Friday, September 25, 2009

possible offect of astro channel 712?

really wondering why is that channel really famous

is it because people want to be celebrities?
wanting to have 100% attention from people on earth?
or just want to be rich?

if just wanting to be rich, stop dreaming and wasting ur valuable time by watching that channel
u dont have to be a celebrity to be that rich, there are tons of other ways
being bitchy with all those farkhed up comments wont get u anywhere
well maybe some reputation points among peers who loves that sort of thing
but being in Malaysia, wat meluat ade ah (seems so for me)

besides, our malays ni, nak sangat ke jadi omputeh tu?
just look at p.hilten, k.kardeshien
y are they famous in the first place?

for being rich? dont think so ;p

well, kalau nak follow trend sangat...trend diorang?
drink n sex before legal age? yep, its becoming their culture even

when all malays here are EAGER to follow their trend
what will happen to our own? not to say that i'm the cultural type
at least toksah la terikot2 sangat.. what a huge waste of money by the way

actually x payah pikir jauh pon..somehow, we represent our parents..just think, would our parents be proud if our malays became bimbos and bitchy? (not applied to 1 gender only)

Monday, September 14, 2009

surfnet IDS installation - Sensor (simplified install guide)

The system's sensor is where all the malicious trafic will be directed, where 'replications' of nepenthes (honeypot program) from tunnel server are placed.

sensor must be installed after finish installing and configuring both servers because the sensor is automatically connected to the servers when it is up. keys from the tunnel server are also required for the sensor to be connected to the server.

follow installation instructions here

copy ca.crt from tunnel server into the sensor's surfids folder. type in "surfids-passwd (insert password here) >> (instert surfids config filename with path here)"
edit the config file with suitable info and edit openvpn.conf by inserting ip address of tunnel server. restart the sensor machine and it will boot into the sensor menu if installation succed. once in the sensor menu, config the sensor accordingly with the right network configurations. note: tunnel endpoint is not the ip address of the tunnel server, but ip address within the same subnet of the sensor.

in case your installation fails and you need to restart installation, dont panic, just ssh into the sensor, apt-get remove --purge surfids-sensor and sudo rm -rf the ids folder to remove any remaining files and just reinstall it by typing sudo apt-get install surfids-sensor.

Surfnet IDS installation - Tunnel server (simplified version)

Continued from the Log server installation guide (based on ubuntu server)

for my installation process, i installed the tunnel server after installing the log server.

oh i forgot to explain what does the tunnel server does and what the heck is the log server.

the tunnel server, as the name implies, is basically where the openvpn server is located. this server is also used to start the nepenthes service as the honeypot itself. any attack on the server will be recorded on the log server which also has a web interface to display all the logged information. below are the steps and notes to be considered while installing the tunnel server.

Step 1 : follow basic installation instructions here
Step 2 : install ARP module from instructions here
Step 3 : Configure server according to your system with this as a guide
Step 4 : Install Nepenthes according to your system by following instructions here


- key generation during arp module installation may take some time.
- tunnel server .deb package does not include nepenthes.
- edit apache2's ports.conf to specify ip and ports that the server listens for connections
- make sure nepenthes.conf listens to so that the system's sensor will have same open ports as the tunnel server (nepenthes open port)
- restart apache after configurations

Sunday, September 13, 2009

sudo: unable to resolve host

faced this problem after changing computer's hostname

solution (taken from here) :

sudo vim /etc/hosts

change your old hostname to new hostname


just a simple solution from a beginner +_+

Monday, September 7, 2009

surfnet IDS installation - Log server (simplified install guide)

Surfnet IDS is kinda like a honeypot system. after trying around the system for the past month, I think that the first ever step towards building the system is to start off with its logserver (based on my experience with a fresh install ubuntu server)

installation guide for the system are provided at surfnet's website.

during installation of the log server, I always face the same problem where the installation fails to connect to PostgreSQL database server. this probably is the result of some bad default configuration files.

after doing some searching, i have found a PostgreSQL installation guide which allows connection to be made to the sql server here.

just follow instructions provided while installing the log server and you should be able to connect to your sql server and finish the installation.

good luck :)

Thursday, September 3, 2009


well..dats what most of the blogs on the net are about
though it is interesting to read about how other people are doing
the topic can appear to bore people at some point


...well, hopefully you get the idea

talking about urself only gives u the perception from your own view only
soon enough, u wont care at all on what others may think

though its good to live ur life ur way, the world is not meant to be lived alone

once in a while, as my friend said, stop by, take a breath, feel the breeze :)
take a look around, and i would like to quote Incubus' lyrics

"experience the warmth before you go" - Incubus, The Warmth (nice song with nice lyrics btw)

p/s : do be open minded and not think of this post towards blogging only :)
disclaimer : this post is just another rambling on life and is not meant for any specific person ;p

Tuesday, September 1, 2009

another tip +_+

i've always gotten this error when fresh installing an ubuntu server

sudo:timestamp too far in the future


sudo -K

well, works for me every time :)

(taken from ubuntu forums)