Tuesday, January 26, 2010

Aurora oh Aurora

aurora oh aurora
pentingkah kamu itu
kenapa aku terpegun?
aurora oh aurora
selalu disanjungi
pernah ditanya mengapa?
ku tatap, berseri, berwarna hijau
yang menawan sanubari

walaupun jauh
kamu dekat di hati
pandanganku menanti mu
aurora
kamu memberi
kembali mencari

aurora oh aurora
dari manakah kamu
kekal kamu sungguh jauh
aurora oh aurora
tidak ada bunyi mu
sanggup aku tetap menunggu
terdiam kerana berwarna ungu
ku putuskan biar bisu

walaupun jauh
kamu dekat di hati
pandanganku menanti mu
aurora
kamu memberi
kembali mencari

malam ini
aku sendiri
menumpu langit sambil berkata
gembira kamu disana
ku lihat, tersenyum, berwarna merah
ku tau kau kan tamat

Sunday, January 24, 2010

Policy, Standards, Practices, Guidelines, Procedures, blablabla

sometimes, thinking for higher level is good for me.. management of information security skill is an adding advantage with my little security technical skill.. with sunday laziness and some boredness i start here.. and end with example..

Policies..
deliberate plan of action to guide decisions and achieve rational outcomes..
some call a short and concise what is expected. This thing stand at he higest level.. no step by step "how to". (that is standards)

Standards..
more detailed statement of what must be done to comply with policy.. including more specific details on how to comply with policy..

Practice,Guidelines, Procedures
sharing quite same definitions.. actual process of doing things.. correct or usual way of doing something or usual order followed when doing something..
this is how it looks like.. (some lazy photoshoping)

examples
for a simple example, a company policy is each employee must have strong password.. just want strong password but how? here we have standards (come with practices, guidelines and procedures) which describe what is strong password and what are the criteria and how to make it.. for example must contains at least 8 characters with combination of letters, symbols,numbers, lower and upper case letter and yada..yada..

references
M.E Whitman, H.J. Mattord, Management of Information Security, Course Technology , 978-1-4239-0130-3
Advance English Dictionary
and some web references..

Friday, January 22, 2010

BackTrack 4 Final akhirnya.

"BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.

Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD, or using your favorite thumbdrive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester."

Versi final ni guna kernel baru, ada tools yg lebih banyak dan jugak custom tools yg hanya boleh didapati di dalam BackTrack dan fixed kepada beberapa bugs yg sedia maklum..

boleh download kat sini: http://www.backtrack-linux.org/downloads/


Tuesday, January 19, 2010

flaws in our email service? be careful..

just now i just playing around with a mail after capek tell a story about his friend's email had been compromised..

what i had founded was quite shocking.. it was very easy to change others password just by having their ID..

it starts here.. I just click on I can't access my account link..



Then choose My account may have been compromised.. And click next..



complete some easy captcha n email id..



complete easy form..

finally i got an email..


maybe i miss something that make this system secure in other way.. because this is just my simple lazy experiments..(thats why my English is bad also) please add any if there are any, my friends..

Earthquake can be everywhere!!

There're lot of earthquake cases recently and the latest one is in Haiti.. I think government should have a syllabus in school on what to do when there are disaster especially earthquake.. (sorry if this one already implemented) ..If we cannot prevent earthquake, at least we can prevent lot of fatal death because of lack of education on how to protect ourselves during earthquake..

here i copy paste some procedure what to do during earthquake from FEMA dedicated for me as a reference in the future (who knows)..

If indoors

  • DROP to the ground; take COVER by getting under a sturdy table or other piece of furniture; and HOLD ON on until the shaking stops. If there isn’t a table or desk near you, cover your face and head with your arms and crouch in an inside corner of the building.
  • Stay away from glass, windows, outside doors and walls, and anything that could fall, such as lighting fixtures or furniture.
  • Stay in bed if you are there when the earthquake strikes. Hold on and protect your head with a pillow, unless you are under a heavy light fixture that could fall. In that case, move to the nearest safe place.
  • Use a doorway for shelter only if it is in close proximity to you and if you know it is a strongly supported, loadbearing doorway.
  • Stay inside until shaking stops and it is safe to go outside. Research has shown that most injuries occur when people inside buildings attempt to move to a different location inside the building or try to leave.
  • Be aware that the electricity may go out or the sprinkler systems or fire alarms may turn on.
  • DO NOT use the elevators.

If outdoors
  • Stay there.
  • Move away from buildings, streetlights, and utility wires.
  • Once in the open, stay there until the shaking stops. The greatest danger exists directly outside buildings, at exits, and alongside exterior walls. Many of the 120 fatalities from the 1933 Long Beach earthquake occurred when people ran outside of buildings only to be killed by falling debris from collapsing walls. Ground movement during an earthquake is seldom the direct cause of death or injury. Most earthquake-related casualties result from collapsing walls, flying glass, and falling objects.

If in a moving vehicle
  • Stop as quickly as safety permits and stay in the vehicle. Avoid stopping near or under buildings, trees, overpasses, and utility wires.
  • Proceed cautiously once the earthquake has stopped. Avoid roads, bridges, or ramps that might have been damaged by the earthquake.
If trapped under debris
  • Do not light a match.
  • Do not move about or kick up dust.
  • Cover your mouth with a handkerchief or clothing.
  • Tap on a pipe or wall so rescuers can locate you. Use a whistle if one is available. Shout only as a last resort. Shouting can cause you to inhale dangerous amounts of dust.