced that
Gecko Internet joined Aladdin's eToken Technology Partner Program.

Press release:
< http://www.net-security.org/text/press/964002572,83662,.shtml >

----------------------------------------------------------------------------

INTERSCAN VIRUSWALL CERTIFIED FOR ASP DEPLOYMENT - [19.07.2000]

Trend Micro, a leading provider of enterprise antivirus and Internet content
security products, today announced that its best-of-breed InterScan VirusWall
Internet gateway virus protection software has become one of the first thirteen
products and the only antivirus product to achieve Sun Microsystems' SunTone
Application Certification for deployment in ASP environments. The SunTone
Certification confirms Trend Micro's ability to deliver reliable and highly scalable
Unix-based technology that can meet the demanding requirements of Service
Providers.

Press release:
< http://www.net-security.org/text/press/964002786,39586,.shtml >

----------------------------------------------------------------------------

SYMANTEC CONTINUES PERSONAL FIREWALL LEADERSHIP - [19.07.2000]

Symantec Corp. today announced that EarthLink, a leading broadband Internet
Service Provider has selected Symantec's Norton Personal Firewall software to
protect it's PC-using EarthLink DSL customers. EarthLink will offer Norton
Personal Firewall free of charge to new and existing EarthLink DSL customers.
Norton Personal Firewall will be delivered via a redeemable electronic coupon
e-mailed to customers after their DSL service is installed. Norton Personal
Firewall is then downloaded from co-branded Web site.

Press release:
< http://www.net-security.org/text/press/964002938,79452,.shtml >

----------------------------------------------------------------------------

SYMANTEC OFFICIALS WILL SPEAK AT ISACA CONFERENCE - [19.07.2000]

Symantec Corp., a world leader in Internet security technology, announced
today three executives have been invited to speak at the International 2000
Conference of the Information Systems Audit and Control Association, July 17-19
in Orlando, Florida. Mark Egan, chief information officer and vice president of
Information Technology; Char Sample, principal researcher of the Core
Technology Group; and Greg Adams, director of Development Enterprise Security
Solutions, will each address separate sessions of the conference.

Press release:
< http://www.net-security.org/text/press/964003015,17911,.shtml >

----------------------------------------------------------------------------

RAINBOW RESPONDS TO @STAKE RL'S ADVISORY - [21.07.2000]

Rainbow Technologies, Inc. responded to a Security Advisory issued by
@stake Research Labs regarding potential weaknesses in the company's iKey
1000 entry-level workstation authentication device. @stake's Advisory, issued
to several security mailing lists, confirmed in-house testing being performed at
Rainbow which also uncovered potential weaknesses in the iKey 1000. The
threat can exist in cases where an adversary is able to obtain a user's iKey.
Rainbow has improved the iKey 1000's design to defend against this class of
attack. Rainbow began a thorough internal testing of the iKey 1000 in May after
@stake issued a Security Advisory on a competitive key token product.

Press release:
< http://www.net-security.org/text/press/964140967,15366,.shtml >

----------------------------------------------------------------------------

SECURE COMPUTING TO DELIVER SECURITY TO ASPS - [21.07.2000]

Secure Computing announced that it has signed an OEM agreement with
Hewlett-Packard Company. Under the terms of the agreement, Secure
Computing's SafeWord authentication application is to be resold as a standard
feature of HP's e-utilica instant e-service solution for Application Service Providers.
HP's e-utilica is a pre-integrated solution that enables ASPs to offer businesses
instant access to design collaboration applications and scalable compute capacity
on a pay-per-use basis, keeping the information technology overhead low and
providing a secure platform for e-business.

Press release:
< http://www.net-security.org/text/press/964141092,13277,.shtml >

----------------------------------------------------------------------------




Featured articles
-----------------

All articles are located at:
http://www.net-security.org/text/articles

Articles can be contributed to staff@net-security.org

Listed below are some of the recently added articles.

----------------------------------------------------------------------------

PASSIVE FINGERPRINTING by Lance Spitzner

Building on the "Know Your Enemy" series, this paper details how to passively
learn about the enemy, without them knowing about it. Specifically, how to
determine the operating system of a remote host using passive sniffer traces
only.

Article:
< http://www.net-security.org/text/articles/spitzner/fingerprinting.shtml >

----------------------------------------------------------------------------

TO BUILD A HONEYPOT by Lance Spitzner

One method of building your own honeypot to learn more about the black-hat
community. The tools and methods discussed are how I did my research for
the "Know Your Enemy" series.

Article:
< http://www.net-security.org/text/articles/spitzner/honeypot.shtml >

----------------------------------------------------------------------------

AUDITING YOUR FIREWALL SETUP by Lance Spitzner

How to audit your firewall setup. The purpose of this paper is to help you
verify your firewall is correctly implemented and behaves as you expect it.

Article:
< http://www.net-security.org/text/articles/spitzner/auditing.shtml >

----------------------------------------------------------------------------




Featured books
----------------

The HNS bookstore is located at:
http://net-security.org/various/bookstore

Suggestions for books to be included into our bookstore
can be sent to staff@net-security.org

----------------------------------------------------------------------------

LINUX NETWORK SERVERS 24 SEVEN

Topics covered: Installing and maintaining reliable, high-performance network
servers under the Linux 2.2 operating system. Servers include pppd for PPP
service, Apache for Web operations, Berkeley Internet Name Domain 8 for
Domain Name System service, sendmail for mail routing, Samba for integration
of heterogeneous machines on a network, and the miscellaneous services of
the Internet daemon. There's coverage of Network File System and Dynamic
Host Configuration Protocol servers too.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0782125069/netsecurity >

----------------------------------------------------------------------------

NETWORKING SERVICES DEVELOPER'S REFERENCE LIBRARY

As most developers of Windows-based applications know, almost every important
new feature and component of Microsoft Windows 2000 revolves around the
network. This five-volume book provides a full set of well-conceived reference
materials to help developers build better applications that take advantage of
these features and components. Crammed full of useful material, this library
provides timely information about networking technologies that are entirely new
or largely revamped for Windows 2000. It also documents existing technologies
that network-enabled applications use every day. All in all, it's the most focused
source of printed reference materials available about Windows networking
technologies.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0735609934/netsecurity >

----------------------------------------------------------------------------

UNIX SHELL PROGRAMMING (HAYDEN BOOKS UNIX SYSTEM LIBRARY)

A complete overview of "shell" programming. This classic deals specifically with
the techniques of shell programming. Presents information in a step-by-step
fashion; covers all features of the standard shell, with additional instructions
for the Korn Shell; and teaches how to use the shell to tailor the UNIX
environment.

Book:
< http://www.amazon.com/exec/obidos/ASIN/067248448X/netsecurity >

----------------------------------------------------------------------------

ADMINISTRATING WEB SERVERS, SECURITY AND MAINTENANCE

The goal of this book is to give you a solid understanding of what is going on
behind the scenes of a Web site. We try to give you the tools and skills you
need to start your own Web site and keep things running smoothly. This book is
broken down into two parts: Web server administration and Web security.
Although the book is written for new webmasters, there is plenty of information
here to satisfy even seasoned Web veterans.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0130225347/netsecurity >

----------------------------------------------------------------------------

DESIGNING NETWORK SECURITY

Excellent coverage of AAA, TACACS+, RADIUS, PIX, 3DES, DMZ as well as
IPSEC and CBAC. This is alot of material to be discussed in one book. Cisco
provides a CD ROM with this same material for $250.00, this is a much better
deal. If you want to enhance your knowledge of access-lists, reflexive
access-lists etc. this is the book for you.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1578700434/netsecurity >

----------------------------------------------------------------------------

DIGITAL CERTIFICATES: APPLIED INTERNET SECURITY

The authors spend a fair amount of time explaining the problem of network
security and the broad technologies (public-key encryption, key length
considerations, authentication, and so on). Having explained the universe in
which a security system must work, they then show how to acquire a digital
certificate from a certification authority. Of more interest to administrators
and developers are code snippets that show how to request and process digital
certificates in a variety of environments, including ASP and Java. There's
background information on the newly standardized PKI with X.509 and the Secure
Electronic Transaction standard for financial operations too. Coverage of
Microsoft Certificate Server includes a lot of programming information, including
coverage of the Policy and Exit Modules

Book:
< http://www.amazon.com/exec/obidos/ASIN/0201309807/netsecurity >

----------------------------------------------------------------------------

WINDOWS 2000 SYSTEMS PROGRAMMING BLACK BOOK

This book will help you:
- Take advantage of processes, threads, and fibers.
- Synchronize your programs using semaphores, mutexes, and critical sections.
- Communicate between processes using pipes, RPC, mailslots and more.
- Use overlapped I/O to prevent programmed I/O waits.
- Use advanced memory management.
- Master the Registry, event logging, error messaging, and security.
- Create services to take control of the system even when no users are logged on.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1576102807/netsecurity >

----------------------------------------------------------------------------




Defaced archives
------------------------

[16.07.2000] - Oregon Coast Aquarium
Original: http://www.aquarium.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/16/www.aquarium.org/

[16.07.2000] - Display 3D Project, NOAA Forecast Systems Lab
Original: http://d3d.fsl.noaa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/16/d3d.fsl.noaa.gov/

[16.07.2000] - Regional Observation Cooperative, NOAA Forecast Systems Lab
Original: http://rocpage.fsl.noaa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/16/rocpage.fsl.noaa.gov/

[16.07.2000] - Weather Research and Prediction, NOAA Forecast Systems Lab
Original: http://wrf.fsl.noaa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/16/wrf.fsl.noaa.gov/

[16.07.2000] - National Oceanic and Atmospheric Administration
Original: http://pinky.fsl.noaa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/16/pinky.fsl.noaa.gov/

[18.07.2000] - University of Texas Medical Branch, Office of Academic Computing
Original: http://stem.utmb.edu/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/18/stem.utmb.edu/

[19.07.2000] - Washington Department of Radiology Diagnostic Imaging Science Center
Original: http://fibonacci.rad.washington.edu/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/19/fibonacci.rad.washington.edu/

[19.07.2000] - Hong Kong Export Credit Insurance Corp.
Original: http://www.hkecic.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/19/www.hkecic.com/

[19.07.2000] - Oakland County, Michigan
Original: http://www3.co.oakland.mi.us/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/19/www3.co.oakland.mi.us/

[19.07.2000] - Jet Propulsion Labs NASA
Original: http://dustbunny.jpl.nasa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/19/dustbunny.jpl.nasa.gov/

[21.07.2000] - The Foundation for Knowledge in Development
Original: http://www.sinetwork.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/21/www.sinetwork.org/

[22.07.2000] - Sawaal Network
Original: http://www.sawaal.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/22/www.sawaal.com/




Questions, contributions, comments or ideas go to:

Help Net Security staff

staff@net-security.org
http://net-security.org

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT