Eah udah 5 aja firefox. Perasaan baru kemarin install Fir efox 4, udah 5 aja, cepet bener. Bagi yang gak mau ketinggalan icip-icip FF5 silakan lakukan step berikut ini :

Buka terminal anda :

Eksekusi perintah-perintah berikut ini

Voila, seharusnya ff anda sudah upgrade ke FF 5

Tanggal 7-10 Juni lalu OWASP mengandakan Conference yang rutin setiap tahun dilakukan yaitu OWASP AppSec EU 2011. Material dan slide presentasi conference kemarin pun sudah di unggah, dan kita dapat mendownload dan membaca nya. Bagi yang tertarik membacanya silakan menuju ke link-link berikut ini :

(slide presentasi) OWASP App Sec EU 2011 sudah tersedia di:
* http://www.appseceu.org/wp-content/presentations

Cermin tautan di server Indonesia (di unggah oleh Mas Zaki Ahmad, OWASP Indonesian Chapter Leader)
* http://nebula.indocisc.co.id/~za/owasp/appseceu2011/

lalu jug ada ulasan cerita di blog mengenai conference tersebut oleh salah seorang peserta :
* http://securityconscious.blogspot.com/2011/06/owasp-appsec-eu-slides-pictures-and.html

Selamat mengunduh dan membaca.

Hai kawan, kembali lagi. Kali ini saya ingin berbagi pengalaman untuk setting dua IP dalam network yang berbeda dalam 1 LAN Card. Saya pernah mengalami kasus ini ketika saya bekerja dalam sebuah project pada saat pemilihan Presiden 2009. Ketika itu server yang saya tangani harus bisa terkoneksi dengan internet, dan juga terkoneksi dengan jaringan lokal. Oke skenario nya kita buat seperti ini.

Edit file konfigurasi network interfaces :

Lalu isikan seperti di bawah ini

auto eth0
iface eth0 inet static
address 192.168.1.105
network 192.168.1.0
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1

#kalo mau multi ip
auto eth0:1
iface eth0:1 inet static
address 192.168.0.105
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255

Setelah itu silakan restart daemon networking :

Berdasarkan sumber yang saya baca dari : http://www.cyberciti.biz/tips/ubuntu-linux-creating-ethernet-alias-for-eth0-network-device.html kita dapat membuat network alias lebih dari 1, : eth0:2, eth0:3, eth0:N, dimana N = sampai 254. Wow. Mantap. Hehehe. Silakan di coba ya teman

Saya mengambil tulisan ini dari internet, namun sayang sekali saya lupa dimana alamat web tersebut namun informasinya cukup berguna untuk bahan pengingat saya yang ahrus bolak-balik baca manual, jadi lebih baik di tulis kembali.

In this article I will talk about /proc which should be of interest to Linux newbies. I spent a couple of hours using “cat” to find system information. This is really slick. Just open a bash shell, su to root, and cd to /proc. Then it’s a simple matter of using the cat command to list all the info in the appropriate files.

Want to know how much memory you’re system is running on? How much is used and free? What kind of processor model/speed your system have? How about knowing exactly what occupies your pci slots? All that is in /proc including a ton of other system details.

The /proc filesystem is a direct reflection of the system kept in memory and represented in a hierarchal manner. The effort of the /proc filesystem is to provide an easy way to view kernel and information about currently running processes. As a result, some commands (ps for example) read /proc directly to get information about the state of the system. The premise behind /proc is to provide such information in a readable manner instead of having to invoke difficult to understand system calls.

The /proc fs can be used for system related tasks such as

1. Viewing Statistical Information,
2. Finding out HardwareInformation,
3. Modifying Runtime Parameters,
4. Viewing and Modifying Network Host Parameters
5. Memory and Performance Information

Now with the definition out of the way, let’s start with the examples:

Print System Information

$ cat /proc/cpuinfo – Information about the processor, such as its type,
make, model, and performance.

$ cat /proc/devices – List of device drivers configured into the currently
running kernel.

$ cat /proc/filesystems – Filesystems configured into the kernel.

$ cat /proc/interrupts – Shows which interrupts are in use, and
how many of each there have been.

$ cat /proc/ioports – Which I/O ports are in use at the moment.

$ cat /proc/meminfo – The number of total, used and free bytes of memory and
swap area(s)

$ cat /proc/loadavg – Average of system load for the last 1, 5 and 15 minutes.

$ cat /proc/uptime – Time in seconds since boot-up and total time used
by processes

$ cat /proc/version – Current rev of the kernel and/or distribution

$ cat /proc/environ – The process environment variables

$ cat /proc/mounts – Shows mounted filesystems. Shows device, mount point,
filesystem type, permissions.

$ cat /proc/pci – Current occupation of pci slots.

Some proc files can be used to adjust settings in the kernel. This is especially true for files in the /proc/sys/ subdirectory. Some examples to change a setting temporarily on your system:

$ sudo echo abc > /proc/sys/kernel/hostname -
This changes your server hostname to abc.example.com

$ sudo echo example.com > /proc/sys/kernel/domainname -
This sets a domain name if you don’t have arleady or changes to a new one.

$ sudo echo Windows > /proc/sys/kernel/ostype – If you want to have some
fun, you can change this to print Windows instead of Linux on your boot prompt.

$ sudo echo “Version 0.0.1″ > /proc/sys/kernel/osrelease – Another neat trick
to confuse your users.

There is a utility called sysctl – This tool is used to manipulate kernel parameters. If you type sysctl -a | more, you’ll see a long list of kernel parameters. You can use sysctl to modify these parameters. Only root has access to update.

This is Part 1 of /proc file system. There are many cool data /proc can provide to help troubleshoot or simply compile data about your server and operating system. In the next part of this article, I will explore a bit more advanced directories and kernel manipulation. I will also briefly touch on utilizing /proc fs as a programming tool.
WARNING: Be sure to avoid viewing the kcore file in /proc. This virtual file contains an image of the kernel’s memory, and the contents of the file will do strange things to your terminal. In general, do not view any file unless you’re sure what it does.

Diambil dari : http://www.mynitor.com/2010/02/13/14-useful-arp-monitoring-tools/ Untuk bahan pengingat saya

Some say ARP is an old school crap that it’s no longer useful in this modern day and age. Those who say this, don’t know what it’s all about. ARP is used to link IP address to a system’s physical MAC address in a local network, this is how the servers identify each other.

By understanding ARP and knowing how to use the arp utility, one can troubleshoot network related issues faster. In this article, we’ve put together 14 tools specifically used to to deal with ARP related monitoring and troubleshooting.
1) Arping

- an ARP level ping utility. It’s good for finding out if an IP is taken before you have routing to that subnet. It can also ping MAC addresses directly.

* Download from here http://www.habets.pp.se/synscan/programs.php?prog=arping

2) arp-scan

- sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.

* Download from here http://www.nta-monitor.com/tools/arp-scan/

3) arpalert

- uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.

* Download from here http://www.arpalert.org/

4) parprouted

- a daemon for transparent IP (Layer 3) proxy ARP bridging. This is useful for creation of transparent firewalls and bridging networks with different MAC protocols. Also, unlike standard bridging, proxy ARP bridging allows to bridge Ethernet networks behind wireless nodes without using WDS or layer 2 bridging.

* Download from here http://hazardous-area.org/parprouted/

5) ARPSpoofDetector

-performs active and passive detection of ARP spoofing and IP (IPv4) address collision. The program can send healing packets with regular ARP information.

* Download from here http://www.netmasters.cz/index.php?option=com_content&task=view&id=27&Itemid=52

6) Local IP Takeover

- provides network link redundancy within a single server that has multiple network interface cards (NICs) with each NIC connected to separate network switches. If the primary NIC fails (i.e. it cannot ping its default gateway), the “service” IP (the IP that the outside world connects to) will automatically float to the secondary NIC and a specially crafted ARP (utilizing send_arp) will be broadcast on the local network, thereby instructing all other hosts to update their local ARP cache. The result is minimal service downtime. Plus, no manual intervention is required in the event that a network card, cable, or switch breaks.

* Download from here http://sentinel.dk/lipt/

7) ARP Tools

- Collection of libnet and libpcap based ARP utilities. It currently contains ARP Discover (arpdiscover), an Ethernet scanner based on ARP protocol; ARP Flood (arpflood), an ARP request flooder; and ARP Poison (arppoison), for poisoning switches’ MAC address tables.

* Download from here http://www.burghardt.pl/2007/12/arp-tools/

8 ) Gnome ARP

- an ARP monitoring program written on Gnome with the GTK toolkit and Ruby. It takes ARP tables and some system variables via SNMP and ARP protocols and determines whether any machines have changed their IP address. It is useful for detecting new machines on the network and detecting which machine have changed addresses. It is intended especially for network admins.

* Download from here http://projects.comu.edu.tr/garp/

9) Arphound

- a tool that listens to all traffic on an ethernet network interface. It reports IP/MAC address pairs as well as events such as IP conflicts, IP changes, IP addresses with no RDNS, various ARP spoofing, and packets not using the expected gateway. Reporting is done to stdout, to a specified file, or to syslog in a format that can be easily parsed by scripts.

* Download from here http://www.nottale.net/index.php?project=arphound

10) wakearp

- a small utility to induce ARP resolution for any listening IP address in the local /24 subnet.

* Download from here http://www.elifulkerson.com/projects/wakearp.php

11) MasarLabs NoArp

- a Linux kernel module that filters and drops unwanted ARP requests. It is useful when you need to add an alias to the loopback interface to use a load balancer.

* Download from here http://www.masarlabs.com/noarp/

12) Antidote

- a detector for ARP poisoning on a switched network.

* Download from here http://antidote.sourceforge.net/

13) arprelease

- a small libnet-based tool to flush ARP cache entries from devices like Cisco routers to move an IP from one Linux box to another.

* Download from here http://arprelease.sourceforge.net/

14) ARPoison

- a network analysis tool that sends ARP packets to/from specified hardware and protocol addresses.

* Download from here http://arpoison.sourceforge.net/

Voilla. Sukses juga akhirnya menggunakan apt-get via socks proxy. (Begini nasib menggunakan koneksi tunnel via SOCKS proxy. Wkwkwkw) Setelah beberapa minggu gak kelar, dari cinfigure tsocks, config apt.conf (emang dasar bodohnya otakku, jadi gini deh sulit mikir ). Namun aku berhasil menemukan cara pengganti yang lebih efisien, lebih praktis, lebih mudah, dan tentu saja, tidak hanya apt-get, tapi juga seperti wget, whois, dll. Yap, saya menggunakan proxychains. Anda bisa mengunduhnya melalui halaman project proxychains di SF.

Pertama yang perlu kita lakukan tentunya adalah menginstal proxychains terlebih dahulu, setelah selesai, silakan anda config proxychains terlebih dahulu :

1. buka terminal dan edit konfigurasi proxychains–>

di bagian paling bawah silakan isi proxy dan portnya. Kalau di komputer saya :

socks5 127.0.0.1 1234

(karena saya menggunakan koneksi ssh tunnel)

2. Setelah itu silakan gunakan proxychains anda. Jika menggunakan apt-get

Yap di awal selalu di panggil proxychains nya terlebih dahulu.

Selain itu, sebenarnya banyak fungsi lain dari proxychains. Saya mau explore dulu ah, kalau sudah nemu nanti saya kasih tau yah

Tadi sedang iseng-iseng utak-atik VPS yang di beliin sama temen, iseng mau cari tahu info si lc.vlsm.org. (karena layanan email gw di mail.lc.vlsm.org kok mati yak) nah pas pengen nge dig. Ooww. kok kek gini keluarnya :

Grrr.. Lupa deh, kemarin waktu temen ogut beli, ini server VPS pilihnya Ubuntu yang super minimalis (whois, screen, kagak ada. Wakakaka) jadilah gw harus install dig dulu. Pas gw coba Install gini :

Jah kok gak ada yak? Googling dikit akhirnya nemu ternyata paket instalsinya namanya dnsutils (pantesan aja kagak ada )

Gw install deh :

Voilla. Berhasil. hehehe..

Haloooo.. Iseng nulis ah, abis di kelecein sama mat dhule.. Gara-gara gak bisa install google talk di ubuntu. Juangkrik.. Saya sempat coba otak-atik menggunakan nggak berhasil, Alhamdulillah 10 menit setelah mat_dhule yg mengejek Ubuntu saya pulang, berhasil connect juga. Ayeyyy. . Baiklah, berikut step untuk melaukakn konfigurasi google apps akun di pidgin :

1. Pilih Accounts –> Manage Accounts –> Add

2. Isi keterangan berikut ini di bawahnya (menggunakan protokol xmpp)

Protocol: XMPP
Screen name: digitoktavianto.com
Server: example.com
Resource: Home
Password: ********
Local alias: Digit

3.Lalu klik Tab Advanced

[x] Force old (port 5223) SSL (Centang Pilihan ini)
[ ] Allow plaintext over unencrypted streams
Connect port: 5223
Connect server: talk.google.com (ini yang paling penting)
Proxy type: Use GNOME Proxy Settings

Voilla. Berhasil connect akun email di google apps dengan pidgin. Mudahkan? Selamat mencoba

Bagi anda yang kemarin Jumat 3 Juni 2011 tidaksempat mengikuti diskusi bersama melalui IRC di channel #ubuntu-indonesia, berikut rekaman chat kemarin malam. Silakan di simak Semoga bermanfaat

(10:05:27 AM) The topic for #Ubuntu-indonesia is: \\\\\\\\-\\\\\\- Kupas Tuntas Repository oleh bro mat_angin Hari Jum’at 3 Juni Malam Ini 2011 pukul 20:00 WIB. Materi di unduh di http://ubuntu-indonesia.com/forums/ubbth…line_#Post62628 Password PDF : kutukupret -//////-////////
(10:05:27 AM) archit3x: lanjut
(10:05:38 AM) mat_angin: nanti pertanyaan panjang lebar juga bisa stlh selesai materi
(10:05:39 AM) mat_angin: di pdf
(10:05:52 AM) mat_angin: tertulis, mengenai garis besar hal yang akan di bahas
(10:05:53 AM) mat_angin: mengenai repo di Ubuntu
(10:06:14 AM) mat_angin: Udah di buka semuanya
(10:06:34 AM) thrvers: pass ?
(10:06:34 AM) masdana: udah
(10:06:36 AM) integer|nyimak:
(10:06:36 AM) mat_angin: kutukupret passwordnya
(10:06:36 AM) mat_angin:
(10:06:36 AM) archit3x: udah pak dosen
Read the rest of this entry

Kebetulan tadi pagi ribet banget, bolak balik ganti DNS, karena DNS default kagak mau nge resolve. Pusing-pusing edit resolv.conf, biar gampang flush DNS di Ubuntu, lakukan berikut ini :

1. Install nscd :

2. Flush DNS :

Done.