Bukit Tabur and Sungai Pisang day trip

A back while in May 2010, i bring a few of my officemates and friends to Bukit Tabur and Sungai Pisang in Gombak. These place are just my usual place to bring my friends to outdoor activities, with simple hiking, jungle tracking and swimming.

Bukit Tabur is located in Taman Melawati. The place also becomes very popular for hiking activities during weekends, and sightseeing. The sunrise view was magnificent. I have blog about this place once before. There are a few routes, but we choose the place where I’m familiar with, the starting point at the water treatment plant.
Sungai Pisang on the other side is just jungle tracking, just 10 minutes, as we choose to park our cars just by the highway, Karak Highway. Its just about 10 minutes from Gombak toll. I do not want to do 40 minutes tracking anymore, just want to have some picnic, swimming, skip the tracking πŸ™‚

Below are the pictures.

Continue reading

Wall climbing in extreme park, Putrajaya

Its been a long time since my last update on my blog. It have been my log of what I did, something that I want to remember. Well, you can say i forgot things easily.

I’ve been looking for a place to climb. Its been quite some time since I last climb, and I found a place not too far. Its in Putrajaya, Extreme Park. I’ve heard there are off-road bicycle trail near that place, but not really sure where is it. The climbing place is not too far from Putrajaya International Convention Center. The coordinate is N 2 53.318, E 101 40.082” or “2.889, 101.668, you can find it yourself of you have a GPS.


View Larger Map

Belaying Mira

They do provide equipments for rent to all visitors. Its quite a convenient for me to bring my friends who do not have any gears to start climbing, and the rates are quite affordable. Its just that some of them are worn out, and not really convenient to use, like the shoes. The entry fee is RM 6 for adults, and RM 3 for student (provided you have a student card)
Continue reading

Thunderbird in Malaysia, really feel the thunder in my chest!

Credits to Syarafuddin SulaimanCredits to Din

Yesterday I have told you guys I will be going to RMAF Subang Air Base today for Joint RMAF USAF aerobatic performance there today. Well, we made it!
πŸ™‚ Me with Syarafuddin Sulaiman, we were there a a bit late, as it was raining heavily in the
morning in our place. But, we dont want to miss it, and dont want to live in regret and uncertainty, we just went off there in the heavy rain.
Luckily, the air show still being held, but we missed C-17 Globemaster. I dont know whether it in the air or not this morning.

We can see one RMAF Sukhoi jet flying around over in the traffic jam. The traffic jam was horrible. We could not get much good shots for the Sukhoi
jet. We just park the car by the roadside, and walk for a good place to take picturess. We couldn’t get a good shot of the runway, its quite far, and
blocked by a a fence! πŸ™ Din just did what he can. He still can get some good shots.

F-16 Falcon Thunderbird was great. We arrive just in time for the Thunderbirds to come out. The sounds, the vibration over the ground, it was
exciting! We can feel the shaking while one of the jet fly right on top of us. They did a good and interesting formation, one of them was where four
of them fly from different angle towards the runway, and pass by each other in the middle of the runway. That was close!

We didn’t plan the trip very well, we couldn’t get close to the runway, and arrived a bit late. We also missed the C-17 Globemaster session. I also
not sure whether its in the air or not this morning. Hope to get my hands on one of the DSLR myself. Will wait for the next chance πŸ™‚

Thanks Din for the pictures πŸ™‚

Thunderbird in Malaysia, really feel the thunder in my chest!

USAF Thunderbirds - Pics from<br />
Zagispirit-http://www.farhanfaisal.com/wp-conten/uploads/usaf_thunderbirds.jpg
Picture grabbed from Zagispirit, taken at Townsville ADF Airshow
2009

Tomorrow (3rd Oct) there will be an aerobatic demonstration by USAF Thunderbirds and Malaysia Royal Air Force (RMAF) in RMAF Subang Air Base. This
joint event will highlights Thunderbird F-16 and C-17 Globemaster by USAF and also RMAF Sukhoi team.

The event will start at 1030 am, with C-17 demonstration, followed by RMAF Sukhoi airshow. USAF thunderbird airshow will start at 11.30am followed by
autograph signing by Thunderbirds Crew. This event will be open for public for free, and will be expecting huge crowds.

I wish I have my own camera to take the shots. Just enjoying the show la πŸ™‚ You guys dont miss it!

Press release
href=”http://malaysia.usembassy.gov/event_thunderbirds_093009announce.html”>http://malaysia.usembassy.gov/event_thunderbirds_093009announce.html
http://www.bernama.com/bernama/v5/newsgeneral.php?id=441102

DashBlog :: Add-ons for Firefox

dashblog

Found this cool firefox addon, for blogging purpose. I always have the same problem from the very beginning, to capture the screenshot, crop it, and upload it to my blog. This add-on seems a good one to speed things up in sharing knowledge through our sites.

This post might serve as my first test, to post using DashBlog.

You can get it here.
https://addons.mozilla.org/en-US/firefox/addon/7215

md5 decode script – PHP

Last few weeks I found a malicious script installed on my hosting server. This is due to unupdated WordPress, that allow remote attacker to upload some malicious code into the server. The server have been clean up, no more problem. πŸ™‚

The malicious file found is a PHP script, with alot of hacking tools embedded. One interesting part is, it have a md5 decoder. I’m not really good in data structure, I cannot construct my own bruteforce code. So, I took those bruteforce code to a single file, just to decode a md5 hash string.

This is just a prove of concept that, a strong password should be long, and have some extra character, other than normal alphabets. This give a higher probability of character to choose in bruteforce attack.

MD5 Decode in action

Download the code here, md5decode.txt. Please rename it to *.php.
You have to put in what character options to test against the hash string, and also the hash string you want to decode.

This code might not applicable in real life nowadays, as there are other ways users password been exploited, for example, using default password, and common password. Thats why most bruteforce attacked were dictionary based. So, make sure your password is strong enough. One other method, is Rainbow Table. I’m still reading it πŸ™‚

Rainbow Table (Wikipedia) – http://en.wikipedia.org/wiki/Rainbow_table
Md5decode.txt – http://www.farhanfaisal.com/?download=md5decode.txt

Network monitoring with cacti – snmpd.conf

Network monitoring plays an important aspect in a system admin life. You will be managing some servers, and you might have problem taking care of their respective ‘health’, making sure its serving fine and performing best of it. There are some monitoring tool, for example, mrtg, nagios, cacti.

For our setup, we are utilizing cacti, a web-based host monitoring tool, that can monitor hosts through snmp. Its a php tool, and customizable. Its powerful enough to give you what you want, just the matter of configuration. The first thing, you have to make sure every host you want to monitor is snmp enabled.

Cacti login page

SNMP stands for “Simple Network Management Protocol”, can be harmful if not configured properly. It can reveal you private information of the host. I will just put a simple snmpd.conf configuration file, that will have enough privilege control on host and community string.

com2sec local localhost YOUR_COMMUNITY_STRING
com2sec mynetwork 202.190.123.144/28 YOUR_COMMUNITY_STRING

group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork

view all included .1 80

access MyROGroup “” any noauth exact all all none
access MyRWGroup “” any noauth exact all all none

syslocation YOUR_LOCATION
syscontact YOUR_EMAIL
sysname SYSNAME

You can verify that your snmpd daemon is responding to snmp request using snmpwalk. For snmp version 1, you can use,
snmpwalk -v 1 -c YOUR_COMMUNITY_STRING 127.0.0.1
For snmp version 2,
snmpwalk -v 2c -c YOUR_COMMUNITY_STRING 127.0.0.1

This configuration is for the end host you want to monitor. In Cacti, you will need to add the community string, and the IP of the host you want to monitor. Then, cacti will start polling information from these hosts through SNMP with the credential given.

Cacti Graph

Cacti – http://www.cacti.net/
Nagios – http://www.nagios.org
MRTG – http://oss.oetiker.ch/mrtg

Mysql Database backup script.

I have found this one mysql backup script, that just suite my need to backup all database in their respective file. It will be easy for recovery, if I need the sql for that particular database. This is script have been modified from mysql database backup script in HowToForge. This script will also FTP to other location, but I have remove this functionality, as I dont need to move it to another FTP server.

#!/bin/sh
# System + MySQL backup script
# Copyright (c) 2008 Marchost
# This script is licensed under GNU GPL version 2.0 or above
# Modified by Farhan Faisal @ farhanfaisal.com
# ---------------------------------------------------------------------

#########################
######TO BE MODIFIED#####

### System Setup ###
BACKUP=YOUR_LOCAL_BACKUP_DIR

### MySQL Setup ###
MUSER=”MYSQL_USER”
MPASS=”MYSQL_USER_PASSWORD”
MHOST=”localhost”

### FTP server Setup ###
FTPD=”YOUR_FTP_BACKUP_DIR”
FTPU=”YOUR_FTP_USER”
FTPP=”YOUR_FTP_USER_PASSWORD”
FTPS=”YOUR_FTP_SERVER_ADDRESS”

######DO NOT MAKE MODIFICATION BELOW#####
#########################################

### Binaries ###
TAR=”$(which tar)”
GZIP=”$(which gzip)”
FTP=”$(which ftp)”
MYSQL=”$(which mysql)”
MYSQLDUMP=”$(which mysqldump)”

### Today + hour in 24h format ###
NOW=”$(date +”%Y-%m-%d”)”

### Create hourly dir ###

mkdir $BACKUP/$NOW

### Get all databases name ###
DBS=”$($MYSQL -u $MUSER -h $MHOST -p$MPASS -Bse ‘show databases’)”
for db in $DBS
do

### Create dir for each databases, backup databases in this folder. ###
FILE=$BACKUP/$NOW/$db.sql.gz
$MYSQLDUMP -a -u $MUSER -h $MHOST -p$MPASS $db | $GZIP -9 > $FILE
done

### Compress all tables in one nice file ###

ARCHIVE=$BACKUP/$NOW.tar.gz
ARCHIVED=$BACKUP/$NOW

$TAR -zcf $ARCHIVE $ARCHIVED

rm -rf $ARCHIVED

http://www.howtoforge.com/shell-script-to-back-up-all-mysql-databases-each-table-in-an-individual-file-and-upload-to-remote-ftp

Last weekend waterfall hunting.

Last weekend was a great weekend, as I did one new thing, waterfall hunting. I have marked 2 waterfall to search for, both of them found in a website, http://www.waterfallsofmalaysia.com. Its Tanglir Waterfall, and Sungai Dua waterfall. Both of them just within the same path on Karak Highway. Anyway, It start will a warm up trip to Chilling Waterfall with my rock climbing friends.

Chilling waterfall
Chilling waterfall located in Kuala Kubu Bharu. After reaching there, we park our car, and start tracking to the base site, where there were the management office, campsite, toilets and place to pray. The place is well maintained, as it is a fish sanctuary area. Thats why, fishing is strictly not allowed in Chilling Waterfall. You can see the signboard throughout the path.

After 40 minutes walk, just following the path upriver and 5 river crossing, we reached the fall at around 3.30 pm. The waterfall is just fantastic. I remember last time i went there, we did canyoneering near the fall. We spend around 1 1/2 hours there, and start departing back to campsite. There were some strict rules, like you cannot camping there beyond the hanging bridge, and you have to get back before 5 o’clock. You also cannot swim there if its raining. There have been a few accident there, that involves death.

GPS navigator

Continue reading

Bukit Tabur, Taman Melawati

Bukit Tabur, Sunrise

Picture by Alexander Krasnikov

Within last few weeks, I’ve been to Bukit Tabur. Could not find more time for long trip, other than usual rock climbing during weekends, and Bukit Tabur trip. It start with my colleague, who would like to try out some adventures during weekends.

On 20th December, we start hiking the hill at 6.30, just 4 of us, because 5 others were late. We dont waste the opportunity to see the sunrise. Within 25 minutes, we arrive there. Its still dark, and we still have to use our headlights to walk. Then I returned back, and wait for the other 5 of us to arrive. We managed to reach the others around 7.30. Its not so hot yet, and we can still enjoy the sunrise that time.

The trip was planned for only to enjoy the sunrise, but we could not hold ourself seeing other trackers moving with the passion to the top. I never reach the peak, the real peak, and neither all of us. We just follow some other trackers that time.


Ima, at Bukit Tabur
Following few weeks, there comes another trip, for my other friends. They missed the 1st trip, because of health condition. Well, I keep my promise to bring them there πŸ™‚ Its not as early as the previous trip, but we enjoy the trip, enjoy the sunrise, and enjoy the view from there. For last few trip to Bukit Tabur, I really want to just enjoy the view, and the cold winds. Its just feels like at the top of mountains, just with 20-30 minutes walk.
Continue reading