[Learning Hacking Part I] What does a malicious hacker do ?

What does a malicious hacker do ? this question will come into our head if we want to do a countermeasure. First you need to understand the anatomy of an attack . It is neccessary to comprehend the steps to counterattack, once detected. In general, there are five steps/phases in which intruder advances an attack:

Phases of malicious hacking

1. Reconnaissance
This is a phase that attacker will gather all the information they need about a target. There are two types of reconnaisance. They are passive and active.
Example: Gather information about domain name

2. Scanning
In this step, the attacker begins to find the target's vulnerability that can be exploited
Example: Ip scanning, using nmap, etc

3. Gaining Access
In this phase, the attacker will exploit the target's vulnerability
Example: coding an exploit

4. Maintaining Access
Once access is gained, the attacker usually maintains access to fulfill the purpose of his/her entry
Example: by planting a trojan

5. Covering Tracks
In this phase, the attacker will destroy all the evidence of attack
Example: clearing the event viewer

Nmap Screen

Types of Hacker:
1. Black Hats
Black hats is an offensive Hacker

2. White Hats
White hats is defensive Hacker

3. Grey Hats
Grey hats is a both offensive and defensive Hacker

4. Suicide Hats
Suicide hats is doing hacking without thinking the rules

Those all basic that malicious hacker do before doing oenetration . Wait for my next article
PS: Click HERE to see this post in Indonesian

[RedHat Enterprise Linux] How to secure your Redhat Enterprise Linux 5 by User or Host

Despite of using firewall, SELinux, there are many ways to secure your RHEL from crackers into your services, one of them is using tcp_wrappers. This feature is automatically enabled in the system. There are two key files in tcp_wrappers, they are hosts.allow and hosts.deny. The sequence of those two files are like follow:

1. System will search /etc/hosts.allow. If tcp_wrappers finds a match then it grants access after that no additional searches are required.
2. Then it searches /etc/hosts.deny. If tcp_wrappers finds a match then it denies access.
3. If there are no hosts found in either those files. Then access is automatically granted to the client


Sample commands

You can set up multiple services using a comma for separating them. In order to make an execption, you can do it by simply typing EXCEPT operator.

Below is the example code for hosts.allow:

#hosts.allow
ALL : .example.com
telnetd : 192.168.0.0/255.255.255.0 EXCEPT 192.168.0.79
sshd, in.tftpd : 192.168.1.10

First line is just a comment. The next line is to define that host from example.com can access all the services. The following line, service telnet can only be accessed from all hosts that has IP address from network 192.168.0.0/24 except IP address 192.168.0.79.

Below is the example code for hosts.deny:

#hosts.deny
ALL EXCEPT in.tftpd : .example.org

telnetd : ALL EXCEPT 192.168.1.10
ALL:ALL

First line is to deny all except tftp service for host example.com. The next line is to deny all host from accessing telnetd except from ip address 192.168.1.10.

[My Life Sharing] Apakah Benar Bisa Mendapatkan Uang dari Internet??

Sebelum saya lanjut ke tulisan saya dibawah, saya ingin berterima kasih kepada teman saya atas bantuannya untuk membantu saya.

















Baiklah, tanpa basa-basi lagi saya lanjut kepada artikel saya. Bagaimana dengan kabar anda ?


Saya sedang bersemangat sekali karena saya menemukan 1 program yang bisa dibilang sangat menarik. Tetapi sebelum saya membahasa ke arah sana. Saya akan memberikan sedikit gambar tentantg bisnis online. Ada banyak sekali cara untuk mendapatkan penghasilan tambahan terutama dari internet. Salah satu contohnya adalah dengan berinvestasi di saham, valas, dan komoditi. Tapi apakah anda pernah membayangkan modal yang dikeluarkan untuk produk-produk investasi tersebut tidaklah sedikit, angka nya sudah masuk dalam hitungan juta. Tetapi dengan melakukann bisnis yang akan saya tawarkan ini, modalnya hanya sedikit saja tetapi bisa berpotensi untuk menghasilkan passive income yang cukup lumayan tinggi. Dahulu saya jarang sekali bergabung dengan suatu program yang tidak ada kemungkinan menghasilkan profit tinggi atau dengan kata lain, saya tidak suka bergabung dengan suatu program yang sama sekali dibilang TIDAK MENGHASILKAN

Berikut adalah hasil dari pemikiran saya mengenai program ini.

1. Semua orang yang online, pasti mau kalau ditawari Passive Income. Siapa sih yang tidak mau DUIT? Bener kan? Program ini menjanjikan Anda lebih dari 100jt apabila Anda mengikuti step by step yang diperintahkan secara tepat. Tetapi minimal Anda akan bisa mendapatkan BEBERAPA JUTA saja kalau Anda melakukan semua cara saya yang nanti akan saya ajarkan.

2. Pertumbuhan pengguna Internet di Indonesia kurang lebih 6jt orang per tahun, jadi jangan khawatir kehabisan market. (Kita cuma butuh 4 orang untuk mengembalikan modal kita).

3. Jaman sekarang, siapa sih yang tidak memiliki dan mengakses Facebook? Friendster? Ada berapa banyak teman Anda di Facebook dan yang lain-lainnya? Apakah cuma 4 orang? Pasti lebih kan, bahkan saya saja memiliki 600 teman hanya di Facebook saja. Katakanlah Anda seperti teman-teman saya pada umumnya yang memiliki 300-400 teman saja di Facebook. Dengan persentase keberhasilan 5% saja (saya ambil paling kecil), maka Anda sudah bisa mendapatkan 15-20 prospek yang bagus kan?

Padahal Anda cuma butuh 4 orang untuk balik modal. Tetapi yang nama nya bisnis, maukah anda hanya ingin balik modal ? tentunya anda ingin balik modal juga kan ? Makanya saya bilang bisnis ini menguntungkan.

4. Kebanyakan orang malas melakukan bisnis online

Alasan mendirikan bisnis di internet karena keterbatasan waktu atau biasanya skill/kemampuan. Sedangkan program ini tidak membutuhkan skill karena semuanya sudah disediakan untuk Anda.

Modal yang Anda butuhkan hanyalah Rp 180.000 saja (masih ditambah bonus beberapa e-book mengenai bagaimana mencari uang di Internet), dan nanti saya akan mengajarkan kepada Anda untuk bagaimana memaks imalkan hasil yang bisa Anda dapatkan menjadi BEBERAPA JUTA SAJA (Jangan muluk-muluk sampai ratusan juta)

Segera kirimkan saya email kosong ke hartono_tjung@yahoo.com dengan menyebutkan nama anda atau klik di sini untuk mengirimkan email kosong untuk mendapatkan cara dan tutorial berbisnis online.

[RedHat Enterprise Linux] How to install NIS server integrated with NFS Server

Before installing NIS server in order NIS client to be able to authenticate to NIS server, we need to install NFS server first. Below is the tutorial how to install NFS and NIS.

Installing and configuring NFS
Make sure the NFS service is enabled by doing these commands:

# service nfs status

If the NFS service is not enabled , then we should enable it by commanding:

# service nfs start
# chkconfig nfs on

Then do these command below:

# rpcinfo -p localhost
# showmount -e localhost

Edit file in /etc/sysconfig/nfs
MOUNTD_PORT="4002"
STATD_PORT="4003"
LOCKD_TCPPORT="4004"
LOCKD_UDPPORT="4004"
RQUOTAD_PORT="4005"

Then make sure the ports are opened in the firewall
4002-4005 tcp
4002-4005 udp

Edit file in /etc/exports
/directory_you_want_to_share_with *.domain-name.com(rw,sync)
!wq

Then do the following commands:
# exportfs -a
# exportfs -ra


Installing and configuring NIS Server
1. Ensure the following rpms are already installed , they are:
ypserv, portmap, and make

Configure ypserv, vppasswdd, ypxfrd in order to be on specific ports.
edit /etc/sysconfig/network
YPSERV_ARGS="-p 835"
YPXFRD_ARGA="-p 836"


2. edit file in /etc/sysconfig/yppasswdd
YPPASSWDD_ARGS="--port 837"

3. edit /etc/sysconfig/network
NISDOMAIN=yourdomain

4. Restrict access to ypserv to your network
Edit file in /var/yp/securenets
255.255.255.255 127.0.0.1
255.255.255.0 192.168.0.0

5. Start all services and ensure it to start on boot
Edit file in /var/yp/makefile
Look for the all: target and edit it to read
all: passwd group hosts netid

6. Generate NIS map (database) by running ypinit using this following command:
/usr/lib/yp/ypinit -m
Then press CTRL+D
Then press Y

7. Start the yppasswdd service by doing the following command:
# service yppasswdd start
# chkconfig yppasswdd on

8. Verify the services have been started by doing the following command:
# ps aux|grep yp

9. # cd /var/yp
# make

10. Verify the services have been registered with portmap by doing the following command:
# rpcinfo -p localhost
11. For tracing the error, check the log in /var/log/messages

[Trading] Candlestick Pattern Part II: Some familiar candles

In candlestick patterns, there are some patterns that may make you familiar. They are :


Figure 1. Basic Doji Pattern


Figure 2. Gravestone Doji


Figure 3. Spinning Top Doji



Figure 4. Shooting Star/Inverted Hammer



Figure 5.Hanging Man/Hammer



Figure 5. Long Leg Doji

Those basic common candlesticks above will be used to determine the bullish/bearish reversal pattern ,continuation and consolidation pattern. In the reversal pattern, there are some called high reliability and medium reliability depends on the candlestick High reliability patterns in bullish reversal for example are morning star, piercing line, three white soldier, etc. This patterns will be discussed in part III

[My Life Sharing] Old animated TV series Part I: Centurions

When I was still very very young, at age 5. I everyday watched american animated tv series named Centurions. Do you still remember Centurions? Centurions a 30 minute american science fiction animated tv series.

I try to remember it and searched everywhere in google. I collect the information to remind you of centurions maniac. Below I will simply tell the characters and some of their weapons (forgive me if they are not too complete)

Characters:
Originally there are three Centurions but later two other Centurions were also there:

• Max Ray - 'Brilliant' Sea Operations Commander
• Jake Rockwell - 'Rugged' Land Operations Specialist
• Ace McCloud - 'Daring' Air Operations Expert
• Rex Charger - ‘Expert’ Energy program
• John Thunder – ‘Specialist’ Infiltration Commander

Weapon systems:

• Sky Knight
• Orbital Interceptor
• Sky Bolt
• Cruiser
• Fireforce
  
• Electro Charger Pack
• etc

If some of you still want to remember about how they perform , see this video below from youtube. Enjoy!!!


Centurions - Double Agent (Part 1 of 3)


Centurions - Double Agent (Part 2 of 3)

[Trading] Candlestick Pattern Part I: What you need to know first

Candlestick pattern originally founded in the 1600s, it is a method of technical analysis which was developed by the Japanese to analyze the price of rice contracts. This technique is called candlestick charting. Steven Nison is credited with popularizing candlestick charting and has become recognized as the leading expert on their interpretation.

Candlestick charts display the open, high, low, and closing prices in a format similar to a modern-day bar-chart, but in a manner that extenuates the relationship between the opening and closing prices. Candlestick charts are simply a new way of looking at prices, they don't involve any calculations.

Figure 1 Body of candlestick

Now, candlestick pattern can be broken down into 3 classifications:
1. Reversal
2. Continuation
3. Consolidation


To be continued to part II..

[RedHat Enterprise Linux] Step by step how to set up NTP client and force to automatically sync on RHEL 5.2

There are many ways to setup NTP client in RHEL 5.2. They are:
1. By GUI
- Executing command system-config-ntp
- Enter the NTP server that wants to be synchronized
- Click "Synch before starting up" in the tab advanced

2. By command line
- Typing ntpdate -b servername
- Create new cron if you want to force NTP client to update time every exact time.
- Below is the crontab example for NTP client to update time every 10 minutes


# crontab -e

SHELL=bin/bash
*/10 * * * * ntpdate -b servername

[RedHat Enterprise Linux] How to set iptables in order to collaborate with Squid

Before I begin to deliver the tutorial. I assume there is a Squid installed in your Linux. I am using RHEL 5.2 to do this. Below is the step by step how to do it.

1. Here, I am using a script to manage my iptables. If you don't have the script, first create a new one. It is very simple to do so. Create a new file in your directory and named it with your own, my name is iptables.

# touch /etc/iptables

2. Then, edit that file using vim
# vim /etc/iptables

3. Input this texts into that file
#!/bin/sh
#Squid server address
SQUID_SERVER="x.x.x.x"

#This is for Internet Interface definition
INTERNET="ethx"

#This is for LAN Interface definition
LAN_INx="ethx"
LAN_INy="ethy"


#Squid Port
SQUID_PORT="3128"

#Rules Normalization
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

#Flush All Rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X

#Full access for localhost
iptables -I INPUT -i lo -j ACCEPT
iptables -I OUTPUT -o lo -j ACCEPT

#Rules in order packet will automatically established
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

#This rule is for NAT from LAN into Internet
iptables -t nat -A POSTROUTING -o $INTERNET -j MASQUERADE

#These rules are for necessary port to be opened
iptables -A FORWARD -p tcp --dport 25 -j ACCEPT
iptables -A FORWARD -p tcp --dport 110 -j ACCEPT
iptables -A FORWARD -p tcp --dport 138 -j ACCEPT
iptables -A FORWARD -p tcp --dport 443 -j ACCEPT
iptables -A FORWARD -p tcp --dport 8443 -j ACCEPT
iptables -A FORWARD -p tcp --dport 5050 -j ACCEPT
iptables -A FORWARD -p tcp --dport 8443 -j ACCEPT

#Rules for transparent proxy
iptables -t nat -A PREROUTING -i $LAN_IN1 -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT

#Rules for allowing squid, DNS and gateway for accessing the internet
iptables -A INPUT -p tcp --dport 3128 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT

#Logging for troubleshooting
iptables -A INPUT -m limit --limit 2/m --limit-burst 2 -j LOG --log-prefix '** INPUT DROP **'
iptables -A OUTPUT -m limit --limit 2/m --limit-burst 2 -j LOG --log-prefix '** OUTPUT DROP **'
iptables -A FORWARD -m limit --limit 2/m --limit-burst 2 -j LOG --log-prefix '** FORWARD DROP **'

#Default rules
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

#Saving Configuration
service iptables save

4. After that, save that file.
5. Make the file be executeable by doing command like below:
# chmod u+x /etc/iptables

6. Run the iptables file by directly executing the file like below:
# /etc/iptables

7. Test browsing using your browser