6:37 PM
Brute-force password cracking is simply trying a password of A with the given salt, folowing by B to Z until every possible character combination is tried. It is very time consuming, but given enough time brute force cracking WILL get the password. Lerning how brute force work is very important part if you want to be/aready work in computer network and computer system field cause a failure authentication is a fatal tragedy.
Jul 28 21:32:16 impala sshd[10855]: Failed password for illegal user office from 213.191.74.219 port 53033 ssh2
Jul 28 21:32:16 impala sshd[10857]: Illegal user samba from 213.191.74.219
Jul 28 21:32:16 impala sshd[10857]: Failed password for illegal user samba from 213.191.74.219 port 53712 ssh2
Jul 28 21:32:16 impala sshd[10859]: Illegal user tomcat from 213.191.74.219
Jul 28 21:32:16 impala sshd[10859]: Failed password for illegal user tomcat from 213.191.74.219 port 54393 ssh2
Jul 28 21:32:16 impala sshd[10861]: Illegal user webadmin from 213.191.74.219
Jul 28 21:32:16 impala sshd[10861]: Failed password for illegal user webadmin from 213.191.74.219 port 55099 ssh2
Tips that make you stay alert is, don't forget to check the logs (system/application logs) every time, from the symtom above we conclude that our mechines is being-brute force from the ip 213.191.74.219. Notice explanation above, brute force method is trying to combine a possible character from A to Z to get the right password and when the combination is wrong our machines will give respond and write it the logs, and this is potential evidance to dig. Do you see the rate at which this is happening? Nowadays' connection speeds allow for crackers to try an enormous amount of combinations every second! It's time to stop this before someone hits the jackpot and my server is compromised.
How to deffense from brute-force attack ?
Talking about how to keep safe is not just about administrator responsibility, but all user who have an interest in the system is having responsibility to keep the system safe. There are several techniques that an admin might employ to force users to use better passwords, and several different packages that could be loaded and configured onto most Unix systems to better secure the passwords with out forgetting that password is must easy to remember, here they are several technique How to keep save from Brute-force attack :
As User
1. Make a best combination of Character, Alphabet, Number, then Lowercase and Uppercase. Ex : cR1styn4
2. Longer is good, make your password at least 6 character.
3. Change periodicaly your paassword.
4. Avoid using object name (name of parent, name of city, etc)
As administrator
1. Make several constraint that make user notice to their password.
2. Build a plated firewall.
3. Shadowed password. (i think you are if you are unix/linux user)
4. Having 3rd party application (IDS,Honeypot) is not bad.
5. Check the logs and doing action, block some potential attacker.
» read more....
11:24 PM
While yesterday we always talk about computer forensic and computer security, now we have out of topic from that. In this article i wanna share a simple tips from ubuntu 'how to get quick and precision screenshot in ubuntu', if i'm not mistaken this utulity start since ubuntu 8.10 (when ubuntu integrated with compiz/beryl), yes .. this utility is part of compiz/beryl extras application,let me give simpe explaination of this utility.
If you are a blogger, book writer, or people who often write article, book or maybe school assigment we usually need to attach the capture of worksheet or supporting image/file that support our statement, when screenshot become often and being important part of our computing activity, we need such utility that help us to do this job quickly and precision. i don't know how to call this application because i just see the words 'screenshot' in compizconfig setting manager to activated and configure this utility.
Before we start using this utility better if you install compiz/bery and compizconfig setting manager then activate them. (if you already have) go to your compizconfig setting manager then submenu 'extras' and 'screenshot' (compizconfig setting manager > extras > screensoot), through this worksheet you will configure this utility. In this article you don't need to do such a setting because we already have default setting from compiz/beryl that easy to use.
 |
| compizconfig setting manager |
Previously we take screenshot by pressing keyboard + , mostly we have not so good result and sometimes we need to re-crop the image to get truly part of image we desire, we don't need to do such activity above anymore, now if you want to get a screenshot just press + select, drag, and drop (using mouse) part of image you want to capture then you will get the capture (in .png format) placed in desktop, using this way i'm guarantee you will have a precision result and easy to slice. Picture below is simple capture from my desktop using this utility.
This is simple tips from ubuntubuzz today, i hope it will simplify you work, best regard !
» read more....
10:51 AM
Exchangeable image file format (Exif) is a specification for the image file format used (mostly) by digital cameras. Exif is metadata hidden behind an image/audio/video created by device while image being taken, exif data is introduced by the Japan Electronic Industries Development Association (JEIDA) with purpose to encourage interoperability between imaging devices. learning exif data is part of digital forensic studies, trough exif data we learn when was image is being taken, what device is use to take, and what is being manipulated.
What information inside Exif data ?
Exif usually contain of supporting information of file, that information can be [1] Date and time information, digital cameras will record the current date and time and save this in the metadata.[2] Camera settings, the information of camera setting includes static information such as the camera model and make, and information that varies with each image such as orientation, aperture, shutter speed, focal length, metering mode, and ISO speed information. [3] A thumbnail for previewing the picture on the camera's LCD screen, in file managers, or in photo manipulation software, if a file was being manipulated the data will be shown here. And the last information of exif data is [4] Descriptions and copyright information, this case not created by imaging device but it created by application like a photo editor.
How to read exif data on Ubuntu Linux ?
Reading exif data is quiet simple in ubuntu, we have application called exiftool (also available in windows/machintos) which can help us to read, write, and edit metadata on exif data. to install exiftool we can use the synaptics package manager or go to official exiftool website to download and install. exiftool is command-line application which run on terminal, to running this application we can use this syntax synopsis.
exiftool [OPTIONS] FILE
as case studies, we will try to use this application to analyze image then see what hidden information behind them, we have two identic image and one which of them is has being edited by image editor application, let see what goes in their metadata :  |  |
| raw_image | edit.jpg |
Through a bare eyes we have same image above, did exif give a same explanation ?, notice the data below
 |
| Exif data of raw_image |
Look, we can see hidden information behind the image, we have some particular information such us the image is being taken in 27 september 2009, using device Canon PowerShot A590 IS, using iso 400.
 |
| Exif data of edit.jpg |
based on data above, 2nd image (edit.jpg) is not original, edit.jpg was being manipulated in 31 July 2010 using Adobe Photoshop. Some potential information can be found from exif data if we notice carefully, yes.., practice make perfect.
How to manipulate information on exif data ?
yes, we make right statement when we decide that exif could be a potential evidence of computer crime, but one point must be remember is exif data "can be manipulated", simple example below would describe it. We use application named jhead, jhead is used to display and manipulate data contained in the Exif header of JPEG images from digital cameras. By default jhead displays the more usefull camera settings from the file in a user-friendly format. We have conclusion that jhead have ability to delete exif or make 'fake' exif data. To get complate information and option of jhead you can visit this link. We try to remove exif information of Edit.jpg above using option [-purejpg] in jhead, then see what different :
 |
| Edited exif data |
we look pretty different of exif data now, some information is 'disappear', simple example above prove that exif data could be a potential evidance but not 'Absolute' because exif data can be manipulate (remove or edit). Jhead is strong application, they can do much with exif data, if you interesting with this application i suggest you to visit this website.
» read more....
10:03 AM
Continuing our discuss in introduction backtrack for computer/digital forensic tools part I, in this part we will try to dig how deep is backtrack have a potential source as computer/digital forensic tools. Backtrack is a linux distro which can put many kit into one vessel and collaborated each other, this is an excess of backtrack which not owened by other. Talking of computer/digital forensic tools we have too clasify some parts of tool into different part besides of it's use, after i read some article with the same topic of computer/digital forensic many of them classify it's into five major classification, that is .. - Data Acquisition
- Data Recovery and Carving
- Meta Data Analysis
- Network Forensic
- Log File Analysis
After looking at the five major clasification of digital forensic tool above, we agree that Backtrack 4 have all candidate to meet all requirement, let peel of one by one.
Data Acquisition
Data Acquisition is set of application which is responsible to interrogate harddrive and get neccessary information from them, in this field we have some particular job like make an 'identic' copy of harddrive then analyse them without ruin the original evidance and doing File System Interrogration jobs even it NTFS/FAT/EXT3 or Other. To do a data acquisition jobs in backtrack we have such application Advanced Forensic Format Library (afflib), Automated Image and Restore (air-imager), dd, dcfl-dd, lsof, guymanager, acidlab, and RDA. All applicaton mentioned can be installed using backtrack package manager.
Data Recovery and Carving
The Data Recovery tools is set of application which responsible to get erase data back, analyzing hidden and erase partition, and fixing a broken block of filesystem. Data carving is extracting data (files) out of undifferentiated blocks (raw data) for the purpose of file identification. We have such application like ddrescue, foremost-menu, scalpel, xpilco, allin1, and autopsy In backtrack to do Data Recovery and Carving.
Meta Data Analysis
Meta Data Analysis is looking for hidden variable behind the file and data, to do a meta data analysis we need some application which can do activity like dissassembling a file (ducument/image/audio/video) and get hidden variable like when was file last accessed, when was it modified, or simeting like when was file has been created and using what tools it's has been created, looking for meta data analysis tool we have application called libtsk1, vinetto, also image and video editor (gimp,fspot,audancity) in backtrack.
Network Forensic
Network Forensic tools is not much different if compare with network security program, cause that is have real same algorithm eventhough we do the reverese enginnering ones. Network forensic tools covered such jobs like make an analysis of network traffic, captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging, identification network error, sniffing and loging network activity in various port (telnet, ssh, imap, pop3, smtp) and many more. This part is the specialization of backtrack, we have many network security/network forensic tools in this distro that can be use, this is the following of them : netcat, netflow, tcpdump, kismet, wireshark, and very lot of stuff.
Log File Analysis
There are components of files that may have evidentiary value including the date and time of creation, modification, deletion, access, user name or identification, and file attributes. computer-created files (log) which can be potential evidence are backup files, log files, configuration files, printer spool files, cookies, swap files,hidden files, system files, history files, temporary files,link files, event logs. All application program in every computing work has always make a log file which can be a perfect evidence if we're dig correctly, to do such log analysis job in backtrack we have such application aneteater, wflogs, sma, nulog, awstat, galleta-menu, and maltego.
Eventually we have finish our discuss in Introduction of backtrack as computer/digital forensic tools, looking to our conclusion before now we have realy agree that Backtrack linux have some potential resource to be reliable digital forensic tools. In other occasion we will discuss one by one that application above to get clear explanation how to make it and use it wisely.» read more....
10:08 PM
Who didn't know Mr.Mark Shuttleworth, this people is equal with the famous 'Mark' of the year besides Mark Zuckerberk (Facebook Founder) and Mark Mullenweg (Wordpress Founder), Mark "Richard" Shuttleworth was born in 18 September 1973, he is the Man behind Ubuntu, the Man behind Canonical, the Man behind HBD Venture Capital, and also the first African space traveler. Mark "ubuntu" Shuttleworth is an African entrepreneur with a love of technology, innovation, change and space flight. He start his debut by founding Thawte (is acompany specialising in digital certificates and cryptography) Then Founding The Shuttleworth Foundation (is a non-profit organisation that accelerates social innovation in Africa with a particular focus on education.) in 2001, One of important point we would know about Mark "Ubuntu" Shuttleworth is he not only work for the future of open source software, but also for the future of learning, South Africa, and the world at large.  |
| Mr. Mark Shuttleworth as keynote speaker |
This article will not discuss of biography or history of Mark Suttleworth, we start this discuss by imagine that "How about we meet Mr.Mark shuttleworth, what would you ask if you have just one question" just like joan osborne said. Some people admire to ubuntu, Some people have same interest with Mr.Mark Shuttleworth did or someone else have a same problem like affrican which Mark Shutterworth Foundation concentrated.
if it would happened to me of course i will not ask question like some movie in bollywood "Hello Mr.Mark my name is Khan and i'm not terrorist, what about you ?" or something like "Who will be the next president if this country ?". Eventhough it would be less if just one question, i will start explain my purpose with, besides of data in google we know that ubuntu is become very popular lately and the data said that 'indonesia' is the top of region where ubuntu is become popular, then my question isWhen will connoical & Mr. Mark come to indonesia to held ubuntu release party like other country has ?
Every people have own purpose to ask, every people have own reason to do, we think it would be gratefull if Mr. Mark Shuttleword read this :D, and now how about you ?
» read more....
1:20 PM
Computer/Digital Forensic has become popular lately, start form Bank Robbery, Hacking/Cracking/Hijacking up to popular scandal on the artist sex tape using this method to find the truth. Computer forensics is the generic name that we use for the analysis and reporting on our findings from the forensic analysis of all computer or digital-related media. This not only includes PC/Laptop or Server hard drives but also other storage devices such as USB drives, MP3 players, memory cards, SIMS and data gathered via network analysis. Computer/Digital Forensic is a part of computer security, computer practitioners (computer analist/computer expert)clasified this method into offensive security action which usually did after insident. Digital forensic actualy do after computer criminal insident, common Digital forensics cases include:
drug dealing, internet misuse, pornography in the workplace, rape, illegal downloads, IP theft, paedophilia, murder, virus/malware infection, fraud, email analysis, data recovery, contract negotiations, e-discovery, peer-peer activities, spyware analysis, spoofed and threatening emails, document tracking
Talking of computer security tools not separrated with the most popular computer security tool of the year 'backtrack', backtrack has so many tools and application to do such security penetration testing, security attack and also computer security action for computer/digital forensic purpose. When we first boot up the new Backtrack 4, you might have noticed something slightly different that is ...
 |
| We can see that backtrack has include 'computer/digital forensic' as main cause existence of this distro |
All types of operating systems can be analysed, from DOS and Microsoft Windows-based, through to MAC, UNIX variants, and those utilising more obscure systems. If the data is stored electronically, then it can probably be forensically analysed. From other wellknown literacy, There are five basic steps to the computer forensics:
1. Preparation (of the investigator, not the data)
2. Collection (the data)
3. Examination
4. Analysis
5. Reporting
Which one must be analyzed ?
Computer/digital forensic tools is work to analyze a digital evidence, in the computer world we know that many device can be potential evidence which help computer analyst find the truth, here some potential evidance can be found :
images, time and date stamps, removable cartridges, memory card, video, sound
Evidence can also be found in files and other data areas created as a routine function of the various types of computer operating systems. In many cases, the user is not aware that data is being written to these areas or files. Passwords, Internet activity, deleted files and temporary backup files are examples of data that can often be recovered and examined. Backtrack linux have some potential resource to be reliable digital forensic tools. Backtrack have so many tools to help computer analyst to do some jobs like Examine drive, Analizing drive, Recovery dive, Vulnerabilities check, Penetration testing, and File interogration. Actualy this is the end of part I, we will continue this diccuss as soon as posisble using title "Backtrack for Computer/Digital Forensic Tools Part II", See u there ..
» read more....
1:11 PM
Growth of web 2.0 era make competition of software developer race to bring best performance and usability of website. Many of paltform such Adobe Flex, JavaFX, and Microsoft Silverlight competing to conquer programmer to use theirs product and bring rich internet application to the best performance of website. Especially in Linux/Ubuntu we have application called Moonlight to help running/displaying Microsoft Silverlight Application platform on linux/ubuntu desktop. Here step by step installing Moonlight add-on on Mozilla Firefox so that you can run Microsoft Silverlight in your Ubuntu 10.04 desktop.
- Choose the application platform, this platform is depend on what kind of operating system installed in your desktop, If you have 64bit proccessor but you had install 32bit operating system, wise for us to choose 32bit platform.
 |
| Choose the application platform |
- Download and install the Moonlight add-on to firefox, the Moonlight plugin has 3.8Mb size and need approximately 3 minute to be installed. When installing the Novell Moonlight plugin, Firefox may prevent the installation and present you with an information bar, to continue the installation click "edit option" and allow add-on to be installed.
 |
| Installing Moonlight add-on to Firefox |
|
|
- If installation process has complate with no error, you have succesfull installed Moonlight add-on on your Mozilla Firefox, to start using this plugin restart the browser and you have Mozilla Firefox Silverlight friendly then.
- If you interest to compare the performance of Adobe Flex, JavaFX, and Microsoft Silverlight, i suggest you to visit this link to get explanation and ilustration.
» read more....
4:42 PM
Wine is a linux application which lets us to run windows application in Linux OS family, yesterday (16 july 2010) winehq has released new stable version of Wine 1.2, the development team has claimed almost 3.000 bugs fixed and more than 23.000 changes. here they are several change we found at wine 1.2 Stable. - Wine 1.2 support on x86-64 processors and also support for 64 bit applications.
- There are new icons for all the built-in applications based on the Tango set for a nicer integration with the native Unix desktop look.
- Smoth looking on LCD Screen, The subpixel configuration is derived from the system fontconfig and Xft settings.
- The OLE storage performance can degrade pretty badly on files with a particular layout.
That is simple way to installed wine 1.2 on Ubuntu Lucid Lynx, if you already have installed previous version of Wine you can upgrade using aptitude by following instructions below.
sudo add-apt-repository ppa:ubuntu-wine/ppa
sudo apt-get update && sudo apt-get upgrade wine
if want perform fresh install of wine 1.2, change "sudo apt-get upgrade wine" above with "sudo apt-get install wine".
» read more....
1:09 PM
OpenSUSE which Free/OpenSource version of Linux SUSE Enterprise, is various version of linux distro developed (supported) by novell. Yesterday (07/15/2010)
openSUSE has release openSUSE 11.3 Stable with support for 32-bit and 64-bit system. The new openSUSE 11.3 bring bright application named spideroak which can perform an online backup and file syncronizing trough internet for free, to get latest version of openSUSE can be downloaded in here.
» read more....
10:57 AM
Cisco Network is well perform network equipment and platform, there are many companys in the world entrust their network being handle by this instrument. A lot of advantages we get if we know much about this network equipment eventhough it's not simple way to learn more about all Cisco Netwok familly. Not only Microsoft, Java, or Oracle, Cisco System provide Cisco Netwok Career Certifications which provide profesional IT certification for Cisco System Product such us CCNA, CCDA, CCNP, CCDP, CCSP, CCVP, and CCNA Security. There are five levels of certification: Entry, Associate, Professional, Expert, and Architect, as well as seven different paths, Routing & Switching, Design, Network Security, Service Provider, Storage Networking, Voice, and Wireless.
My personal opinion Cisco Netwok Career Certifications is not cheap, but it's very important for profesional network engginer to have it. get the best preparation is the best effort we can do. There are many network/cisco simulator in a market as we know Boson, Networksim and All official Network simulator form Cisco System that can be install in our desktop and we can learn from it.
GNS3 is sort of Graphical Network Simulator, GNS is Free/Opensource Cisco Network Simulator running on Ubuntu and Linux familly. GNS3 is other form of Dynamips and Dynagen which older cisco simulator for linux running on terminal. To complate simulations, GNS3 is strongly lingked with :
- Dynamips, the core program that allows Cisco IOS emulation.
- Dynagen, a text-based front-end for Dynamips. And
- Qemu, a generic and open source machine emulator and virtualizer.
That mean to start using GNS3 we must install application above, if you running ubuntu the fastest way to install GNS3 is go to System > Synaptics Package Manager > (type GNS3 as keyword) then Apply and install, all application needed to run GNS3 is automaticaly installed.
 |
| GNS3 Screenshot |
Before GNS3 is ready to use, download Cisco IOS from this page first then add Cisco IOS to Dynagen IOS library. Here they are Step By step how running Cisco Network Simulator on Ubuntu Linux : * Continue with following step when you have finished installing GNS3. - Download Cisco IOS in this page (chose only required IOS)
- Open GNS3, than add Cisco IOS to Dynagen IOS library. To add IOS to Dynagen go to menu edit > IOS images and Hypervisors, browse the images and fill all required information.
 |
| GNS3 Topology Example |
- Draw the topology you want to bulid by drag and drop router logo in the left side of GNS3 to the center of topology area.
- Configure the network, Configuring network can be start by connecting one router to another by the connector (Giga etheret, ATM, Fast ethernet), to edit router properties like RAM, Additional Pheriperal in Slot, Name or other can be accessed by right click the router then chose 'configure'. Just like the actual Cisco router we can telnet (remote) the router and doing all Cisco task and job like the real ones.
 |
| Router Properties |
 |
| Router Properties |
- to finish the topology, after all router has been configured well, check topology interconection by router utillity like 'ping' or 'traceroute' from one router to another.
And now we can start a better preparation to join profesional network certification from Cisco System, to expendite the practice download some Network Topology here.
» read more....
2:02 PM
FBlogger in draft special version of Blogger where the Blogger development team try out the new features before they release them to everyone, to access google in draft you can go to http://draft.blogger.com/, if you already have blogspot account or blog you can make this (draft.blogger.com) to your default dashboard. Blogger already have beautifful change based on google in draft and it's review, see what different from it's old version of Blogger.
Blogger Stat, Built-in blog statistics made blog monitoring as easy as Google Analytics Blogger stat is one of the the new feature of Blogger, Blogger Stat is built-in blogger tools for monitoring blog statistics and track your blog traffic, if you wanna start using this feature Just go to Blogger in Draft, and you'll notice a new "Stats" tab. You don't have to install or configure anything to start benefitting from Stats.
 |
| Blogger Stat of traffic inbound |
 |
| Blogger Stat show mount of visitor |
Better Way to Posting Article- As we see in blogger in draft, blogger has made a little change in how to compose a blog posting, blogger add some fancy tools which made way of blog posting easier, as we can see in blogger post editor toolbar there is one tools added namely 'translate'. I used to use google translate to help me to translating from english to indonesian or opposite, now i can little bit faster to search a strange vocabulary :p
 |
| New view of blogger in draft post editor toolbar |
|
|
- Provide new way and view of insert picture utillity, google in draft serve new way of inserting picture in a posting. We can picture directly from Harddrive, Url, and Picasa (using account) complate with picture preview, with this utillity we can also inserting old picture we have been upload in the same blog before.
 |
| New way of inserting picture |
- Google in draft has complate it's change by add geographic location in a bottom of blogger posting editor, just click and type the location you want google will include the map in your posting.
 |
| Blogger in draft add geographic location |
Better Post Preview
Blogger in draft provide a better Post preview than the old ones, On the New Post page, click on the Preview button (this is a new button that we’ve just added), and you will see a new window open with the WYSIWYG preview of the post. This is how your blog post will appear to your readers when you hit publish, with the same format and style of your current Blogger theme.
» read more....
8:15 PM
Ubuntu One is the personal cloud service that simplifies your digital life. Ubuntu one is such application bundled with Ubuntu OS which help us to keep in touch by sharing, buying, searching, manage file, data or music with other people using internet, ubuntu one serve new experience of data sharing. Imagine buying music and getting it delivered to the computers of your choice or synchronizing your files and notes and accessing them from anywhere. Or consolidating your computer and mobile phone contacts and safely sharing documents and pictures with them. Ubuntu One can already do this and more (https://one.ubuntu.com/). To start using this service we can go to http://one.ubuntu.com/account then create new account (user & password) and follow the instructions or follow theh directions in this link. I thinks everyone agree if i call ubuntu one as a new way of digital data sharing, here there are some ubuntu one feature from the official website that underlaying my statement above :A personal cloud to store, sync, and share your files. Automatically store and sync your documents, images and media with your personal cloud and your other computers. Share folders with project collaborators or publish files with the worldSynchronize your bookmarks Ubuntu One Bookmarks (also called the Bindwood project) automatically synchronizes your Firefox bookmarks with your personal cloud and your other computers. You don't have to change anything about how you use bookmarks today because Ubuntu One works behind the scenes to keep everything in sync. Full Control with tomboy notes. Ubuntu One Notes is integrated with Tomboy, the notes application in Ubuntu, and automatically synchronize with your personal cloud and your other computers. You can also use the Ubuntu One website to browse and modify all of your notes.
Syncronize mobile contact
Ubuntu One now enables you to keep all of your address book contacts in sync with your mobile phone. No matter how many contacts you have, Ubuntu One will sync them all.
Buy, review, and listen new Music via Ubuntu One Music Store in Rhytmbox
Ubuntu one made buying music like easiest before, through rhytmbox we can search and browse the newest music album until the most rare music album collection you will never see in the market.
thats all my review of ubuntu one, for a conclution ubuntu (cononical) make a beautifull movement by this application don't be left behind then start using this amazing application :P.
» read more....
