It's me...Hidayah

Firewall For Windows.... 27/02/08

What is firewall?
- adalah pendinding api yang mengawal inbound@outbound network traffic.
- inbound@outbound -> apa sahaja yg masuk dan keluar dalam server or LAN dari network card


- mengawal traffic network - allow & block
- pelindung network.
- untuk control sebarang hubungan antara network luar daripada network card.
- Ia juga digunakan untuk PC.

Is it antivirus?
-No, but ia membantu satu sama lain.
-Contoh: Firewall Panda Integra and Antivirus Panda Defender.

Kenapa perlu Firewall??
- nak kawal inbound & outbound / sebarang komunikasi antara network dgn PC / host daripada network card.

Bagaimana ia bekerja??
-Allow dan Block
-Accept dan Deny

Apa yg firewall blh lakukan??
- Anti Spawm, Anti Malware, filter, P2P & M. (Web Filtering) dgn kawal ip dan port.
- Setiap komunikasi yg berlaku menggunakan ip dan port.
Contoh: 80-HTTP, 21-FTP, 53-DIVS, 110-POP3, 22-ssh, 20-Telnet, 25-SMNP.

Apakah kelemahan topologi ini??


  • firewall diasingkan dari router
  • secure or tak network bergantung pada topology. Kalau topology lemah, network pun lemah.
  • Kalau guna banyak firewall dalam topology, network akan jadi slow.


Network security yg secure

Remote File Inclusion.... 25/02/08 - 26/02/08

Apa itu RFI?
- Satu teknik yang digunakan untuk menceroboh website internet daripada komputer kawalan jauh.

Kelemahan:
- bila kita guna dalam aturcara
- bila full access.

Masalah:
- include (file.php) – good
- include $nama (panggil variable) – problem

Hack This Site.... 22/02/08

Hari ini aku belajar basic nak jadi hacker. So, aku try la hack kat satu website ni. Dalam web ni ada 7 mission iaitu:
  1. basic missions
  2. realistic missions
  3. application missions
  4. programming missions
  5. logic missions
  6. extbasic missions
  7. javascript mission.
Aku baru je buat basic mission, tu pun baru level 8...pening gak...Korang semua nak try hack x?
26/02/08 - aku dah dapat hack lg sampai level ke 9...


Cara-cara nak hackthissite

Remote SQL Injection.... 21/02/08

Remote SQL Injection?
-Ia sama jgk dengan SQL injection tapi ia berlaku pada url injection/address.
-Cth URL/address Injection: http://www.uum.edu.my/(injection)

Cara-cara:
-Apabila berjaya inject pada url, maklumat senarai username dan password akan dipaparkan.
-Tapi, hanya username dipapar dlm bentuk plaintext.
-Password di papar dlm bentuk hash (md5 coder atau base64 coder).-Password ini perlu di decrypt untuk mendapatkannya dlm bentuk plaintext.

Beza antara SQL Injection dan Remote SQL Injection
1) SQL Injection
- menggunakan magic code cth: 1' or '1'='1
- ia berlaku pada Login Page iaitu pada username dan password.
- inject magic code pada username dan password web yang hendak diceroboh.

2) Remote SQL Injection
- Ia berlaku pada bahagian url/address
- kita perlu paste code injection pada url/address untuk dapatkan username dan password.
- Tapi, password akan dapat dlm bentuk hash (2345THR567THGFCV)

Assigment:
- cari URL injection di milw0rm.com -> web application yg ada vulnerability -> remote SQL injection vulnerability



Cross Site Scripting (XSS).... 19/02/08 - 20/02/08

- Cross site scripting adalah satu teknik yang digunakan oleh attacker untuk hantar sebarng script pada web user. XSS biasanya berlaku pada aplikasi web. Script yang biasa digunakan oleh XSS ialah JAVA SCRIPT @ VB SCRIPT.

Contoh:


- Kaedah memasukkan script (biasanya VB script@JAVA script) dikomputer target utk mendapatkan cookies website yg diingini.
- Apabila dpt cookies, ia disimpan dlm server. Oleh itu attacker akan dpt masuk website yg target access td dgn mudah dan senang.
- Kemudian boleh buat malicious code lain (hack cara/kaedah yg lain).
- mana-mana attacker akan hantar mana-mana script pada website user yg ada vulnerabiliti(kelemahan) untuk bypass or masuk ke dlmnya.
- kita kena tau programming dan architecture website.

Contoh:
- setiap web ada cookie(ada id)..so, buat 1 document cookie kemudian hantar script untuk dpt cookie yg dia dh masuk. Then, copy cookie itu dan masukkan ke dlm server.

Arahan Cookies

  • Read cookie
  • Open new website
  • Store cookie




How to protect from SQL injection....18/02/08

- Bila kita dah blh hack web menggunakan SQL injection, so kenalah tau cara2 nak protect dia dari diceroboh dan cara-cara nak elakkan dari SQL injection. Biasanya ia akan protect pada application level dan server level.

Cara-cara nak protect SQl Injection:
- if...else statement (login)
- escape '_' single code.
- parameter statement setkan size (username,password)
- username guna email untuk login

Contoh SQL :
$sql = "select nama_penyelia,thap_penyelia,id_penyelia from penyelia where username ='$name' and password = '$pass';

*letak arahan ini sblm arahan SQL

if($name = ="1' or '1' = '1") {break;}

Tujuan:
1. check $name contain
2. reject klu true; ada single code '1'

nak secure from SQL Injection (website org lain)
- secure kat bahagian server level bahagian mode security (apache).

Orientasi.... 13/02/08

Ha..hang pa ingat aku kena orientasi ke? hehehehe...aku memang terlibat ngn orientasi, tapi kira taraf tinggi skit la..jd fasi..hahhahaha..kelakarnye..aku jd fasi? bidan terjun la..x prepare pun..

SQL Injection.... 11/02/08 - 15/02/08

Today, aku belajar pasal SQL injection..apa tu? ia adalah salah satu cara nak hack @ ceroboh web org..cara nak guna nye kena pakai magic word..bunyi macam best kan? yelah, sebelum ni duk teruja dengar org blh hack web..So, sekarang aku sendiri pun boleh jadi hacker...hehehe..tapi xla terer sgt pun..tahap atas pegawai la kiranya..

What is SQL Injection?
- SQL injection digunakan untuk hack or ceroboh. Sebenarnya SQL injection terjadi ketika attacker memasukkan beberapa SQL statement ke 'query' dengan cara manipulasi data input ke applikasi tsb. -Ia kod untuk pecah masuk sesuatu system atau website yang mempunyai kata laluan.
- Biasanya Sql Injection dilakukan pada login page pada asp seperti di : admin\login.asp login.asp

* Code yang mana kita gunakan untuk ceroboh vulnerable system -> attack system yang lemah.

Magic Code
Magic code adalah salah satu code untuk menceroboh website org lain tanpa username dan password..Salah satu contoh magic code:

1' or '1'='1

ada byk magic code yg boleh digunakan untuk SQL injection.di bwh ini ada senarai mgic code yg boleh digunakan..

‘or 1=1–

‘or 0=0 –

‘or ‘x’='x

‘or a=a-

“or 0=0 –

“or 0=0 #

“or “x”=”x

“)or(”a”=”a

admin’–

hi” or 1=1 –

hi’ or’a'=’a

hi”)or(”a”=”a

or 0=0 #

‘or a=a–

‘or 0=0 #

‘having 1=1–

“or 1=1–

“or “a”=”a

‘)or(’a'=’a

‘)or(’x'=’x

hi” or “a”=”a

hi’ or 1=1 –

hi’)or(’a'=’a

or 0=0 –

or 1=1–

Cuti Raya Cina.... 07/02/08 - 10/02/08

Yahoo...cuti ..cuti..cuti raye cina, aku xbalik kelate pun..aku p umah member aku kat jitra..dia nak tunang..wah..bestkan..semua kwan2 aku dah tunang n dah kawin pun...

Sniffer....30/01/08 - 06/02/08

Apa itu sniffer?
- sniffer ni maksudnye hidu..ia akan hidu maklumat yang dihantar.

Skill set:
1. IP Addressing
2. Identify - target & source
3. Protocol - TCP/IP
4. Filtering



Fiber Optic.... 29/01/08

-Fiber optic is a media/medium. Ada 2 jenis:-
a) Single mode
b) Multi mode

-An optical fiber (or fibre) is a glass or plastic fiber designed to guide light along its length. Fiber optics is the overlap of applied science and engineering concerned with the design and application of optical fibers. Optical fibers are widely used in fiber-optic communication, which permits transmission over longer distances and at higher data rates than other forms of communications. Fibers are used instead of metal wires because signals travel along them with less loss, and they are immune to electromagnetic interference. Optical fibers are also used to form sensors, and in a variety of other applications.

-Light is kept in the "core" of the optical fiber by total internal reflection. This causes the fiber to act as a waveguide. Fibers which support many propagation paths or transverse modes are called multimode fibers (MMF). Fibers which support only a single mode are called singlemode fibers (SMF). Multimode fibers generally have a large-diameter core, and are used for short-distance communication links or for applications where high power must be transmitted.

-Singlemode fibers are used for most communication links longer than 200 meters.
Joining lengths of optical fiber is more complex than joining electrical wire or cable. The ends of the fibers must be carefully cleaved, and then spliced together either mechanically or by fusing them together with an electric arc. Special connectors are used to make removable connections.








Protokol.... 28/01/08

Apa itu protokol?
- Satu standard@peraturan yang digunakan untuk berkomunikasi.

Cisco router protokol ada 4 iaitu:
1) EGP
- The Exterior Gateway Protocol (EGP) is a now obsolete routing protocol for the Internet originally specified in 1982 by Eric C. Rosen of Bolt, Beranek and Newman, and David L. Mills. It was first described in RFC 827 and formally specified in RFC 904 (1984). EGP is a simple reachability protocol, and, unlike modern distance-vector and path-vector protocols, it is limited to tree-like topologies.
During the early days of the Internet, an exterior gateway protocol, EGP version 3, was used to interconnect autonomous systems. EGP3 should not be confused with EGPs in general. Currently, Border Gateway Protocol (BGP) is the accepted standard for Internet routing and has essentially replaced the more limited EGP3.

2) OSPF
3) Interior Gateway Routing Protocol (IGRP)
-is a kind of IGP which is a distance-vector routing protocol invented by Cisco, used by routers to exchange routing data within an autonomous system.IGRP is a proprietary protocol. IGRP was created in part to overcome the limitations of RIP (maximum hop count of only 15, and a single routing metric) when used within large networks. IGRP supports multiple metrics for each route, including bandwidth, delay, load, MTU, and reliability; to compare two routes these metrics are combined together into a single metric, using a formula which can be adjusted through the use of pre-set constants. The maximum hop count of IGRP-routed packets is 255 (default 100).IGRP is considered a classful routing protocol. As the protocol has no field for a subnet mask the router assumes that all interface addresses have the same subnet mask as the router itself. This contrasts with classless routing protocols that can use variable length subnet masks. Classful protocols have become less popular as they are wasteful of IP address space.
4) RGP

Subscribe to: Posts (Atom)