Facebook Badge

Saturday, December 19, 2009

FACEBOOK DIBLOK ?

Facebook (FB), siapa yang tak kenal dengan FB hingga di kantor kadang2 kerjaan terbengkalai gara2 FB, he..he.. dan kadang2 dari HRD minta ke IT Dept untuk memblok akses ke FB (kejam amat hiks hiks)

Ada juga yang hanya boleh akses pada jam istirahat, jadi pilihannya mau makan istirahat atawa mau fb he..he..

tapi ada caranya neh supaya bisa akses FB, ya semacam istilah
Banyak jalan menuju Roma

pakai HP (sekarang beli hp pasti sudah di bundle dengan gratis akses facebook sekian waktu he..he..)
kalau dari kantor coba ke uncle google dan cari dengan keyword proxy untuk akses facebook

ini ada sedikit contohnya :
List Facebook proxy
http://www.vimgi.com/
http://proxyextras.info/
http://www.elpizzazon.com/
http://bookfaceoxy.com/
http://facebookpr0xy.info/
http://brandonmwelch.com/proxy/
http://www.webproxyunbloked.info/
http://schoolproxyunblocked.info/
http://www.file-share.us/
http://www.hideagent.com/
http://www.avoiddetection.info/

yang ini bukan proxy
http://translate.google.com/
ketikan http://facebook.com dan tekan translate

BUAT GRUP DI FACEBOOK

Cara Membuat Group Di Facebook
Mau buat grup / group di facebook ? Gimana cara-nya ? Susah atau mudah ?
Caranya :

1. Buka facebook anda.

2. Buat Tab Baru, Caranya tekan CTRL+T

3. Buka URL berikut ini : http://www.facebook.com/groups/create.php

4. Isikan informasi tentang grup facebook anda. Seperti Nama grup, Keterangan, Jenis grup, Berita terbaru, kantor, email dan seterusnya . Kalau sudah, klik "Buat Grup".

Friday, April 24, 2009

Reset password ROOT in DEBIAN

This is one of the problem faced by many person’s“what if i lost the root password”First thing that comes in mind is “use single user mode” but the answer is NO.
coz debian takes the system security to one more level up and by default ask’s for the root password.


so the BIG QUESTION IS HOW TO proceed further

follow these steps

1) on grub-boot prompt.
press “e” to enter edit mode

2) then press downarrow to reach the line that starts with “kernel “
press “e” again

3) at the end of this line type in “init=/bin/sh” or “/bin/bash”

4) then press enter to make that change and press “b” to boot

in a few seconds you will be on your “#” prompt

5) only one step left
“mount -o remount rw /”

this step is necessary coz in this case root file system is mounted as read only.

6) finally type “passwd” and you get the screen to change the password

and then type in “init 6? or “reboot”

NOTE FOR TECHNICAL USERS
those who are looking for the technical details, the main work is the init command that we passed as an argument to kernel, it told kernel to specifically run the command specified in parameter instead of working on normal routine.

TRICK = if you have any program you wish to run instead of this then you can do that too using init command only.

Friday, February 13, 2009

Remote PC With Command Prompt

RCMD, the remote command prompt

One of the most powerful parts of windows is the command line interface (cmd.exe). I have done things from directory listings to adding users locally, editing registry and even as far as manipulating windows services.

Being able to do all this from command line is great, but when you have multiple machines at different locations, It is nice to do some remote work from time to time. In comes PSEXEC from Microsoft’s Sysinternals. using PSEXEC and a little know-how on writing batch files, I created a batch file that will allow me to use the command line interface on remote PC while the user is still logged on.

The batch is as follows

psexec //%1 -u domainname\user -p password c:\windows\system32\cmd.exe

pause

saving this batch file as c:\windows\rcmd.bat will allow you to start the run command and type rcmd computername and you should get a command prompt for that PC (if you are an administrative user on that PC)

This is great for spot checks or quick changes, but when you want to make changes, but when you need to make changes on more than one PC, you can create a batch file with these changes and use PSEXEC to run the batch on a list of workstations.

First you want to create a text file (I call mine hosts.txt) and input each computer name or IP of the workstation (one host per line)

Next is to open up a command line and type in the following

psexec @hosts.txt -u domain\user -p password -c batchfile.bat

To keep things neat and tidy, I generally creatediscriptive folder with psexec, the batch file, the hosts file and a batch including this command called runme.bat.

Thursday, February 12, 2009

Script Ambil File ke FTP Server Secara Otomatis

Script untuk download file dari FTP Server
Untuk yang sudah mengenal pemrograman Shell, script berikut bisa digunakan untuk mengambil file dari FTP server secara otomatis. Semisal menjadwalkan pengambilan file pada jam,tanggal ataupun hari tertentu, dengan bantuan crontab.

ftp -in
open HOSTNAME
user USER PASSWORD
COMMAND_LINE1
COMMAND_LINE2
COMMAND_LINE3
get FILENAME1
get FILENAME2
bye

Misal kita pengen konek ke IP 10.34.19.1, dengan user perator password:ngawur dan mendownload file dengan nama Laporan_20080301.txt dari direktori /home/operator/laporan, script nya kurang lebih seperti ini :

ftp -in
open 10.34.19.1
user operator ngawur
cd /home/operator/laporan
bin
hash
get Lap_20090214.txt
bye
Selamat Mencoba.

Tuesday, February 10, 2009

Belajar Cisco (VLAN)

vlan aktif
berdasarkan port
mac address
protokol
subnet
aplikasi

dhcp aktif default-router meragukan
routing protokol baru rip ,igrp eigrp,ospf,bgp
lalu lakukan konek si dengan jaringan lan perusahaan
maka diapakai NAT pada router agar client vlan di router kita terdeteksi
lalu dilakukan accest list lalu policy
ini syntaksnya:
setting vlan
switch
conf t
vlan database
vlan100
vlan200
vlan300
int range g1/0/8 g1/0/10
swtichport access vlan100
no shut
int range g1/0/11 g1/0/13
swtichport access vlan100
no shut
int range g1/0/13 g1/0/16
swtichport access vlan100
no shut
int g1/0/1
switchport mode trunk

router
conf t
int g0/1.100
encapsulation dot1q 100
ip address 192.168.10.254 255.255.255.0
int g0/1.200
encapsulation dot1q 200
ip address 172.16.20.254 255.255.255.0
int g0/1.300
encapsulation dot1q 100
ip address 10.0.30.254 255.255.255.0

static setiap komputer yang terhubung dengan switch tergantung vlan nya dengan mengeset ip address secara manual

dynamic setiap komputer hanya mengeplug lan kabelnya router akan memberikan ip secara otmatis

ip dhcp pool vlan100
network 192.168.10.0 255.255.255.0
default-router 192.168.10.254

ip dhcp pool vlan200
network 172.16.20.0 255.255.255.0
default-router 172.16.20.254

ip dhcp pool vlan300
network 10.0.30.0 255.255.255.0
default-router 10.0.30.254

tidak dibutuhkan router protokol karena terhubung directly ke setiap port

bagaimana cara agar masingmasing vlan tersebut terhubung dengan internet sedangkan kita tau setiap vlan memiliki ip yang berbeda
pada penerapan kali ini router berada dibawah switch yang terhubung lagi dibawah sebuah router yang menghubungkan jaringan dengan internet
dengan di bawah router tersebut menggunakan vlan lagi yakni 10.3.0.1 gateway nya
maka
kita harus mengeset network address translation
dapat diset
1.static
2.dynamic
1.dynamic ip
2. dynamic port atau yang disebut Port Address Translation
kita mencoba port address translation
konfgure di routernya
access-list 13 192.168.10.0 0.0.0.255
access-list 13 172.16.20.0 0.0.0.255
access-list 13 10.0.30.0 0.0.0.255
ip nat inside source list 13 inteface g0/0 overload
int g0/1.100
ip nat inside
int g0/1.200
ip nat inside
int g0/1.300
ip nat inside
int g0/0
ipnat outside

jangan lupa kita harus memberi tahu router kita gateway internetnya
dengan mengkonfigure
ip route 0.0.0.0 0.0.0.0 10.3.0.1
ssetelah terhubung dengan internet kita hedak mencoba untuk melakukan bandwith limit dengan mengkonfigure router
konfigure pada router
masuk interface dahulu
rate-limit input 64000 8000 8000 conform-action transmit exceed-action drop
access list konfiguration

Monitor dan Memblok Trafik Virus Pada Cisco Router

Router merupakan sebuah device yang berfungsi untuk meneruskan paket-paket dari sebuah network ke network yang lainnya (baik LAN ke LAN atau LAN ke WAN) sehingga host-host yang ada pada sebuah network bisa berkomunikasi dengan host-host yang ada pada network yang lain. Router menghubungkan network-network tersebut pada network layer dari model OSI, sehingga secara teknis Router adalah Layer 3 Gateway.

Selain itu juga router dapat menangkap dan melihat aktivitas trafik dalam jaringan, sehingga memudahkan kita untuk mengklasifikasikan trafik dan membuang paket-paket yang tidak diperlukan.

Berkembangnya virus-virus komputer yang sangat cepat, cukup merugikan para penyedia jaringan dan pengguna komputer. Serangan virus ini telah banyak mengkonsumsi bandwidth sehingga trafik aplikasi yang sebenarnya tidak bisa dilewatkan melalui jaringan karena jaringan telah dipenuhi oleh paket-paket virus.

Berikut ini tulisan yang menyajikan cara memonitor trafik dan memblok paket virus dengan menggunakan router Cisco.

Untuk menampung semua trafik yang keluar masuk, harus dibuatkan tempat yang biasanya disebut log.

Pada router cisco, buffer log tidak aktfi secara default. Oleh karena itu kita harus mengaktifkannya sebelum menampung trafik yang akan kita lihat.

Cara mengaktifkan log buffer pada Router Cisco:


Router(config)# logging buffered 4096
Router(config)# exit

Angka 4096 mempunyai satuan bytes, jadi tempat/memori yang disediakan untuk menangkat trafik sebesar 4096 Bytes.

Setelah itu, kita membuat profile untuk menangkap trafik dengan menggunakan Access Control List (ACL) extended.

Contoh :

Konfigurasi access-list 101

Router# config t
Router(config)# access-list 101 permit icmp any any log
Router(config)# access-list 101 permit tcp any any gt 0 log
Router(config)# access-list 101 permit udp any any gt 0 log
Router(config)# access-list 101 permit ip any any log


Pengertian permit berarti semua paket (icmp, tcp, udp, ip) diijinkan lewat

Selanjutnya terapkan Access-List yang sudah dibuat pada interface yang akan kita tangkap trafiknya.

Misal kita ingin menangkap trafik yang masuk ke port Fast Ethernet 0 : (dapat diterapkan di semua interface, seperti : E0, S0, S1.1, S2/0.1, ATM0/0.1, dll)

Router(config)# int fa0
Router(config-if)# ip access-group 101 in
Router(config-if)# exit

Agar hasil log dapat terlihat Tanggal dan Jam-nya, maka harus dikonfigurasi sebagai berikut:

Router(config)# service timestamps log datetime localtime
Router(config)# exit
Router#clock set 14:00:00 17 May 2004

Setelah selesai, kita dapat melihat semua trafik yang masuk ke Fast Ethernet 0:

Perintah yang digunakan adalah : show log

Router# show log

May 17 14:02:38: %SEC-6-IPACCESSLOGP: list 101 permitted tcp 172.21.0.182(1019) -> 192.168.134.82(515), 2 packets

May 17 14:02:44: %SEC-6-IPACCESSLOGDP: list 101 permitted icmp 192.168.134.2 -> 192.168.134.42 (3/13), 6 packets

May 17 14:02:44: %SEC-6-IPACCESSLOGP: list 101 permitted tcp 172.21.0.182(1019) -> 192.168.134.43(515), 1 packet

May 17 14:03:03: %SEC-6-IPACCESSLOGP: list 101 permitted tcp 172.21.0.155(1014) -> 192.168.134.67(515), 2 packets

May 17 14:03:05: %SEC-6-IPACCESSLOGP: list 101 permitted tcp 172.21.0.182(1005) -> 192.168.134.67(515), 2 packets

Dari data trafik baris pertama di atas, paket tcp port 1019 dengan IP 172.21.0.182 masuk ke port Fast Ethernet 0 dengan tujuan IP 192.168.134.82 menggunakan port 515 sebanyak 2 paket, terjadi pada tanggal 17 May 2004 jam 14:02:38.

Dari data trafik baris pertama di atas, paket tcp port 1019 dengan IP 172.21.0.182 masuk ke port Fast Ethernet 0 dengan tujuan IP 192.168.134.82 menggunakan port 515 sebanyak 2 paket, terjadi pada tanggal 17 May 2004 jam 14:02:38.Dari data trafik baris pertama di atas, paket tcp port 1019 dengan IP 172.21.0.182 masuk ke port Fast Ethernet 0 dengan tujuan IP 192.168.134.82 menggunakan port 515 sebanyak 2 paket, terjadi pada tanggal 17 May 2004 jam 14:02:38.Untuk melihat throughput atau utilisasi pada interface Fast Ethernet 0, dapat menggunakan perintah:

Router# sho int fa0

….
5 minute input rate 11264000 bits/sec, 2378 packets/sec
5 minute output rate 5203000 bits/sec, 3060 packets/sec
……

Virus Jaringan

PC yang terkena virus akan selalu mengirimkan paket-paket ke jaringan dalam jumlah besar dalam waktu singkat.

Jika pada saat kita menangkap trafik pada suatu interface, terdapat pola paket yang sangat banyak dan menggunakan port TCP, UDP atau ICMP yang sama, kemungkinan jaringan ini terkena virus.

Berikut contoh-contoh paket virus dalam jaringan :

Salah satu jenis Virus Blaster menggunakan TCP port 135, virus ini dapat memenuhi jaringan dan menyebabkan aplikasi di jaringan menjadi lambat atau bahkan hang. Paket ini akan terus memenuhi jaringan walaupun kondisi komputer sedang tidak melakukan aktivitas.

May 19 14:25:48: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.69(2865) -> 129.74.248.15(135), 1 packet

May 19 14:25:49: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.66(4283) -> 10.239.97.117(135), 1 packet

May 19 14:25:50: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.69(2897) -> 129.74.248.47(135), 1 packet

May 19 14:25:51: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.70(3832) -> 166.58.195.45(135), 1 packet

May 19 14:25:52: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.68(2189) -> 68.44.91.87(135), 1 packet

May 19 14:25:53: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.70(3864) -> 166.58.195.77(135), 1 packet

May 19 14:25:54: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.66(4335) -> 10.239.97.167(135), 1 packet

May 19 14:25:55: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.69(2947) -> 129.74.248.97(135), 1 packet

May 19 14:25:56: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.66(4369) -> 10.239.97.199(135), 1 packet

May 19 14:25:57: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.68(2239) -> 68.44.91.137(135), 1 packet

May 19 14:25:58: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.70(3914) -> 166.58.195.127(135), 1 packet

Jenis Virus Blaster yang lain menggunakan TCP port 445, 139 dan UDP port 137 (ada juga yang menggunakan port 138, tetapi tidak ditampilkan di sini)

May 25 15:46:46: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2774) -> 64.120.84.40(445), 1 packet

May 25 15:46:47: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2776) -> 64.120.84.41(445), 1 packet

May 25 15:46:48: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2778) -> 64.120.84.42(445), 1 packet

May 25 15:46:49: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2780) -> 64.120.84.43(445), 1 packet

May 25 15:46:50: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2782) -> 64.120.84.44(445), 1 packet

May 25 15:46:51: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2784) -> 64.120.84.45(445), 1 packet

May 25 15:46:52: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2787) -> 64.120.84.46(139), 1 packet

May 25 15:46:53: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2789) -> 64.120.84.47(139), 1 packet

May 25 15:46:54: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2790) -> 64.120.84.48(445), 1 packet

May 25 15:46:55: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2792) -> 64.120.84.49(445), 1 packet

May 25 15:46:56: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2794) -> 64.120.84.50(445), 1 packet

May 25 15:48:06: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2922) -> 64.120.84.111(139), 1 packet

May 25 15:48:07: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2924) -> 64.120.84.112(139), 1 packet

May 25 15:48:08: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2940) -> 64.120.84.119(139), 1 packet

May 25 15:48:10: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2944) -> 64.120.84.121(139), 1 packet

May 25 15:48:11: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2952) -> 64.120.84.125(445), 1 packet

May 25 15:48:12: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2955) -> 64.120.84.126(139), 1 packet

May 25 15:48:13: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2956) -> 64.120.84.127(445), 1 packet

May 25 15:48:14: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2959) -> 64.120.84.128(139), 1 packet

May 25 15:48:15: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2962) -> 64.120.84.129(139), 1 packet

May 25 15:48:16: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2964) -> 64.120.84.130(139), 1 packet

May 25 15:48:17: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2966) -> 64.120.84.131(139), 1 packet

May 25 15:48:18: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2968) -> 64.120.84.132(139), 1 packet

May 25 15:48:19: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2970) -> 64.120.84.133(139), 1 packet

May 25 15:48:21: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2974) -> 64.120.84.135(139), 1 packet

May 25 15:48:22: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2976) -> 64.120.84.136(139), 1 packet

May 25 15:48:23: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2978) -> 64.120.84.137(139), 1 packet

May 25 15:48:24: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2981) -> 64.120.84.138(139), 1 packet

May 25 15:48:25: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2984) -> 64.120.84.139(139), 1 packet

May 25 15:48:26: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2985) -> 64.120.84.140(445), 1 packet

May 25 15:48:27: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2979) -> 64.120.84.138(445), 1 packet

May 25 15:48:28: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2984) -> 64.120.84.139(139), 1 packet

May 25 15:48:29: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2992) -> 64.120.84.143(139), 1 packet

May 25 15:48:30: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2974) -> 64.120.84.135(139), 1 packet

May 25 15:48:32: %SEC-6-IPACCESSLOGP: list 107 permitted tcp 202.152.18.230(2978) -> 64.120.84.137(139), 1 packet

May 18 16:20:48: %SEC-6-IPACCESSLOGP: list 104 permited udp 10.49.100.230(1028) -> 19.135.133.55(137), 1 packet

May 18 16:20:49: %SEC-6-IPACCESSLOGP: list 104 permited tcp 10.49.12.124(4616) -> 10.14.44.151(445), 1 packet

May 18 16:20:50: %SEC-6-IPACCESSLOGP: list 104 permited tcp 10.49.148.98(2979) -> 10.49.181.197(445), 1 packet

May 18 16:20:51: %SEC-6-IPACCESSLOGP: list 104 permited tcp 10.49.20.116(4176) -> 10.49.239.149(445), 1 packet

May 18 16:20:52: %SEC-6-IPACCESSLOGP: list 104 permited udp 10.49.18.195(1030) -> 139.64.66.76(137), 1 packet

May 18 16:20:53: %SEC-6-IPACCESSLOGP: list 104 permited udp 10.49.12.34(1027) -> 120.134.165.57(137), 1 packet

May 18 16:20:54: %SEC-6-IPACCESSLOGP: list 104 permited udp 10.49.6.35(1031) -> 3.151.81.106(137), 1 packet

May 18 16:20:55: %SEC-6-IPACCESSLOGP: list 104 permited tcp 10.49.20.115(3517) -> 10.49.217.164(445), 1 packet

May 18 16:20:56: %SEC-6-IPACCESSLOGP: list 104 permited tcp 10.49.2.131(1903) -> 10.174.107.77(445), 1 packet

May 18 16:20:57: %SEC-6-IPACCESSLOGP: list 104 permited tcp 10.49.22.68(4704) -> 10.57.51.106(445), 1 packet

May 18 16:20:58: %SEC-6-IPACCESSLOGP: list 104 permited udp 10.49.5.99(1027) -> 132.70.123.242(137), 1 packet

May 19 14:25:48: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.69(2865) -> 129.74.248.15(135), 1 packet

May 19 14:25:49: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.66(4283) -> 10.239.97.117(135), 1 packet

May 19 14:25:50: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.69(2897) -> 129.74.248.47(135), 1 packet

May 19 14:25:51: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.70(3832) -> 166.58.195.45(135), 1 packet

May 19 14:25:52: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.68(2189) -> 68.44.91.87(135), 1 packet

May 19 14:25:53: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.70(3864) -> 166.58.195.77(135), 1 packet

May 19 14:25:54: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.66(4335) -> 10.239.97.167(135), 1 packet

May 19 14:25:55: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.69(2947) -> 129.74.248.97(135), 1 packet

May 19 14:25:56: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.66(4369) -> 10.239.97.199(135), 1 packet

May 19 14:25:57: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.68(2239) -> 68.44.91.137(135), 1 packet

May 19 14:25:58: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.236.48.70(3914) -> 166.58.195.127(135), 1 packet

Paket Virus Welchia/Nachi:

Oct 22 10:59:50: %SEC-6-IPACCESSLOGDP: list 101 permitted icmp 202.152.13.98 -> 192.170.211.87 (8/0), 1 packet

Oct 22 10:59:51: %SEC-6-IPACCESSLOGDP: list 101 permitted icmp 202.152.13.98 -> 192.170.211.248 (8/0), 1 packet

Oct 22 10:59:52: %SEC-6-IPACCESSLOGDP: list 101 permitted icmp 202.152.13.98 -> 192.170.212.186 (8/0), 1 packet

Oct 22 10:59:53: %SEC-6-IPACCESSLOGDP: list 101 permitted icmp 202.152.13.98 -> 192.170.213.46 (8/0), 1 packet

Dengan menggunakan Router kita dapat memblok paket-paket tersebut diatas agar tidak menulari jaringan yang lain atau memenuhi jaringan WAN.

Bloking paket virus dilakukan di sisi router pada interface yang paling dekat dengan keberadaan jaringan yang bervirus.

Contoh cara melakukan Bloking Paket pada virus Blaster yang menggunakan TCP port 445 dan UDP port 137 adalah dengan menggunakan Access Control List (ACL) sebagai berikut :

Router# config t
Router(config)# access-list 104 deny tcp any any eq 445 log
Router(config)# access-list 104 deny udp any any eq 137 log
Router(config)# access-list 104 permit ip any any

Catatan : Jangan lupa di akhir command untuk selalu memasang permit ip any any , setelah anda melakukan bloking dengan perintah deny. Jika anda tidak memasang permit ip any any, maka semua paket akan diblok.

Selanjutnya kita pasang access-list 104 di atas, pada interface tempat masuknya virus, misal di interface ethernet0:

Router(config)# int e0
Router(config-if)#ip access-group 104 in
Router(config-if)# exit

Untuk melihat hasilnya adalah sebagai berikut :

Router# sho log

May 18 16:21:08: %SEC-6-IPACCESSLOGP: list 104 denied udp 169.254.166.50(137) -> 169.254.255.255(137), 1 packet

May 18 16:21:09: %SEC-6-IPACCESSLOGP: list 104 denied tcp 10.49.151.68(1339) -> 10.49.35.78(445), 1 packet

May 18 16:21:10: %SEC-6-IPACCESSLOGP: list 104 denied udp 10.49.100.230(1028) -> 4.71.4.82(137), 1 packet

May 18 16:21:11: %SEC-6-IPACCESSLOGP: list 104 denied udp 10.49.19.130(1027) -> 46.33.60.237(137), 1 packet

May 18 16:21:12: %SEC-6-IPACCESSLOGP: list 104 denied udp 10.49.7.194(1028) -> 140.120.202.83(137), 1 packet

May 18 16:21:13: %SEC-6-IPACCESSLOGP: list 104 denied tcp 10.49.15.132(3882) -> 10.74.93.59(445), 1 packet

May 18 16:21:14: %SEC-6-IPACCESSLOGP: list 104 denied tcp 10.49.20.115(3562) -> 185.142.133.192(445), 1 packet

May 18 16:21:15: %SEC-6-IPACCESSLOGP: list 104 denied tcp 10.49.12.124(3058) -> 10.228.79.203(445), 1 packet

May 18 16:21:16: %SEC-6-IPACCESSLOGP: list 104 denied tcp 10.49.12.40(3571) -> 31.7.189.248(445), 1 packet

May 18 16:21:17: %SEC-6-IPACCESSLOGP: list 104 denied udp 10.49.13.130(1026) -> 14.0.106.191(137), 1 packet

May 18 16:21:18: %SEC-6-IPACCESSLOGP: list 104 denied udp 10.49.15.99(1029) -> 62.178.109.147(137), 1 packet

May 18 16:21:19: %SEC-6-IPACCESSLOGP: list 104 denied udp 10.49.8.105(1027) -> 144.203.127.85(137), 1 packet

May 18 16:21:20: %SEC-6-IPACCESSLOGP: list 104 denied udp 10.49.8.6(1027) -> 119.123.155.124(137), 1 packet

May 18 16:21:21: %SEC-6-IPACCESSLOGP: list 104 denied tcp 10.49.20.116(4314) -> 17.101.32.39(445), 1 packetTerlihat bahwa semua paket yang menggunakan TCP port 445 dan UDP port 137 akan di Deny (blok).Terlihat bahwa semua paket yang menggunakan TCP port 445 dan UDP port 137 akan di Deny (blok).Hal ini sangat bermanfaat jika jaringan kita menggunakan WAN.

Terlihat bahwa semua paket yang menggunakan TCP port 445 dan UDP port 137 akan di Deny (blok).Hal ini sangat bermanfaat jika jaringan kita menggunakan WAN.Misal kita menggunakan WAN Frame Relay dengan kecepatan 64 Kbps. Jika suatu LAN 100 Mbps di remote terkena virus seperti diatas, maka semua paket virus ini akan menyebar dan masuk ke WAN yang mempunyai kecepatan hanya 64 Kbps. Dapat dibayangkan pasti jaringan WAN yang 64 kbps ini akan penuh, dan user-user di remote tidak akan bisa melakukan hubungan ke jaringan pusat.

Dengan dilakukan bloking seperti cara di atas, maka jaringan WAN 64 Kbps ini akan bersih dan tetap terjaga pemakaian bandwidthnya.

Selamat mencoba!!!

*thx to mudji.net

VLAN

I’m going to show how to segment logical network using VLAN.

Say, there are two department in the office.

VLAN 2 is for IT department and VLAN 3 is for sales department.

There are 2 switches, and placed at two places, switch 1 and 2 connected on fast ethernet port 0/24 which configured for trunk port. So here is the switch configuration:

switch1>enable
switch1#configure terminal
switch1(config)#int fa0/24
switch1(config-if)#switchport mode trunk
switch1(config-if)#switchport trunk allowed vlan 2-3
switch(config-if)#switchport native vlan 40
switch1(config-if)#exit
switch1(config)#vlan 2
switch1(config)#name IT-department
switch1(config)#vlan 3
switch1(config)#name Sales-department
switch1(config)#int fa0/1
switch1(config-if)#switchport mode access
switch1(config-if)#switchport access vlan 2
switch1(config-if)#int fa0/2
switch1(config-if)#switchport mode access
switch1(config-if)#switchport access vlan 3
switch1(config-if)#^Z
switch1(config)#copy running-config startup-config

if you want to access the switch using telnet you have to configure it like this:

switch1#configure terminal
switch1(config)#int vlan1
switch1(config-if)#ip address 192.168.100.253 255.255.255.0
switch1(config-if)#no shut
switch1(config-if)#line vty 0 4
switch1(config-line)#password yourpassword
switch1(config-line)#login
switch1(config-line)#exit
switch1(config)#service password-encryption
switch1(config)#enable secret yourpassword
switch1(config)#exit
switch1#copy running-config startup-config

for switch 2, follow the configuration above. Both switches, trunk port must use vlan 40 in order to communicate.

Password recovery procedure

This is the password recovery procedure on Cisco 2xxx series.

First, you have to connect rollover cable to console port on cisco router and serial port on PC. And make sure the serial port configuration on hyperterminal or securecrt or any tty software to be like this:

Baud rate: 9600
Data bits: 8
Parity: None
Stop bits: 1

Then, reboot the router.

When the bootstrap loading the IOS image, you must immediately press Ctrl+Break to enter rommon mode.

System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)

Copyright (c) 2000 by cisco Systems, Inc.

cisco 2811 (MPC860) processor (revision 0×200) with 60416K/5120K bytes of memory

Self decompressing the image :
################

monitor: command “boot” aborted due to user interrupt
rommon 1 >confreg 0×2142
rommon 1 >reset
System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
Copyright (c) 2000 by cisco Systems, Inc.
cisco 2811 (MPC860) processor (revision 0×200) with 60416K/5120K bytes of memory

Self decompressing the image :
########################################################################## [OK]

Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 06:21 by pt_rel_team
Image text-base: 0×400A925C, data-base: 0×4372CE20
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco 2811 (MPC860) processor (revision 0×200) with 60416K/5120K bytes of memory
Processor board ID JAD05190MTZ (4292891495)
M860 processor: part number 0, mask 49
2 FastEthernet/IEEE 802.3 interface(s)
239K bytes of non-volatile configuration memory.
62720K bytes of ATA CompactFlash (Read/Write)
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 06:21 by pt_rel_team
— System Configuration Dialog —
Continue with configuration dialog? [yes/no]:
Press RETURN to get started!
As you can see above, the system has bypass the startup-config so it back to initial configuration.
Router>enable
Router#copy startup-config running-config
Destination filename [running-config]?
453 bytes copied in 0.416 secs (1088 bytes/sec)
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret mypassword
Router(config)#^Z
%SYS-5-CONFIG_I: Configured from console by console
Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…
[OK]
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#config-register 0×2102
Router(config)#^Z
%SYS-5-CONFIG_I: Configured from console by console
Router#reload
System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
Copyright (c) 2000 by cisco Systems, Inc.
cisco 2811 (MPC860) processor (revision 0×200) with 60416K/5120K bytes of memory
Self decompressing the image :
########################################################################## [OK]
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 06:21 by pt_rel_team
Image text-base: 0×400A925C, data-base: 0×4372CE20
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco 2811 (MPC860) processor (revision 0×200) with 60416K/5120K bytes of memory
Processor board ID JAD05190MTZ (4292891495)
M860 processor: part number 0, mask 49
2 FastEthernet/IEEE 802.3 interface(s)
239K bytes of non-volatile configuration memory.
62720K bytes of ATA CompactFlash (Read/Write)
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 06:21 by pt_rel_team
%LINK-5-CHANGED: Interface Vlan1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
%LINK-5-CHANGED: Interface Vlan1, changed state to administratively down
Press RETURN to get started!
Router>enable
Password: mypassword
Router#

Saturday, January 17, 2009

Backup Konfigurasi Mikrotik via email

untuk rekan2 yang menggunakan RouterOS Mikrotik mungkin terbayang untuk membackup konfigurasi router setiap hari dan secara otomatis.....

biar beban kita menjadi ringan.link acuan : http://wiki.mikrotik.com/wiki/Send_Backup_email dan manual mikrotik

yuk kita mulai ...set ip address dns dan mail server
> /ip dns set primary-dns=192.168.10.110
secondary-dns=192.168.10.120 --> isi dengan ip address dns server anda / provider.
> /ip dns print
primary-dns: 192.168.10.110secondary-dns: 192.168.10.120
allow-remote-requests:
nocache-size: 2048
KiBcache-max-ttl: 1w
cache-used: 16KiB

> /tool e-mail set server=192.168.10.100 from="Pikachu" --> isi dengan ip address mail server anda. smtp tanpa authetikasi. from di isi terserah anda.

> /tool e-mail print
server: 192.168.10.100
from: "Pikachu"

buat script nya
> /system script> add name=script-backup-router policy=ftp,reboot,read,write,policy,test source={/system backup save name=Pikachu {... /tool e-mail send server=192.168.10.100 to="" from="" subject=([/system identity get name] . " " . [/system clock get date] . " " . [/system clock get time]) body=("email ini merupakan backup otomatis dari Router" . " " . [/system identity get name] . " " . [/system clock get date] . " " . [/system clock get time]) file="Pikachu.backup"}

keterangan:
1. name diisi sebagai nama script. contoh : script-backup-router
2. name merupakan nama file backup router kita. contoh menggunakan "Pikachu"
3. server isi dengan ip address smtp mail server anda. smtp tanpa authetikasi. contoh : 192.168.10.100
4. to di isi email address tujuan.
5. from diisi email address dari pengirim. email address nya harus valid
6. file diisi sesuai dengan nama file backup kita diatas. contoh Pikachu.backup

> print
0 name="script-backup-router" owner="admin" policy=ftp,reboot,read,write,policy,test last-started=run-count=0 source=
/system backup save name=Pikachu
/tool e-mail send server=192.168.10.100 to="" from="" subject=([/system identity get name] . " " . [/system clock get date] . " " . [/system clock get time]) body=("email ini merupakan backupotomatis dari Router" . " " . [/system identity get name] . " " . [/system clock get date] . " " . [/system clock get time]) file="Pikachu.backup"

script udah kita buat, sekarang buat schedule nyamisalkan kita pingin script dijalan kan setiap pagi jam 06.00

> /system scheduler add name=backup-router on-event=script-backup-router start-date=jun/20/2007 start-time=06:00:00 interval=1d disabled=no

seeeppp.... udah selesai

selamat mencoba....

mungkin bisa juga menggunakan script dibawah ini:/system script add name=script-backup-router policy=ftp,reboot,read,write,policy,test source={/system backup save name=([/system identity get name])/tool e-mail send server=192.168.10.100 to="" from="" subject=([/system identity get name] . " " . [/system clock get date] . " " . [/system clock get time]) body=("email ini merupakan backup otomatis dari Router" . " " . [/system identity get name] . " " . [/system clock get date] . " " . [/system clock get time]) file=([/system identity get name] . ".backup")}

*thx firmansyah-id.blogspot.com for article

Friday, January 16, 2009


resize partition using gparted
Published by kholis on December 22, 2008 10:40 pm under GNU/Linux
before:

after:

steps:
1. Ctrl+Alt+F1 (go to tty1)
2. login with user: root
3. #/etc/init.d/gdm stop (stop GDM)
4. #umount /home
5. #X & (start X in the background process, X server will be up in tty7. please check by type ctrl+alt+f7)
6. #export DISPLAY=localhost:0.0 (set display on tty7 on every application needed X)
7. #gparted & (start gparted)
8. Ctrl+Alt+F7 (to see the display)
9. resize the home partition. and then apply.
10. quit gparted. and reboot the system.

*thx to blog.its.ac.id for the articel

Thursday, January 15, 2009

Membuat Website dengan Joomla

Nyari-nyari artikel soal buat web dengan joomla akirnya ketemuanya
buat teman-teman yang mau buat website menggunaka joomla bisa di coba neh
disini di bahas untuk membuat website SMA dengan joomla

BAB 1 http://www.ziddu.com/download/3201563/bab1.pdf.html
BAB 2 http://www.ziddu.com/download/3203590/BAB2.pdf.html
BAB 3 http://www.ziddu.com/download/3210867/BAB3.pdf.html
BAB 4
BAB 5
BAB 6

Membuat DHCP Server Pakai Mikrotik

Sekarang kita coba membuat DHCP server dengan mikrotik, tujuannya adalah memberikan otomatis IP address pada PC client kita. Jadi kita ngga perlu pusing pembagian IP pada masing-masing PC, coba anda bayangkan jika PC client anda ada 200 PC yang harus mempunyai IP untuk bisa terhubung dengan mikrotik anda.

Pertama buat IP Pool, yaitu range IP yang bisa digunakan oleh server DHCP anda. Untuk case ini PC akan diberikan ip dari 192.168.0.2 sampai 192.168.0.254, berarti ada 253 PC yang bisa dihandle server DHCP.

/ip pool add name="dhcp_pool" ranges=192.168.0.2-192.168.0.254

Lalu setting DHCP mikrotik anda pada /ip dhcp-server
/ip dhcp-server
add address-pool=dhcp_pool authoritative=after-2sec-delay bootp-support=static disabled=no interface=ether2 lease-time=3d name="dhcp_server"

Setting diatas menjelaskan bahwa server anda menggunakan address pool dgn nama “dhcp_pool” dan menggunakan “ether2″ untuk interface yang digunakan mikrotik (interface tersebut yang terhubung dengan switch/hub jaringan lokal anda)

/ip dhcp-server networkadd address=192.168.0.0/24 comment="" dns-server=10.20.40.100,10.20.40.200 gateway=192.168.0.1 netmask=24

Setting diatas menjelaskan bahwa DHCP mikrotik menggunakan Network ID 192.168.0.0/24 Netmask 255.255.255.0 (/24) dengan pemberian gateway ke 192.168.0.1 dan DNS 10.20.40.100, 10.20.40.200
Setting network pada PC client anda dengan mencentang “Obtain an IP Address Automatically” dan “Obtain DNS Server Address Automatically”
Done! anda sudah bisa membuat DHCP server dengan mikrotik

*thx to adamoline atas artikelnya