Saturday, October 23, 2010
[Re-link] Malicous PDF analysis e-book
it can be download here
i cant wait the full version of the book that you contribute..
Wednesday, September 1, 2010
Discover image details online
Just upload your image at http://regex.info/exif.cgi/exif.cgi .. and all your questions regarding image details will be answered.. But i dont know and not so sure how far they protect the privacy and ownership of your image.. so far, i just upload unimportant image and quite paranoid to upload beautiful image..
For example here I uploaded an image:
and i got full complete details on that image:
and a lot more details...
and more.. dont have space to upload here..
Saturday, February 20, 2010
Tuesday, January 26, 2010
Aurora oh Aurora
aurora oh aurora
pentingkah kamu itu
kenapa aku terpegun?
aurora oh aurora
selalu disanjungi
pernah ditanya mengapa?
ku tatap, berseri, berwarna hijau
yang menawan sanubari
walaupun jauh
kamu dekat di hati
pandanganku menanti mu
aurora
kamu memberi
kembali mencari
aurora oh aurora
dari manakah kamu
kekal kamu sungguh jauh
aurora oh aurora
tidak ada bunyi mu
sanggup aku tetap menunggu
terdiam kerana berwarna ungu
ku putuskan biar bisu
walaupun jauh
kamu dekat di hati
pandanganku menanti mu
aurora
kamu memberi
kembali mencari
malam ini
aku sendiri
menumpu langit sambil berkata
gembira kamu disana
ku lihat, tersenyum, berwarna merah
ku tau kau kan tamat
Sunday, January 24, 2010
Policy, Standards, Practices, Guidelines, Procedures, blablabla
Policies..
deliberate plan of action to guide decisions and achieve rational outcomes..
some call a short and concise what is expected. This thing stand at he higest level.. no step by step "how to". (that is standards)
Standards..
more detailed statement of what must be done to comply with policy.. including more specific details on how to comply with policy..
Practice,Guidelines, Procedures
sharing quite same definitions.. actual process of doing things.. correct or usual way of doing something or usual order followed when doing something..
this is how it looks like.. (some lazy photoshoping)
examples
for a simple example, a company policy is each employee must have strong password.. just want strong password but how? here we have standards (come with practices, guidelines and procedures) which describe what is strong password and what are the criteria and how to make it.. for example must contains at least 8 characters with combination of letters, symbols,numbers, lower and upper case letter and yada..yada..
references
M.E Whitman, H.J. Mattord, Management of Information Security, Course Technology , 978-1-4239-0130-3
Advance English Dictionary
and some web references..
Friday, January 22, 2010
BackTrack 4 Final akhirnya.
"BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD, or using your favorite thumbdrive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester."
Versi final ni guna kernel baru, ada tools yg lebih banyak dan jugak custom tools yg hanya boleh didapati di dalam BackTrack dan fixed kepada beberapa bugs yg sedia maklum..
boleh download kat sini: http://www.backtrack-linux.org/downloads/
Tuesday, January 19, 2010
flaws in our email service? be careful..
Earthquake can be everywhere!!
here i copy paste some procedure what to do during earthquake from FEMA dedicated for me as a reference in the future (who knows)..
If indoors
- DROP to the ground; take COVER by getting under a sturdy table or other piece of furniture; and HOLD ON on until the shaking stops. If there isn’t a table or desk near you, cover your face and head with your arms and crouch in an inside corner of the building.
- Stay away from glass, windows, outside doors and walls, and anything that could fall, such as lighting fixtures or furniture.
- Stay in bed if you are there when the earthquake strikes. Hold on and protect your head with a pillow, unless you are under a heavy light fixture that could fall. In that case, move to the nearest safe place.
- Use a doorway for shelter only if it is in close proximity to you and if you know it is a strongly supported, loadbearing doorway.
- Stay inside until shaking stops and it is safe to go outside. Research has shown that most injuries occur when people inside buildings attempt to move to a different location inside the building or try to leave.
- Be aware that the electricity may go out or the sprinkler systems or fire alarms may turn on.
- DO NOT use the elevators.
If outdoors
- Stay there.
- Move away from buildings, streetlights, and utility wires.
- Once in the open, stay there until the shaking stops. The greatest danger exists directly outside buildings, at exits, and alongside exterior walls. Many of the 120 fatalities from the 1933 Long Beach earthquake occurred when people ran outside of buildings only to be killed by falling debris from collapsing walls. Ground movement during an earthquake is seldom the direct cause of death or injury. Most earthquake-related casualties result from collapsing walls, flying glass, and falling objects.
If in a moving vehicle
- Stop as quickly as safety permits and stay in the vehicle. Avoid stopping near or under buildings, trees, overpasses, and utility wires.
- Proceed cautiously once the earthquake has stopped. Avoid roads, bridges, or ramps that might have been damaged by the earthquake.
- Do not light a match.
- Do not move about or kick up dust.
- Cover your mouth with a handkerchief or clothing.
- Tap on a pipe or wall so rescuers can locate you. Use a whistle if one is available. Shout only as a last resort. Shouting can cause you to inhale dangerous amounts of dust.
Sunday, December 27, 2009
Thursday, December 24, 2009
Sunday, December 20, 2009
Wednesday, December 9, 2009
Google Chrome for Linux..
Finally, after waiting and waiting.. and after reading the comics in the website i realize why..
It can be seen here
And can be downloaded here
support for Debian/Ubuntu/Fedora/openSUSE
Tuesday, December 8, 2009
Nepenthes + PHARM - SurfIDS = Test Dulu
(click image for larger visual)
PHARM has 3 main components:
- Server
- Client (Implement on nepenthe honeypot)
- Web Portal (View data collected from sensor)
Wednesday, December 2, 2009
WINWORD.EXE malware
First, open your command prompt by start>run and type cmd and press enter. In the command prompt, type your drive letter with double colon. (eg. if your pendrive labeled as I: in your "My Computer", just typed I: and press enter)
Then type:
dir /A:HThis command will view all the hidden files in your drive including the files that been hidden by the malware (if working properly)
Then to remove the hidden attribute of the files just type:
attrib -S -H -R *.docThis command will remove the System Files (-S), Hidden (-H) and Read Only (-R) attributes for all .doc files int the drive. Please take note that the hidden attribute cannot be remove using properties.
Thats all for now and dont hesititate to ask if having any problems.
Sunday, November 29, 2009
Conficker Eye Chart
"Joe Stewart from SecureWorks has put together an effective "eye chart" that sources its graphics from sites that Conficker would block. If you can't see one or more of the images, you're either infected, or image loading in your browser has been disabled.
Firefox users can check if image loading has been disabled under Tools/Options and the Content tab. Load Images Automatically should be checked. Internet Explorer users will find it under Tools/Internet Options, then the Advanced tab. Scroll down to Multimedia, and Show Pictures should be checked.
It's a test based on the fact that Conficker blocks legitimate security Web sites. The logos are sourced remotely, so if they can't load, the sites are also likely to be blocked. If you're seeing blocked images, you should check out the CNET guide to removing Conficker--just because the botnet hasn't done much that's demonstrably malicious yet doesn't mean it can't or won't in the future."
original post: http://www.nsaneforums.com/?showtopic=18612
Eye Chart: http://www.confickerworkinggroup.org/infection_test/cfeyechart.html