tag:blogger.com,1999:blog-221721872012-02-17T11:44:56.844+07:00Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.comBlogger821100tag:blogger.com,1999:blog-22172187.post-88794560518262934892007-03-30T11:24:00.000+07:002007-03-30T11:34:09.512+07:00

Today, I am going to leave the IT world and entering another field.Many great things has come to me in the IT world, I also enjoy great relationship with many friends during my days in the IT world. But things change, I am going to pursue another things outside the IT world.I will be entering "silent" mode in blogging. You may not see new blog from me. I will try my best to write a blog entry

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com41tag:blogger.com,1999:blog-22172187.post-9321087799824636842007-03-28T11:33:00.000+07:002007-03-28T11:35:15.516+07:00

Many nights we've prayedWith no proof anyone could hearIn our hearts a hopeful songWe barely understoodNow we are not afraidAlthough we know there's much to fearWe were moving mountains longBefore we knew we couldThere can be miracles, when you believeThough hope is frail, it's hard to killWho knows what miracles you can achieveWhen you believe, somehow you willYou will when you believeIn this

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-40922670966922204722007-03-28T11:22:00.000+07:002007-03-28T11:33:13.803+07:00

In the dreams I dreamed as a childI lived my life as a kingMy days were filled with sunshineAnd there was never any painsI will win, I will loseI will live my lifeI will have to make my way on my ownI will win, I will loseI will create my own pathI will play the game of lifeI've had brief moments of joyEndless moments of boredomI've had days full of sunshineI know what pain is...I will win, I

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-81499888527254802622007-03-26T10:55:00.000+07:002007-03-26T10:57:12.240+07:00

On March 19, 2007, TrueCrypt version 4.3 is released. There are many new features, improvements and bug fixes in this release, so I think it is the time to upgrade my installation.I downloaded the TrueCrypt package, but they only provide for OpenSUSE 10.2 system. Last time I used the RPM version, it complained about kernel mismatch. But this time it didn't complain.Unfortunately, I already have

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-16440131105109815612007-03-26T10:52:00.000+07:002007-03-26T10:54:07.803+07:00

Researchers at Oxford have built an x86 emulator that runs purely on Java, making it ideal for security researchers who want to analyze and archive viruses, host honeypots and defend themselves against buggy or malicious software without hosing their machines. The JPC also emulates a host of other environments, giving technophiles the ability to play Asteroids and other software that's sat on

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-78205141935821051192007-03-20T09:48:00.000+07:002007-03-20T12:37:19.606+07:00

Saya mengetahui informasi tentang "dibobolnya" situs Presiden SBY melalui sebuah televisi swasta pada hari Sabtu, 17 Maret 2007. Informasi tersebut saya peroleh dari newsline yang berjalan, dengan judul "Situs Presiden SBY di-hack". Detik telah pula menurunkan berita ini dengan judul "Situs Presiden SBY Dibobol".Kemudian saya bertanya kepada beberapa orang rekan mengenai kebenaran berita ini, dan

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-87734466593760339442007-03-20T09:43:00.000+07:002007-03-20T09:45:10.128+07:00

There are now three RFCs regarding Intrusion Detection :RFC 4765: The Intrusion Detection Message Exchange Format (IDMEF)RFC 4766: Intrusion Detection Message Exchange RequirementsRFC 4767: The Intrusion Detection Exchange Protocol (IDXP)

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com1tag:blogger.com,1999:blog-22172187.post-54522865318861272082007-03-15T14:36:00.000+07:002008-12-09T23:02:32.928+07:00

I have been planning to upgrade my PHP to version 5.2.1 since several weeks ago, but I couldn't find spare time to do that until last night.I upgraded the following packages (libedit is a new install) :# rpm -Uvh php5-5.2.1-15.1.i586.rpm apache2-mod_php5-5.2.1-15.1.i586.rpm php5-gd-5.2.1-15.1.i586.rpm php5-mysql-5.2.1-15.1.i586.rpm php5-zlib-5.2.1-15.1.i586.rpm php5-pdo-5.2.1-15.2.i586.rpm php5-

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-80545249474610616162007-03-15T10:04:00.000+07:002007-03-15T10:08:17.518+07:00

A University of Washington researchers Kris Erickson and Philip Howard have an interesting new paper out, "A Case of Mistaken Identity? News Accounts of Hacker and Organizational Responsibility for Compromised Digital Records, 1980–2006." This is a great survey of the dramatic explosion in reports of breaches. A couple of great quotes: One important outcome of the legislation is improved

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-84615042432329598092007-03-13T16:00:00.000+07:002008-12-09T23:02:33.434+07:00

If you want to run a Linux system on Windows platform but you don't want to deal with partitioning and formatting the harddisk, fortunately you can do so with QEMU.Here is an official information about QEMU : QEMU is a generic and open source machine emulator and virtualizer. When used as a machine emulator, QEMU can run OSes and programs made for one machine (e.g. an ARM board) on a different

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-90501251961809090352007-03-13T13:55:00.000+07:002007-03-13T14:07:03.793+07:00

Presentations and whitepapers of BlackHat DC 2007 are now available.You can find them here.Don't forget to download several presentations that have made news lately :- Practical 10 Minute Security Audit: The Oracle Case- Data Seepage: How to Give Attackers a Roadmap to Your Network- Beyond The CPU: Defeating Hardware Based RAM Acquisition Tools (Part I: AMD case)- Danger From Below: The Untold

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-64506752245944174412007-03-09T12:37:00.000+07:002007-03-09T12:40:18.831+07:00

I've uploaded several pictures taken by Pak Marsel during the Information Security Awareness Day (March 7, 2007) at BPPT building.You can view the pictures here.Enjoy the view.

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-12876603587607312162007-03-09T09:02:00.000+07:002007-03-09T12:32:44.662+07:00

From ZDNet :For years, we've been convinced by companies like Komoku and BBN Technologies that hardware-based RAM acquisition is the most reliable and secure way to sniff out the presence of a sophisticated rootkit on a compromised machine.Joanna Rutkowska, a security researcher at COSEINC Malware Labs, an elite hacker who specializes in offensive rootkit research, has found several ways to

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-78137814114568520602007-03-08T09:54:00.000+07:002007-03-08T10:19:03.730+07:00

Yesterday, a friend of mine, under the name of "Olyx", inform me about a cool networking tool called Netkit. At that time, he didn't give much information about it. He just gave me the information about Netkit.After arrive home from a meeting, I read the Netkit introduction document. Finally, I figured-out that Netkit is a tool to create computer networking environment. Netkit is using User Mode

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-6919878101728759002007-03-06T15:16:00.000+07:002007-03-06T15:28:57.343+07:00

Symantec has released the first three of six technical research papers evaluating Windows Vista security components.The research papers cover a range of Vista security mechanisms in-depth, from its Address Space Layout Randomization (ASLR) technology designed to thwart heap overflows and certain malware attack methods, to buffer overflow protection in Vista's Visual Studio C++ compiler and an

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-23579272451067623822007-03-06T09:11:00.000+07:002007-03-06T15:24:54.125+07:00

From DarkReading :Enterprises are leaking an increasing amount of data from the inside, and they aren't sure what to do about it. Those are the conclusions of two new studies -- one from the Ponemon Institute and one from Enterprise Strategy Group -- being published today. Both of the reports suggest that enterprises should be shifting their security attention from the outside to the inside. The

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-88384945015908601092007-03-06T09:03:00.000+07:002007-03-06T15:25:39.396+07:00

David Maynor from Errata Security has just released a tool called Ferret for data seepage at BlackHat DC 2007.According to the Ferret's page, data seepage are bits of benign data that people willingly broadcast to the world (as opposed to "leakage", which is data people want to hide from the world).Examples of data seepage is what happens when you power-on your computer. It will broadcast to the

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-27308351362650179312007-03-02T10:21:00.000+07:002007-03-06T15:26:22.147+07:00

Starting from March 1, 2007, the Month of PHP Bugs has begun. Here is an excerpt about this project : This initiative is an effort to improve the security of PHP. However we will not concentrate on problems in the PHP language that might result in insecure PHP applications, but on security vulnerabilities in the PHP core. During March 2007 old

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-37778804664326778892007-03-01T10:08:00.000+07:002007-03-06T15:27:06.603+07:00

If you want to learn security by doing the actual "hacking", there is a good news for you.Thorsten Schneider of the International Institute for Training, Assessment, and Certification (IITAC) and Secure Software Engineering (S²e) in cooperation with Kryshaam from the French Reverse Engineering Team has released Damn Vulnerable Linux (DVL).Here is the description about DVL : Damn Vulnerable Linux

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-82363391298404850092007-03-01T09:48:00.000+07:002007-03-06T15:28:01.493+07:00

pdp has designed a new tool to steal browser history, it's called Noscript HScan. The interesting thing about this tool is it doesn't need Javascript to be turn-on.Up until now we thought that by disabling Javascript, we'll be safe. But apparently, that's no longer sufficient, now we need to disable CSS too. :D

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-13430632013453864232007-02-28T11:03:00.000+07:002007-02-28T11:23:33.133+07:00

I read a blog posting by Ed Finkler "Do Open Source Devs Get Web App Security? Does Anybody?".In it he described disturbing statements contained in one of Open Source Content Management System :A colleague of mine who is dealing with Plone, a CMS system built atop Zope, pointed me to a rather disturbing documents in the Plone Documentation system, one that I feel is indicative of a much larger

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-43566434625197070472007-02-23T13:08:00.000+07:002007-02-23T13:11:30.917+07:00

I just found out that OWASP has released "The OWASP Testing Guide v2" on February 10, 2007.You can read the guide online at Testing Guide v2 Wiki or you can download it in PDF format.

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-37945063260002526022007-02-23T12:09:00.000+07:002007-02-23T12:14:25.183+07:00

Tenable has released Nessus 3.1.2 for Linux, FreeBSD and Solaris which is a beta version of the upcoming Nessus 3.2.Nessus 3.2 contains the following new features :- Experimental IPv6 support- Improved bandwidth throttling- Extended nessusd.rules to add support for ports and plugins- New command 'nessuscmd' which lets you do a quick command-line scan- Improved NASL engine- Easy-update : Nessus

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-46123586538570977682007-02-22T16:16:00.000+07:002007-02-22T16:18:57.386+07:00

NIST have released a new publication (SP800-94) that covers just about everything you can think of when it comes to IDS and IPS. The report is titled "Guide to Intrusion Detection and Prevention Systems (IDPS)".

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-52036214397197957372007-02-22T12:12:00.000+07:002007-02-22T12:16:45.176+07:00

Dheera Venkatraman has published an article describing how to attack blurring image to conceal information.In the article, he describes :Undoubtedly you have all seen photographs of people on TV and online who have been blurred to hide faces.For the most part this is all fine with peoples' faces as there isn't a convenient way to reverse the blur back into a photo so detailed that you can

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-50187751831234177462007-02-22T10:10:00.000+07:002007-02-22T10:12:27.930+07:00

I just found out the following news :Malicious JavaScript placed on web sites could be used to change DNS settings on home routers that are still using default passwords. Once the change has been made, the next time the router is rebooted, the user would be redirected to spoofed, possibly malicious web sites. Research indicates than about half of router owners have not changed the password from

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-28841381966112915532007-02-22T10:06:00.000+07:002007-03-02T16:44:20.390+07:00

The National Institute of Standards and Technology (NIST) has released two new information security documents.NISTIR 7359, "Information Security Guide for Government Executives," is designed to "assist senior leaders in understanding how to oversee and support the development and implementation of information security programs." NISTIR 7358, "Program Review for Information Security Management

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-84263601386085358372007-02-20T11:08:00.000+07:002007-02-20T11:13:18.627+07:00

I just found out about the vulnerability in Snort DCE/RPC Preprocessor. This preprocessor is vulnerable to a stack-based buffer overflow that could potentially allow attackers to execute code with the same privileges as the Snort binary.It affected the followings :Snort 2.6.1, 2.6.1.1, and 2.6.1.2Snort 2.7.0 beta 1Recommended Actions: Open-source Snort 2.6.1.x users are advised to upgrade to

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-13483617385200595142007-02-15T10:22:00.000+07:002008-12-09T23:02:35.465+07:00

In my previous blog (Testing Snort 2.7.0 Beta 1) , I described about my endeavour to install Snort 2.7.0Beta1. After successfully install Snort, I want to create a simple IDS rule and use my Snort as a simple IDS.To test Snort as an IDS, first I created a simple rule like the following :Then I started Snort using the following command :I open up another Konsole, and ping localhost :In Snort

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-31952530723327893212007-02-12T09:57:00.000+07:002007-02-12T09:54:32.324+07:00

Feature Overview : Detects insecure versions of applications installedVerifies that all Microsoft patches are appliedAssists you in updating your system and applicationsRuns through your browser. No installation or download is required.The Secunia Software Inspector covers the most common/popular end user applications: Internet browsersInternet browser pluginsInstant messaging clientsEmail

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-90149532507713820612007-02-12T09:47:00.000+07:002007-02-01T09:26:05.711+07:00

Several days ago, I experienced a flood disaster for days. It ruined my schedule. But thanks God I am still alive and kicking.Now I try to recover from the disaster.Here are several things I learn from this disaster :You need to be prepared for the unexpectedDo not depend too much on the governmentDevelop your disaster recovery plan suitable for your needs

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-62952966094430315932007-02-01T09:24:00.000+07:002007-02-23T13:16:41.032+07:00

Hari Kesadaran Keamanan Informasi akan dideklarasikan pada: Tanggal 07 Maret 2007Waktu 18h30 - 21h30Bertempat di Ruang Komisi Utama, Gedung II BBPT, Lantai III Jl. MH. Thamrin no.8, Jakarta Susunan Acara18.30 – 19.00 Registrasi19.00 – 19.10 Sambutan BPPT19.10 – 19.20 Sambutan DepKomInfo19.20 – 19.30 Sambutan DeTIKNas19.30 – 19.40 Sambutan Lemsanneg19.40 – 19.50

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-16627467339040540232007-02-01T09:08:00.000+07:002007-02-01T09:20:25.188+07:00

I just read Jeremiah posting regarding how to get NAT'ed IP address using JavaScript in Firefox version 1.5-2.0.It happens because in Firefox, JavaScript can access Java classes directly (java.net.Socket). You can try it here (copied from Jeremiah's posting) :When I think about it and how this can be used by the bad guys, I feel very scare. One of the solution for this is by blocking JavaScript

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-9429517128204620012007-01-26T15:01:00.000+07:002007-01-26T15:07:35.005+07:00

After reading a news from Snort website, I grab the latest beta version of Snort 2.7.0 beta1.Then I build the RPM packages from it using the following command :$ rpmbuild --with mysql -ta snort-2.7.0.beta1.tar.gzNext, I install it to my system :# rpm -Fvh rpms/RPMS/i586/snort-2.7.0.beta1-1.i586.rpm \ rpms/RPMS/i586/snort-mysql-2.7.0.beta1-1.i586.rpmPreparing... ###################

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-23850763479158453002007-01-26T14:54:00.000+07:002007-01-26T15:00:33.819+07:00

Download the latest snort tarball, then I create snort RPMS :$ rpmbuild -tb snort-2.6.x.tar.gz --with mysql...Wrote: /home/tedi/rpms/RPMS/i586/snort-2.6.x-1.i586.rpmWrote: /home/tedi/rpms/RPMS/i586/snort-mysql-2.6.x-1.i586.rpm...Next, I registered to Snort community to be able to download Snort rules.Then I extract the rules and move all of the files in rules/ directory to /etc/snort/rules

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-72224532270776049962007-01-22T14:21:00.000+07:002008-12-09T23:02:35.876+07:00

I got the following picture from Jeremiah Grossman's blog.I highligthed the SQL code for your easy reading. :D

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-25923797790930456752007-01-22T10:17:00.000+07:002007-01-22T10:20:28.242+07:00

Joanna Rutkowska posted a blog about "Beyond The CPU: Cheating Hardware Based RAM Forensics".Here is the main point of the blog :The whole idea behind hardware based RAM acquisition is that the process of reading the memory is using Direct Memory Access (DMA) to read the physical memory. DMA, as the name suggests, does not involve CPU in the process of accessing memory. So, it seems to be a very

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-12626734244813892112007-01-22T10:11:00.000+07:002007-01-22T14:03:45.231+07:00

Finally, after a long and hot discussion with my friend (Ai_Zeus), I got the blog layout like I wanted. Now in the archives, we can see how many post available.To get this layout is very easy, just update your blog template to the latest version. Last time, I forgot to update it when I updated my blog site. :DEnjoy the new template and please don't hesitate to give me suggestions.PS :I still need

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-58491516390574958942007-01-19T16:11:00.000+07:002007-01-19T16:16:25.087+07:00

Tenable Network Security has released Nessus version 3.0.5. It fixes several "features" available in the 3.0.4 version. The fixes include :Faster startup time, especially on laptopsImproved the performance of the SYN port scannerFixed a memory leak in the Mac OS X clientVista compatibility improvedVarious minor bugs fixed in the NASL engineBetter chasing of zombie processesYou can read more

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-10794972400414554532007-01-19T10:27:00.000+07:002007-01-19T10:43:17.771+07:00

Michal Zalewski has just released a new security tool called 0trace. Here is a brief description about it :This tool enables the user to perform hop enumeration ("traceroute") within an established TCP connection, such as a HTTP or SMTP session.This is opposed to sending stray packets, as traceroute-type tools usually do.Here is the benefit of using the mechanism applied by 0trace "such traffic

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-61782150844658215052007-01-15T09:40:00.000+07:002008-12-09T23:02:38.292+07:00

A friend of mine (you know who you are :D) asked me about how to disable preferences menu in Ampache 3.3.2.1.I thought this should be easy, there should be a config that we can turn off or turn on to set this item. Unfortunately, my thought was wrong. There is no configuration for that.Then I download Ampache tarball and look through it. I am very eager to solve this problem, because it will

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-52718680630330576912007-01-12T15:54:00.000+07:002007-01-12T16:05:15.376+07:00

I just bought an atheros-based card, it's a NetGear WPN511. For this card, I can use madwifi as its driver.At madwifi site, they also provide the RPM for OpenSUSE, but I sometime like to compile the software myself, so I can adjust it to my needs.Without further ado, here are the steps to compile the driver :- extract the tarball :$ tar xvjpf madwifi-0.9.2.1.tar.bz2- build the driver :$ cd

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-9081800995517522792007-01-11T10:00:00.000+07:002007-01-11T10:11:32.073+07:00

If you have time to spare, you may want to look at the IEs4Linux site.You may want to ask, what is IEs4Linux. Here is the answer I took from the webpage :IEs4Linux is the simpler way to have Microsoft Internet Explorer running on Linux (or any OS running Wine). No clicks needed. No boring setup processes. No Wine complications. Just one easy script and you'll get three IE versions to test your

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-66797168236993229242007-01-05T13:53:00.000+07:002007-01-05T17:42:37.050+07:00

At the beginning of new year, I am surprised by the disclosed of multiple vulnerabilities in Adobe Acrobat Reader Plugin. These vulnerabilities can cause the followings :Universal CSRF / session riding (tested on Mozilla Firefox, Internet Explorer, Opera + Acrobat Reader plugin)UXSS in #FDF, #XML e #XFDF (tested on Mozilla Firefox + Acrobat Reader plugin) Possible Remote Code Execution (tested on

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-80744223754937426942007-01-04T16:42:00.000+07:002007-01-04T16:52:34.270+07:00

I just want to say "Happy New Year 2007" to you, my kind readers.Let's hope this new year bring us more happiness, more joys and more health.Have a wonderful new year.PS :I will blogging again after I have solved several problems. :D

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-2231147521125854212006-12-21T11:03:00.000+07:002006-12-21T14:25:27.421+07:00

Dear kind readers,We have already at the end of the Year 2006. And according to my computer time, in the next ten days we will have the new year.There are so many great things that has happened to me during the year 2006, whether in my personal life or in my business life. And for that, I am very thankfull for The Mighty.I will be in minimalist-blogging during the next two weeks, I will post

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-60396234933815164122006-12-13T12:27:00.000+07:002006-12-21T11:18:43.081+07:00

Continuing my adventure on customizing SLAX, in this installment I want to modify existing SLAX module. The target module is 01_kernel.mo.Here are the steps I took to unpack the module :- Install squashfs kernel module. I got a pre-compiled kernel module(squashfs-kmp-default-3.0_2.6.16.12_3-0.rs.200605040428.i586) for OpenSUSE at Robert Schiele's site.- I install that kernel module :# rpm -Uvh

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com1tag:blogger.com,1999:blog-22172187.post-41159735511770030472006-12-07T15:53:00.000+07:002006-12-21T11:18:57.173+07:00

I am currently learning about how to produce live Linux CD system. Yes I know, this may be very old and very simple for you. But I haven't sharpen my Linux skills since a year and half. This will be a good practise.I chose SLAX (www.slax.org) because the manual said it was developed to be hacked. So here I am customizing SLAX.In the first part of the customization, I will remove a SLAX module and

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-3735531987399162502006-12-07T09:26:00.000+07:002006-12-07T09:31:05.861+07:00

I feel my Linux skills have become a little bit rusty. To resharpen my Linux skills, I am planning to develop a simple Linux Live-CD.Here are several Linux Live-CDs that I am researching on :SLAXMorphixDamnSmallLinuxI will write about my experiences in this blog. So keep on checking....

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1164861189381034532006-11-30T11:28:00.000+07:002006-12-21T11:16:57.606+07:00

I read an interesting project developed by experts at University of Toronto. This project is called Psiphon.With this project, an Internet user who live in a censored country can use server in uncensored country to access the Internet. And all the web traffic between users is encrypted and secure. A very good project for privacy.So let's download the software on Dec. 1, 2006 and try it out.

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1164860826079188312006-11-30T11:19:00.000+07:002006-12-21T11:17:22.983+07:00

I found out a website that can help us in generating secure password. It's called SafePasswd.Here is a screenshot when I generated a secure password (not anymore :D) :

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1162980402300103922006-11-08T16:32:00.000+07:002006-12-21T11:19:14.940+07:00

A friend of mine has a lot of images. Those images are very beautiful. Unfortunately I found out that the image size was very big. One of them has 2592x1944 pixels dimension and of course the size is gigantic (1MB) (!).I remembered sometimes ago I played a little bit with "convert", an application to : convert between image formats as well as resize an image, blur, crop, despeckle,

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com2tag:blogger.com,1999:blog-22172187.post-1158725082928187232006-09-20T10:58:00.000+07:002006-12-21T11:20:15.827+07:00

I just read several articles regarding another attack on SSL by Bleichenbacher in Adam's blog.Here are the interesting articles :Many RSA Signatures May Be Forgeable In OpenSSL and Elsewhere Mozilla Falls to RSA Forgery Attack RSA Signature Forgery Explained (with Nate Lawson) - Part I, Part II, and Part III. Halvar Flake and Nate Lawson on Alternative Padding Schemes Enjoy reading them.

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1157515196122954622006-09-06T10:56:00.000+07:002006-12-21T11:19:31.533+07:00

Several years ago, I wrote a thesis about Elliptic Curve Cryptography. At that time, I splitted the files by chapter, so I have chapter 1-5. And these files were in PS format.Yesterday, I decided to convert those files to PDF.Here is how I do the conversion :First I used ps2pdf program to convert PS to PDF files :$ ps2pdf13 ch01.psand so on.I found out that chapter 1,3 and 5 contain one empty

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1156821799099690982006-08-29T10:18:00.000+07:002006-12-21T11:20:01.868+07:00

I just read a news article regarding a demonstration on a modified method of attack against a reduced variant of the SHA-1 hash algorithm.My suggestion, if you need more security, then start to use SHA-256 or even SHA-512. For normal usage, you can still use SHA-1 but may be not for a long time.You can also read the know-how about the hash crack.

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com1tag:blogger.com,1999:blog-22172187.post-1155725704204675232006-08-16T17:52:00.000+07:002006-12-21T11:22:30.494+07:00

I couldn't install snort-inline, because it needs libnet 1.0.2a. In my system I have already installed libnet 1.1.0 required by dsniff-2.4.0. This silly problem made me crazy for several days.Finally I got an enlightenment.First, make sure you've installed iptables-devel package.To resolve this problem, I downgraded dsniff to dsniff-2.3-1.guru.suse100(http://rpm.pbone.net) and removed libnet

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1155702798220938752006-08-16T11:23:00.000+07:002006-12-21T11:22:14.864+07:00

Several days ago, I installed Nessus on my machine (OpenSUSE 10.1). From the website, I didn't find Nessus package for my machine, instead I downloaded packages for SUSE 10.The installation was a breeze :# rpm -Uvh Nessus-3.0.3-suse10.0.i586.rpmPreparing... ########################################### [100%] 1:Nessus ########################################### [100%

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1155625611619631532006-08-15T14:01:00.000+07:002006-12-21T11:22:58.756+07:00

I am currently doing a research on how to develop crypto code in Python programming language.Based on my research, there are several crypto libraries that's suitable for my purpose. They are Python Cryptography Toolkit and ezPyCrypto as my main libraries.Python Cryptography Toolkit will be the low-level crypto library, while ezPyCrypto will act as a high-level crypto library.Before installing

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1152789209004112942006-07-13T18:02:00.000+07:002006-07-13T18:13:42.213+07:00

Several days ago, I finished install Rails on my system. At that time, I didn't have anything to show you about the easiness of Rails.In this occasion I will show you how easy it is to create a simple web-based application. The application will just display "hello" and "goodbye".First, I create an application called "demo" :$ rails demo create create app/controllers create app/

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1152759189262088462006-07-13T09:49:00.000+07:002006-07-13T09:53:09.266+07:00

During my adventure to install Ruby on Rails, I didn't find a detailed guide explaining the process, what component should be install first, etc.So here is my note regarding Ruby on Rails installation using gem. Please note that I install the components using gem local installation.Install the following components first using gem :# gem install activesupport-1.3.1.gemAttempting local installation

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1152758819313560462006-07-13T09:41:00.000+07:002006-12-21T11:20:34.218+07:00

To be able to view chm files in OpenSUSE 10.1 you need to install the following software packages :chmlib-0.37.4-1.i586.rpmcompat-expat1-1.95.8-6.i586.rpmexpat-2.0.0-13.i586.rpmlibmspack-0.0.20040308alpha-16.i586.rpmwxGTK-2.6.1.0-4.i586.rpmxchm-1.2-1.i586.rpmYou can find those packages in http://rpm.pbone.netAfter success download those files, just install them :# rpm -Uvh *.rpmEnjoy

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1150452011528001652006-06-16T16:57:00.000+07:002006-12-21T11:20:52.755+07:00

The default xine and xine-lib packages provided by SUSE 10.1 can't be used to play DVD. So you need to uninstall them and install the following packages :libxine1-1.1.2cvs-060514.i586.rpmxine-ui-0.99.4cvs-051003.i586.rpmlibdvdcss2-1.2.9-1.i386.rpmw32codec-0.52-1.i386.rpmYou can find those packages at http://packman.link2linux.orgAfter that you can enjoy watching DVDs. :D

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1150451814143922732006-06-16T16:54:00.000+07:002006-12-21T11:24:30.974+07:00

The default XMMS Library provided by OpenSUSE 10.1 doesn't have MP3 capabilities. In other words, you can't play MP3 files using the default XMMS library installed by OpenSUSE 10.1.To solve the problem, I installed XMMS Library from http://packman.links2linux.orgHere is the filename :xmms-lib-1.2.10-103.pm.1.i586.rpmTo install it, just use the following command :# rpm -Fvh xmms-lib-1.2.10-103.pm

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com3tag:blogger.com,1999:blog-22172187.post-1145590465414278982006-04-21T10:18:00.000+07:002006-04-21T10:43:07.730+07:00

I had a chance to test pysqlite, a Python wrapper for SQLite Database System. pysqlite needs the following dependencies :Operating System and C CompilerSQLite version 3.0.8 or later (for pysqlite 2.2.0)Python 2.3 or laterAfter download the latest version (2.2.2) I did the followings to install pysqlite to my system :$ tar xvzpf pysqlite-2.2.2.tar.gzpysqlite-2.2.2/pysqlite-2.2.2/doc/pysqlite-2.2.2

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1145432693583854882006-04-19T14:38:00.000+07:002006-04-19T14:44:53.593+07:00

I just read a blog entry title "Why Windows is less secure than Linux". In that blog there are some interesting pictures describing system calls in Apache and IIS.The first picture is of the system calls that occur on a Linux server running Apache. The second image is of a Windows Server running IIS.Just wondering who can master the intricacies of IIS, it's so darn complex. :D

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1145262199794331622006-04-17T15:19:00.000+07:002006-04-17T15:23:19.796+07:00

In my last blog, I wrote about httperf. This time I will write about another tool. The toolis autobench. It is a wrapper for httperf.To install autobench, just do the followings :$ make# make installTo run it, type :$ autobenchAutobench configuration file not found - installing new copy in /home/tedi/.autobench.confInstallation complete - please rerun autobenchI use the example from autobench

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1145260242476423532006-04-17T14:46:00.000+07:002006-04-17T14:50:42.496+07:00

I got another tool for testing webperformance. This tool is httperf. It was developed by David Mosberger from HP.The installation process is very smooth and usual :$ ./configure$ make# make installNext I try httperf to issue 1000 HTTP requests :$ httperf --server localhost --port 80 --num-conns 100 --rate 10 --timeout 2The above command will create 100 connections during 10 seconds (1000 requests

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1144826854440906442006-04-12T13:24:00.000+07:002006-04-17T15:12:58.526+07:00

Last night I tried to use IDX-Tsunami. It is a distributed load testing tool. It is protocol-independent and can currently be used to stress testing HTTP, SOAP and Jabber servers.After download it from its website the installation process was very easy (if you've already had Erlang OTP).InstallationTo install IDX-Tsunami, I just did the followings :$ tar xvzpf idx-tsunami-1.1.0.tar.gz$ cd

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1144729039086785762006-04-11T11:05:00.000+07:002006-04-11T13:30:16.660+07:00

Last week, I had a long weekend (3 days off). It made me very bored. During that time I read PC Magazine. In it there is an article regarding several web performance tools. One of them is ab2 that is included in the Apache webserver.For a long time I want to measure the performance of several webservers. That article inspired me to test the performance of several webservers.The webservers I want

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1144234452874980762006-04-05T17:46:00.000+07:002006-04-05T17:54:12.916+07:00

Last week during my weekend, I got bored with security stuffs. So I tried something new. I read Programming Ruby 2nd edition. In it I found out about Webrick.I thought this was a cool stuff. With Webrick you can create your own webserver in Ruby. Isn't that cool?So I hacked the code for a simple webserver :#!/usr/bin/env rubyrequire 'webrick'include WEBricks = HTTPServer.new( :Port => 2000

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1141705959589996392006-03-07T11:15:00.000+07:002006-03-07T11:50:17.126+07:00

Several days ago, I had a chance to test AVG antivirus for Linux. I download the suitable package for my SUSE system.The installation process was very smooth, just do the usual RPM command :# rpm -Uvh avglinux-7.1-23_free_suse_avi0676.i386.rpmPreparing... ########################################### [100%] 1:avglinux ########################################### [100%]

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1140423753845248772006-02-20T15:17:00.000+07:002006-03-27T09:41:48.306+07:00

Here are the steps I took to format my USB flash disk for VFAT filesystem. I chose this filesystem because it is supported in Windows and also in Linux :Unmount the usb disk (if it is still in use) :# umount /dev/sda1Format the usb disk : # mkfs.vfat -c -n TEDI /dev/sda1mkfs.vfat 2.10 (22 Sep 2003)Check the usb disk : # dosfsck -vV /dev/sda1dosfsck 2.10 (22 Sep 2003)dosfsck 2.10, 22 Sep 2003,

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1139472746069617442006-02-09T15:05:00.000+07:002006-03-27T09:54:12.066+07:00

After read several papers and presentations in network security field that mentioning scapy, I decided to try it.From the Scapy website : Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1139470378130180452006-02-09T14:19:00.000+07:002006-02-09T15:34:27.420+07:00

Several days ago, I read an announcement about Nmap 4.00 release. In that announcement there are at least 200 fixes and features added to this version compare to Nmap 3.50. And also Fyodor said this version has many performance improvement I couldn't resist to download the newest version.Last night, I installed it on my machine.When I tried to run it first :# nmap localhostIt complained about

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1139459733371981772006-02-09T11:29:00.000+07:002006-02-09T11:36:40.520+07:00

I found a cool site to generate graffiti online :http://atom.smasher.org/graffiti/It's so darn cool.I make one graffiti for my blog site :

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com1tag:blogger.com,1999:blog-22172187.post-1139459187458046362006-02-09T11:25:00.000+07:002006-02-09T11:29:12.386+07:00

Problem :In my SUSE 9.3 Professional there is a problem in vim. The backspace key only delete new text and it doesn't delete old text, it just gives me a system beep.So, for example, if there is already text in the file, I cannot delete it. But if I insert new text and immediately hit the backspace key, it will delete it, but only up to the begging of the new text I have typed. If I type some

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com1tag:blogger.com,1999:blog-22172187.post-1139459083716720212006-02-09T11:23:00.000+07:002006-02-09T11:24:43.716+07:00

Here are several articles regarding forensic tools in court :http://www.unixreview.com/documents/s=9943/ur0512i/ur0512i.htmlhttp://www.cybersecurityinstitute.biz/tpicq.htmhttp://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=4&postdays=0&postorder=asc&start=0http://informationsecurity.techtarget.com/magPrintFriendly/0,293813,sid42_gci1147990,00.htmlWhile reading those articles, I

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1139458055134569042006-02-09T11:05:00.000+07:002006-02-09T11:10:11.143+07:00

Last week (20 Dec 2005) there is a question regarding how to do MD5 in Erlang in Erlang mailing list.I replied by quoting the following resource :In addition to what Bengt has said, you may want totake a look at the following message thread. Itdiscussed how to generate MD5 hash like md5sum program :http://www.erlang.org/ml-archive/erlang-questions/200303/msg00492.htmlJing sent me his code (

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1139457846499917142006-02-09T11:03:00.000+07:002006-02-09T11:04:06.500+07:00

I have been struggling with the deferred concept in TwistedMatrix since last night. At that time, I read the deferred concept from : Generalization of Deferred Execution in Python. Unfortunately, I didn't get it. I couldn't do more because I was too tired, so I went to bed.I wake up early this morning to go to the office and googling about deferred concept.Luckily, I saw a documentation entitled

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1139457701072506802006-02-09T11:00:00.000+07:002006-02-09T11:02:31.676+07:00

I got the following links regarding Twisted framework background theory from an email sent to Twisted mailing list:Generalization of Deferred Execution in PythonAsynchronous Programming with TwistedComponents: Interfaces and Adapters

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com1tag:blogger.com,1999:blog-22172187.post-1139457139221077172006-02-09T10:51:00.000+07:002006-02-09T10:52:19.223+07:00

Beberapa malam lalu, saya akhirnya berhasil juga cobain Twisted. Proses instalasinya tidak sesulit yang saya perkirakan, gampang banget. Cuma kemaren-kemaren ada kesalahan, saya mendownload paket Twisted secara terpisah-pisah, dan ternyata ada paket yang dibutuhkan yang belum didownload. Jadi gak bisa dibuild dah.Untunglah kemaren tahu triknya, ambil aja paket bernama TwistedSumo, paket itu udah

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0tag:blogger.com,1999:blog-22172187.post-1139456846877196532006-02-09T10:43:00.000+07:002006-02-09T10:47:26.886+07:00

After using another blog service (www.livejournal) for about two months, I decided to move my blog to Blogger.I find it difficult to use LiveJournal blog, and it lacks some features.So from now on I will move my blogs at LiveJournal to Blogger.Thank you for dropping by.

Tedi Heriyantohttp://www.blogger.com/profile/13493962780755247716noreply@blogger.com0