A. Firewall Definition
Currently, the use of computer networks, both from the Local Area Network (LAN) to the internet, not an unusual thing anymore. Almost all business sectors and all information has been used and can be accessed via computer networks. In these conditions, the security of a network is important. One alternative to improve the security of computer networks is to use a method called network security with a Firewall. "A firewall is a way or mechanism that applies both to hardware, software, or systems with the aim to protect." (Anjik Sukmaaji & Rianto, 2008:187)
Protection can be done by filtering, limiting, or even reject one or all relations / activities of a segment on a private network with external networks that are not in scope. These segments can be a workstation, server, router, or local area network (LAN).
Firewalls can be hardware and software solution that restricts access between the internal network (network to be protected) to an external network (Internet) or vice versa.
In addition to the basic understanding about the Firewall, appear yag terms relating to the use of Firewalls, among others:
1. Host
A computer system that is connected to a network.
2. Bastion Host
The computer system should have a level of security / safety are high because these systems are very prone to attacks by hackers and crackers, because these machines are usually exposed to the outside network (Internet) and is the main point of contact of the user from the internal network.
3. Packet Filtering
Action of a selective devices to regulate the flow of data across a network. Packet filters can block or allow a packet of data across the network in accordance with the policy of the data flow is used (security policy).
4. Perimeter Network
An additional network located between a protected network with external networks, to provide an additional layer of a security system. Perimeter network is also often called a DMZ (De-Millitarized Zone).
B. Firewall Function
Firewalls have a main function is to maintain (Prevent) to access (inside or outside) of the person who is not authorized (unauthorized access) can not be done. However Firewall also has several other functions, among others:
1. To prevent a particular data stream. Every incoming or outgoing packets will be checked, whether or not such data in accordance with the criteria that exist on the safety standards defined in the firewall.
2. Firewall as a barrier to the outer segment. The firewall serves to protect by filtering, limiting, or even reject any or all relations / activities of a segment on a private network with external networks that are not in scope. These segments can be a workstation, server, router, or local area network (LAN).
3. Firewall to prevent viruses and other threats into the network. Firewalls prevent efforts Trojan horses, viruses, phishin, spyware to enter the destination system by preventing the relationship from the outside, except those earmarked for specific computers and ports.
4. The firewall will filter down and to audit the traffic that crosses the border between outside and within the network. Firewall is the focus of all decisions securities. This is because the firewall is a single point of exit point of the Internet traffic on a network.
C. Method or How Firewalls Work
Some of the methods used firewalls, among others:
1. Service control (control of the service)
Based on the types of services used and can be accessed either for inside or outside the firewall. The firewall will check the IP address numbers and also the port number used in both TCP and UPD, can even be equipped with software for proxy which will receive and translate every demand for a service prior permission.
2. Direction control (control of direction)
Under the direction of the various requests (request) to the services that will be recognized and allowed to pass through the firewall.
3. User control (control of the user)
Based on the user to be able to run a service, meaning there are users who can and who can not run a service. This is because users are not permitted to pass through the firewall.
4. Behavior control (control over their treatment)
Based on how benyak service that has been used. For example, firewalls can filter e-mail to overcome or prevent spam.
Firewall secures your computer or our internal computer network with a variety of ways, including:
1. Traffic that comes close (incoming network traffic) based on source or destination of such traffic, by blocking incoming unsolicited network traffic is the most common features provided by the firewall.
2. Closing the outgoing traffic (outgoing network traffic) based on source or destination of traffic. Firewalls can also filter out traffic from internal networks to the Internet, for example when we want to prevent users from accessing porn sites.
3. Closing the traffic based on content. More sophisticated firewalls can monitor traffic from content that is not desirable, such as integrated antivirus firewalls in which he can prevent the files infected by the virus into the computer or internal computer network that we have.
4. Report the traffic on the network and firewall activities. When monitoring the network traffic to and from the Internet, which is also important to know is what is done by the firewall, who tried to break into the internal network and who is trying to access information that is not worthy of the Internet.
D. Tool Used
Name of software: Sunbelt Personal Firewall 4.6.1861
Requirements: Windows 2000 / XP / Vista
Languages: en-US
License: Non-Commercial Freeware
Author: Sunbelt Software
www.sunbelt-software.com
Windows firewall (either XP or Vista) still have a poor level of security. This is what gives a false sense of security, because the windows firewall only filters incoming traffic. That means if malware has been working with the PC, then it can send all the personal info they have. Sunbelt Personal Firewall will filter traffic in and out and will keep it from hackers as well as personal data that we have. In addition, this software working with the VIPRE antivirus and antispyware.
REFERENCES
Anjik Sukmaaji & Rianto. 2008. COMPUTER NETWORKS. Yogyakarta: Andi Yogyakarta.
Nurcahyono, Nugroho. 2007. Information and Communication Technology for high school class XII. London: SMA Negeri 1 Sewon.
http://www.ilmukomputer.org/wp-content/uploads/2008/04/sriwijaya-firewall.doc
http://ilmukomputer.org/2009/02/28/penggunaan-firewall-untuk-menjaga-keamanan-sistem-jaringan-komputer/
http://www.filehippo.com/firewal/
Muammar, Ahmad. 2004. Firewall. Public Lecture IlmuKomputer.com
Agus Aan Soul P. 2009. Use of Firewalls to Maintain Computer Network Systems Security. Public Lecture IlmuKomputer.com
http://ilmukomputer.org/2009/02/28/penggunaan-firewall-untuk-menjaga-keamanan-sistem-jaringan-komputer/
Selengkapnya...
Firewall
Folder Lock 6.5.8
Hacker tools that will be discussed is Folder Lock 6.5.8 is used to lock the folder that we have, this tool can be downloaded at http://www.xxxsoft.net/Soft/Soft_5021.htm
Folder Lock is an application used to lock the folder that we have, in this lock folder we can create a cabinet lock used to lock the folders secret and not easily opened by anyone because after the lock folders invisible. The security lock on the folder using a password-protect, we can hide and encrypt document, folder, files, images, drive as you wish. The files that we have to protect / lock can not be akes by anyone. Folder lock made by way of lockable storage in the Lockers, we can store personal files in these lockers. Folder lock folder does not show us any more if the folder is locked (lock) and can be seen again after it is opened (unlocked). Lockers can be made with as much as we want with a different password. But be careful if you forget the password.
Folder Lock 6.5.8 is supported on Windows 7.0, Vista, XP and 2000 (according to the blog that I read), because I install it on Windows Vista, and can be used well.
The way it works is:
First we install locknya folder first, then we create a locker (closet to store the files that we will lock (hide) to select the create new locker, Select New to create a locker, or if open select Open. We can make a locker as you wish (like how many, a locker capacity 19.9Mb) then browse the file location to create lockernya. Then browse for example made in D: \ yani, fill namenya file, eg file namenya "yani" and its type FLK files, select the save. Then set new password , enter the password we want ****** select ok, then confirm the password is input a password that had, to ensure that the passwords are correct. Locker is ready to use for storing files / folders we are personally. The trick is to Select the lock , then add folders and files, on the left there will be options for files / folders that we have, then drag to live in places that have been provided (to the right). Then select the lock now. And we can check the results, that the folder was been hidden by the locker, and not seen again in the same spot. To see him come back, we could open (unlocked) back by selecting the unlock, so it is now a personal folders can be stored safely.
References:
1. http://www.xxxsoft.net/Soft/Soft_5021.htm
2. http://download.cnet.com/Folder-Lock/3000-2092_4-10063343.html
3. http://www.newsoftwares.net/folderlock/
Selengkapnya...
Nessus Remote Security Scanning
Nessus Remote Security Scanning
a. Software name and URL address
This software can be downloaded at http://www.tenable.com/products/nessus or in www.nessus.org
b. Functions of Nessus software
Nessus is the scanning software, which can be used to audit the security of a system, such as vulnerability, misconfiguration (eg open mail relay, missing patches, etc.), security patches that have not been applied, the default password, and denial of service.
Nessus is also used to detect potential vulnerabilities on the system tested. For example: vulnerabilities that allow remote cracker to control or access sensitive data on a system; the default password, a few common passwords, and password is blank / not present on some system accounts. Nessus can also contact the Hydra (an external tool) to launch dictionary attacks: denial of service against TCP / IP stack using the package.
c. Specification of hardware or network
Nessus can be used and supported by many types of operating systems and platforms:
1) Debian 5 (i386 and x86-64)
2) Fedora Core 12, 13 and 14 (i386 and x86-64)
3) FreeBSD 8 (i386 and x86-64)
4) Mac OS X 10.4, 10.5 and 10.6 (i386, x86-64, ppc)
5) Red Hat ES 4 / CentOS 4 (i386)
6) Red Hat ES 5 / CentOS 5 / Oracle Linux 5 (i386 and x86-64)
7) Red Hat ES 6 (i386 and x86-64)
8) Solaris 10 (sparc)
9) SuSE 9.3 (i386)
10) SuSE 10.0 (i386 and x86-64)
11) Ubuntu 8.04, 9.10, 10:04 and 10:10 (i386 and x86-64)
12) Windows XP, Server 2003, Server 2008, Server 2008 R2, Vista and 7 (i386 and x86-64)
d. Steps of use:
Instalas done in Windows XP. click the file with the extension. exe and let all processes run automatically. Now who do the installation on Ubuntu.
1) First, find the program that will be installed using apt-cache command:
root @ Gimli: / home / hatred # apt-cache search nessus
libnasl-dev - Nessus Attack Scripting Language, static libraries and headers
libnasl2 - Nessus Attack Scripting Language, shared library
libnessus-dev - Nessus static libraries and headers
libnessus2 - Nessus shared libraries
nessus - Remote network security auditor, the client
nessus-dev - Nessus development header files
nessus-plugins - Nessus plugins
nessusd - Remote network security auditor, the server
Harden-remoteaudit - Audit your remote systems from this host
2) Once the list of installed programs to be displayed, and then install:
root @ Gimli: / home / hatred # apt-get install nessus nessus-dev nessusd nessus-plugins
3) After that, create a username and password to login to the Nessus server as the following:
root @ Gimli: / home / hatred # nessus-adduser
Using / var / tmp as a temporary file holder
Add a new user nessusd
----------------------
Login: godril
Authentication (pass / cert) [pass]: pass
Login password:
Login password (again):
User rules
------------------------
nessusd the which has a rules system allows you to restrict the hosts That godril has the right to test. For instance, you may want him to be Able to scan his own host only. Please see the nessus-adduser (8) man page for the rules syntax. Enter the rules for this user, and hit ctrl-D once you are done: (the user can have an empty rules set)
Login: godril
Password: ***********
DN:
Rules:
Is that ok? (Y / n) [y] y
user added.
root @ Gimli: / home / hatred #
4) After that do the registration to the Nessus website. Registration form at http://www.nessus.org/register/. Quite easy, then the point will be sent a registration code to the email that we list on the form. Register aims to be able to download new plugins from the Nessus. Nessus itself has two subscription methods to get these plugins. The first method is by paying membership (Direct Feed). With this membership we will gain fresh plugins. While the free membership (Delayed Feed), is a free membership, which will get the plugin after 7 days issued to the membership plugin Direct Feed.
5) After completing the registration, will mendapatakan activation code via email. Example part of the contents of his email is like this:
Nessus Registration
show details 1:09 pm (2 hours ago)
Your activation code for the Nessus plugin feed is C60A-8900-28DD-F5D3-6FBB
Here C60A-8900-28DD-F5D3-6FBB is an activation code. Then run the following command in the console shell:
root @ Gimli: / home / hatred # nessus-fetch - register C60A-8900-28DD-F5D3-6FBB
Your activation code has been registered properly - thank you. Now fetching the newest plugin set from plugins.nessus.org. Your Nessus installation is now up-to-date. Make sure to call regularly use the command 'nessus-update-plugins' to stay up to date. To automate the update process, please visit root @ Gimli: / home / hatred #
6) Done.
To update your plugin, run the command nessus-update-plugins. As for running a Nessus client, at the shell prompt type:
shell> nessus &
and the screen will appear Nessus GUI client as below:
References:
1. http://en.wikipedia.org/wiki/Nessus_ 28software% 29%
2. http://www.tenable.com/products/nessus
3. http://www.nessus.org/sites/drupal.dmz.tenablesecurity.com/files/uploads/documents/nessus_4.4_installation_guide.pdf
4. http://orangescat.wordpress.com/2009/03/31/nessus-security-scanner/
5. http://www.otakudang.org/index.php?/archives/65-Instalasi-Nessus-Di-Ubuntu-Ramadhan-Day-8.html
Pirates Of The Silicon Valley
The first scheme entrepreneurship Jobs and Woz is the development and sale of "Blue Boxes", one of the phones that allow people to call anywhere for free. After nearly getting Woz ruin and decided to try to build a "computer". They have their first taste of fame when reporters took their pictures when the "computer" they burn. Bill Gates initially only as a simple figure. The story began when he became a student at Harvard who is more interested in poker than college.
In 1976 Berkley campus, the Homebrew Computer Club, Jobs and Woz reveal their latest computers. They expressed a desire for Steve Jobs to annihilate the "enemy", IBM.
In Albuquerque, 1976, Bill and Paul have been stopped from Harvard and Bill talk with the computer company MITS (Altair maker) who gave their signing bonuses and royalties to double their BASIC programming language, with it, Microsoft was born.
To his surprise on Computer exhibition 1977 in San Francisco is that Apple Computers Inc. was the star exhibit. Drawn by the belief that "there may be something that happened in California," was attended by Bill Gates and Paul Allen, in which Apple and Microsoft had first met, Steve Jobs and Bill Gates completely ignored. Jobs are too enamored with sudden fame, and described the experience as "insanely great", the words used to describe himself and his life repeatedly.
After the exhibition Computer, Apple II sales brought to the attention of Apple Computers, the expansion of money and success can only be predicted by Jobs.
The logic of Bill Gates against his obsession, after he brought Steve Ballmer, an old friend at Harvard, came out to California. He took Microsoft to get into business with IBM. He convinced IBM executives that they need what he has, the operating system, then he told the executives that Microsoft will only IBM's licensed software, allowing Microsoft to maintain possession and get a license. Surprisingly, Microsoft did not even have an operating system at the time, and even more amazing, many executives agree.
For the second time to see you again, Bill Gates, to bring his team to the headquarters of Apple, and here that the clashes between the obsession with the enemy. Steve Jobs defend the superiority of Apple because Microsoft has no originality and culture, and his men echoed his line (better to be a rebel rather than be part of the formation). Bill then tries to convince Steve that Apple is economically vulnerable and that "Apple needs them, because Apple can not match the diversity of Microsoft." Microsoft is running out with Apple Macintosh systems like Apple has walked out with the Xerox system.
More cracks occur in the management strategy Steve Jobs caused a greater rift. To fuel the internal competitiveness of Apple employees he manipulated the devil "All of Apple's Mac vs. other platforms, who is better" competition. Strains 90 + hours of work per week, and day-to-day programming of sleep causes many people to rebel against Jobs verbal abuse, even to persecute him in one scene. At that Woz had had enough. Disturbed by the manipulation of Jobs, he left the company he founded, and chose to teach computers to school children. However, Jobs felt he was right and unstoppable, regardless of the pressures which he gave to everyone, employees loved him for it, and he rewarded them for their loyalty.
At this point Microsoft is trying desperately to rough with the Windows operating system from Macintosh software is pirated.
it's just a resume of films that I can write. To know more about the movie Pirates of Silicon Valley, please watch the movie itself and will certainly be more exciting.
Selengkapnya...
PT Zahir Internasional
Fadil Fuad Basymeleh, a teknopreneur in the country who made the original Zahir word as a trademark product of innovation as well as the company name. Fadil is the founder of PT. International Zahir accounting software that creates a brand Zahir Accounting.
Zahir is taken from the name of accounting experts from Pakistan who lived in the 16th century and is the inventor of double-entry system of debits credits in accounting systems. This system which later became a reference in modern accounting that we know today. Indeed there are other historical records that the system was invented by an Italian mathematician, Luca Paciolo. But what is clear is the name of Ahmad Zahir was more interesting a teknopreneur from Indonesia to expand its business than the name of Luca Paciolo.
Zahir Accounting Ver. 1.0 was first made in 1996 and in 1997, started to develop version 2.0 and introduced to the market in 1999. Zahir Accounting has been used for more than 2000 companies both small and large companies with 6000's user in Indonesia, and the company recently awarded Teknopreneur Award 2008, an award for a successful company that produces innovation and success also brought innovation to the market so as to create growth good business for these companies.
Fadil one key to success in business is charity and love (mahabbah) in the elderly. His heart was easily moved by the difficulties the employee and those orphans and orphans. He did not hesitate to set aside part of their income to help the education of orphans and others in need, including medical expenses. ''People who are happy to give alms, will eventually returned seven-fold, 10 fold, even up to 700-fold. That is the promise of God. And that God's promises must be kept,''he said.
Fadil also very loving parents, especially her mother. For him, love is like a talisman in the elderly that can not be released. ''Love and devotion to parents can be a source of motivation as well as opening the door for her sustenance.
As an entrepreneur, Fadil also experienced ups and downs. He started his business since his college days at the ITB 1991. Initially he went into business settings and lay out. Until mid 1997, the business grew rapidly. But the economic crisis that hit Indonesia the second half of 1997 has been flung business. However, the crisis was also a turning point in his business.
When it Fadil think, to be able to get credit disbursement, usually a bank or lender requires a well-organized financial statements. From there Fadil fun making the accounting software can help take business decisions in quick time. The software was sold to someone else and in fact preferred. ''I've since switched to business software house. It was his 26 years of age.
According to him, there is no giving up in business terms. Success''was not the outcome, but in the process. Success that's how strongly we bounced back after a fall. Importantly, after the fall we have to get up again and always ask for help to Allah SWT. Our task is to strive and pray as hard power, while coupled with resignation to God
In addition to the uniqueness that they created the accounting software is not intended for accountants or financial experts but to the ranks of management or even the owner of the company so it can be used as a decision-making, I consider one of the key success of this one company's technology is the precision of target market segments . They target the major consumer markets of their products are SMEs (small and medium enterprises) that requires financial management in a neat and easy but have a limited budget.
General picture that appears on SMEs to date is traditionally run business since their financial condition does not allow investing in the use of assistive technology devices. But Zahir was brave against the flow of thought. All they do is create a quality product that can be tailored to the needs of each company so the price can simply appeal to SMEs.
Zahir Accounting is targeting low-income consumers, because if the people of Indonesia are grouped based on the amount of income and spending and then arranged in a pyramid, the pyramid with the lowest number is at most the number of people with low incomes and spending. People who were at the bottom of the pyramid (bottom of the pyramid) is somehow a potential market.
Just look at the success of prepaid cards in Indonesia that provides a nominal recharge pulse until well-known ribuah dollars. Or the phenomenon of his best-selling shampoo and detergent sachets are sold in packs of hundreds of silver here.
Noting the success of the players in the market menengan down, there are some similarities between them. The first is the products they offer to the market is really needed and significantly benefit their customers. The second is the pricing scheme is "friendly". Even though they will be more economical if buying in bulk, but consumers in this class will choose to buy in smaller units even if calculated on the total will be more expensive.
The size of the pyramid base in Indonesia is so huge, much larger than the above. The same thing also happened in other developing countries. Variety kebutuhannnya still very much including technology needs, such as cheap internet, cheap modems, cheap mobile phones, and others. This means space for teknopreneur Indonesia mastered this segment is still very large.
Zahir Accounting, financial accounting is an Indonesian-language program, flexible, well-equipped and high-efficient, which is designed to be appropriate to the needs of small and medium enterprises in Indonesia.Berbasis Windows 98/2000/NT/XP/Vista.
This application was built with the concept that financial accounting is easy and the use of financial accounting applications is a pleasant experience, even by users who are just starting to learn computers and accounting.
Most of the input transactions performed by users using a form that is easily understood and is often encountered in everyday life, so users need not fear either in entering the transaction, need not be confused where the debit and credit which, in the automatic program will do it.
References:
http://www.zahirmerdeka.com/tentang-zahir.html
http://www.zahiraccounting.com/id/modules/news2/article.php?storyid=98
http://www.zahiraccounting.com/id/modules/tinycontent/index.php?id=2
http://republika.co.id:8080/berita/17052/Fadil_Fuad_Basymeleh_Selalu_Ada_Jalan_Keluar
Selengkapnya...
Wireshark
Wireshark
a. Nama software dan alamat URL
Software Wireshark bisa di download di http://www.filehippo.com/search?q=wireshark atau di http://www.wireshark.org
b. Fungsi dari software wireshark
Wireshark digunakan untuk troubleshooting jaringan, analisis, perangkat lunak dan pengembangan protokol komunikasi, dan pendidikan. Wireshark banyak digunakan oleh network admin untuk menganalisa kinerja jaringannya. Wireshark mampu menangkap data/informasi yang melewati suatu jaringan yang kita amati. Dengan kata lain wireshark digunakan untuk mengetahui kejadian yang terjadi pada saat kita melakukan interaksi dengan internet. Dengan wireshark dapat dilihat proses pengiriman data dari komputer ke web yang dituju. Semua jenis paket informasi dalam berbagai format protokol pun akan dengan mudah ditangkap dan dianalisa. Karenanya tak jarang tool ini juga dapat dipakai untuk sniffing (memperoleh informasi penting spt password email atau account lain) dengan menangkap paket-paket yang lalu lalang di dalam jaringan dan menganalisanya.
c. Spec hardware atau jaringan :
Wireshark dapat berjalan pada berbagai sistem operasi mirip Unix termasuk Linux, Mac OS X, BSD, dan Solaris, dan Microsoft Windows (Windows XP64 / Vista64 / Windows7 64).
Data dapat dibaca dari sejumlah jenis jaringan, termasuk Ethernet, IEEE 802.11, PPP, dan loopback.
d. Langkah-langkah penggunaan :
Buka halaman web yag akan kita jadikan target sniffing. Isikan Username dan Password tapi jangan LOGIN dulu. Kemudian buka program wireshark.
Masuk ke capture-option. Muncul tampilan window Capture Interfaces. Pilih Ethernet yang terpakai/tersambung dalam target. Pilih salah satu interface yang akan digunakan untuk meng-capture packet. Pastikan capture packet in promecious dalam keadaan ON. Aktifkan kolom File – Capture file(s) jika ingin menyimpan record yang tercapture.
Klik start untuk memulai me-record data yang masuk. Sebelumnya LOGIN dahulu pada halaman web yang tadi telah diisikan username dan password. Maka akan ada paket data yang ter-record. Setelah yakin telah ada password yang masuk, klik stop. Pada kolom filter ketikkan http. Biasanya pada login packet terdapat kata-kata “login”. Klik kanan pada packet tersebut, pilih follow TCP stream.
Dari situ kita bisa melihat username dan password yang kita inputkan tadi.
Referensi :
1. http://en.wikipedia.org/wiki/Wireshark
2. http://www.filehippo.com/search?q=wireshark
Selengkapnya...
Katalog Bross Flannel Bulan April 2011
Mohon maaf buat temen-temen yang udah sering nanya katalog bros yang terbaru.. Baru sempat saya upload sekarang. Silahkan untuk mengunduh di sini
terima kasih... mohon kritik dan sarannya
Selengkapnya...