Trojan, virus, and worm authors have had great success attacking systems with weak and/or default passwords. Take IRC/Flood Trojan for example. McAfee’s virus profile states that IRC/Flood has over 120 variants and has infected over 60,000 machines in the last 30 days. IRC/Flood succeeds by checking for 22 different different easy to guess admin passwords (variants vary). Unfortunately, there are a lot more where IRC/Flood came from, W32/Tzet.worm, W32/Random.worm, and W32.HLLW.Gaobot.gen are in the wild just to name three.

Hackers also have no problem compromising systems with weak passwords. Programs like L0pthCrack for example make the process simple and efficient. Creating a password-cracking dictionary is not even a challenge. Type the words “Creating Password Cracking Dictionaries”, without the quotes, in to your favorite search engine. A comprehensive dictionary can be downloaded or created from scratch in short order.

Below is a list of commonly used weak passwords that should NEVER be used. If any of these passwords look hauntingly familiar and are being used, you need to change the password immediately.

Alpha< d>	Weak Passwords< d> < r>
A< d>	a, A.M.I, A52896nG93096a, aaa, aammii, abc, abcd, academia, academic, accept, access, ACCESS, account, accounting, action, adam, ADAMS, adfexc, adm, admin, ADMIN, Admin, admin2, administrator, Administrator, adminttd, ADMN, admn, adrian, adrianna, adtran, adult, Advance, ADVMAIL, aerobics, alfarome, ALFAROME, ALLIN1, ALLIN1MAIL, ALLINONE, aLLy, ALLy, alpha, AM, AMI, AMI!SW, AMI.KEY, AMI.KEZ, AMI?SW, AMI_SW, AMI~, AMIAMI, AMIDECOD, amipswd, AMIPSWD, AMISETUP, anicust, anon, anonymous, any@, ANYCOM, AP2SVP, aPAf, APL2PP, APPLSYS, APPS, AQDEMO, AQUSER, ARCHIVIST, Asante, ascend, Ascend, asdf, asdfgh, at4400, attack, AURORA$ORB$UNAUTHENTICATED, AURORA@ORB@UNAUTHENTICATED, autocad, AUTOLOG1, Award, award, AWARD?SW, AWARD_SW, awkward < d> < r>
B< d>	BACKUP, BATCH, BATCH1, BATCH2, bbs, bciim, bciimpw, bcms, bcmspw, bcnas, bcnaspw, bell9, BIGO, bin, bintec, BIOS, BIOSPASS, biosstar, biostar, Biostar, BIOSTAR, BLAKE, blue, bluepw, boss, BRIDGE, browse, browsepw < d> < r>
C< d>	c, cablecom, cable-docsis, CAROLIAN, cascade, CATALOG, cc, CCC, ccrusr, CDEMO82, CDEMOCOR, CDEMORID, CDEMOUCB, central, CHANGE_ON_INSTALL, changeme, checkfs, checkfsys, checksys, CHEY_ARCHSVR, circ, cisco, Cisco router, CLARK, client, CLOTH, cmaker, CMSBATCH, CMSUSER, CNAS, COGNOS, Col2ogro2, comcomcom, COMPANY, Compaq, Compleri, computer, CONCAT, condo, CONDO, Congress, CONV, CPNUC, CPRM, cr0wmt 911, craft, craftpw, Crystal, CSPUSER, CTX_123, CTXDEMO, CTXSYS, cust, custpw, CVIEW < d> < r>
D< d>	d.e.b.u.g, d8on, daemon, Daewuu, Database, databse, DATAMOVE, Daytec, DBSNMP, DCL, DDIC, death, debug, DECMAIL, DECNET, default, DEFAULT, Dell, DEMO, demo, DEMO1, DEMO8, DEMO8, demos, deskalt, deskman, desknorm, deskres, DESQUETOP, dhs3mt, dhs3pms, diag, diamond, DIGITAL, DISC, disttech, D-Link, dn_04rjc, dni, DS, DSA < d> < r>
E< d>	EARLYWATCH, echo, EMP, enable, eng, engineer, enquiry, enquirypw, enter, ESSEX, EVENT, Ezsetup< d> < r>
F< d>	fal, FAX, fax, FAXUSER, FAXWORKS, FIELD, field, FIELD.SUPPORT, FINANCE, FND, foobar, friend, ftp< d> < r>
G< d>	g6PJ, games, ganteng, GATEWAY, GEN1, gen1, GEN2, gen2, glftpd, gnumpf, god, godblessyou, gonzo, gopher, GPLD, gropher, guessme, guest, GUEST, Guest, guest1, GUESTGUE, guestgue, GUESTGUEST< d> < r>
H< d>	h6BB, hacker, halt, HARRIS, hax0r, HELGA-S, HELLO, hello, HELP, help, HELPDESK, HEWITT RAND, hewlpack, HLT, home, Home, HOST, HP, hp, HPDESK, HPLASER, HPOFFICE, HPOFFICE DATA, HPONLY, HPP187, HPP187 SYS, HPP189, HPP196, HPWORD PUB, hydrasna < d> < r>
I< d>	I5rDv2b2JjA8Mm, ibm, IBM, ibmcel, ihavenopass, ILMI, inads, indspw, INFO, informix, INGRES, init, initpw, install, Internet, IntraStack, IntraSwitch, INTX3, INVALID, IPC, IS_$hostname, ITF3000, iwill < d> < r>
J< d>	j09F, j256, j262, j322, j64, JDE, Jetform, JONES< d> < r>
K< d>	kermit, kiddie, komprie, ksdjfg934t< d> < r>
L< d>	l2, l3, laflaf, lantronix, LASER, LASERWRITER, last, lesarotl, letacla, letmein, LIBRARY, lineprin, LINK, lkw peter, lkwpeter, LKWPETER, Lkwpeter, llatsni, locate, locatepw, login, looker, LOTUS, love, lp, lpadm, lpadmin, lucenttech1, lucenttech2, lynx < d> < r>
M< d>	MAIL, mail, MAILER, maint, maintain, maintpw, man, manager, Manager, MANAGER, MANAGER.SYS, Master, MASTER, masterkey, MBIU0, MBMANAGER, MBWATCH, mcp, MDSYS, me, merlin, mfd, MFG, MGR, MGR.SYS, MICRO, MILLER, mirc, mlusr, mMmM, MMO2, MODTEST, monitor, MOREAU, mountfs, mountfsys, mountsys, MPE, mtch, mtcl, MTYSYS, my_DEMARC, mypass, mypc < d> < r>
N< d>	n/a, naadmin, NAMES, ncrm, NETBASE, NETCON, NETFRAME, NetICs, netlink, netman, NETMGR, NETNONPRIV, NETOP, netopia, NETPRIV, netrangr, netscreen, NETSERVER, NETWORK, NEWINGRES, NEWS, news, NeXT, NF, NFI, NICONEX, nms, nmspw, nobody, noway, NONPRIV, ntacdmax, nuucp < d> < r>
O< d>	OCITEST, oem_temp,op, OP.OPERATOR, operator, OPERATOR, OPERVAX, oracle, ORDPLUGINS, ORDSYS, OUTLN, OutOfBox, owner< d> < r>
P< d>	PAPER, pass, PASS, Pass, passwd, Passwd, PASSWORD, password, Password, pat, patrick, PBX, pc, PCUSER, PDP11, PDP8, PFCUser, PHANTOM, phoenix, piranha, pmd, PO, PO8, poll, Polrty, POST, Posterie, postmast, POSTMASTER, postmaster, POWERCARTUSER, powerdown, PRIMARY, prime, primenet, primeos, primos, primos_cs, PRINT, PRINTER, PRIV, private, prost, PSEAdmin, public, PUBSUB, pw, pwd, pwp < d> < r>
Q< d>	q, Q54arwms, QDI, qpgmr, qsecofr, qserv, qsrvbas, qsvr, qsysopr, quser, qwer< d> < r>
R< d>	raidzone, rcust, rcustpw, RE, read, readonly, readwrite, REGO, REMOTE, replicator, REPORT, RJE, rje, RM, RMAIL, rmnetlm, RMUser1, ro, ROBELLE, ROOT, root, Root, ROOT500, ROUTER, router, RSBCMON, RSX, rw, rwa, rwmaint < d> < r>
S< d>	sa, SABRE, SAMPLE, san fran 8, SAP*, satan, SCOTT, script, scriptkiddie, SECDEMO, secoff, secofr, secret, secure, security, SECURITY, SER, sertafu, server, service, SERVICE, servlet, SETUP, setup, sex, shutdown, signa, SKY_FOX, sldkj754, smile, snake, SnuFG5, software, sp99dd, Spacve, spcl, speedxess, SPOOLMAN, spooml, star, STEEL, STUDENT, su, Super, super, SUPERVISOR, support, SUPPORT, supportpw, switch, SWITCHES_SW, Sxyz, SY_MB, sybase, sync, synnet, SYS, sys, sysadm, SYSADM, sysadmin, sysbin, SYSDBA, SYSLIB, syslib, SYSMAINT, SYSMAN, Sysop, system, SYSTEM, system_admin, SYSTEST, SYSTEST_CLIG, syxz, SZYX < d> < r>
T< d>	t0ch20x, t0ch88, TCH, teacher, tech, technolgi, tele, TELEDEMO, TELESUP, temp, temp1, TEST, test, testing, teX1, tiara, TIGER, tini, Tiny, tlah, topicalt, topicnorm, topicres, Toshiba, toshy99, tour, TRACE, TRACESRV, trancell, trouble, TSDEV, TSEUG, TSUSER, TTPTHA, tutor, TzqF < d> < r>
U< d>	uClinux, UETP, umountfs, umountfsys, umountsys, unix, User, user, USER, USER_TEMPLATE, USER0, USER1, USER2, USER3, USER4, USER5, USER6, USER7, USER8, USER9, USERP, uucp, uucpadm, uwontguessme < d> < r>
V< d>	VAX, VESOFT, Vextrex, VMS, VNC, VRR1< d> < r>
W< d>	WANGTEK, web, WebAdmin, WebBoard, webdb, weblogic, webmaster, win, WINDOWS_PASSTHRU, WINSABRE, winterm, wodj, WOOD, WORD, WP, wradmin, write, www< d> < r>
X< d>	xljlbj, XLSERVER, xo11nE, xp, xxx, xxxx, xxxxx, xxxxxx, xxxxxxx, xxxxxxxx, xxxxxxxxx, xyzall< d> < r>
Y< d>	YES, youwontguessme, yxcv< d> < r>
Z< d>	zbaaaca, Zenith, zeosx, zxcv< d> < r>
Numeric< d>	0, 1, 1.1, 2, 5, 7, 12, 30, 110, 111, 123, 1111, 1234, 2002, 2003, 2222, 2600, 8429, 12345, 54321, 111111, 121212, 123123, 123456, 166816, 256256, 654321, 1234567, 1322222, 7061992, 11111111, 12345678, 19920706, 22222222, 88888888, 123456789, 1. 1, 1234qwer, 123abc, 123asd, 123qwe, 1RRWTTOOI, 240653C9467E45, 24Banc81, 3098z, 3ep5w2u, 4Dgifts, 4getme2, 4tas, 57gbzb < d> < r>
Other< d>	!@#$, !@#$%, !@#$%^, !@#$%^&, !@#$%^&*, !root, $ALOC$, $secure$, $system, %username%12, %username%123, %username%1234, (none), ?award, }< d> < r> < able> Additional Information about Strong Passwords The links below contain policies, guidelines, practices, and general protection information about weak and strong passwords. Password Policy from SANS Password Security from Red Hat Ho w to create stronger passwords from Microsoft Protecting Yourself from Password File Attacks from CERT Coordination Center ]]> http://dotcomminer.com/archives/2008/10/08/strong-passwords/feed/ http://dotcomminer.com/archives/2008/10/08/security-in-todays-world/ http://dotcomminer.com/archives/2008/10/08/security-in-todays-world/#comments Wed, 08 Oct 2008 18:17:49 +0000 admin http://dotcomminer.com/archives/2008/10/08/security-in-todays-world/ There are many things in life that are worth protecting. Our children, our valuables, our resources and of course, ourselves. Only twenty years ago, if security was mentioned, you were speaking of protecting your home. And you were most likely discussing a security system, monitoring, watchdogs, firearms and cameras. With the explosion of the personal computer, and the internet’s ease of access to information, security has now taken on additional roles. With over 605 million people online at any given moment worldwide, criminals are no longer bound by geographic location. Today’s cyber criminal can hack from the comfort of his home just by getting online. There are software programs that do nothing but scan the internet for un-secure ports and open networks so that they can enter into those unprotected machines to access critical information. There are many users who know little about internet security and rely on their ISP to provide it for them. To look deeper into this topic, let’s examine the qualities that make security both similar and different. With your home, you have a physical area that you can protect with fire and motion sensors, cameras, glass-break detectors and decals strategically placed to deter would-be thieves. For your computer, you protect a virtual space usually containing sensitive information relevant to your personal finances or key identity theft items such as family names and social security numbers. To protect these resources, one must install software (anti-virus, port scanners, Trojan hunting software, firewalls) as one level of protection. You can also add another layer of security through a hardware firewall of connectivity to and from the internet or network. Both home security and computer security have maintenance costs associated with them. Reliable home security will usually consist of a one-time fee to install the hardware in your home, and then an agreement to have 24-hour monitoring service for a given length of time. Computer security will consist of buying the software and then either a monthly or yearly subscription fee to receive the latest information and protection from internet threats. One difference between the two are the methods of monitoring. While computer security is only responsive while the computer is active or online, home security monitoring is responsive at all times provided the system is properly armed. Another distinction is the method of response. In home security, a human will respond by dispatching police, fire or EMS directly to your home or business site. On a computer, the response is when the software vendor becomes aware of the problem, creates a solution, and has an update available for download. With the advances of technology, monthly fees for home security monitoring are reasonable for the service they provide. Be warned: not all monitoring companies have the same capabilities when it comes to quick response. That’s one reason why it’s a good idea to make sure that any security company you choose has a UL certification. This can be critical as it indicates that the security company has met stringent standards for management system compliance (such as a back up source of power). The same methodology should apply for a security software provider. Just because they say they’re the best, doesn’t mean that they are. Due diligence is the user’s responsibility. Your information is too valuable to be taken lightly. Both home security and cyber security are similar to having insurance. You have it, but you hope you never need it. And if you do need it, you want a company or vendor that has a history of excellent customer service. There are those people who think that having a firearm is all they need for protection. While that may hold true in some form, a firearm won’t let you know if someone is trying to enter your home through the back door while you are sleeping and notify you or the authorities. Another common perception is that a watchdog will alert a homeowner to intrusion, but again, man’s best friend sleeps 10 to 12 hours a day and can’t notify the police. There are some computer users who claim that they can detect a virus by the email that is sent with some obvious taglines meant for the user to open and infect the machine. Not all viruses are in emails, although that is the most common form. They can also be uploaded to a website, or embedded in Java Applets or Active X controls. Trojans, which can log all of the users keystrokes and sites visited, are secretly downloaded in the form of free games or free software, and are undetectable by anti-virus software. This is the preferred method of attack by a hacker on a machine. By not altering the performance of a machine (like a virus or worm does), the user blissfully continues to use their machine to make online purchases, and enter sensitive information, thinking they are secure, while the Trojan secretly records all of the information and will simply send all of the user’s information at designated intervals to the hacker. Many times a decision about security measures for your home or computer is based on budgetary constraints. But always consider what it is that you are protecting and how much you would pay to get back whatever was stolen, lost or destroyed if an unfortunate event occurred in your life. ]]> http://dotcomminer.com/archives/2008/10/08/security-in-todays-world/feed/ http://dotcomminer.com/archives/2008/10/07/is-your-company-cognizant-of-the-mail-room-threat/ http://dotcomminer.com/archives/2008/10/07/is-your-company-cognizant-of-the-mail-room-threat/#comments Tue, 07 Oct 2008 18:39:14 +0000 admin http://dotcomminer.com/archives/2008/10/07/is-your-company-cognizant-of-the-mail-room-threat/ 1) Security Consultant’s Perspective… Regardless of your type of business, size or location, the threat of workplace violence and terrorism is all around us these days. It could involve you, your employees and your business at any time. Protective Measures seem a bit of theatrics yet failure to be vigilant or to exercise due diligence could result in a disaster or a civil suit. I believe protecting the workforce is a never-ending task of vigilance, awareness and training. Protecting the Mail Rooms and educating your workforce is all part of the workplace security process. All employees should be given a security awareness briefing on the topic of handling suspicious pieces of mail, the need to protect the Mail Room from unauthorized personnel and general Mail Room security measures. 2) The Mail Room Threat… The handling and processing of incoming mail today remains a businesses weakest point. Incoming mail is not routinely isolated as a matter or protective measures, delivery personnel are not being restricted from building access, employees may or may not know what to look for and what to do when handling suspicious packages or letters, there are no control points controlling access by all, and letters and packages to senior officers are not given extra precautionary attention. It is unlikely most mailroom employees are cleared, are familiar with basic security procedures or that they have been trained in Mail Room Security Procedures. The potential nightmare remains the lack of security awareness, the recognition of suspicious mail; what to look for and what to do. 3) Recommendations… Supervisors and managers should insure that some form of security awareness is incorporated into the day-to-day operations. All employees should at a minimum know the basic mail handling security measures. It does not take much time to impart information to a group of employees using the “Stand-up Talk”, a technique used by the Postal Service to provide information to a large group of employees without disrupting the operations. Normally the “Stand-up Talk” lasts between 15 - 20 minutes. The “Stand-up Talks are quite an effective method of communications in this way. 4) What to do in case of a suspicious piece of mail…? This area requires paying attention to details and discipline. If you notice a suspicious letter or package during routine mail handling or if you’ve received a piece of suspicious mail, take the following steps: don’t handle it, evacuate the premises but, certainly the area around the piece and do follow your security plan by notifying supervisor and the appropriate emergency service personnel listed in the security plan. ]]> http://dotcomminer.com/archives/2008/10/07/is-your-company-cognizant-of-the-mail-room-threat/feed/ http://dotcomminer.com/archives/2008/10/02/whats-next-for-voip-in-the-future/ http://dotcomminer.com/archives/2008/10/02/whats-next-for-voip-in-the-future/#comments Thu, 02 Oct 2008 21:57:19 +0000 admin http://dotcomminer.com/archives/2008/10/02/whats-next-for-voip-in-the-future/ It seems that nothing can stop the rise and rise of VoIP. Driven by increasingly widely available low cost broadband Voice over IP has become one of the fastest-growing applications on the World Wide Web. But apart from cheap calls, there are other factors which have contributed to this hugely popular way of making calls. There is clearly a trend toward more innovative and more mobile services and this looks likely to ensure that demand for Internet telephony continues to expand. It is estimated that there are already around four million VoIP users in the UK, excluding business subscriptions. Key figures in the industry point to the proliferation of ADSL broadband connections that do not require line rental for a conventional phone line (naked ADSL), and number portability between conventional and IP phone services as the two key developments that will bring elevate the profile of VoIP to new levels. In fact the effect VoIP has had has been so profound that some have suggested that it may not be long before users can dispose of their traditional landline telephones completely in favour of a broadband phone. Taking a more pragmatic view, there are issues that will need to be addressed before that can happen. In the UK VoIP providers like Vonage or VoIPTalk will have to review both security and ease of use, as well as continue to deliver a convenient and financially viable service. They certainly offer cheap calls already but, what else do they need to do to ensure a bright future for VoIP? As the Internet is a vast public network the VoIP traffic is no more immune from attack than any other data. Security is an issue for many users, particularly in the business community and the means to develop security for users would be a welcome step in securing the long-term future of VoIP. The ease of use issue may not remain an obstacle to development now that handsets that work on mobile networks and, via WiFi or Bluetooth links, over VoIP are now appearing in the shops. This raises the prospect of using low-cost VoIP services at home, in the office or at a WiFi hotspot, but still retaining the flexibility of mobile coverage when out and about. Some VoIP companies are now selling these handsets, and have set up joint arrangements with wireless hotspots so that their customers can make and receive calls on the go without the need for a PC. It’s likely that some of the restrictions of such handsets i.e. difficulties in hotspots that use web pages for authentication to be addressed imminently. The advance of newer networking technologies will further minimise the distance between fixed, mobile and VoIP services. Wireless broadband services, in particular WiMax, could create city-wide wireless hotspots, making it possible to make mobile VoIP calls in much wider areas. ]]> http://dotcomminer.com/archives/2008/10/02/whats-next-for-voip-in-the-future/feed/ http://dotcomminer.com/archives/2008/09/28/on-line-sports-results-wagering-a-basic-introduction/ http://dotcomminer.com/archives/2008/09/28/on-line-sports-results-wagering-a-basic-introduction/#comments Sun, 28 Sep 2008 06:40:20 +0000 admin http://dotcomminer.com/archives/2008/09/28/on-line-sports-results-wagering-a-basic-introduction/ Link together both of everybody’s primary quests and what you’ve got is something generally named a sportsbook bets web location. And really, what could be more creative… Fancy a crowd of people cheering on any chosen sports heroes, and all the time wagers are bound to be geared up adding to the clamor. So keen to catch a bit of the excitement, bystanders will often seek to figure who will make it the coming struggle. At the end of the day, this turns to become a congenial and friendly struggle titled sportsbook bets web location. Test your online sports wager skills - Try our online gaming rooms! So it might sound quite obsessive however, sports betting is actually just for fun and of teaming up with one’s fellow sports enthusiasts. Here, you can risk a a piddling budget of filthy lucre and nonetheless have a extraordinary time. Here are a few select basic prompts to help everyone get started sports betting. If you want to place that wager, you will want to check out a sportsbook bets web location, i.e. a place that takes in sportsbook bets web location. In the U.S.A., there’s a total of four states where to do sports betting legitimately, but beyond legality you can do it everywhere providing you can hunt out a bookie and you are of legal age. Amongst the sporting contests you can choose to risk some money on are professional and, too, college basketball as well as college football, professional hockey and baseball, and, too, horse and dog racing. You’ll have a choice of risking some money on the global results of a contest, when any given competitor will be knocked out, and even if a given tossed coin in a contest lands heads or tails. The sportsbook company place their trust the science of statistics to help you judge which sports heroes you may feel will make it. There’s the spread, that’s points advantage assigned to the losing competitor that is assumed to lose by a specified number points. Obviously, this constitutes the bookie outfit’s technique of enabling disinterested lays for a sports book. To take an example a client could choose to wager on a club that is assumed to lose and and nonetheless win the bet providing the competitor goes down by a specified number of points. One can opt for many different forms of stakes: straight, teaser lays and others, the straight bets being the most prevalent in sports betting. So why don’t you just have a bash at it and enjoy the excitement at one go… But see to it that you won’t get overwhelmed and blow your entire income on a caprice! Otherwise could be you will end up repenting for the rest of your life! ]]> http://dotcomminer.com/archives/2008/09/28/on-line-sports-results-wagering-a-basic-introduction/feed/ http://dotcomminer.com/archives/2008/09/27/telephone-bugs-that-call-you/ http://dotcomminer.com/archives/2008/09/27/telephone-bugs-that-call-you/#comments Sun, 28 Sep 2008 03:01:35 +0000 admin http://dotcomminer.com/archives/2008/09/27/telephone-bugs-that-call-you/ When making use of telephone bugs, it can be very frustrating to be constantly checking, only to find that you missed a call. You have a busy life. Other things to do, other clients to work for, a life to live; you can’t just be sitting there trying to play hit and miss with telephone bugs. This is where the new generation of bugs comes in. It is possible to use a bug that will actually call you when a phone call is made. That way you need not miss a conversation that you cannot afford to miss. Traditional bugs require that you listen to the transmissions or call in to see if a call is being placed. Additionally, some telephone bugs only allowed you to hear one end of the conversation. Neither of these things is very savory, nor do the provide help to you as you frantically try to listen in at just the right time. Additionally, many transmitters run the risk of being found as they transmit the signal out. With telephone bugs that call you, you can listen to both ends of the conversation, and receive notification when a call is placed or received by your subject. The first telephone bugs that work in this manner are bugs that look like cell phones. You plug them in to share the same line as the regular phone, and they look like they were forgotten or like they are charging. These phones can be programmed to silently ring your preferred number whenever the home phone goes off. And it is set up so that when you pick up to listen in, you are listening as if you were on another phone in the house (just like mom and dad did when you called home from college). You hear both ends, and neither party is the wiser. Other telephone bugs that can be programmed to call you are more high tech cell phones. You give the phone to the subject (or have your client do so) and then you wait. These phones work like regular cell phones. The person talks normally and receives calls normally. But every time he or she uses the phone (place or receive) the phone dials you and lets you know. No matter which product you choose, you don’t have to miss a call when you are called by your telephone bugs. (c) 2005 Copyright www.spyassociates.com. This article is about: Telephone Bugs. ]]> http://dotcomminer.com/archives/2008/09/27/telephone-bugs-that-call-you/feed/