HITB Security Conference Malaysia 2008

Day 1
This year i got a change to join this great security conference. As a newbie to the security field, I feel a bit strange for the first day. This is not because of some of topics were very deeply about the security issues, but this event like an international events plus many speakers and participations from outside Malaysia. All the keynote speakers for the first very great, Jeremiah Grossman and Marcus Ranum do their best at explaining their own topics. After break, I join the topics that i think quite interesting for me, among them are from Oracle, Hernan Ochoa of Core Security and Saumil Shah form Net Squire Solutions. Don't expect to get lunch on this event, they only provided you with two tea breaks. The best topics for the first day (at least for me :))is Paul Craig talking on how to hack the internet kioks, he show a lot of demo on how to hack the internet kioks especially at his homegrown New Zealand. I miss the track from Roberto Preatoni from Zome-H fame because i got to go back early that day.

Day 2
One of the keynote speaker for day 2, Dr Anton from Log Logic not available, so TiAMO and brokep from The Pirate Bay (TPB) take good change to present more about their TPB. A lot interesting history behind the scene which many didn't know about TPB. I miss some of the interesting tracks that day but Adrian Pastor from GNUCITIZEN really impress me. Now I'm know why GNUCITIZEN very fomous on the security world whather white or black hat. Last track is Shreeraj Shah from Blueinfy talking some topics about the security hole on web 2.0. I enjoy 2 days on this conference, i miss HITB lab because i'm didn't know i can participate this lab, i think this is for the training purpose. Thanks the guys who are sponsor me for this great conference.

How to install Webalizer with Lighttpd

Sometimes you want to know who you are website visitors or where are they coming from. So, for this purpose you need to install web satististics into your web server. There are some good web statistics like Awstats, Webalizer, etc, but i choose Webalizer. From their site, Webalizer is a fast, free web server log file analysis program. It produces highly detailed, easily configurable usage reports in HTML format, for viewing with a standard web browser. Webalizer can run in any web server like Apache or Lighttpd. So, lets start, like usual, i'm using Lenny and Lighttpd for this purpose:

Start installation
online:~# apt-get install webalizer
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
libdb4.5 libgeoip1
Suggested packages:
geoip-bin
The following NEW packages will be installed:
libdb4.5 libgeoip1 webalizer
0 upgraded, 3 newly installed, 0 to remove and 107 not upgraded.
Need to get 1519kB of archives.
After this operation, 4059kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://ftp.debian.org lenny/main libdb4.5 4.5.20-12 [525kB]
Get:2 http://ftp.debian.org lenny/main libgeoip1 1.4.4.dfsg-1 [651kB]
Get:3 http://ftp.debian.org lenny/main webalizer 2.01.10-32.2 [343kB]
Fetched 1519kB in 2min8s (11.8kB/s)
Preconfiguring packages ...
Selecting previously deselected package libdb4.5.
(Reading database ... 57886 files and directories currently installed.)
Unpacking libdb4.5 (from .../libdb4.5_4.5.20-12_i386.deb) ...
Selecting previously deselected package libgeoip1.
Unpacking libgeoip1 (from .../libgeoip1_1.4.4.dfsg-1_i386.deb) ...
Selecting previously deselected package webalizer.
Unpacking webalizer (from .../webalizer_2.01.10-32.2_i386.deb) ...
Processing triggers for man-db ...
Setting up libdb4.5 (4.5.20-12) ...
Setting up libgeoip1 (1.4.4.dfsg-1) ...
Setting up webalizer (2.01.10-32.2) ...
/var/www/webalizer created

Edit anything do you want in their config file
online:~# vi /etc/webalizer/webalizer.conf

Start you web server
online:~# /etc/init.d/lighttpd restart
Stopping web server: lighttpd.
Starting web server: lighttpd.

Lastly, point your browser at http://yourdomain.com/webalizer/

Seminar "Build the Right Network" oleh Extreme Networks

CIAST dengan kerjasama pihak penyedia perkakasan rangkaian, Extreme Networks telah mengadakan satu seminar 6 Ogos 2008. Kebetulan CIAST sememangnya menggunakan peralatan daripada Extreme Networks, jadi aku rasa tidak keberatan untuk menerima pelawaan dari En Shafel selaku Product Manager untuk Extreme Networks Malaysia. CIAST telah menjemput kesemua pengajar/pegawai IT dari pusat latihan kemahiran awam seperti ILJTM, IKBN, IKM, Kolej Komuniti, Piliteknik, etc untuk menyertai seminar ini. Berikut adalah nota-nota daripada seminar tersebut. Slide seminar

How to install HP LaserJet on Debian Lenny

If you have HP printer, you are lucky because most of HP printer can run on Linux. Thanks to HP Linux Imaging and Printing (HPLIP) project for supporting the linux community. HPLIP is an HP developed solution for printing, scanning, and faxing with HP inkjet and laser based printers in Linux. This time I will show how to configure/install HP LaserJet P2015 on Debian Lenny aka testing.

Install cupsys and its dependencies using the following command.
dyna:/# apt-get install cupsys

Then install the Foomatics and install their related package with their dependencies
dyna:/# apt-get install foomatic-db foomatic-filters-ppds foomatic-filters foomatic-db-hpijs hplip hpoj

install hpoj if you using OfficeJet printer

Then using your browser, http://localhost:631 and you can configure your printer from here :)

Installing Lighttpd with MySQL plus PHP5 in Debian Lenny

Today i'm completely finish setting up one server with Debian aka Lenny with Lighttpd, MySQL and PHP5 support. This server mainly use for 'online' application like form application, intake application and other small application developed by our college etc. Why Lenny? I'm using Lenny because the Lenny tree seem like to be freeze right now before Debian 5.0 will be coming out soon on August 2008. From security wise, i'm always monitor my box and Lenny security mailing list and always update the server. Here the complete howto http://www.howtoforge.com/lighttpd_mysql_php_debian_etch

Check Squid log file in FreeBSD

I'm not famaliar enough with FreeBSD, but in my office we have one proxy server running on FreeBSD. How to check Squid log file on taht, then i guess like what i doing in my linux box :

root@isa# tail -f /usr/local/squid/logs/access.log
1214215723.611 3756 10.20.14.5 TCP_MISS/200 39035 GET http://www.dirtbikemagazine.com/Media/News/40046_KX250W9F_D5.jpg - DIRECT/209.196.51.188 image/jpeg
1214215724.057 5 10.20.16.175 TCP_IMS_HIT/304 263 GET http://www.fotosearch.com/comp/SUE/SUE116/paper-clip-thumbtack_~SLBW0188.jpg - NONE/- image/jpeg
1214215724.613 619 10.20.1.8 TCP_MISS/200 3135 GET http://sb.google.com/safebrowsing/update? - DIRECT/209.85.171.91 text/html
1214215725.687 1981 10.20.30.254 TCP_MISS/200 5400 GET http://sb.google.com/safebrowsing/update? - DIRECT/209.85.171.91 text/html
1214215726.360 10100 10.20.14.5 TCP_MISS/200 53145 GET http://www.dirtbikemagazine.com/Media/News/40048_KX250W9F_D1.jpg - DIRECT/209.196.51.188 image/jpeg
:
:

Fuhhh, almost same like linux.

E-Maj Ubuntu for Malaysian first edition

From Mypapit posting in his blog, i'm immediately jump into this site, melayubuntu.blogspot.com, wow! they're brilliant, the best part about this blog is all of them written in malay. Besides they also release online zine called E-maj Ubuntu for Malaysian. You can read and download this ezine from here. For the 1st issue, they are talking about the introduction of linux/ubuntu, command line interface, GIMP tutorial, differential of Ubuntu and Windows Vista, etc.