Selasa, 29 Januari 2008

Menarik Uang Di PayPal Melalui Bank Di Indonesia



PayPal Inc. adalah perusahaan online yang menyediakan jasa transfer uang melalui surat elektronik, menggantikan metode lama yang masih menggunakan kertas, seperti cek dan money order. PayPal juga menyediakan jasa untuk para pemilik situs e-commerce, pelelangan, dan jenis usaha lain. Markas perusahaan ini terletak di San Jose, California, Amerika Serikat.
id.wikipedia.org

PayPal sekarang sudah memiliki fitur baru yaitu Withdrawal Features sehingga pengguna PayPal Indonesia kini bisa menarik uangnya langsung melalui rekening banknya di Indonesia.

Sebelum melakukan penarikan kita harus terlebih dahulu memasukkan data rekening bank kita ke PayPal. Verifikasi penarikan uang dari PayPal ke Bank di Indonesia membutuhkan 7 digit kode, yang terdiri dari 3 digit Kode Bank diikuti dengan 4 digit Kode Cabang Bank (bisa menghubungi bank yang bersangkutan).

Penjelasan lengkap tentang Withdrawal PayPal bisa dilihat disini

Untuk membuat account PayPal bisa menggunakan Kartu Debet atau ATM yang berlogo VISA Electron diantaranya:
Kartu Debet atau ATM yang berlogo VISA atau MasterCard misalnya Bank BNI, BCA, Bank Panin, BII dan lainnya tidak bisa digunakan untuk mendaftar di PayPal.

Updated:
Sekarang penarikan tidak hanya bisa melalui kartu kredit, atau juga VCC tetapi juga bisa melalui rekerning bank lokal. Daftar rekerning bank lokal yang di dukung bisa dilihat disini

Google Talk Untuk Web Atau Blog Anda

Google Talk Gadget

Tambahkan Google Talk Gadget kedalam situs anda, dan anda dapat melakukan chat langsung melalui website/blog anda. Untuk membuat dan mengkreasikan Gogle Talk Gadget anda, silahkan klick disini.

Google Talk Button

Untuk menambahkan Google Talk button di website/blog anda, copy dan paste script dibawah ini dan tambahkan kedalam kode HTML website/blog:



Google Talk chatback badge

Buat chat badge anda di sini

Minggu, 27 Januari 2008

Domain Masking Menggunakan Free Web Hosting



Domain masking adalah domain yang di forward atau di redirect dan di mask ke domain lainnya. Metode ini menggunakan frame yang bisa ditambahkan kedalam kode HTML blog atau web anda. Contohnya seperti ini:

<html>
<head>
<title>yourname</title>
<meta name=\"description\" content=\"your description\">
<meta name=\"keywords\" content=\"keyword1, keyword2\">
</head>
<frameset rows=\"100%,0\" border=\"0\">
<frame src=\"http://yourforwardingurl\" frameborder=\"0\">
<frame frameborder=\"0\">
</frameset>
</html>

Bila anda memiliki domain, anda dapat menambahkan frame diatas (tulisan warna merah) pada web hosting gratis misalnya geocities, blogger, cjb.net atau free hosting lainnya. Arahkan domain anda ke name server (ns) dari blog atau web gratis anda lalu tambahkan frame tersebut didalamnya. Ganti http://yourforwardingurl dengan domain anda

Untuk mengetahui ns yang digunakan oleh layanan blog atau web anda, anda dapat menggunakan tools yang bisa dicari di google dengan kata kunci nslookup

Selasa, 22 Januari 2008

Install Squid Di Ubuntu



Squid adalah aplikasi proxy web cache server yang paling banyak digunakan saat ini.

Dibawah ini merupakan gambaran singkat instalasi squid pada ubuntu:


1. Install squid

$ sudo apt-get install squid squid-common


2. Copy file /etc/squid/squid.conf

$ sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original
$ sudo chmod a-w /etc/squid/squid.conf.original


3. Konfigurasikan squid

Ini adalah contoh konfigurasi untuk squid 2.6

$ sudo gedit /etc/squid/squid.conf

http_port 8888 transparent
http_access allow all
cache_mem 32 MB
cache_dir ufs /var/spool/squid 1600 4 256
negative_ttl 2 minutes
maximum_object_size 1024 KB
minimum_object_size 4 KB
visible_hostname myServer
http_access allow manager localhost
cache_swap_low 80
cache_swap_high 100

Untuk settingan lengkapnya yang baik tentang konfigurasi squid, bisa dicari di google :) Panduan setting squid dari www.squid-cache.org adalah:

Configuration Guide - 2.6
Configuration Guide - 3.0

Setelah konfigurasi selesai, simpan konfigurasi tersebut. Initialize cache direktori dengan squid -z


4. Buat Transparent Proxy menggunakan IPTables

Meredirect port 80 ke port squid 8888

$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8888

$ sudo iptables-save

Tutorial lengkap tentang Transparent Proxy bisa dilihat disini.


5. Restat squid

$ sudo /etc/init.d/squid restart


6. Monitoring squid

Untuk memonitor squid, bisa menginstall beberapa tools, diantaranya bisa dilihat disini


Referensi yang bagus dibaca :

Sabtu, 19 Januari 2008

Freeware Billing Software Untuk Warnet Dan Game Center



Dibawah ini adalah beberapa software billing warnet atau internet cafe yang gratis. Dapat digunakan untuk warnet, game station dan keperluan billing lainnya.

CCL (Cafe Con Leche)
It is developed on Linux, but it is supposed to work everywhere SQLite and Glib, and OpenSSL works. Tested on Microsoft Windows (98 and XP) and on Linux.

Cybera
Cybera is an Internet cafe administration system. It works with prepaid cards or client accounts or in a post paid Self Service mode. Features include workstation control, user rights lockdown, accounting, stats and screen replication for CAI. Operating System Support: Win2K, WinXP

OpenKiosk
OpenKiosk simplifies the way users launch and interact with programs making it an ideal solution for introducing a Linux box to newcomers. The Kiosk Mode Desktop, which can be administered remotely, completely replaces the standard Linux/Windows desktop with a much more controlled but intuitive environment that looks the same across all platforms. Your customers will not know whether you are running a Windows or an OpenBSD box under the hood!

Billing Café
Billing Café merupakan software untuk penghitungan biaya pada rental komputer, internet/warnet, game center atau untuk sekedar acuan pembuatan program.

Billing Warnet 5
Billing Warnet Server Linux - Client Windows (GPL)

Billing Express
Billing Express merupakan program Billing Warnet yang dibuat agar mudah digunakan. Harapannya, operator kebanyakan pun bisa menggunakannya tanpa perlu training. Bahkan bisa langsung menggunakan begitu menjalankan Billing Express.

IGOS
Open Source untuk warnet
http://www.igos.web.id/
http://www.psn.co.id/igos/

Zencafe GNU/Linux
Distro yang dikhususkan untuk internet cafe / warnet. Distro ini adalah distro asli karya anak bangsa sendiri, yang dibuat dan dikembangkan oleh A. Hardiena.

BiOS Baliwae
Billing Open Source (BiOS) Baliwae adalah billing yang diistimewakan untuk warnet berbasis Linux (meski dapat juga berjalan di hampir semua sistem operasi lainnya), source code terbuka (open source), sepenuhnya FREE.

EasyHotspot
EasyHotspot is an alternative solution for hotspot billing system. Its contain some particular open source software that bundled into a single package. We DO NOT try to make a replacement to similar existing open source projects. Our aim is delivering a system that simple, easy to install, use and modify.

Untuk versi distronya menggunakan Xubuntu, php application frontendnya menggunakan framework CodeIgniter.

Snakebite
Cybercafe billing system

EasyHostspot
EasyHostspot adalah aplikasi manajemen billing system yang dapat digunakan para penyedia hotspot. Dengan menginstalasi layanan ini, pengelola hotspot dapat memantau penggunaan pada infrastrukturnya. Data-data yang direkam juga memudahkan seseorang yang akan mempelajari pola trafik pada hotspot untuk menganalisis tren penggunaan, misalnya.

gBilling
Free software warnet billing system

Scan File Online Menggunakan Top Antivirus Software



VirusTotal adalah situs yang dapat melakukan scanning terhadap file yang berukuran dibawah 10 MB dengan berbagai macam anti virus unggulan diantaranya Kaspersky, BitDefender, F-Secure dan Panda.

Proses scanning memerlukan waktu yang agak lama. Setelah kita mengupload sebuah file, situs ini akan membersihkan file kita dari virus, worms, trojan, dan malware yang terdeteksi oleh antivirus engines.

VirusTotal telah memenangkan penghargaan dari the American edition of PC World Magazine, sebagai salah satu dari 100 best products of year 2007 dalam kategori Security Web Site.

Upload file yang anda inginkan secara gratis disitusnya http://www.virustotal.com/

Jumat, 18 Januari 2008

gOS - Green OS




gOS merupakan OS modifikasi dari ubuntu. G dari gOS adalah green, namun banyak orang yang mengasosiasikan dengan Google. gOS ini memang dirancang untuk beberapa aplikasi online Google dan beberapa aplikasi Open Source lainnya.

According to DesktopLinux, Everex claims the computer was "created as a conceptual Google PC with a conceptual Google OS" and it has Google's permission to use its trademarks. The g from gOS and gPC means "green", as the computer uses an energy-efficient processor, but many people will associate it with Google.

googlesystem.blogspot.com

Cepat dan seksi, begitu komentar dari teman saya yang sudah mencobanya.
Bila tertarik untuk mencobanya, silahkan download gratis melalui situsnya

Minggu, 13 Januari 2008

Internet Slank



Berikut ini adalah beberapa istilah2 atau singkatan2 yang sering digunakan di internet, misalnya di milis, forum maupun chat.

CMIIW : Correct Me If I'm Wrong
IMO : In My Opinion
IMHO : In My Humble Opinion
AFAIK : As Far As I Know
FYI : For Your Information
OOT : Out of Topic
LOL : Laughing Out Loud
PMSL : Piss Myself Laughing
PMPL : Piss Myself Pants Laughing
ROFL : Rolling On the Floor Laughing
ROFLMAO : Rolling On Floor Laughing My Ass Off
LMFAO : Laughing My Fucking Ass Off
ASAP : As Soon As Possible
ASL : Age Sex Location

List lengkap dari Internet Slang dapat dilihat di wikipedia atau di ilmukomputer.com

Jumat, 11 Januari 2008

XAMPP versi Bahasa Indonesia



XAMPP ini hanya language pack untuk halaman web administrasinya saja, tapi cukup membantu bagi pemula yang ingin menggunakan XAMPP

Tutorialnya bisa dilihat disini

Sabtu, 05 Januari 2008

Ubuntu Security



Ubuntu Security
Taken from: http://ubuntuforums.org/showthread.php?t=510812

I am writing this guide as a concerned member of the Ubuntu Community. Security is a concern for us all and in welcoming new (and experienced) users to Ubuntu I would like to demystify the complexities of security that come with your new OS.

Disclaimer : I am not an expert in security. This document is intended as a security overview for new users. This thread is not intended as an all inclusive how-to or discuss the merits of any particular security measure. I offer no guarantee that by running Ubuntu with any or all of these suggestions your security will be foolproof or that you will never be cracked.

I would like to direct any general security discussions to the Servers & Security and any comments on this introductory sticky here.

I would like to thank the Ubuntu Staff, especially jdong and compiledkernel for their review and suggestions.


Introduction : Security is an ongoing process and, like an onion, it has layers and stinks. The best defense you have is to read and learn how to secure your OS.

Alas, there is not single action you can take to achieve absolute security (the only safe computer is one that is turned off, disconnected from the Internet, and in a locked vault) and security concerns and "ease of use" are sometimes competing concerns.

Clarification of terms:

The "Windows Mindset" is intended as exactly that. I assume most new users are coming from Windows and the issues under this section are both most familiar to them and areas of FAQ on the forums (how often do we see questions from the "Ubuntu Mindset" on ABT?).

The "Ubuntu Mindset" is thus likely new information for most new users.

Those divisions/titles are intended to divide security information into familiar/unfamiliar territory (assuming the reader comes from a windows background) or to lighten up an otherwise dry topic. Specifically it is my intention that the "windows mindset" will help users new to Linux (Ubuntu) feel more at home by starting with familiar themes. These titles or divisions are certainly not intended to convey more or less importance to any particular issue, those decisions I leave for "self determination".


Summary: There is no such thing as "security in a box (tm)". Information security is an active job -- it is not installing some product on the system and sitting back and relaxing.

The good news ~ Ubuntu (Linux) is fairly secure "out of the box".

How to proceed: Prepare to read, read, read ... do not expect to get through this document in one session.

Contents:

1. Intro

Basics

2. Windows mindset

Antivirus
Firewall
Adware

3. Ubuntu mindset

Permissions and Encryption
Root kits
Intrusion detection
compiledkernel's suggested applications
Secure servers
Hardened kernels
Logs
How to perform a hardened installation
Screening your system for potential security holes

4. Forensics

5. References



Basics


This advice is fairly generic and applies to almost any OS. These simple steps offer a solid foundation that you should be able to implement almost immediately.

* Enforce strong passwords http://en.wikipedia.org/wiki/Password_strength
* In general, do not write your passwords down, and if you must, keep them in a secure place (Do not put them on a sticky note attached to your monitor for example).
* Limit root access (Do not log in or run programs as root). Ubuntu accomplishes this by locking the root account and the use of sudo.
o Consider creating an account without sudo access for "daily use".
* Physical access (physical access = big security hole). Physical access allows root access to your system (via a live CD if necessary).
* Do not install software or add repositories from untrusted sources (See also "Social engineering" below).
o This includes running scripts that modify your /etc/apt/sources.list Take care not to let the "need" to run the newest/latest/greatest compromise security.
* Likewise, do not run code or enter commands into the terminal from untrusted sources. If you are unsure of what a command might do best do a google search first.
* Keep your system up to date. Updates, particularly security updates, bring you the newest and latest fixes.
* If you run a server, it is your responsibility to learn how to secure it.


Psychocats ~ Security on Ubuntu

Thanks to Johan! for the advice on 3rd party repos

Note: Social Engineering. Click here for more information.

Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.[1] While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.

~ Quote from Wikipedia



The Windows Mindset


If you are coming from a windows background you are used to terms like antivirus, spyware, and firewalls. Linux is different and these are not as important. They are discussed first because these are FAQ on the forums. Unfortunately, it is sometimes difficult for new users to wade through some of the FUD (some of which is produced by anti-virus companies) ...


Viruses

The fact of the matter is: viruses/worms take advantage of flaws or holes in the code. At this time of this writing, there are no significant Linux viruses "in the wild". Linux boxes are no less targets than any other OS, many of the large (ie valuable) Internet sites run on *nix so there is no lack of motivation to crack into *nix.

Do not believe the suggestion that the Linux community is complacent or "behind the times" in terms of viruses, or any other security issue. Linux developers have not "ignored" viruses, rather the OS is built to be highly resistant to them and since the code is "Open" there are literally thousands of eyes watching ...

This is an example of what it would take to install malware on an Ubuntu box :

Install evilmalware

(Don't worry, that link will NOT install anything )

For the most part, Linux anti-virus programs scan for Windows viruses which do not run on Linux, even on wine (http://os.newsforge.com/article.pl?s...30222&from=rss). Anti-virus programs are "reactive" in that they can only protect you from known viruses. They can only protect you against the next Linux virus after it is developed, not before. Furthermore the "fix" will be to close any hole(s) in the code, these fixes will be available through security updates (which are more frequent in Linux then your previous OS if you are coming from Windows).

My advice is to skip the anti-virus if you run Ubuntu. Why ?

1. They scan primarily for Windows viruses.
2. There is a high rate of false positives.
3. Isolation/inoculation is poor.
4. And currently there are no known active Linux viruses (so there is essentially nothing to detect).


Running antivirus can make some sense if you are intending to "protect" windows users, however, IMO, for a variety of reasons, it is best if Windows users learn to protect themselves. In fact the most common usecase for a Linux antivirus program is to run a Windows fileserver or serve mail to Windows clients.

Note: There have been many documented cases in Windows and Linux that a buffer overflow in an antivirus product has been an attack vector!

If you would like to run an antivirus program on Ubuntu you have several choices :

* http://doc.gwos.org/index.php/How_to_ClamAV
* http://www.avast.com/eng/avast-for-l...rkstation.html
* http://www.pandasoftware.com/download/linux.htm
* http://www.centralcommand.com/linux_server.html
* http://www.f-prot.com/products/home_use/linux/


Firewall

Discussions about firewalls often are passionate (just search the Ubuntu forums). By default, Ubuntu includes a firewall, iptables, but by default nothing is engaged. This is reasonable as a default Ubuntu install opens zero ports to the outside world, so a firewall is redundant. However, installing "server software" will cause ports to open, so some people like to use a firewall as a catch-all layer to find mistakes in their configuration.

Another use for firewalls is for the administrator to forcibly impose network policies on the user. For example, users may not talk to example.com, open up a listening port for remote connections, and so on.

Also, a periodic audit of the system for open ports is a good practice. For example, running the "nmap" command from another machine, or using one of many online port scanners:

http://nmap-online.com/
https://www.grc.com/x/ne.dll?bh0bkyd2

Remember, what you care about are open ports. Closed ports and stealth ports are equally secure, in that they are inaccessible to the public.

Iptables references :

* https://help.ubuntu.com/community/IptablesHowTo
* http://www.linuxguruz.com/iptables/howto/
* http://iptables-tutorial.frozentux.n...-tutorial.html
* http://www.redhat.com/docs/manuals/e...l-ipt-act.html
* https://www.redhat.com/docs/manuals/...-iptables.html


The "problem" is iptables is not so new user friendly. Fortunately, there are several more (new) user friendly interfaces available to allow you to manipulate your firewall (Firestarter and Guarddog are both GUI front ends for iptables) :

* Firestarter is one of the most popular GUI front ends.

How to Firestarter
Default Firestarter Policies:

  • New inbound connections from the Internet to the firewall or client hosts are blocked.
  • The firewall host is freely allowed to establish new connections.
  • All client hosts are allowed to establish new connections to the Internet, but not to the firewall host.
  • Traffic from the Internet in response to connection requests from the firewall or client hosts is allowed back in through the firewall.

This policy allows normal Internet usage such as web browsing and e-mail on the secured hosts, but blocks any attempts to access network services from the outside and shields the local network.

* Guard dog uses the KDE libraries.

Guarddog Online Guide


A source of confusion sometimes occurs when users feel the need to be running firestarter/Guarddog for their firewall to be active. This is untrue ! Keep in mind that these applications are not firewalls, but rather configuration tools for ip tables. These applications should be run only to configure your firewall. Once configured, IP tables (the actual firewall) is active (at boot) without having to run firestarter/guarddog. firestarter will monitor traffic, but it runs as root and there are better monitoring programs, so configure you firewall, shut down firestarter/grauddog, and let IP tables do the rest .


Browser / Spyware : Java/Flash/Ad-ware/Trackers/Cookies

This is where most users will have the most risk. We all want Java/Flash, but our Internet browser opens us to attacks.

I advise :

1. Deny all cookies and add trusted sites, allowing only for session.
2. Install NoScript. Again block all and add trusted sites to a white list.
3. Install Safe History
4. Adblocking : I block with a hosts file rather then Adblock Plus or Adblock Filterset.G because a hosts file protects more then just firefox.
* http://www.mvps.org/winhelp2002/hosts.htm
* Linux script : http://hostsfile.mine.nu/downloads/updatehosts.sh.txt


Edit: Thank you Seisen for pointing out that No Script also blocks flash.


See this link for additional information : How to Secure Firefox


The Ubuntu Mindset


Permissions and Encryption

The first layer of defense is permissions. Permissions are used to set access and thus protect both system and user files.

Basic permissions

See also umask at the bottom of that link. The umask value can be set in ~/.bashrc.

To set a "private home", as a user,
Code:

chmod 700 $HOME

Sharing files in UNIX

Encryption is used as an additional layer of protection. One limit of encryption is that protection is only offered when mounting an encrypted partition (once the partition is mounted it is assessable/crackable just like any other file).

https://help.ubuntu.com/community/EncryptedFilesystem
https://help.ubuntu.com/community/En...ilesystemHowto

http://www.howtoforge.com/truecrypt_data_encryption


Root kits

From http://en.wikipedia.org/wiki/Rootkit :

The term rootkit (also written as root kit) originally referred to a set of recompiled Unix tools such as ps, netstat, w and passwd that would carefully hide any trace of the intruder that those commands would normally display, thus allowing the intruders to maintain root access (highest privilege) on the system without the system administrator even seeing them.

The term is no longer restricted to Unix-based operating systems ...
Root kit detection:
rkhunter

http://wiki.linuxquestions.org/wiki/Rootkit_Hunter

ckrootkit

http://www.howtoforge.com/howto_chkrootkit_portsentry


Intrusion Detection

Note: Adding an intrusion detection system like snort that analyzes network traffic for attack patterns, it can potentially introduce additional vulnerabilities. There have been documented examples of vulnerabilities in snort's preprocessor that granted hackers snort user, or even root user, access to the system!

My initial suggestions are OSSEC HIDS and Snort.

How to's:

* http://doc.gwos.org/index.php/OSSEC-HIDS
* http://www.howtoforge.com/intrusion_...ith_ossec_hids
* How to snort



Compiledkernel's Suggested Applications

compiledkernel's suggested applications (Nagios, ntop, and darkstat are in the Ubuntu Repositories, check the home page to see if newer versions are available):

* Nagios ~ A host and service monitor designed to inform you of network problems.

* ZenOSS ~ An open source IT monitoring product that delivers the functionality to effectively manage the configuration, health, performance of networks, servers and applications through a single, integrated software package.

* ntop ~ A network traffic probe that shows the network usage, similar to what the popular top Unix command does.

* darkstat ~ A packet sniffer that runs as a background process on a cable/DSL router, gathers all sorts of statistics about network usage, and serves them over HTTP.


Running Server(s)

Part of setting up a server is reading/learning how to secure it. Common servers include NFS, Samba, FTP, SSH, VNC, RDP, and HTTP. If the "how-to" you are following does not review security, you need to keep looking ..."Desktops" become "Servers" if server software is installed.

Questions to ask yourself include:

1. What port(s) or services does this software provide?
2. Who will be able to connect to this? (i.e. is it restricted to a range of IP addresses Password protected?)
3. What level of access will the visitor have to the system? (i.e. does the server run under a restricted user, or the root acount? What can this restricted user do in a worst case scenario?)
4. Does this service expose any additional information that's useful to a hacker? (i.e. does it allow users to transmit their passwords in cleartext? Does it have a 'statistics' view that reveals logged-in users, ip addresses, network configuration, or other potentially helpful information?)
5. What is the security history of this software? Does it have a long long history of vulnerability and patch after patch? Or has it had a relatively unmarred history?


Examples :

SSH
UDSF Secure SSH
VNC
Apache


Hardened Kernels

Hardened kernels are modifications to the Linux kernel that add additional security measures. This could include:

1. The randomization of ports, memory addresses, process ID's, and other information that is typically predictable. This can thwart off many types of common attacks.
2. Identify and prevent buffer overflow attacks from resulting in compromise by killing compromised processes (PaX bundled with grsecurity, or Redhat's Exec-Shield combined with prelink randomization). Edgy and higher contain GCC stack protection enforced in most applications, but is unable to respond to several kinds of attacks that a kernel-layer enforcer could. Likewise, PaX and friends have weakness that GCC stack protection helps cover, so the two work great as a duo.
3. Hiding information that Linux usually allows everyone to see, including all running processes on the system, load averages, CPU info, IP addresses, etc. Obscuring this information can help keep attackers "in the dark" so to speak.
4. More aggressive enforcement of buffer overflow protection than what Ubuntu's standard gcc stack protector can do.
5. Adding additional restrictions on the capabilities of regular users that prevent channels of attack.
6. Additional permissions systems that allow finer-grained tuning of various aspects of Linux.


These techniques combined have been shown to be very effective in the real world in guarding against unknown attacks. For example, many administrators of hardened kernel servers either report or even prove that their hardened systems were invulnerable to newly discovered security holes, or that the severity of a breach was significantly reduced.

The most common hardened kernel patch is called "grsecurity2" (http://grsecurity.org/), which does everything on this list. This requires, however, that you manually patch and recompile the kernel. SELinux and AppArmor do the "additional permissions systems" part. The basic theory is that by providing finer definitions of permissions than UNIX users and the "chmod" bits, even a successful attack against one service is virtually useless to attacking the rest of the system.

Note: AppArmor is available in Feisty (7.04) and will be installed by default in Gutsy, Ubuntu 7.10.

AppArmor Links

AppArmor ~ Ubuntu Community Wiki
AppArmor Geeks (OpenSUSE)

All of these hardened systems, however, take effort on the administrators behalf to implement. They also take a lot of trial-and-error to find the correct balance of user functionality and security restrictions. Tightening the rules too much could cause various applications to stop working, and not tightening them enough could lead to a weaker security setup.

If you run a large multiuser system where you must grant people shell access, or run services that have that unfortunate long history of attacks, then it is highly recommended that you look into setting up a hardened kernel.


Reading the Logs

Learn how to read your system logs and become familiar with "normal" activity. It should go without saying, your first introduction to system logs should *not* be when you suspect your system has been compromised.

You should also be aware that if someone has root access they can alter system logs. This is when it is most helpful to be aware of "normal" activity.

Ubuntu wiki ~ Linux Log Files

There is a package called "logwatch" that e-mails to you the new portions of your log every night. This can help make log reading more enjoyable.


How to perform a hardened installation

This how to will walk you through a hardened install with an encrypted root partition and other goodies.

This is a link to a how to for Debian :

Towards a moderately paranoid Debian laptop setup

You will need to use the "Alternate" install disk.

How to Alternate Install

Thank you to Uwe Hermann for posting a How-to for the moderately paranoid and hermanzone for the How-to with the alternate CD


Screening your system

There is a package, tiger, which will screen your system for potential security holes. While not complete it may be an excellent place to start (tiger does not check your firewall for example).

For an overview of tiger see man tiger , scroll to the bottom and you will see a listing and brief description of the tests performed (modules).

Install by any means, tiger john chkrootkit
Code:

sudo apt-get install tiger john chkrootkit

Run tiger from the command line with :

sudo tiger -H

The -H flag will produce a very nice HTML document.

The command tigexp can be used to explain the results.

$ /usr/sbin/tigexp pass014w

The listed login ID is disabled in some manner ('*' in passwd field, etc),
but the login shell for the login ID is a valid shell (from /etc/shells
or the system equivalent). A valid shell can potentially enable the
login ID to continue to be used. The login shell should be changed to
something that doesn't exist, or to something like /bin/false.
Tiger should give you some ideas on things to research. As always there can be false positives so take care not to either panic or blindly make system changes without understanding what you are doing and how to undo your changes (ie make backups of system files before you edit them).


Forensics


What to do when you think you have been cracked :

1. Power off.
2. Disconnect/disable your Internet connectivity.
3. Boot a live CD and image your hard drive (for analysis later).
4. Re-install. Unfortunately there is no way to trust a compromised system.
5. When you install, be sure to install off line, use a stronger password, and research intrusion detection.


Intrusion References
CERT® Coordination Center ~ Steps for Recovering from a UNIX or NT System Compromise
CERT® Coordination Center ~ Intruder Detection Checklist


Whew ...


Further Reading:

Ubuntu wiki ~ Security page

Ubuntu wiki ~ Installing Security Tools

UDSF Security Analysis Tools

The Big Ol' Ubuntu Security Resource

Locking Down Ubuntu

Ubuntu geek ~ Security category

Security references Topics include Basics, firewall, Intrusion detection, Chroot, Forensics/Recovery, and Securing networked services.

~ Thank you to unSpawn at LinuxQuestions.org


Peace be with you,

bodhi.zazen

Source: http://ubuntuforums.org/showthread.php?t=510812

Rabu, 02 Januari 2008

Hacker, Riwayatmu Kini



oleh: Donny B.U., M.Si. *


=========
Pengantar
=========
Pernah suatu ketika pada tanggal 10 Agustus 2001 sebuah media massa online memberitakan mengenai hacker yang membobol dan men-deface (mengubah content maupun layout) beberapa situs di Internet dan memasang foto Tommy Soeharto di situs tersebut. Menurut media massa tersebut, aksi hacker tersebut adalah merupakan bantuan untuk menyebarluaskan dan menangkap Tommy Soeharto. Pada halaman yang di-deface tersebut, tertulis juga pesan "Hacked and deface not only a crime. This person is #1 criminal in our country".

Kemudian belum lama berselang, tepatnya pada tanggal 16 Agustus 2001, beberapa perusahaan dotcom menyelenggarakan sebuah acara bertajuk HackersNight, di sebuah café di bilangan Jakarta Selatan. Acara HackersNight tersebut merupakan acara bulanan yang sudah mencapai putaran ke 12 di Jakarta. Acara party-party ala pebisnis dotcom tersebut juga dilangsungkan di Bandung dan Surabaya, dan sudah tentu dilaksanakan di sebuah café pula. Acara yang dilangsungkan hingga larut malam tersebut banyak menyajikan aneka hiburan, musik yang keras dan setumpuk hadiah dari para sponsor.

Bagi orang awam, kedua informasi tersebut tidaklah menunjukkan kejanggalan apapun. Toh memang akhirnya terminologi hacker bagi orang awam tidak mempunyai banyak arti dan tidak berpengaruh banyak dalam kehidupan sehari-hari mereka. Tetapi bagi pelaku dan pemain industri teknologi informasi (TI), atau setidaknya bagi pemerhati dan pecinta TI, penggunaan kata hacker untuk dua contoh kasus tersebut di atas bisa menjadi suatu diskusi yang panjang. Ada pertanyaan yang paling mendasar: "Sudah tepatkah penggunaan kata hacker tersebut?" Untuk menjawab pertanyaan tersebut, ada baiknya kita memahami terminologi hacker tersebut lebih jauh.


==================================
Sejarah Singkat Terminologi Hacker
==================================
Terminologi hacker muncul pada awal tahun 1960-an diantara para anggota organisasi mahasiswa Tech Model Railroad Club di Laboratorium Kecerdasan Artifisial Massachusetts Institute of Technology (MIT). Kelompok mahasiswa tersebut merupakan salah satu perintis perkembangan teknologi komputer dan mereka berkutat dengan sejumlah komputer mainframe. Kata hacker pertama kalinya muncul dengan arti positif untuk menyebut seorang anggota yang memiliki keahlian dalam bidang komputer dan mampu membuat program komputer yang lebih baik ketimbang yang telah dirancang bersama.

Kemudian pada tahun 1983, analogi hacker semakin berkembang untuk menyebut seseorang yang memiliki obsesi untuk memahami dan menguasai sistem komputer. Pasalnya, pada tahun tersebut untuk pertama kalinya FBI menangkap kelompok kriminal komputer The 414s yang berbasis di Milwaukee AS. 414 merupakan kode area lokal mereka. Kelompok yang kemudian disebut hacker tersebut dinyatakan bersalah atas pembobolan 60 buah komputer, dari komputer milik Pusat Kanker Memorial Sloan-Kettering hingga komputer milik Laboratorium Nasional Los Alamos.

1 dari pelaku tersebut mendapatkan kekebalan karena testimonialnya, sedangkan 5 pelaku lainnya mendapatkan hukuman masa percobaan. Pada tahun yang sama keluar pula sebuah film berjudul War Games yang salah satu perannya dimainkan oleh Matthew Broderick sebagai David Lightman. Film tersebut menceritakan seorang remaja penggemar komputer yang secara tidak sengaja terkoneksi dengan super komputer rahasia yang mengkontrol persenjataan nuklir AS.

Kemudian pada tahun 1995 keluarlah film berjudul Hackers, yang menceritakan pertarungan antara anak muda jago komputer bawah tanah dengan sebuah perusahaan high-tech dalam menerobos sebuah sistem komputer. Dalam film tersebut digambarkan bagaimana akhirnya anak-anak muda tersebut mampu menembus dan melumpuhkan keamanan sistem komputer perusahaan tersebut. Salah satu pemainnya adalah Angelina Jolie berperan sebagai Kate Libby alias Acid Burn.

Pada tahun yang sama keluar pula film berjudul The Net yang dimainkan oleh Sandra Bullock sebagai Angela Bennet. Film tersebut mengisahkan bagaimana perjuangan seorang pakar komputer wanita yang identitas dan informasi jati dirinya di dunia nyata telah diubah oleh seseorang. Dengan keluarnya dua film tersebut, maka eksistensi terminologi hacker semakin jauh dari yang pertama kali muncul di tahun 1960-an di MIT.


==============================
Manifesto dan Kode Etik Hacker
==============================
Sebenarnya hacker memiliki manifesto dan kode etik yang menjadi patokan bagi hacker di seluruh dunia. Manifesto Hacker dibuat oleh seorang hacker yang menggunakan nickname The Mentor dan pertama kali dimuat pada majalah Phrack (volume 1 / issue 7 / 25 September 1986).

Manifesto Hacker tersebut adalah:

- Ini adalah dunia kami sekarang, dunianya elektron dan switch, keindahan sebuah baud.
- Kami mendayagunakan sebuah sistem yang telah ada tanpa membayar, yang bisa jadi biaya tersebut sangatlah murah jika tidak dijalankan dengan nafsu tamak mencari keuntungan, dan kalian sebut kami kriminal.
- Kami menjelajah, dan kalian sebut kami kriminal.
- Kami mengejar pengetahuan, dan kalian sebut kami kriminal.
- Kami hadir tanpa perbedaan warna kulit, kebangsaan, ataupun prasangka keagamaan, dan kalian sebut kami kriminal.
- Kalian membuat bom atom, kalian menggelar peperangan, kalian membunuh, berlaku curang, membohongi kami dan mencoba meyakinkan kami bahwa semua itu demi kebaikan kami, tetap saja kami yang disebut kriminal.
- Ya, aku memang seorang kriminal.
- Kejahatanku adalah rasa keingintahuanku.
- Kejahatanku adalah karena menilai orang lain dari apa yang mereka katakan dan pikirkan, bukan pada penampilan mereka.
- Kejahatanku adalah menjadi lebih pintar dari kalian, sesuatu yang tak kan kalian maafkan.
- Aku memang seorang hacker, dan inilah manifesto saya.
- Kalian bisa saja menghentikanku, tetapi kalian tak mungkin menghentikan kami semua.
- Bagaimanapun juga, kami semua senasib seperjuangan.


Hacker juga memiliki kode etik yang pada mulanya diformulasikan dalam buku karya Steven Levy berjudul Hackers: Heroes of The Computer Revolution, pada tahun 1984.

Kode etik hacker tersebut tertulis:

1. Akses ke sebuah sistem komputer, dan apapun saja dapat mengajarkan mengenai bagaimana dunia bekerja, haruslah tidak terbatas sama sekali
2. Segala informasi haruslah gratis
3. Jangan percaya pada otoritas, promosikanlah desentralisasi
4. Hacker haruslah dinilai dari sudut pandang aktifitas hackingnya, bukan berdasarkan standar organisasi formal atau kriteria yang tidak relevan seperti derajat, usia, suku maupun posisi.
5. Seseorang dapat menciptakan karya seni dan keindahan di komputer
6. Komputer dapat mengubah kehidupan seseorang menjadi lebih baik.


==================
Hacker dan Cracker
==================
Sebenarnya secara lebih spesifik terminologi hacker telah dijelaskan dalam buku Hacker Attack karya Richard Mansfield tahun 2000. Menurut Mansfield, hacker didefinisikan sebagai seseorang yang memiliki keinginan untuk melakukan eksplorasi dan penetrasi terhadap sebuah sistem operasi dan kode komputer pengaman lainnya, tetapi tidak melakukan tindakan pengrusakan apapun, tidak mencuri uang atau informasi. Sedangkan cracker adalah sisi gelap dari hacker dan memiliki kertertarikan untuk mencuri informasi, melakukan berbagai macam kerusakan dan sesekali waktu juga melumpuhkan keseluruhan sistem komputer.

Perbedaan terminologi antar hacker dan cracker tersebut kini menjadi bias dan cenderung hilang sama sekali dalam perspektif media massa dan di masyarakat umum. Ada beberapa faktor penyebab hal tersebut:

- Para cracker tidak jarang menyebut diri mereka sebagai hacker
- Manifesto dan kode etik para hacker kerap pula dianggap sebagai manifesto dan kode etik bagi para cracker.
- Media massa menggunakan terminologi hacker secara salah kaprah dan hantam kromo
- Industri film mengangkat kehidupan hacker dari kacamata Hollywood
- Masyarakat melabelisasi kegiatannya menggunakan kata hacker agar lebih memiliki daya jual


Berdasarkan beberapa kondisi tersebut di atas, maka terminologi hacker memiliki pelebaran makna sedemikian rupa, sehingga kesalah-kaprahan kian hari kian menjadi-jadi. Setiap perilaku negatif yang dilakukan di Internet sering kali dikaitkan dengan istilah hacker, baik oleh media massa maupun masyarakat umum. Contohnya adalah pada paragraf pertama dan kedua tulisan ini. Perilaku men-defaced suatu situs nyata-nyata bukanlah modus operandi hacker. Hacker sejatinya tidak memiliki niatan atau tindakan yang sifatnya merusak.

Penggunaan kata hacker untuk sebuah acara party-party di café seperti contoh di atas juga merupakan satu bentuk pengaburan makna hacker yang sebenarnya. Acara HackersNight yang selalu digelar di café-café tersebut hanyalah merupakan ajang kumpul-kumpul pebisnis dotcom untuk bertukar kartu nama, menikmati hiburan dan bercengkerama hingga larut malam. Agak sulit jika ingin memperkirakan bahwa hacker yang sebenarnya akan menghadiri acara tersebut. Karena sejatinya seorang hacker kurang mau jati dirinya terekspos.

Berbeda bila kita berbicara mengenai ajang pertemuan hacker terbesar di dunia, Def Con, yang diadakan setahun sekali setiap pertengahan bulan Juli di Las Vegas. Acara Def Con tersebut lebih kepada ajang pertukaran informasi dan teknologi yang berkaitan dengan aktifitas hacking. Para hacker dari seluruh dunia tidak segan-segan untuk muncul setahun sekali dalam Def Con tersebut karena disitulah mereka dapat merasakan berada di komunitas hacker yang sesungguhnya, bukan sekedar labelisasi saja.

Walhasil, melihat beberapa kondisi di atas, akhirnya mau tidak mau terjadi kompromi dalam penggunaan istilah hacker. Sebagian orang ada memilih istilah hacker dan cracker, ada yang lebih nyaman menggunakan istilah hacker putih dan hacker hitam dan ada pula yang tetap menggunakan kata hacker untuk semua perilaku kriminalitas di Internet. Karena hacker yang sejati lebih banyak diam, cracker sering menyatakan dirinya sebagai hacker dan masyarakat umum lebih familiar dengan istilah hacker, akhirnya mau tidak mau media massa harus mengikuti selera pasar dengan ikut-ikutan mengeneralisir terminologi hacker.



*) Penulis adalah Koordinator ICT Watch dan jurnalis TI independen. Dapat dihubungi melalui e-mail donnybu@ictwatch.com. Tulisan ini pernah dimuat oleh majalah Neotek, Vol.II - No. 1, Oktober 2001. Tulisan ini bebas dikutip asal menyebutkan sumbernya.


Sumber: bebas.vlsm.org