Skip to main content

Posts

Showing posts from May, 2007
Batteries Not Included

I parked my car in front of USM CS's school car park. And when I plan to go back for rest, I found out my car battery sucked dry. It was my mistake somehow that the car lamp did not switched off. I phone Reza, my friend, to get me a pair of "car battery jump starter" and do this step:




Pix taken from here

Moral: Pastikan tangan anda tidak gabra semacam. Petang semalam jadi. Rupanya malam tadi pun sama jadi jugak kot,sebab pagi tadi terpaksa jump start dengan kawan aku. then aku pi minum lepas boleh start kong balik(tak charge ko?).

For the jump starter it cost me RM20 (around USD5) per pair . Well somehow fazot, as far I know got it less RM5.

Well, I just knew that my 18 months battery has dry out. So I opt to replace a new one since after what happened yesterday, it did happened again TWICE today.

I changed my Century wet batt to Yokohama. It costs me RM140 (around USD45)
You can refer here


Snort_inline n00b

























Victor Julien
To: mnajem Hi!

mnajem wrote:
> hi,
>
> i am relatively new to IDS and IPS stuffs.
> I am confused with
>
> snort rules, say here:
> http://www.bleedingthreats.net/bleeding-all.rules
>
> and snort_inline rules.
>
> do they have difference? i mean do snort_inline use snort's rules so
> that the iptables will drop messages got via libipq?

I think the difference is just that the snort_inline rules have the
action set to 'drop' already. The Snort rules are just using 'alert'.

> currently i'm trying to do research on improving speed of IDS/IPS
> whether on signature checking or if possible in layer 7 inspection/deep
> inspection.
>
> in addition, i also confused whether l7 netfilter do the same job of
> snort_inline on inspection packets.

The l7 matching in netfilter and also the string matching in netfilter
are very limited compared to Snort. This is because snort does many more
things with the packets b…
Gnuwin32/Cygwin

Saya tidak pasti bagaimana anda menggunakan Cygwin(jika ada),tetapi kadangkala katakanlah anda tidak mempunyai aplikasi tersebut di dalam cygwin,sebaliknya pada projek GNUWin32

Contohnya saya ingin mengekstrak file bersuffiks .shar (shell archive)

Aplikasi itu (shar/unshar) ada di sini:
http://gnuwin32.sourceforge.net/
http://sourceforge.net/project/shownotes.p...;group_id=23617

Yang saya ada ialah Cygwin.

Setakat pengalaman saya,anda boleh mengekstrak installer dari laman Gnuwin32 dan ia akan mengekstrak aplikasi itu ke:

C:\Program Files\GnuWin32\bin

Namun demikian, Cygwin anda tidak dapat membaca executable file tersebut kerana set arahan Cygwin berada pada:
/bin dalam cygdrive (virtual drive).

Apa yang anda boleh lakukan ialah mencipta softlink dengan arahan "ln"

ln -s /cygdrive/c/Program\ Files/GnuWin32/bin/unshar.exe /bin/unshar.exe
ln -s /cygdrive/c/Program\ Files/GnuWin32/bin/shar.exe /bin/shar.exe

Cara yang sama juga saya gunakan untuk aplikasi lain yg tiada di dal…
Why do you have to graduate from Grad School?





Peking: When I'll be there again, in Summer?

"Non Tailed" Fox


I am compiling Fox, which needed as a value added package for RubyForger, a Ruby-based packet generator

*the title was modified version of Uzumaki Naruto's sealed "Nine Tailed Fox"
Bleach: Bankai Sword

picture taken fromhere
Nepenthes on Fedora Core 6 Issue

Question:

Me wrote:

Hello.

Currently I'm running nepentes 0.2.0 on Fedora Core 6 installed using RPM.

I got this message when I want to check it's status since when I scanned the localhost port it didn't mock the meant service:

[root@localhost ~]# /etc/init.d/nepenthes status
nepenthes dead but subsys locked


What subsys mean?

Answer:
try
/etc/init.d/nepenthes restart
if that doesn't get it, find the lock file in /var and delete it. then start it.
Mari Belajar Regular Expression (Regexp)

Regular expressions atau daripada sesetengah-setengah individu memberi gelar sebagai "ungkapan nalar" ialah salah satu cara untuk memudahkan pencarian aksara sasaran dengan corak/pattern tertentu.

1) Ringkasan

Secara ringkas, ia melihat syarat/pattern matching untuk sesuatu target sebelum input tersebut di"cekup" bagi dipaparkan/digunakan.

Sebagai contoh:

$ls -l |grep ^d

Di sini , arahan penyenaraian panjang digunakan untuk memaparkan kandungan direktori, dan output senarai tersebut di"cekup" menggunakan aksara "caret" yang menginginkan penyenaraian bermula dengan aksara "d"

Tujuan pengguna menggunakan arahan ini ialah untuk memaparkan direktori saja. Arahan ini mempunyai nilai yang sama dengan:

find . -maxdepth 1 -type d (yang secara default mempunyai nilai -print )

atau jika ingin memperkecilkan skop

find . -maxdepth 1 -iname "" -type d

maxdepth ialah tahap jutsu atau chakra yang diperlukan un…
Random Talks

Aku tengok satu trend orang perempuan suka tulis diary. Detail. Sangat detail. Adakah ini menggambarkan sikap mereka yang teliti (baca:cerewet) ?

Sebaliknya, aku lebih suka tulis benda-benda teknikal, movie review. Dan future plan aku ialah nak belajar guna kamera DSLR supaya aku boleh snap gambar burung, gambar serangga, gambar bangunan tinggi, belajar pasal pencahayaan, touch up gambar dan lain-lain.

Costly?

Ya benar, aku rasa aku perlukan sekitar RM2,000 ke atas untuk hobi yang mahal itu.

Wait up? Hobi? Bercakap pasal hobi aku takde hobi yang menarik sangat selain layan anime-bermula dengan Naruto, Bleach. Masa study dulu beli Dragon Ball, Dragon Quest dengan Conan.

Macam membazir? Oh tidak sangat. Sebab komik-komik ni mengajar pembaca berfikir, ada unsur-unsur kemanusiaan dalam tu. So, kalau nak komplen kena la nilai dulu benda baik yang ada dalam komik bersaiz Doraemon itu. Haha.

Basketball.

Oh, aku ada beli basket ball Adidas dengan pam bola Puma haritu. Adala semangat dala…
Snort_inline: Compilation Issues

After gave up with Debian since I can't resolve libdnet problem on Debian, I opt to take Fedora Core 6 with reasons:

1-Community driven
2-Less compilation (machine is Pentium 3. I just add up my own 128 SDRAM )
3-Package management

However, I regret that yum slowness which drive me upset. Everything else fine.
Funny stuff: I use Ubuntu on my laptop and when I want to use yum search facility, it leads to

#yum cache search

ROTFL

(apt-cache is for Debian variant which works almost the same with yum search. The command given above mixed)

I saw victor posted something on his blog regarding snort_inline dropped libipq dependecies horror as posted here

I checkout'ed the SVN version, compile it and and succeeded.