[ad_1]
Amazon GuardDuty is a risk detection service that repeatedly screens your Amazon Internet Companies (AWS) accounts and workloads for malicious exercise and delivers detailed safety findings for visibility and remediation. GuardDuty Malware Safety helps detect the presence of malware by performing agentless scans of the Amazon Elastic Block Retailer (Amazon EBS) volumes which might be hooked up to Amazon Elastic Compute Cloud (Amazon EC2) situations and container workloads. GuardDuty findings for recognized malware present extra insights of potential threats associated to EC2 situations and containers working on an occasion. Malware findings also can present extra context for EC2 associated threats recognized by GuardDuty reminiscent of noticed cryptocurrency-related exercise and communication with a command and management server. Examples of malware classes that GuardDuty Malware Safety helps determine embrace ransomware, cryptocurrency mining, distant entry, credential theft, and phishing. On this weblog publish, we offer an summary of the On-demand malware scan function in GuardDuty and stroll by means of a number of use circumstances the place you should utilize On-demand malware scanning.
GuardDuty provides two forms of malware scanning for EC2 situations: GuardDuty-initiated malware scans and On-demand malware scans. GuardDuty initiated malware scans are launched after GuardDuty generates an EC2 discovering that signifies conduct typical of malware on an EC2 occasion or container workload. The preliminary EC2 discovering helps to offer perception {that a} particular risk is being noticed based mostly on VPC Circulate Logs and DNS logs. Performing a malware scan on the occasion goes past what will be noticed from log exercise and helps to offer extra context on the occasion file system stage, displaying a connection between malware and the noticed community visitors. This extra context also can enable you to decide your response and remediation steps for the recognized risk.
There are a number of use circumstances the place you’d need to scan an EC2 occasion for malware even when there’s no GuardDuty EC2 discovering for the occasion. This might embrace scanning as a part of a safety investigation or scanning sure situations on an everyday schedule. You should use the On-demand malware scan function to scan an EC2 occasion whenever you need, offering flexibility in the way you keep the safety posture of your EC2 situations.
On-demand malware scanning
To carry out on-demand malware scanning, your account will need to have GuardDuty enabled. If the service-linked position (SLR) permissions for Malware Safety don’t exist within the account the primary time that you just submit an on-demand scan, the SLR for Malware Safety will routinely be created. An on-demand malware scan is initiated by offering the Amazon Useful resource Title (ARN) of the EC2 occasion to scan. The malware scan of the occasion is carried out utilizing the identical performance as GuardDuty-initiated scans. The malware scans that GuardDuty performs are agentless and the function is designed in a means that it received’t have an effect on the efficiency of your sources.
An on-demand malware scan will be initiated by means of the GuardDuty Malware Safety part of the AWS Administration Console for GuardDuty or by means of the StartMalwareScan API. On-demand malware scans will be initiated from the GuardDuty delegated administrator account for EC2 situations in a member account the place GuardDuty is enabled, or the scan will be initiated from a member account or a stand-alone account for Amazon EC2 situations inside that account. Excessive-level particulars for each malware scan that GuardDuty runs are reported within the Malware scans part of the GuardDuty console. The Malware scans part identifies which EC2 occasion the scan was initiated for, the standing of the scan (accomplished, working, skipped, or failed), the results of the scan (clear or contaminated), and when the malware scan was initiated. This abstract data on malware scans can be out there by means of the DescribeMalwareScans API.
When an on-demand scan detects malware on an EC2 occasion, a brand new GuardDuty discovering is created. This discovering lists the main points in regards to the impacted EC2 occasion, the place malware was discovered within the occasion file system, what number of occurrences of malware had been discovered, and particulars in regards to the precise malware. Moreover, if malware was present in a Docker container, the discovering additionally lists particulars in regards to the container and, if the EC2 occasion is used to assist Amazon Elastic Kubernetes Service (Amazon EKS) or Amazon Elastic Container Service (Amazon ECS) container deployments, particulars in regards to the cluster, process, and pod are additionally included within the discovering. Findings about recognized malware will be considered within the GuardDuty console together with different GuardDuty findings or will be retrieved utilizing the GuardDuty APIs. Moreover, every discovering that GuardDuty generates is distributed to Amazon EventBridge and AWS Safety Hub. With EventBridge, you possibly can writer guidelines that permit you to match sure GuardDuty findings after which ship the findings to an outlined goal in an event-driven move. Safety Hub helps you embrace GuardDuty findings in your aggregation and prioritization of safety findings to your general AWS surroundings.
GuardDuty costs for the full quantity of Amazon EBS information that’s scanned. You should use the provisioned storage for an Amazon EBS quantity to get an preliminary estimate on what the scan will price. When the precise malware scan runs, the ultimate price is predicated on the quantity of knowledge that was really scanned by GuardDuty to carry out a malware scan. To get a extra correct estimate of what a malware scan on an Amazon EBS quantity may cost, you could get hold of the precise storage quantity used from the EC2 occasion that the amount is hooked up to. There are a number of strategies out there to find out the precise quantity of storage at the moment getting used on an EBS quantity together with utilizing the CloudWatch Logs agent to gather disk-used metrics, and working particular person instructions to see the quantity of free disk area on Linux and Home windows EC2 situations.
Use circumstances utilizing GuardDuty On-demand malware scan
Now that you just’ve reviewed the on-demand malware scan function and the way it works, let’s stroll by means of 4 use circumstances the place you possibly can incorporate it that will help you obtain your safety targets. In use circumstances 1 and a couple of, we offer you deployable property to assist exhibit the answer in your personal surroundings.
Use case 1 – Initiating scans for EC2 situations with particular tags
This primary use case walks by means of how on-demand scanning will be carried out based mostly on tags utilized to an EC2 occasion. Every tag is a label consisting of a key and an optionally available worth to retailer details about the useful resource or information retained on that useful resource. Useful resource tagging can be utilized to assist determine a selected goal group of EC2 situations for malware scanning to satisfy your safety necessities. Relying in your group’s technique, tags can point out the information classification technique, workload sort, or the compliance scope of your EC2 occasion, which can be utilized as standards for malware scanning.
On this resolution, you employ a mix of GuardDuty, an AWS Techniques Supervisor doc (SSM doc), Amazon CloudWatch Logs subscription filters, AWS Lambda, and Amazon Easy Notification Service (Amazon SNS) to provoke a malware scan of EC2 situations containing a selected tag. This resolution is designed to be deployed in a member account and identifies EC2 situations to scan inside that member account.
Answer structure
Determine 1 exhibits the high-level structure of the answer which depicts an on-demand malware scan being initiated based mostly on a tag key.
Determine 1: Tag based mostly on-demand malware scan structure
The high-level workflow is:
Enter the tag scan parameters within the SSM doc that’s deployed as a part of the answer.
If you provoke the SSM doc, the GuardDutyMalwareOnDemandScanLambdaFunction Lambda perform is invoked, which launches the gathering of the related Amazon EC2 ARNs that match your tag standards.
The Lambda perform obtains ARNs of the EC2 situations and initiates a malware scan for every occasion.
GuardDuty scans every occasion for malware.
A CloudWatch Logs subscription filter created below the log group /aws/guardduty/malware-scan-events screens for log file entries of on-demand malware scans which have a standing of COMPLETED or SKIPPED. If a scan matches this filter standards, it’s despatched to the GuardDutyMalwareOnDemandNotificationLambda Lambda perform.
The GuardDutyMalwareOnDemandNotificationLambda perform parses the knowledge from the scan occasions and sends the main points to an Amazon SNS matter if the results of the scan is clear, skipped, or contaminated.
Amazon SNS sends the message to the subject subscriptions. Data despatched within the message will include the account ID, useful resource ID, standing, quantity, and results of the scan.
Techniques Supervisor doc
AWS Techniques Supervisor is a safe, end-to-end administration resolution for sources on AWS and in multi-cloud and hybrid environments. The SSM doc function is used on this resolution to offer an interactive means to offer inputs to the Lambda perform that’s accountable for figuring out EC2 situations to scan for malware.
Establish Amazon EC2 targets Lambda
The GuardDutyMalwareOnDemandScanLambdaFunction obtains the ARN of the related EC2 situations that match the tag standards supplied within the Techniques Supervisor doc parameters. For the EC2 situations which might be recognized to match the tag standards, an On-demand malware scan request is submitted by the StartMalwareScan API.
Monitoring and reporting scan standing
The answer deploys an Amazon CloudWatch Logs subscription filter that screens for log file entries of on-demand malware scans which have a standing of COMPLETED or SKIPPED. See Monitoring scan standing for extra data. After an on-demand malware scan finishes, the filter standards are matched and the scan result’s despatched to its Lambda perform vacation spot GuardDutyMalwareOnDemandNotificationLambda. This Lambda perform generates an Amazon SNS notification e-mail that’s despatched by the GuardDutyMalwareOnDemandScanTopic Amazon SNS matter.
Deploy the answer
Now that you just perceive how the on-demand malware scan resolution works, you possibly can deploy it to your personal AWS account. The answer needs to be deployed in a single member account. This part walks you thru the steps to deploy the answer and exhibits you tips on how to confirm that every of the important thing steps is working.
Step 1: Activate GuardDuty
The pattern resolution supplied by this weblog publish requires that you just activate GuardDuty in your AWS account. If this service isn’t activated in your account, study extra in regards to the free trial and pricing or this service, and observe the steps in Getting began with Amazon GuardDuty to arrange the service and begin monitoring your account.
Observe: On-demand malware scanning will not be a part of the GuardDuty free trial.
Step 2: Deploy the AWS CloudFormation template
For this step, deploy the template inside the AWS account and AWS Area the place you need to take a look at this resolution.
Select the next Launch Stack button to launch an AWS CloudFormation stack in your account. Use the AWS Administration Console navigation bar to decide on the Area you need to deploy the stack in.
Set the values for the next parameters based mostly on the way you need to use the answer:
Create On-demand malware scan pattern tester situation — Set the worth to True to generate two EC2 situations to check the answer. These situations will function targets for an on-demand malware scan. One occasion will include EICAR malware pattern recordsdata, which include strings that will probably be detected as malware however aren’t malicious. The opposite occasion received’t include malware.
Tag key — Set the important thing that you just need to be added to the take a look at EC2 situations which might be launched by this template.
Tag worth — Set the worth that will probably be added to the take a look at EC2 situations which might be launched by this template.
Newest Amazon Linux occasion used for tester — Depart as is.
Scroll to the underside of the Fast create stack display screen and choose the checkbox subsequent to I acknowledge that AWS CloudFormation may create IAM sources.
Select Create stack. The deployment of this CloudFormation stack will take 5–10 minutes.
After the CloudFormation stack has been deployed efficiently, you possibly can proceed to reviewing and interacting with the deployed resolution.
Step 3: Create an Amazon SNS matter subscription
The CloudFormation stack deploys an Amazon SNS matter to assist sending notifications about initiated malware scans. For this publish, you create an e-mail subscription for receiving messages despatched by means of the subject.
Within the Amazon SNS console, navigate to the Area that the stack was deployed in. On the Amazon SNS matters web page, select the created matter that features the textual content GuardDutyMalwareOnDemandScanTopic.
Determine 2: Amazon SNS matter itemizing
On the Create subscription web page, choose Electronic mail for the Protocol, and for the Endpoint add a legitimate e-mail deal with. Select Create subscription.
Determine 3: Amazon SNS matter subscription
After the subscription has been created, an e-mail notification is distributed that should be acknowledged to begin receiving malware scan notifications.
Amazon SNS subscriptions assist many different forms of subscription protocols apart from e-mail. You’ll be able to assessment the listing of Amazon SNS occasion locations to study extra about different ways in which Amazon SNS notifications will be consumed.
Step 4: Present scan parameters in an SSM doc
After the AWS CloudFormation template has been deployed, the SSM doc will probably be within the Techniques Supervisor console. For this resolution, the TagKey and TagValue parameters should be entered earlier than you possibly can run the SSM doc.
Within the Techniques Supervisor console select the Paperwork hyperlink within the navigation pane.
On the SSM doc web page, choose the Owned by me tab and select GuardDutyMalwareOnDemandScan. In case you have a number of paperwork, use the search bar to seek for the GuardDutyMalwareOnDemandScan doc.
Determine 4: Techniques Supervisor paperwork itemizing
Within the web page for the GuardDutyMalwareOnDemandScan, select Execute automation.
Within the Execute automation runbook web page, observe the doc description and enter the required parameters. For this weblog instance, use the identical tags as within the parameter part of the preliminary CloudFormation template. If you use this resolution to your personal situations, you possibly can modify these parameters to suit your tagging technique.
Determine 5: Automation doc particulars and enter parameters
Select Execute to run the doc. This takes you to the Execution element web page for this run of the automation doc. In a couple of minutes the Execution standing ought to replace its general standing to Success.
Determine 6: Automation doc execution element
Step 5: Obtain standing messages about malware scans
Upon completion of the scan, you must get a standing of Success and e-mail containing the outcomes of the on-demand scan together with the scan IDs. The scan end result features a message for an INFECTED occasion and one message for a CLEAN occasion. For EC2 situations with no tag key, you’ll obtain an Amazon SNS notification that claims “No situations discovered that could possibly be scanned.” Determine 7 exhibits an instance e-mail for an INFECTED occasion.
Determine 7: Instance e-mail for an contaminated occasion
Step 6: Evaluation scan ends in GuardDuty
Along with the emails which might be despatched in regards to the standing of a malware scan, the main points about every malware scan and the findings for recognized malware will be considered in GuardDuty.
Within the GuardDuty console, choose Malware scans from the left navigation pane. The Malware scan web page supplies you with the outcomes of the scans carried out. The scan outcomes, for the situations scanned on this publish, ought to match the e-mail notifications obtained within the earlier step.
Determine 8: GuardDuty malware scan abstract
You’ll be able to choose a scan to view its particulars. The main points embrace the scan ID, the EC2 occasion, scan sort, scan end result (which signifies if the scan is contaminated or clear), and the scan begin time.
Determine 9: GuardDuty malware scan particulars
Within the particulars for the contaminated occasion, select Click on to see malware findings. This takes you to the GuardDuty findings web page with a filter for the precise malware scan.
Determine 10: GuardDuty malware findings
Choose the discovering for the MalicousFile discovering to deliver up particulars in regards to the discovering. Particulars of the Execution:EC2/Malicious file discovering embrace the severity label, the overview of the discovering, and the threats detected. We suggest that you just deal with excessive severity findings as excessive precedence and instantly examine and, if crucial, take steps to stop unauthorized use of your sources.
Determine 11: GuardDuty malware discovering particulars
Use case 2 – Initiating scans on a schedule
This use case walks by means of tips on how to schedule malware scans. Scheduled malware scanning may be required for significantly delicate workloads. After an surroundings is up and working, it’s essential to determine a baseline to have the ability to shortly determine EC2 situations which were contaminated with malware. A scheduled malware scan helps you proactively determine malware on key sources and that keep the specified safety baseline.
Answer structure
Determine 12: Scheduled malware scan structure
The structure of this use case is proven in determine 12. The primary distinction between this and the structure of use case 1 is the presence of a scheduler that controls submitting the GuardDutyMalwareOnDemandObtainScanLambdaFunction perform to determine the EC2 situations to be scanned. This structure makes use of Amazon EventBridge Scheduler to arrange versatile time home windows for when a scheduled scan needs to be carried out.
EventBridge Scheduler is a serverless scheduler that you should utilize to create, run, and handle duties from a central, managed service. With EventBridge Scheduler, you possibly can create schedules utilizing cron and charge expressions for recurring patterns or configure one-time invocations. You’ll be able to arrange versatile time home windows for supply, outline retry limits, and set the utmost retention time for failed invocations.
Deploying the answer
Step 1: Deploy the AWS CloudFormation template
For this step, you deploy the template inside the AWS account and Area the place you need to take a look at the answer.
Select the next Launch Stack button to launch an AWS CloudFormation stack in your account. Use the AWS Administration Console navigation bar to decide on the Area you need to deploy the stack in.
Set the values for the next parameters based mostly on the way you need to use the answer:
On-demand malware scan pattern tester — Amazon EC2 configuration
Create On-demand malware scan pattern tester situation — Set the worth to True to generate two EC2 situations to check the answer. These situations will function targets for an on-demand malware scan. One occasion will include EICAR malware pattern recordsdata, which include strings that will probably be detected as malware however aren’t malicious. The opposite occasion received’t include malware.
Tag key — Set the important thing that you just need to be added to the take a look at EC2 situations which might be launched by this template.
Tag Worth — Set the worth that will probably be added to the take a look at EC2 situations which might be launched by this template.
Newest Amazon Linux occasion used for tester — Depart as is.
Scheduled malware scan parameters
Tag keys and values parameter — Enter the tag key-value pairs that the scheduled scan will search for. In the event you populated the tag key and tag worth parameters for the pattern EC2 occasion, then that needs to be one of many values on this parameter to make sure that the take a look at situations are scanned.
EC2 situations ARNs to scan — [Optional] EC2 situations ID listing that needs to be scanned when the scheduled scan runs.
EC2 situations state — Enter the state the EC2 situations will be in when choosing situations to scan.
AWS Scheduler parameters
Price for the schedule scan to be run — defines how continuously the schedule ought to run. Legitimate choices are minutes, hours, or days.
First time scheduled scan will run — Enter the day and time, in UTC format, when the primary scheduled scan ought to run.
Time zone — Enter the time zone that the schedule begin time needs to be utilized to. Here’s a listing of legitimate time zone values.
Scroll to the underside of the Fast create stack display screen and choose the checkbox for I acknowledge that AWS CloudFormation may create IAM sources.
Select Create stack. The deployment of this CloudFormation stack will take 5–10 minutes.
After the CloudFormation stack has been deployed efficiently, you possibly can assessment and work together with the deployed resolution.
Step 2: Amazon SNS matter subscription
As in use case 1, this resolution helps utilizing Amazon SNS to ship a notification with the outcomes of a malware scan. See the Amazon SNS subscription arrange steps in use case 1 for steering on establishing a subscription for receiving the outcomes. For this use case, the naming conference of the Amazon SNS matter will embrace GuardDutyMalwareOnDemandScheduledScanTopic.
Step 3: Evaluation scheduled scan configuration
For this use case, the parameters that had been stuffed in throughout submission of the CloudFormation template construct out an preliminary schedule for scanning EC2 situations. The next particulars describe the varied parts of the schedule and the place you may make modifications to affect how the schedule runs sooner or later.
Within the console, go to the EventBridge service. On the left facet of the console below Scheduler, choose Schedules. Choose the scheduler that was created as a part of the CloudFormation deployment.
Determine 13: Listing of EventBridge schedules
The Specify schedule element web page is the place you possibly can set the suitable Timezone, Begin date and time. On this walkthrough, this data for the schedule was supplied when launching the CloudFormation template.
Determine 14: EventBridge schedule element
On the Invoke web page, the JSON will embrace the occasion state, tags, and IDs, in addition to the tags related to the occasion that had been stuffed in in the course of the deployment of the CloudFormation template. Make extra modifications, as wanted, and select Subsequent.
Determine 15: EventBridge schedule Lambda invoke parameters
Evaluation and save schedule.
Determine 16: EventBridge schedule abstract
Step 4: Evaluation malware scan outcomes from GuardDuty
After a scheduled scan has been carried out, the scan outcomes will probably be out there within the GuardDuty Malware console and generate a GuardDuty discovering if malware is discovered. The output emails and entry to the ends in GuardDuty is identical as defined in use case 1.
Use case 3 – Initiating scans to assist a safety investigation
You may obtain safety alerts or occasions about infrastructure and functions from a number of instruments or sources along with Amazon GuardDuty. Investigations that come up from these safety alerts necessitate malware scans on particular EC2 situations that may be a supply or goal of a safety occasion. With GuardDuty On-demand malware scan, you possibly can incorporate a scan as a part of your investigation workflow and use the output of the scan to drive the following steps in your investigation.
From the GuardDuty delegated administrator account, you possibly can provoke a malware scan towards EC2 situations in a member account which is related to the administrator account. This allows you to provoke your malware scans from a centralized location and with out the necessity for entry to the account the place the EC2 occasion is deployed. Initiating a malware scan for an EC2 occasion makes use of the identical StartMalwareScan API described within the different use circumstances of this publish. Relying on the instruments that you just’re utilizing to assist your investigations, you can too use the GuardDuty console to provoke a malware scan.
After a malware scan is run, malware findings will probably be out there within the delegated administrator and member accounts, permitting you to get particulars and orchestrate the following steps in your investigation from a centralized location.
Determine 17 is an instance of how a safety investigation, utilizing an on-demand malware scan, may perform.
Determine 17: Instance safety investigation utilizing GuardDuty On-demand malware scans
In the event you’re utilizing GuardDuty as your major supply of safety findings for EC2 situations, the GuardDuty-initiated malware scan function also can assist facilitate an investigation workflow. With GuardDuty initiated malware scans, you possibly can cut back the time between when an EC2 occasion discovering is created and when a malware scan of the occasion is initiated, making the scan outcomes out there to your investigation workflows quicker, serving to you develop a remediation plan sooner.
Use case 4 – Malware scanning in a deployment pipeline
In the event you’re utilizing deployment pipelines to construct and deploy your infrastructure and functions, you need to be sure that what you’re deploying is safe. In circumstances the place deployments contain third-party software program, you need to make certain that the software program is freed from malware earlier than deploying into environments the place the malware could possibly be dangerous. This is applicable to software program deployed straight onto an EC2 occasion in addition to containers which might be deployed on an EC2 occasion. On this case, you should utilize the on-demand malware scan in an EC2 occasion in a safe take a look at surroundings previous to deploying it in manufacturing. You should use the methods described earlier on this publish to design your deployment pipelines with steps that decision the StartMalwareScan API after which examine the outcomes of the scan. Primarily based on the scan outcomes, you possibly can determine if the deployment ought to proceed or be stopped because of detected malware.
Working these scans earlier than deployment into manufacturing might help to make sure the integrity of your functions and information and improve confidence that the manufacturing surroundings is freed from important safety points.
Determine 18 is an instance of how malware scanning may look in a deployment pipeline for a containerized software.
Determine 18: Instance deployment pipeline incorporating GuardDuty On-demand malware scan
Within the previous instance the next steps are represented:
A container picture is constructed as a part of a deployment pipeline.
The container picture is deployed right into a take a look at surroundings.
From the take a look at surroundings, a GuardDuty On-demand malware scan is initiated towards the EC2 occasion the place the container picture has been deployed.
After the malware scan is full, the outcomes of the scan are evaluated.
A choice is made on permitting the picture to be deployed into manufacturing. If the picture is authorised, it’s deployed to manufacturing. If it’s rejected, a message is distributed again to the proprietor of the container picture for remediation of the recognized malware.
Conclusion
Scanning for malware in your EC2 situations is essential to sustaining that your situations are freed from malware earlier than they’re deployed to manufacturing, and if malware does discover its means onto a deployed occasion, it’s shortly recognized in order that it may be investigated and remediated.
This publish outlines 4 use circumstances you should utilize with the On-demand malware scan function: Scan based mostly on tag, scan on a schedule, scan as a part of an investigation, and scan in a deployment pipeline. The examples supplied on this publish are meant to offer a basis that you would be able to construct upon to satisfy your particular use circumstances. You should use the supplied code examples and pattern architectures to reinforce your operational and deployment processes.
To study extra about GuardDuty and its malware safety options, see the function documentation and the service quotas for Malware safety.
In case you have suggestions about this publish, submit feedback within the Feedback part beneath. In case you have questions on this publish, begin a brand new thread on the AWS Safety, Identification, & Compliance re:Publish or contact AWS Assist.
Need extra AWS Safety information? Comply with us on Twitter.
Rodrigo Ferroni
Rodrigo is a Principal Safety Specialist at AWS Enterprise Assist. He’s licensed in CISSP, an AWS Safety Specialist, and AWS Options Architect Affiliate. He enjoys serving to prospects to proceed adopting AWS safety companies to enhance their safety posture within the cloud. Outdoors of labor, he likes to journey as a lot as he can. Each winter, he enjoys snowboarding along with his associates.
Eduardo Ortiz Pineda
Eduardo is a Senior Safety Specialist at AWS Enterprise Assist. He’s serious about totally different safety matters, automation, and serving to prospects to enhance their safety posture. Outdoors of labor, he spends his free time with household and associates, having fun with sports activities, studying, and touring.
Scott Ward
Scott is a Principal Options Architect with the Exterior Safety Companies (ESS) product crew and has been with Amazon for over 20 years. Scott supplies technical steering to prospects on tips on how to use safety companies to guard their AWS environments. Previous roles embrace technical lead for the AWS Safety Associate phase and member of the technical crew for the Amazon.com world monetary methods.
Howard Irabor
Howard is a Safety Options Architect at AWS. Immediately, he’s dedicated to helping large-scale AWS prospects in implementing and utilizing AWS safety companies to decrease threat and enhance safety. He’s a extremely motivated one who relishes a great problem. He’s an avid runner and soccer participant in his spare time.
[ad_2]
Source link
