Apr 26
My Life, Security, Technology, WordPress Hardening, WordPress 1 Comment
There is a few ways to hardening your wordpress … but for me .. i used the WP plugins call wp-security-scan.2.2.58.1.zip & askapache-password-protect.3.6.3.zip
Here are some screenshot after i’ve done the hardening ..
Apr 26
My Life, Technology WordPress No Comments
Version 2.5.1 of WordPress is now available. It includes a number of bug fixes, performance enhancements, and one very important security fix. We recommend everyone update immediately, particularly if your blog has open registration. The vulnerability is not public but it will be shortly.
In addition to the security fix, 2.5.1 contains many bug fixes. If you are interested only in the security fixes, you can download these corrected copies of wp-includes/pluggable.php, wp-admin/includes/media.php, and wp-admin/media.php. Replace your existing copies of these files with these new copies.
If you download the entire 2.5.1 release, you will be getting over 70 other fixes. 2.5.1 focuses on fixing the most annoying bugs and improving performance. Here are some highlights:
Since 2.5 your wp-config.php file allows a new constant called SECRET_KEY which basically is meant to introduce a little permanent randomness into the cryptographic functions used for cookies in WordPress. You can visit this link we set up to get a unique secret key for your config file. (It’s unique and random on every page load.) Having this line in your config file helps secure your blog.
Many thanks to Steven Murdoch for responsibly reporting the security issue (CVE-2008-1930) and Alex Concha for reporting an XSS issue.
Apr 01
Security, Sophos, Technology 2 Comments
Sophos appeals for computer users to send in pictures to increase accuracy of new RAPIL system
IT security and control firm Sophos today announced its new RAPIL (Recognition and Analysis of Potentially Intruding Lifeforms) system which is able to produce a real-time forensic analysis of a PC or Mac user’s facial features to determine if they exhibit any characteristics commonly associated with hackers.
The new system uses webcams, now in widespread use on modern computers, to assess the facial characteristics of computer users, and cross-references them against features typically found in cybercriminals. Current tests show that with a clear background and provided the face is free of any obstructions, including hats, moustaches and sunglasses, the beta version of RAPIL has a success rate of 97.78 percent.
As the amount of malware created each month continues to grow, Sophos experts note that most hackers are now working for organised criminal gangs intent on breaking into the PCs of innocent victims to steal sensitive and confidential information which can then be used for financial gain. Until today, most security companies have focused their efforts on preventing these attacks by detecting the malicious software and stopping it running. With RAPIL, Sophos can identity and stop the hacker before the malware is ever even written.”Being able to stop the hackers before they even get a chance to write their malware, let alone spread it, is a breakthrough in the fight against cybercrime. Frankly this technology will put Sophos lightyears ahead of its competitors,” said Graham Cluley, senior technology consultant at Sophos. “With the amount of new cyberattacks we’re discovering every month, it’s increasingly difficult for computer users to ensure there are no holes in their security defences and that their PCs are fully defended. With our new solution that can identify key physical characteristics, we can literally see when someone has hacker written all over them.”
Sophos RAPIL blocks people it believes to be hackers from accessing computers.
RAPIL samples the signal from the webcam 32 times a second. Using various new and existing machine learning techniques, such as K-Means clustering, SVM classifiers, decision trees, cross validation and genetic programming, thousands of facial characteristics including retinal patterns, shape of the philtrum, symmetry of the lips, size of the forehead and facial expression are tested to establish the probability of the user being a hacker. Once identified as a cybercriminal, the PC screen automatically goes blank, the keyboard freezes and the first 512 GB of the hard drive is encrypted with a user-defined key – many hard drives will therefore be encrypted in their entirety. The solution is fully protected against rootkits which hackers may attempt to use to disable it.
At present, advanced evasion techniques such as facial polymorphism and metamorphism can be used by hackers to evade the system. The face is polymorphic if it is randomly obstructed by an item such as a hat, moustaches and glasses. Facial metamorphism, which occurs when the user changes their facial characteristics for every command run on the system, is even more difficult to detect. As part of the beta testing for RAPIL v0.401, Sophos is appealing for computer users to upload polymorphic pictures of themselves to help improve the accuracy of RAPIL still further.
To add to the Sophos library of faces and help the fight again cybercrime, please upload your photographs at: www.flickr.com/groups/ra-pil
Mar 19
My Life, Technology 7 Comments
Last 2 week i got fakaped coz 1 of domain in my domain list got xpired and then mess up all the web, email n etc2. Previously it quite my mistake of not having crontab about the xpirery, btw i learn from my mistake bcoz it was my 1st job working in IT and i took it as a lesson. So i do some googling bout the script and found 1 that suite my needs but i do have a problem with it bcoz it wont work for MYNIC Registrar.
Im study the code but im lost in the world of the programme code bcoz im not a programmer. I do ask some favor to my buddy which is ApOgEE to solve the prob for me. Here are the result : (cNp from ApoGee Blog)
Do you have more than one domain to manage? Have you ever failed to renew your domain before it expires? This simple domain-check script maybe your life saver. Originally, it was written by Ryan Matteson. Then Vivek Gite add up support to .org, .in, .biz and .info domain names.
And now, I’ve updated the domain-check script to support Malaysia (.my) domain. I should call this DNS Domain Expiration Checker Version 1.6
In order to use the script, you can simply download the script and rename it to domain-check. Then
chmod +xto be able to execute it. You can run it to parse a list of domain in a text file and send an email alert to you for any domain that about to expire.Command line code to download:
$ wget http://coderstalk.googlepages.com/domain-check.txt -O domain-checkSample Usage: (in directory where you place the script)
apogee@apogee-persiasys:~$ ./domain-check -d google.com.my Domain Registrar Status Expires Days Left ----------------------------------- ----------------- -------- ----------- --------- google.com.my RGA000733 Valid 31-JUL-2008 134 apogee@apogee-persiasys:~$
[Note: you can place this on your "sbin" directory and run without "./" ]You can also get an email if google.com.my going to expire in 30 days:
$ domain-check -a -d google.com.my -q -x 30 -e apogee@mailserver.com
Anyway i don’t know how to thanks to him with his skills solve my problem… thanks Q so much bro ApoGEE (Fauzi).
p/s: to the guys out there who have a list of domain, u should try ApoGee’s version of Script if u don’t have a sc to use.ÂÂ
Nov 08
IPCop, Security, Technology 2 Comments
Scenario
I have 2 IPCop boxes, both are running the latest version as of this writing
I want to make an IPSec VPN between the 2 internal networks protected by the 2 IPCop boxes.
Network diagram
GREEN1 –> ipcop1 ————-> Internet <——————— ipcop2 <– GREEN2
Detailed step-by-step instructions
Preparation
1. On ipcop1:
i.   reset VPN settings if necessary (hitting the “Reset� button on the VPN page deletes all certificates and connections that might have been previously created)
ii.    set “Local VPN Hostname/IP� to ipcop1.ipcop1.org, check “Enabled� and hit Save
iii.    reboot ipcop1 (just in case)
2. On ipcop2:
i.    reset VPN settings if necessary (hitting the “Reset� button on the VPN page deletes all certificates and connections that might have been previously created)
ii.    set “Local VPN Hostname/IP� to ipcop2.ipcop2.org, check “Enabled� and hit Save
ii.    reboot ipcop2 (just in case)
Generate Root/Host Certificates
3. On ipcop1: Hit the “Generate Root/Host Certificates� button and fill the following values:
i.    ipcop1 as the “Organization name�
ii.   ipcop1.ipcop1.org as the “IPCop’s Hostnameâ€? (this will be already filled for you)
iii.  Specify your Country
iiii. hit the “Generate Root/Host Certificates� button. This will generate the certificates (it might take a while) and will take you back to the VPN configuration page.
v.    Click the “Download Root Certificate� button (icon like a floppy disk). You will be prompted for the file name to save. The default file name is cacert.pem. Just so there is no confusion change the name to cacert.1.pem
vi.    Click the “Download Host Certificate� button (the icon below). You will be prompted for the file name to save. The default file name is hostcert.pem. Just so there is no confusion change the name to hostcert.1.pem
4. On ipcop2: Hit the “Generate Root/Host Certificates� button and fill the following values:
i.    ipcop2 as the “Organization name�
ii.    ipcop2.ipcop2.org as the “IPCop’s Hostnameâ€? (this will be already filled for you)
iii.   Specify your Country
iiii.   hit the “Generate Root/Host Certificates� button. This will generate the certificates (it might take a while) and will take you back to the VPN configuration page.
v.    Click the “Download Root Certificate� button (icon like a floppy disk). You will be prompted for the file name to save. The default file name is cacert.pem. Just so there is no confusion change the name to cacert.2.pem
vi.   Click the “Download Host Certificate� button (the icon below). You will be prompted for the file name to save. The default file name is hostcert.pem. Just so there is no confusion change the name to hostcert.2.pem
Upload the CA Certificates
In this step you are letting the 2 IPCop boxes know about the other CA (Certificate Authority), so that they can trust the certificates issued by the other box.
5. On ipcop1:
i.    Fill ipcop2 as the “CA name�
ii.   Browse and select the cacert.2.pem file
iii.   hit the “Upload CA Certificate� button. This will upload the CA certificate from ipcop2 to ipcop1 and it will show it as the 3rd row in the “Certificate Authorities� (bottom) section.
6. On ipcop2:
i.    Fill ipcop1 as the “CA name�
ii.    Browse and select the cacert.1.pem file
iii.    hit the “Upload CA Certificate� button. This will upload the CA certificate from ipcop1 to ipcop2 and it will show it as the 3rd row in the “Certificate Authorities� (bottom) section.
Create connections
7. On ipcop1: Hit the “Add� button in the middle panel. On the next screen select “Net-to-Net Virtual Private Network� for the “Connection type� and fill the following values:
i.    ipcop2 as the “Name�
ii.   left as the “IPCop side�
iii.  192.168.1.0/255.255.255.0 as the “Local subnet�
iv.  ipcop2.ipcop2.org as the “Remote Host/IP�
v.  192.168.102.0/255.255.255.0 as the “Remote subnet�
vi. In the “Authentication� section select “ Upload a certificate�. Check “Upload a certificate� and browse to the hostcert.2.pem file.
vii. Finally hit the “Save� button
8. On ipcop2 (everything is reversed): Hit the “Add� button in the middle panel. On the next screen select “Net-to-Net Virtual Private Network� for the “Connection type� and fill the following values:
i.    ipcop1 as the “Name�
ii.   right as the “IPCop side�
iii.  192.168.102.0/255.255.255.0 as the “Local subnet�
iv.  ipcop1.ipcop1.org as the “Remote Host/IP�
v.  192.168.1.0/255.255.255.0 as the “Remote subnet�
vi.  In the “Authentication� section select “ Upload a certificate�. Check “Upload a certificate� and browse to the hostcert.1.pem file.
vii. Finally hit the “Save� button
Done!
[tags]IPcop, VPN, OPENVPN[/tags]
Nov 01
Microsoft, Technology No Comments
Syntax:
CommandLineTest -au:adminuser -ap:adminpassword | -ce:certificateFileName [-v] [-a] [-d] [-c] [-di] [-eu] [-n] [-ed] [-f:filename] [-m:member] [-p:password] [-d:domain] [-s:server]
— Arguments —
-cf:certificateFileName = Certificate file name
-au:adminuser = domain owner passport name
-ap:adminpassword = domain owner passport password
-m:member = member to add (or delete) in domain (only when -a, -d, or -c is specified)
-p:password = password for member to add in domain (only when -a is specified)
-d:domain = domain to manipulate (necessary for -a, -d, -eu, -n, -f, -di)
-s: = server to talk to for service (internal testing only…defaults to https://domains.live.com/service/managedomain2.asmx)
— Commands —
-gn: = givenName (First Name)
-sn: = sureName (First Name)
-t = Tests the connection
-s = silent mode
-a = add member
-d = delete member
-c = check member
-eu = enum members
-n = count members
-ed = enum domains owned by admin
-di = get domain information
-f:file = Load a .csv file containing member-names/passwords
Add User by importing from csv:
C:\>commandlinetest -d:edu30.wledutraining.com -au:administrator@edu30.wledutraining.com -ap:password -f:c:\importcsv\users.csv
Signing admin into the service… Done
Added member: ‘WarnerL@edu30.wledutraining.com‘
Added member: ‘ColeJ@edu30.wledutraining.com‘
Added member: ‘SweeneyA@edu30.wledutraining.com‘
Added member: ‘PritchardA@edu30.wledutraining.com‘
Added member: ‘EberleinL@edu30.wledutraining.com‘
Add user manually:
C:\>commandlinetest -d:edu30.wledutraining.com -au:administrator@edu30.wledutraining.com -ap:password -a -m:Robert.Simpson -p:password
Signing admin into the service… Done
Adding member
Member added
Synchronize User:
C:\>csvsync -i -d -f:c:\importcsv\users2.csv -d:edu30.wledutraining.com -au:administrator@edu30.wledutraining.com -ap:password
Signing admin into the service
Admin signed into the service
Member administrator already exists
Added member Maria.Goddard
Added member Patrick.Sheridan
Added member Thomas.Barlow
Added member Roslynn.Mertens
Added member Tekeia.Howard
Deleted member ahmad
Deleted member ColeJ
Deleted member Daniel.Warmack
Deleted member DanielE
Deleted member DanielH
Deleted member Darleen.Sena
Deleted member DarleenF
Here are some screenshot:
Oct 29
Computers, Security, Technology No Comments
Trend Micro will augment content-security solutions with the addition of innovative data leak prevention experts, technology and products
Tokyo, Japan/Cupertino, CA – October 25, 2007 – Trend Micro Incorporated (TSE: 4704), a leader in network antivirus and Internet content security software and services, announced today a definitive agreement to acquire Provilla, Inc., a leading provider of fingerprint-based intelligent endpoint solutions for data leak prevention (DLP) in organizations. Under the agreement, Provilla will operate as a subsidiary of Trend Micro’s U.S. affiliate. Provilla’s data leak prevention experts as well as technology and products will enhance the Trend Micro portfolio of easily deployed and managed multi-layered content-security solutions for business customers.
Organizations of all sizes are vulnerable to data leaks that expose them to security, intellectual property, monetary, privacy and compliance threats. On-the-move workers, equipped with unsecured, unprotected mobile computers, may inadvertently or intentionally expose confidential company information via wireless networks. With an ever increasing array of USB-based devices, all corporate desktops are now also at risk. An organization’s time, money, and reputation are at risk when such a data leak occurs, with security professionals urgently attempting to recover sensitive data and mend the leak.
Enterprise security professionals are in constant battle: Even when old leaks are controlled, new data leaks frequently occur through a plethora of other endpoints. Provilla technology intelligently controls leaks at multiple endpoints. The technology also lets organizations know the exact locations of sensitive data for active and effective control. Provilla products also educate and sensitize end users to corporate policies and regulatory requirements.
“Trend Micro is focused on providing customers with the most useful, intelligent, centrally-controlled content-security solutions to address the latest unpredictable, malicious threats entering or leaving organizations, and that includes intentional or inadvertent data leaks,â€? said Eva Chen, CEO and co-founder of Trend Micro. “Solving this growing problem will require broader and deeper insight into the multiple endpoint data leak vulnerabilities and the use of intelligent solutions that can identify sensitive data and prevent its misuse through endpoint devices and channels. The acquisition of Provilla strengthens our ability to execute on our content-security strategy, with technology and products complementing our own.â€?
“As demand for DLP solutions has ramped quickly, we have been able to meet the need with a steady stream of innovative products and advancements primarily because of a stellar group of Provilla technologists,” said Shu Huang, chief technical officer, Provilla. “Our people are excited by the opportunity to join forces with the Trend Micro team, which is known for a commitment to technical innovation and to customers globally that starts at the top and permeates the ranks. We see this as an opportunity to build a complete data leak prevention product suite that fits with Trend Micro’s philosophy of central security management.”
Trend Micro will continue to offer Provilla’s stand-alone products for the near term as well as gradually integrate Provilla’s capabilities into its own enterprise, small and medium business solutions. Provilla products are deployed in North America, China, Taiwan, Europe and Japan.
About Trend Micro Incorporated
Trend Micro Incorporated is a pioneer in secure content and threat management. Founded in 1988, Trend Micro provides individuals and organizations of all sizes with award-winning security software, hardware and services. With headquarters in Tokyo and operations in more than 30 countries, Trend Micro solutions are sold through corporate and value-added resellers and service providers worldwide. For additional information and evaluation copies of Trend Micro products and services, visit our Web site at www.trendmicro.com.
About Provilla, Inc
Provilla, Inc. is a leading provider of ultra-accurate, intelligent endpoint solutions for enterprise data leak prevention (DLP). Providing the broadest coverage and highest accuracy and performance in the industry, Provilla’s flagship LeakProof product suite combines patented DataDNA fingerprinting technology with intelligent agents to help enterprises protect their intellectual property and confidential information and maintain regulatory compliance. Privately owned and with headquarters in Silicon Valley, Provilla offers the only solution that stops leaks of any data, any time, anywhere. DataDNAâ„¢, RapidScanâ„¢, and LeakProofâ„¢ are trademarks of Provilla, Inc. All other products and services mentioned herein are trademarks or registered trademarks of their respective companies.
Sep 24
Counterize II is a small Statistics-Plugin for WordPress, which saves IP, timestamp, visited URl, referring URl and browserinformation in the database and displays total hits, unique hits and other statistics in WordPress webpages.
Download: Counterize II Version 2.10 (Zip 73 KB)
The installation is very easy:
If you are using Counterize I then you can use the automated update:
Your data will be converted to the new data structure.
More info about Counterize II, click here
[tags]Wordpress, Counterize II[/tags]
Sep 18
Computers, Microsoft, Technology 3 Comments
After seeing most of my buddy using the MS Office 2007, i decide to use it too after seeing the features & interface 
There is a lot of new features inside the MS Office 2007, u guys should give a try to it … for me its more easier to manage my task & appointment using the new MS Outlook 2007.
More detail info about the product, u may visit here:
http://office.microsoft.com/en-us/products/default.aspx
Here Are some screen shot taken by me:
[tags]Microsoft Office 2007, Microsoft[/tags]
Sep 18
PureMessage, Security, Technology No Comments
September 12, 2007
UPDATE: The move to the global content delivery network will be performed on Monday September 17th, instead of Saturday September 15th.
Summary
——-
Reminder of PureMessage for UNIX update servers automatic migration to global content delivery network on September 17th.
Details
——-
On September 17th, Sophos will release an update that will change the location of your software repository from the default pmx.sophos.com to ak-repo1.sophos.com on our global content delivery network. This change is being made to improve both the availability and reliability of software and data updates.
Please note that customers not using the default location of http://pmx.sophos.com will continue to use their existing repository location.
Recommendations
—————
Ensure that your firewall or proxy server allows access to the repository by its DNS name ak-repo1.sophos.com and not any specific IP address by September 17, 2007.
Customers interested in taking advantage of the new repository before September 17th can do so by following these steps on each of their PureMessage for UNIX servers:
1) install the repo-test package (as the ‘pmx’ user):
ppm install PureMessage-VerifyDistributedDownload
2) verify that you can still contact the repo (as the ‘pmx’ user):
ppm verify PureMessage
[tags]PureMessage, Security, Email Filter[/tags]
Ubuntu-MY Ubuntu 4 Malaysian
RSS
Recent Comments