VMware player – Free Virtual machine!!

VMWare Player - Free!!

Ya, VMware now have launched a free version of its virtual amchine software. This virtualization software will create a virtual machine, just like the normal paid one, but with limited functionalities. View the comparison between VMWare player and other VMWare products here, VMWare Player comparison.

The software were in Windows and Linux. Enjoy it. Download it from here. VMWare player

Enabling firewall in FreeBSD – ipf

logo-full

This writeup will be short, to summarize how to enable ipf firewall in FreeBSD. In my experience with FreeBSD 5.4, it just work very well.

First, we need to enable it in the kernel configuration file. The default filename is GENERIC and located in /usr/src/sys/i386/conf/. First I make a copy of the configuration file, to BUDIHOST simply by using this command.

my.budihost.com# cp GENERIC BUDIHOST

Edit BUDIHOST, add these few lines:

options IPFILTER # IPFilter support
options IPFILTER_LOG # IPFilter logging support
options IPFILTER_DEFAULT_BLOCK # Block all packets by default
options RANDOM_IP_ID # RANDOM_IP_ID causes the ID field in IP packets to be randomized

These few lines also need to be added into /etc/rc.conf

ipfilter_enable=”YES” #Stateful firewall
ipfilter_program=”/sbin/ipf” # where the ipfilter program lives
ipfilter_rules=”/etc/ipf.rules” # loads rules definition text file
ipfilter_flags=”-F a -f /etc/ipf.rules” #IPFilter is enabled in the kernel and not module

After modification in your kernel configuration file, you need to rebuild and reinstall the new kernel with the new configuration.

my.budihost.com# cd /usr/src/
my.budihost.com# make buildkernel KERNCONF=BUDIHOST
my.budihost.com# make installkernel KERNCONF=BUDIHOST

Please check the error or any messages prompted after the buildkernel. If there is any problem, you might need to edit your configuration file, then rebuild. After you have sucessfully rebuild the kernel, then you can install it.

The firewall rules were stored in /etc/ipf.rules. You need to modify the file, to suite your production needs.

This is a sample configuration file. /etc/ipf.rules . You can open any additional port yourself, the configuration is simple straight forward.

Reboot your machine..

my.budihost.com# shutdown -r now

πŸ™‚

I have experience once, when I cannot ping to my own box. I also cannot check my email using webmail, the error message come out, no route to host. Its actually because of the firewall rule, u need to allow loopback interface to transfer. Solved! πŸ˜‰

Server migrated to Malaysia datacenter – Netmyne

Netmyne datacenter

Finally, Budihost server have been changed to Netmyne datacenter, in Brickfield.. Theres alot of problem while migrating, from DNS problem with Jaring, server firewall problem, and now, running smooth and sound.

Netmyne datacenter in Brickfield is a preference for most company in Malaysia, as it is located inside KL, no need to go to Cyberjaya. With fast connection, it hope will provide a better performance for all our clients, and clients to be πŸ™‚

If you have any problem with our solutions, please do contact me.
If you are looking for a dedicated server solutions, please do contact us.

Enjoy the speed! πŸ™‚

Google hacks

Google hacks..
Now I would like to share something I have to gain more πŸ™‚ hhee..

Since Google have come into the internet, it seems have change the whole internet. Its really wonderful actually, from the comprehensive search engine, Google AdSense, Google Earth, Google Talk, and more to come I hope.

Now I will concentrate on Google Search hacks. I will show how you can search for a particular file on the internet, and search your own website, even you dont have a search engine. Really cool for a fully static HTML website right? πŸ˜‰

At first, try to go to this link:
http://www.google.com.my/search?hl=en&q=mysql+ext%3Apdf&btnG=Search&meta=
You can see the search string in link provided. You can see, it can search for a particular topic and with what extension. You can also for a specific file using inurl. Try to search inurl:passwd.txt, you can see many search hits that found filename passwd.txt
This actually a vulnerablity to the owner of the system, where Google will reveal your confidential file. But, there is a solutions for system owner, using GHH – The “Google Hack” Honeypot. It will simulate the unsecure page, as if it is the vulnerable page, avoiding attackers from the actual possible vulnerable file.

Another tricks with Google is to search a particular file in your own site or domain. The example if in the link below:
http://www.google.com.my/search?hl=en&q=farhan+site%3Asbudi.net&btnG=Search&meta=
The search string used to search a keyword farhan in site sbudi.net.

I hope this article will be a guideline on how to find valuable information in the internet. Believe me, you’ll thank Google alot πŸ™‚

A funny conversation

>WOMAN: What would you do if I died?
> Would you get married again?
>MAN: Definitely not!
>WOMAN: Why not – don’t you like being married?
>MAN: Of course I do.
>WOMAN: Then why wouldn’t you remarry?
>MAN: Okay, I’d get married again.
>WOMAN: You would? (with a hurtful look on her face)
>MAN: (makes audible groan)
>WOMAN: Would you sleep with her in our bed?
>MAN: Where else would we sleep?
>WOMAN: Would you put away my pictures, and replace
>them with Pictures of her?
>MAN: That would seem like the proper thing to do.
>WOMAN: And would you let her use my golf clubs?
>MAN: She can’t use them; she’s left-handed.
>WOMAN: – – – silence – – –
>MAN: Shit.

ALIF – Antara Libur Insan Fikir

www.alif.com.my, have just being uploaded, and now visible for all user. But it still under construction, already open for registration, but not full with content yet.

The website is for all nasyid fans in Malaysia, concentrating on Malaysian nasyid artist. The website hope to serve users with latest information about nasyid concert, and any album release of any nasyid group. This website hope to be the nasyid portal, where it will be supported by all nasyid group in Malaysia such as Raihan, Rabbani, Hijjaz, InTeam, NowSeeHeart, Mestika, Brothers, UNIC, Mirwana, Far East, One Faith and many more.

ALIF need a dedicated team to cooperate and work together, to develope, to enhance the feature, and add news and events to be shared with all its members. Anyone interested please contact us, using our contact page.

Please have a visit, and do support us! Thanks for your support, we really appreciate it πŸ™‚

http://www.alif.com.my

How to dump your mysql database through command line

Mysql Database
I have a problem with my snort database. I have run snort for a few month, and the data logged have reach of to 400MB of alert. So, now, I want to download it back to my own pc, so that I can navigate through it faster, instead of using the slow internet connection, navigating using ACID interface..
I deal with mysql using command line interface, to backup and restore mysql database.

At first I issue this command in shell:
su-2.05b# mysqldump -a -u db_username -p db_name > snort_report.sql

It will then ask you the password of database user, enter it, and it will dump the database into the file, snort_report.sql
I actually cannot the run the command immediately, it tells the command was not found. I issue a command,

su-2.05b# which mysqldump

and it will then show you the true path of mysqldump.

Then I can download the file using Internet Download Manager, for faster download using direct link.

To restore back the file into the database, use this command:

su-2.05b# mysql -u USERNAME -p DATABASE < FILENAME.mysql

Hope this help you to do backup and restore for your database.

With free web hosting, going about marketing is much easier, particularly when there are only a few online jobs left as all are availing adsl.

Water disruption – IIUM is affected

These few days IIUM and the surrounding area still have water disruption, and many students have leave the campus to go back to their home town. IIUM cancel all classes from Monday and the class will continue on Thursday.
It is due to water plant been contaminated by of oil from an accident at KM 25 Karak Highway. The plant have to be cleaned and it now have been at last phase perhaps. Some rumours said the plant have already being cleaned now, just waiting for the water to filled up and supplied to the affected area.

All my friends also went outside, stay with friends around Kuala Lumpur. Me? stay and and survive πŸ™ Even my close friend from Kedah, also went to aa friend’s house in KL. Hope she’s happy to take shower everyday without any hassle πŸ™‚ Remember to come back here huh, we have class in Thursday. hehe..

Picture from TheStar
http://thestar.com.my/news/story.asp?file=/2005/9/13/nation/12025779&sec=nation
http://www.thestar.com.my/news/story.asp?file=/2005/9/13/nation/12023092&sec=nation

How to secure your page using .htaccess

htaccess

Want to have a secure page and prompt your user with this login window? πŸ™‚

I have setup ntop previously and I have to secure the page using .htaccess and .htpasswd file.

The process is quite simple atually, you can just have FTP access to set this things up. At first you have to create your .htaccess file. The format of your file is like below:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /var/local/html/.htpasswd
AuthGroupFile /dev/null
require valid-user

The file above will find the .htpasswd file, where it will contain your encrypted password. Below is the sample of .htaccess file with password mypassword:

farhan:VQv2aMigXGMkU

Upload them to your folder. You should put your .htpasswd out from the apache accessable file. Your user might just view your encrypted password easily, and make sure the path of .htpasswd in .htaccess file is correct. Upload them using ASCII instead of Binary.

You can use this website to create your .htaccess and .htpasswd files. It can generate the encrypted password for you.
http://www.tools.dynamicdrive.com/password/