Posts

Showing posts from 2009

ClarkConnect 5

Image
this my clarkconnect , i give screen shoot to you , im not blame with mikrotik anymore cause i use too in my office :) , but this is free ( community edition )


Work = Net , live and Music ......

Centos 5.4

The CentOS team is pleased to announce the availability of CentOS 5.4. Major changes in CentOS 5 compared to CentOS 4 include:

These updated software versions: Apache-2.2, php-5.1.6, kernel-2.6.18, Gnome-2.16, KDE-3.5, OpenOffice.org-2.3, Evolution-2.12, Firefox-3.0, Thunderbird-2.0, MySQL-5.0, PostgreSQL-8.

Better desktop support with compiz and AIGLX.

Virtualization provided by the Xen hypervisor with Virtual Machine Manager and libvirt.

Major changes compared to earlier CentOS 5 versions include:

KVM as a preview for the new virtualization technology in Enterprise Linux.

ext4 as a technology preview in file systems.

Source : www.centos.org

download from local ix ( Indonesia )

http://mirror.unej.ac.id/centos/5.4/isos/i386/

Sql injection and mod security - black and white

this noon , we read mail from someone and he claim he find sql injection in our site , how it can be ... , magic quota still off and mod_security not yet installed

see this article

from : http://www.cyberciti.biz/faq/rhel-fedora-centos-httpd-mod_security-configuration/

Red Hat / CentOS Install mod_security Apache Intrusion Detection And Prevention Engine

by Vivek Gite

How do I install ModSecurity - an open source intrusion detection and prevention engine for web applications under CentOS / RHEL / Red Hat Enterprise Linux 5.x server?

ModSecurity operates embedded into the web server (httpd), acting as a powerful umbrella - shielding web applications from attacks. In order to use mod_security, you need to turn on EPEL repo under CentOS / RHEL Linux. Once repo is turned on, type the following command to install ModSecurity:
# yum install mod_security
Sample output:

Loaded plugins: downloadonly, fastestmirror, priorities, protectbase
Loading mirror speeds from cached hostfile
* epel: www.gtlib.g…

Redirect and Phising Facebook

This night very smooth just open my eyes and read the security around the world, facebook is the biggest social community and there are people can make the application like games , quiz and etc.

Can we Phising that ?... of course ...

have u read this

http://www.packetstormsecurity.com/0910-exploits/facebook-redir.txt

_00000__00000__00000__00000__0___0__00000____0___0___000___0___0_
_0______0___0__0___0__0______00_00__0________00_00__0___0__00_00_
_0000___00000__00000__00000__0_0_0__00000____0_0_0__0___0__0_0_0_
_____0______0______0__0______0___0__0________0___0__00000__0___0_
_0000___00000__00000__00000__0___0__00000____0___0__0___0__0___0_
_________________________________________________________________


# [+] Facebook Redirection
#
# [+] Author : 599eme Man
# [+] Contact : Flouf@live.fr
#
#[------------------------------------------------------------------------------------]
#
# [+] How use ?
#
# http://apps.facebook.com/quizzname/?next=[Redirection]
#
# [+] PoC :
#
# http://apps.facebook.com/quelend…

check your nginx

http://www.packetstormsecurity.com/0910-exploits/nginx-dos.txt

debian:~# uname -a Linux debian 2.6.18-6-686 #1 SMP Thu Aug 20 21:56:59 UTC
2009 i686 GNU/Linux
debian:~# cat /etc/issue
Debian GNU/Linux 4.0 \n \l

debian:~# dpkg -l|grep nginx
ii nginx 0.4.13-2+etch2 small, but very powerful and efficient
debian:~# ps xauwww|grep worker|grep -v grep
www-data 3577 0.0 0.9 2688 928 ? S 01:50 0:00 nginx: worker process
debian:~# gdb -p 3577
GNU gdb 6.4.90-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are

welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
Attaching to process 3577
Reading symbols from /usr/sbin/nginx...(no debugging symbols found)...done.
Using host libthread_db library "/lib/tls/i686/cmov/l…

Hacking Sms Centre

this story is begun when i have the nokia phone 3330 series , join forum community and get infomation about seeking sms centre in this country , when in 2003 indonesia have three operator selular like telkomsel , indosat and proxl , and i have three collection with that , hmm maybe 10 sim card i'd have in my stuff

about 5 hour per day im start with seeking sms centre with my old nokia phones.


binggo my seeker find the one sms centre :... Indosat : +62855000904-906 ( im3 ) the enigma ive got charge Rp -5.000.000 ( im3 ) LOL hahahahahaha

but now is closed and not free again ...

download : http://smsclist.com/downloads/

there is thousand smscentre in this world , be patient for seeking. im just share this for educational only , now in this year send message with sms i think very cheap and is your choice ...

greets to : fulvian , crushbonez for share this software

Lack connection

about 1 day ago , internet in this office like a snail , what is goin happen. i try to remote 10 server but same problem , hmmm maybe earthquake again and its true

Disaster

read this :

Asian undersea cable disruption slows Internet access


By Sumner Lemon
IDG News Service (Singapore Bureau)
August 13, 2009

SINGAPORE - A segment of the Asia-Pacific Cable Network 2 (APCN2) undersea cable network between China and Taiwan suffered a serious cable fault on Wednesday, causing Internet traffic to be rerouted onto other undersea cables and slowing Internet access for some users in Southeast Asia.

At about 10:50 a.m. on Wednesday, local time, an alarm signaled a cable fault on Segment 7 of APCN2, which connects Hong Kong and Shantou, China. The disruption caused a temporary loss of service on the undersea link but all customers that use the cable were soon shifted to capacity on other cables, according to a source familiar with the situation.

The APCN2 cable is owned by a consortium of 26 telecom ope…

inspiration will not end its just beginning ...

Now 6.30 PM , im still in the front of computer , preparing monthly report and spent little time with listen this music, its make me relax for a while , running with remote 18 shell box , is she superstar ? im say yes ... remembering .....


Aphrodite ...

Have u try gOS ??

Image
Improving the Linux user experience...

Since our debut in 2007, gOS has been praised for being the most beautiful and easiest to use Linux operating system on the market. Now with our third and best version of gOS, we have carried on our effort to create a Linux for the rest of us.

..with Google Gadgets

Turn on your computer to a desktop full of your favorite widgets, fresh with live, personalized content just for you. We want to personally thank the Google Gadgets for Linux team for their efforts.

Read this :

http://www.thinkgos.com/gos/download.html

last release : gOS 3.1 Gadgets (SP1)

have u try gOS ??

Search Wiki From Shell Box

Image
if you have a shell box ( unix ) you can search wiki , the simple command like this


dig +short txt .wp.dg.cx

as example :

dig +short txt indonesia.wp.dg.cx



source :

http://lifehacker.com/5329014/search-wikipedia-from-the-command-line

just spend a little time

This song i heard when in 1993 and it taken from The Album Format Masa Depan - Dewa 19 , ill remember this story , im just spend a little time for sharing my story ...



Ten Story love Song - Indonesian Love Song .......

Simple Trick to disconnect Yahoo Messenger

Image
I have simple trick , how make your friend disconnect in your list , first of all

You can broadcast message like this :

Secret of Yahoo messenger 9

in your “type some contact information” you can input this :

http://us.lrd.yahoo.com/_ylc=X3oDMTIxN3RkOTNuBF9TAzM5ODMwMDk2NwRwb3MDMgRzZWMDbndfdG9wc3RvcmllcwRzbGsDdGl0bGUEdGFyA25ld3MueWFob28uY29t

and press enter , you will find the big secret of Yahoo messenger 9 .

hope you enjoy it ...


==============================================================



i think yahoo messenger have bug ...

http://us.lrd.yahoo.com/_ylc=X3oDMTIxN3RkOTNuBF9TAzM5ODMwMDk2NwRwb3MDMgRzZWMDbndfdG9wc3RvcmllcwRzbGsDdGl0bGUEdGFyA25ld3MueWFob28uY29t

if you browsing in this site , is the page cannot be found and its not worm :) , LOL

Hack Affiliate Program

This goin happen , 4 Years ago ... , when i'm still student in university , as student is really really happy when i've new phone , yeah ... new phone product from nokia 3330, but how the voucher ? what kind i do for buy ? its very expensive , in this era telecomunications have a monopoly , one operator who have a power its can be join the market.

ok this point ill give you story. In 2005 voucher affiliate program is popular , im search google with key : topup.com ( as the example ) , there a are many people who promotion this affiliate , wow great i got this idea ....

second method : social engineering , i have one site and owned by me with id=root ,
just copy topup.com i made same face with it hehehe , LOL , send the victim to browsing my shit site ...

username : blablabla
password : bla bla bla

and finally , got 100 account hehehehe LOL ( i try this method in class millist and its work LOL and i can read they inbox ) sorry dude

ok back to the topic again ...

next step .. i'…

Good man in the good place

Hup hup horay , i got again my small bag include laptop charger and hp charger , i think lost for a while. My stuff lost when i'm going to train station with the taxi . I realize when I at the train station. i try didnt panic. Just thinking for a while ...

ill remember in my small bag have a guest bill complete with my address. in the friday night when im going to home i got package and i see his name.

i call him and say thanks for give back my stuff. i know he is good man ...

Special Big Thanks to : Mr Arifin ( Taxi driver ) for give back my stuff.

if u wanna get Taxi Driver in Semarang City - Indonesia , you can contact him : 6285225336158

www.findtoyou.com

Image
www.findtoyou.com , this site owned by k1n9k0ng , beside have this one , he made finderonly ,what is the point you can get from this site ?

you can find rapidshare link, find megaupload , find pdf file , with crawler method

and you know who is he ?

he is top blogger in indonesia country, read this.

screen shot :



wanna try ?

Backtrack ...

One of the Backtrack linux distro is derived from a slackware which is the merger of whax collection and security auditors. Backtrack two released on 6 March 2007 which include more than 300 security tools while the beta 3 version of backtrack released on 14 December 2007 on the third release is more focused on hardware support. While the version of backtrack 3 was released on 19 June 2008 on the backtrack version 3 include this saint and maltego while nessus not included and still use the kernel version 2.6.21.5.

Official site links:

http://www.remote-exploit.org/backtrack.html

For Indonesian version can be read at the link below, coincidence I have ever following article article:

http://indobacktrack.or.id/

Greats to: Indobacktrack Team

If trouble downloading backtrack live CD can be download in here

http://repo.opensource.telkomspeedy.com/backtrack/

Happy learning .... smile


Source:
http://id.wikipedia.org/wiki/BackTrack

Last edited by thesims (24-07-2009 15:17:35)

Invisible ???

Are you hate if someone usually invisible in contact list , this is the solution , we make this in opensource server. hope you enjoy :


http://opensource.telkomspeedy.com/ym/

greets to : http://opensource.telkomspeedy.com

Hore ... aku punya Hostpot di Santika Hotel

Image
Duhai tepat jam 9 lebih 32 menit buka laptop dulu sudah lama sepertinya aku meninggalkan internet yang tercinta ini ( lebay mode on hehehehe ) iseng scan .. dapet deh hotspot , lumayan deh tuh gratisan cepet juga euuy , nah pas jam 11 mulai deh orang berduyun duyun makan , suara piring dll kedengeran banget disini. Tiba-tiba gw nerima telpon "Bal ada gangguan nih server" , wah gw cepet-cepet remote donk ke shell box ... ya ampun kok lambat banget aksesnya ya ... harus benerin nih ... , terpaksa gw keluar buat survey , celingak celinguk , ternyata sob banyak sekali pakai laptop , wah gimana cara nih gw bisa remote , akhirnya gw ke kamar lagi deh semedi dan ritual ala kadarnya

gw coba browsing ke www.showmyip.com

ip nya 125.x.x.x ( kek nya gw kenal nih ip ) dan gw yakin passwordnya ntuh

default :

user : admin
password : admin

lalu gw ketik di cmd ( maklum ubuntu lagi kernel panic , ala kadarnya aja deh pake vista ini juga terpaksa :) )

C:\Users\iqbal>ipconfig

Wireless LAN adapte…

hack into inbox ...

Disini tidak mengajarkan suatu kejahatan , memang seram terdengar kata-kata "hack" , tapi sedikit lebih lumrah , semuanya berawal dari social engineering walau masih mystery tentang doi tapi saya bisa menerobos sebuah email , yah bisa juga inbox facebook biasa dijadikan sebuah social engineering ( isi inbox nya , selingkuhan , saingan atau doi udah punya hehehehe , semuanya terungkap ... ) misal nih elo pengen gebet tuh cewe , nah nih cewe suka facebookan , biasanya tuh seseorang males banget ketik password jadi ntuh password disimpen kan tu di mozilla


kalo elo punya laptop

1. tangan lo harus cepet simpen password facebook , lo pancing deh tuh buka facebook di mozilla , cepet2x deh tangan lo save hehehe , email juga begitu ... ( remmber password mozilla )

cara liatnya

tools - options - security - save password , show password

2. siapin senjata elo pake keylogger , banyak deh yang ampuh , ajakin doi buka fb , trus lo pura-pura beli rokok , keluar atau ke WC

kalo laptopnya punya …

Kata Sesepuh Baca Google .......

Sudah keseribu kesekian kali saya bilang ke temen saya , cari di google , apa sih susahnya mencari di google , padahal mudah sekali tinggal "buka google disana ilmu numplek plek sampe meriang meriang deh tuh :D kalo belajar disana " itu kata sesepuh saya , ilmu kanuragan sakti mandera guna yang
itemnya : mulai dari ilmu lo cari target kecil-kecilan sampe target yang segede gaban , nyepam2x , intip sana sini , dapetin ribuan email yang isinya cuma botnet doank , masuk ke wifi tetangga , deauth sana sini , wardriving di area hotspot , buka backtrack nemuin hole , cari local exploit , target root pasang backdoor dan kalo kalo
putihnya elo bisa dapetin : install network , routing squid , pake nginx , oprek router cisco , ngetrace mana yang titiknya putus , bgp , ospf , router RIP , java , josso , jboss , buat vhost , dns server , mail server pake zimbra banyak , nah skarang tinggal pilih lo mau jadi apaan , kalo untuk pengalaman bolehlah belajar semua , pake untuk kebaikan , su…

DD-WRT (httpd service) Remote Command Execution Vulnerability

This is a remote root vulnerability in DD-WRT's httpd server. The bug exists
at the latest 24 sp1 version of the firmware.

The problem is due to many bugs and bad software design decisions. Here is
part of httpd.c:

859 if (containsstring(file, "cgi-bin")) {
860
861 auth_fail = 0;
862 if (!do_auth
863 (conn_fp, auth_userid, auth_passwd, auth_realm,
864 authorization, auth_check))
865 auth_fail = 1;


......... (snip)............

899
900 }
901 exec = fopen("/tmp/exec.tmp", "wb");
902 fprintf(exec, "export REQUEST_METHOD=\"%s\"\n", method);
903 if (query)
904 fprintf(exec, "/bin/sh %s/%s905 server_dir != NULL ?
server_dir : "/www",file);
906 else
907 fprintf(e…

nginx proxy

Nginx terbukti ampuh seperti kata teman saya , kali ini saya akan mencoba implementasi penggunaan nginx ini .... nih konfigurasinya


#######################################################################
#
# This is the main Nginx configuration file.
#
# More information about the configuration options is available on
# * the English wiki - http://wiki.codemongers.com/Main
# * the Russian documentation - http://sysoev.ru/nginx/
#
#######################################################################

#----------------------------------------------------------------------
# Main Module - directives that cover basic functionality
#
# http://wiki.codemongers.com/NginxMainModule
#
#----------------------------------------------------------------------

user nobody nobody;
worker_processes 2;

error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;

pid /var/run/nginx.pid;



#-----------------…

Download Backtrack in Indonesia

This is new link to download backtrack in indonesia network, i make this for my contribution as opensource lovers ... , greats to http://opensource.telkomspeedy.com

download :

http://repo.opensource.telkomspeedy.com/backtrack/

we hope you enjoy ......

Fake email ??? or ...

Beginilah social engineering yang dilakukan pihak yang tidak bertanggung menggunakan fake email ke victim nya ,

Flag this message
You've received a photo from facebook.com!
Wednesday, July 15, 2009 10:52 AM
From:
"facebook.com"
Add sender to Contacts
To:
artikel@sekuritionline.net


saya melihat header dari email yang masuk
================================================================================

Return-Path:
Authentication-Results: mta131.mail.ac4.yahoo.com from=81-15-214-1.wyrzysk.net.pl; domainkeys=neutral (no sig); from=81-15-214-1.wyrzysk.net.pl; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO omta0109.mta.everyone.net) (216.200.145.38) by mta131.mail.ac4.yahoo.com with SMTP; Tue, 14 Jul 2009 20:52:34 -0700
Received: from dm0208.mta.everyone.net (sj1-slb03-gw2 [172.16.1.96]) by omta0109.mta.everyone.net (Postfix) with ESMTP id 7B897648A7; Tue, 14 Jul 2009 20:52:33 -0700 (PDT)
Received: from 81-15-214-1.wyrzysk.net.pl (81.15.214.1 [81.15.214.1]) by dm0208…

hanya mencoba //..\\

Bosan , cari sesuatu , coba-coba deh, siang ini melihat keadaan sekitar saya duduk, sepi banget kantor ini deh, saya cuma test aja sih , bukan bermaksud lain.

Os yang saya gunakan Linux base on Ubuntu , Rhel 5 , saya coba remote ke mesin RHEL 5 , iseng menjalankan

http://www.milw0rm.com/exploits/7262

Microsoft Communicator allows remote attackers to cause a denial of service (memory consumption) via
# a large number of SIP INVITE requests, which trigger the creation of many sessions.

Apalagi disini SIP nya digunakan , alhasil , kurang lebih 1 menit internetnya down , segedung pula jatohnya , ampun dj , gak lupa hapus log dulu takut ke trace :) , lagi saya cuma ujicoba aja ternyata berhasil :D , dari pada bengong gak karuan mending cari ide lagi deh

OpenVpn di Vista

ada kendala untuk openvpn vista karena

Sun Jun 07 06:19:36 2009 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=32]
Sun Jun 07 06:19:36 2009 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=32]
Sun Jun 07 06:19:36 2009 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=32]
Sun Jun 07 06:19:36 2009 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=32]

saya lihat config ovpn lalu tambahkan ...

route-method exe
route-delay 2


berikut hasilnya

OK!
OK!
OK!
OK!
Sun Jun 07 06:25:12 2009 Initialization Sequence Completed

No sound Ubuntu 9.04 HP Pavilion tx2612AU

This is howto ubuntu 9.04 have a sound and keep beep in you tablet PC :D , i try to search in google and there are problem in Jaunty

for me :

1. Pen pointer
2. Sound

for sound i find the solution here we go

add the line /etc/modprobe.d/alsa-base.conf

options snd-hda-intel index=0 model=toshiba position_fix=1
options snd-hda-intel index=0 model=acer

for the point 1 , im still do it ...

Repo Ubuntu yang terdekat dari network

Install ubuntu Jaunty Jackalope 9.04 telah berhasil di tablet pc saya, skarang tinggal cari repo terdekat
kambing.ui.edu (UI, Telkom, Indosat, OpenIXP, INHERENT)

# deb http://kambing.ui.edu/ubuntu jaunty main restricted universe multiverse
# deb http://kambing.ui.edu/ubuntu jaunty-updates main restricted universe multiverse
# deb http://kambing.ui.edu/ubuntu jaunty-security main restricted universe multiverse
# deb http://kambing.ui.edu/ubuntu jaunty-backports main restricted universe multiverse
# deb http://kambing.ui.edu/ubuntu jaunty-proposed main restricted universe multiverse

www.foss-id.web.id (Telkom)

# deb http://dl2.foss-id.web.id/ubuntu jaunty main restricted universe multiverse
# deb http://dl2.foss-id.web.id/ubuntu jaunty-updates main restricted universe multiverse
# deb http://dl2.foss-id.web.id/ubuntu jaunty-security main restricted universe multiverse
# deb http://dl2.foss-id.web.id/ubuntu jaunty-backports main restricted universe multiverse
# deb http://dl2.foss-id.web.id/ubuntu …

Push Adrenalin

Tepat jam 1 malam , detik jam terdengar seperti memanggil tidur diriku, tapi aku tak bisa tidur untuk saat ini, aku harus melakukan update kernel pada server, bukan karena diminta oleh seseorang tetapi melainkan atas keinginan diriku sendiri -

hal yang kulakukan:

1. Memastikan aplikasi sudah di update

2. Reboot server

Lho server tidak up , wah pressure tinggi nih, bisa-bisa di demo ribuan player game … , menunggu …

tepat jam 2 malam saya menjadi balanar … sms sana sini kordinasi dengan pihak terkait …

wuihhhhhh wassallam malam hari kok sms , push adrenalin .. bersabar hingga pagi pukul 8 , mencoba telepon kembali done !!!

Eskalasi gangguan telpon sana sini lagi , Done !!!

Andai server depan mataku aku yang up kan sendiri , sayangnya menggunakan system remote yang ada

Kordinasi dengan teman lama dan berhasil …. kembali ..

Jam 12.30 Siang saat ini belum tidur menunggu …. dan Alhamdulillah UP … hampir didemo ribuan player game :) , saya kira server colaps , ternyata prosses reboot kurang sempurna …

Multitasking dan Analisa

Hari ini datang kantor terlambat , kerjaan lumayan antri, kayak antri sembako gitu deh, buka lemari ambil perangkat perang, hal yang dilakukan install aplikasi intruksi deteksi jaringan ( www.snort.com ) 4 jam selesai, abis itu siapkan streaming server buat event, pasang counter statistika awstats, uji bandwidth dan selesai 5 jam, sorenya cpanel down duarrrr , database error , gimana nggak down :

> File upload di limit 8 MB = 1 user upload 8 MB jika 20 user hasilnya 8×20 = 160 MB , dst

> Cpanel hanya tidak bisa dijadikan file sharing apalagi sampai ke streaming lagu

> Perlu Alokasi server baru berupa dedicated server dengan kapasitas storage yang besar dengan cluster yang ada

> Proxy cache bisa nginx , squid load balancer dengan metode round robin

selesai jam 5 waktunya pulang , iseng-iseng buka www.bhinneka.com mau snap sesuatu nih … yummy …

Jumat ini gak sabar mau main snort IDS … tapi masih bingung cari IPS yang opensource , duh kenapa kepikiran baca-baca router ya , sudah la…

Multitasking dan Analisa

Hari ini datang kantor terlambat , kerjaan lumayan antri, kayak antri sembako gitu deh, buka lemari ambil perangkat perang, hal yang dilakukan install aplikasi intruksi deteksi jaringan ( www.snort.com ) 4 jam selesai, abis itu siapkan streaming server buat event, pasang counter statistika awstats, uji bandwidth dan selesai 5 jam, sorenya cpanel down duarrrr , database error , gimana nggak down :

> File upload di limit 8 MB = 1 user upload 8 MB jika 20 user hasilnya 8×20 = 160 MB , dst

> Cpanel hanya tidak bisa dijadikan file sharing apalagi sampai ke streaming lagu

> Perlu Alokasi server baru berupa dedicated server dengan kapasitas storage yang besar dengan cluster yang ada

> Proxy cache bisa nginx , squid load balancer dengan metode round robin

selesai jam 5 waktunya pulang , iseng-iseng buka www.bhinneka.com mau snap sesuatu nih … yummy …

Jumat ini gak sabar mau main snort IDS … tapi masih bingung cari IPS yang opensource , duh kenapa kepikiran baca-baca router ya , sudah la…

Lighttpd

Duh kata katanya gak usah formil banget ya ... begini opensource.telkomspeedy.com agak-agak berat nih, ya karena banyaknya yang download-download di situs ini akhirnya coba aja deh pake lighttpd berikut langkahnya :).


Install Lighttpd

1. yum install lighttpd

Install package Lighttpd - FastCGI

2. yum install lighttpd-fastcgi php-cli

Konfigurasi Lighttpd dan PHP5

3. vi /etc/php.ini

tambahin

[...]
cgi.fix_pathinfo = 1

Uncomment mod_fastcgi

4. vi /etc/lighttpd/lighttpd.conf

aslinya

[...]
server.modules = (
# "mod_rewrite",
# "mod_redirect",
# "mod_alias",
"mod_access",
# "mod_cml",
# "mod_trigger_b4_dl",
# "mod_auth",
# "mod_status",
# "mod_sete…

intip celana dalem .......

Sebenernya dapatkah kita membaca akses ip berapa yang masuk ke squid , bisa ...

asal squid tersebut :

forwarded_for On

config di http :

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" X-Forwarded-For

CustomLog logs/X-Forwarded-For_log X-Forwarded-For

lihat log :

tail -f /var/log/httpd/X-Forwarded-For_log

generate awstats :

baca dan teliti :

LogFile="/var/log/httpd/X-Forwarded-For_log"

LogFormat=1


[26][in][my][old]

Untungnya mirip

Huaaaaaaammm , gara2x sebuah system akhirnya terpaksa kalong lagi kayak anak aja ya nih .... tapi gak apa deh yang penting berhasil dan akhirnya menyelamatkan kembali semua data dan service rhel 5 ( cpanel hosting hehehehehehe ) ..........

mau tidur dulu ahhh bodo deh besok masuk kesiangan kesiangan deh ....

Router yang berantakan !!!! he3x

Beginilah kalo membandingkan Layer 7 dengan Layer 3 , menurut saya lebih sulit pada layer 7 karena bisa berdasarkan aplikas, tapi berhubung yang saya coba router ...

betapa rentan jalur komunikasi yang terhubung melalui transmisi sampai ke router gateway ... saya pernah membandingkan dan melihat konfigurasi yang menurut saya cukup gak simple , ntah karena malas memasang access list atau sekedar membatasi Privilege , menuju super user ( # ) , jangan terlalu mudah menggunakan password jika perlu kombinasi karakter-karakter yang susah ditebak :D , port 23 menjadi bulan-bulanan para penyusup , dan rajin-rajinlah mengikuti perkembangan security dunia ...

Eits Deh ................

SolarWinds.net, Inc. <-- nih dashboard yang dipake buat monitoring serper2x, terkadang keseharian di kerjaan sambil dan hitung-hitung ternyata ....... 30 serper :D dan semuanya wajib di hardening dan rajin-rajin di check , banyak ya ... semuanya masuk ke iix langsung lewat FO .... lho ???? berminat ??????

Sang Musisi ( Intermezo )

Mungkin disini saya share aja mengenai temanku yang satu ini, ntah kenapa yang membuat temenku menjadi begini, kami adalah pecinta musik dulu di sma, bahkan cita-cita saya sendiri ingin menjadi musisi, kelas 2 sma band ini terbentuk, kita sempat ikut pentas musik sana sini, tapi inilah temanku yang paling menggebu-gebu jika urusan musik,walaupun begitu ada sisi kelucuan didirinya, disaat jam pelajaran sejarah, temanku yang satu ini asyik membaca buku musiknya padahal jam sejarah, aku sendiri sih menyimak walau kadang out of control dari pelajaran yang dituju, sampai sampai guru ini sempat melihat apa yang dilakukan oleh temanku satu ini ...

Pak Guru Sejarah : Hei kamu adi jawab pertanyaan saya ....... ( packet data )
Adi : Celingak celinguk seperti ayam kehilangan induknya.
Pak Guru Sejarah : Kamu ini kalau dikasih pertanyaan selalu seperti kebingungan ...
Adi : eh temen-temen apa sih pertanyaannya ( adi bertanya kepada teman-teman saya )
Teman-teman : maka…

Dirimu hanya Lamers !!!

Lagi-lagi banyak phising aksi tipu2x .... penuhin di inbox saya ....

Dear Friend,

My name is Mr.Henry Mazak,supervisory Manager in the United Bank for Africa(UBA),Ouagadougou,Burkina Faso,West Africa. I have a business Deal worth of Seventeen Million,Five hundred Thousand U.S. Dollars and I need your assistance in executing this business from my country and investing in your country.

Please reply back to me immediately if you are interested so that i can send you more details of this transaction.

Thank you for your time and i look forward to working with you.

Yours,
Mr.Henry Mazak

dirimu hanya lamer ...

aksi tipu-tipu ...... spam sana-sini ... thats is cupu ... :D , tobatlah ... kembali ke jalan yang benar ...

Cheat VIM

Image
Siapa bilang VIM editor di linux gak ada cheatnya , emang ujian aja .. nih .... cheatnya .........

saat Google menjadi singit ....

Coba deh baca disini ..........

"This site may harm your computer" on every search result?!?!

if you did a Google search between 6:30 a.m. PST and 7:25 a.m. PST this morning, you likely saw that the message "This site may harm your computer" accompanied each and every search result. This was clearly an error, and we are very sorry for the inconvenience caused to our users.

What happened? Very simply, human error. Google flags search results with the message "This site may harm your computer" if the site is known to install malicious software in the background or otherwise surreptitiously. We do this to protect our users against visiting sites that could harm their computers. We maintain a list of such sites through both manual and automated methods. We work with a non-profit called StopBadware.org to come up with criteria for maintaining this list, and to provide simple processes for webmasters to remove their site from the list.

We periodically update that …

In The Darkness ....

Image
Hari ini iseng capture kipas laptop nih .... setelah seharian ambil cuti ... yah karena sakit dan sekarang sudah mendingan ...

Openvpn.net

Ada hal yang menarik mengenai openvpn , saya sempet melihat temen menggunakan vpn ini , cukup memudahkan apalagi saya bekerja sebagai operational , menangani gangguan , baik yang terlihat maupun kasat mata ( emang genderuwo ) ...



Ok sebenernya mudah sih install openvpn

Logikamya begini

connect ke server -- accept route - masqurade di eth1 ke dalam ,

langkah2x sih :

install webmin supaya gak ribet
install module vpn webmin

pas mau create Certification Authority List

dikolom masukin STare : DKI KOTA : DKI gak bisa masih ada bugnya <--- lom sempet cari tau nih
need to long 2 byte character kalo gak salah sih

akhirnya terpaksa default state US : kota : newyork ( hehehe gaya banget )

masukin akses server - client ....

duh : lagi gak enak body nih ... tulisan seadanya aja mo bobo cepet ....

NFS - aslinya - tambahinnya - jadinya

#vi /etc/fstab

aslinya
/dev/rootVG/rootlv / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
devpts /dev/pts devpts gid=5,mode=620 0 0
tmpfs /dev/shm tmpfs defaults 0 0
proc /proc proc defaults 0 0
sysfs /sys sysfs defaults 0 0
/dev/rootVG/swapLV swap swap defaults 0 0

tambahinnya

/dev/rootVG/rootlv / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
devpts /dev/pts devpts gid=5,mode=620 0 0
tmpfs /dev/shm tmpfs defaults 0 0
proc /proc proc defaults 0 0
sysfs /sys sysfs defaults …

Frekuensi oh Frekuensi

Berikut ini adalah link mengenai penggunaan frekuensi yang diterbitkan oleh pemerintah dan postel ...........


http://www.postel.go.id/content/ID/regulasi/frekuensi/kepmen/pm%207.pdf

baca-baca dari millist indowli disebutkan frekuensi 2.4 tidak lagi free .... benarkah ???? ..................................

Idiotique ........ or what ???? in the biggest hosting ....

iqbal: selamat pagi mbak / mas
iqbal: mau tanya nih masih ada gangguan kah untuk akses ke situs www.xxxxxxxxxxxxx.net
pt_mwn_supp10: sebentar saya cek
pt_mwn_supp10: masih sorry sepertinya website Anda terkena limit dari server kami
iqbal: oww
iqbal: sampai kapan ya
iqbal: awal bulan ?
pt_mwn_supp10: Di layanan shared hosting, untuk aktifivitas pengunjung yang bisa diduga ramai seperti itu, kami sarankan Anda upgrade ke paket server (Colocation/Dedicated). Dengan Colocation/Dedicated tidak ada batasan-batasan limit, karena dalam server tersebut hanya untuk digunakan oleh user Anda sendiri.
iqbal: usernya sedikit kok
iqbal: tapi mungkin kmarin lagi ramai
iqbal: quota nya baru sedikit
iqbal: lho
iqbal: Average 394.04 1232.22 8797.33 156.06 MB
Total 10639 33270 237528 4.11 GB
iqbal: baru 4 GB
iqbal: bulan lalu aja
iqbal: Average 381.84 973.81 9263.13 156.61 MB
Total 11837 30188 287157 4.74 GB
iqbal: coba di compare deh
iqbal: itu juga gak sampai 20 GB
iqbal: lho
iqbal: ada apa ya ?
iqbal: http://id.ma…

httpry - http packet sniffer logging

source : http://www.packetstormsecurity.com/sniffers/httpry-0.1.4.tar.gz

Description:
httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
Author: Dumpster Keeper
Homepage: http://dumpsterventures.com/jason/httpry/
Changes: Adds a few nice improvements to the base program. The biggest change is that the program now defaults to parsing all standard HTTP methods.
File Size: 44477
Last Modified: Jan 13 19:13:48 2009
MD5 Checksum: ab5cdae9317908bac3…

Firefox Clickjacking 3.05

Image
Pagi ini iseng nih ke situs http://www.packetstormsecurity.com/ , saya menemukan bacaan yang menarik dan kebetulan saya memakai aplikasi itu

http://www.packetstormsecurity.com/0901-exploits/firefox-clickjack.txt


Firefox 3.0.5 Status Bar Obfuscation / Clickjacking


saya save kedalam hijack.html

saya buka melalui browser mozilla 3.05



sekilas mengarah ke google

ternyata

load javascript .... ke milw0rm


tha thaaaaaaaaaa ....

mengarah ke milw0rm ...

test mendisable java script ...



mengarah ke google sebenarnya

nah betapa berbahayanya clickjaking ini apalagi digunakan untuk phising ...

- hore senin libur .............

hacking heart by yahoo messenger - social engineering

Image
Ada cerita lucu kira2x 9 bulan lalu , ketika pindah bagian di new place ... urus system ... sama developmentnya , .. otomatis ya perkenalan dengan teman-teman yang baru ... add Yahoo messenger donk ... , tiap aku kasih pastinya id ku yang asli ke temen-temen baru ini, tapi di ym ku sendiri aku create 5 id yang digunakan sebagai social engineer ( fake id ) , caranya cukup mudah kok


1. yahoo messenger - messenger - my account info - masukkan password ( verify )
2. Edit/Create Aliases - add new alias - ok lalu logout ym kamu
3. login kembali - lalu pilih korban kamu




nah kamu bisa social engineer - caranya kamu pakai nick yang hampir mirip2x sama temanmu deh ... trus pura2x tanya .. sampai sampai

pelaku nick palsu : kerjain kita makan yuuk sekarang
korban : tumben kamu ngajak begitu ?
pelaku nick palsu : yah aku tunggu diluar ruangan ya , kan aku kangen sama kamu ...
korban : beneran ?
pelaku nick palsu : iya lah masa bohong
korban : ok

korban , lalu berjalan kel…

friendster vs facebook

Image
isengiseng membandingkan 2 situs komunitas terbesar di dunia ....



kenaikan pengunjung facebook cukup menggila , dibandingkan dengan friendster yang tidak beranjak ... , apakah ini runtuhnya kejayaan friendster ? .... jika friendster mau merubah systemnya mungkin bisa ... dengan improvment yang baru .....

nb :
failed lagi nih , cari lagi deh ..... masih jalan2x ditempat ... tetap semangat !!! , selama jalan masih ada selama masih berputar dan selama masih harapan terbentang luas ....

Wordpress yang aneh di hosting yang free

jurnal :

Kali ini install wordpress di web freeweb7.com parah , create database ok begitu mau connect gak connect2x idle nih web :D , selang 1 menit baru deh sambung lagi ... tapi walhasil jadi juga ... selama bumi berputar pada porosnya ..

hari ini belajar berbagi nih ... transfer knowledge kepada orang yang nun jauh di sana ... aku memperkenalkan wordpress ini kepada orang itu ...

hari ini ...

sabtu - minggu ...

sabtu : bangun jam 11 siang
cukur rambut jam 2
ke warnet check server dulu jam 3-7
internet + install jam 10-3 pagi

minggu nya : tidur ....

View Source code = Vsc

Sebenernya saya ingin share betapa rentannya bug yang saya temukan di salah satu situs isp terbesar di indonesia , menyediakan layanan berbasis 3G ini , penelusuran saya berawal saya iseng seperti apa sih source code nya ....

ternyata disana terdapat file 2x dalam bentuk php ... , hingga akhirnya saya pelajari file2x tersebut bahkan melihat semua file di php , yah simple tapi menyakitkan ,
sampai saya menelusuri file connect api dari oracle , enak juga ternyata membaca source code php nya , padahal saya paling malas membaca php programming ini , saya lebih menyukasi server berbasis aplikasi ... dalam bentuk tar.gz

kalau saja saya install toad saya bisa obok2x databasenya itu juga kalau tidak kenal firewall langsung , semua password , host server saya lihat , bahkan saya mempelajari load balancernya ke arah oracle itu.

saya sudah mereport hal tersebut , tapi sepertinya belum ada balasan ...

ya sudahlah metode manual ini ternyata indah ///

nb : akhirnya laptop dibenerin juga nih , eman…

Happy New York !!!

Kata kata itu terlontar dari seorang mulut temen saya , yah mungkin karena dia terbilang lucu , sampai dia berkata duh kok dapet sms kayak begini happy new york yah memang dia cuma lulusan sma yang tidak mengerti sama sekali bahasa inggris ... " sampai dia bilang gimana mau ngomong inggris tiap hari cuma makan tempe orek ", padahal happy new year , aku ngakak setengah mati ...

HAPPY NEW YEAR 2009

Mohon maaf kalau ada salah ucapan , kritikan , mungkin disini sifatnya sebagai pembelajaran dan tidak bermaksud menyudutkan kebodohan , keidiotan dan kegilaan manusia.

yang pasti saya akan terus membuat tulisan yang bermanfaat untuk kemajuan IT di indonesia.

regards

iqbal