Thursday, June 29, 2006, posted by boxsystem
For the past recent years, ppl at Intel has make fun on themselves when they developed Pentium 4. Why? I can't really prove much but AMD has brought in products that trashed Pentium 4, Pentium D or Pentium EE. As a fanboy of Intel, I was upset of it and gave a thought on switching over to AMD processors which are quite popular and dominates the gamers and markets today. Some of the products are Athlon FX series, Athlon X2 series and others.
Not until a few days ago when I stumbled upon a few forums discussing on Intel's newest product to be launched, namely Conroe or Core Duo. Hardly believing on the points that are being discussed, I started to look for some articles regarding to it over the web. Surprisingly, as being claimed by most of the forumers, Core Duo(Conroe) is the latest product by Intel that has been benchmarked by most of the tech reviewers. The results are tremendous, even comparing to the most powerful processor, FX series. They claimed that Conroe produces 20% more performance than a FX60. I couldn't believe my eyes when I read that. I browsed even more through the net and found some pictures for proofs. I can't really say whether they are solid or not, but it does gave me a new hope on Intel. Intel has already launched the roadmap for Conroe and said it will be released to the consumers around July or September.
Conroe is based on a dual core architecture and believed was altered from Yonah(another codename for Intel chips). Yonah as being claimed, was on par with FX when it is running on the same speed. Anyway from the benchmarks, Conroe beat FX in most popular games such as Half-Life 2, F.E.A.R, Unreal Tournament and etc. When being compared on media encoding, Conroe finishes faster by an impressive margin.
Systems involved in benchmarking :
The Conroe system was based on an Intel "BadAxe" 975X motherboard modified to supply less voltage. This box had 1GB of DDR2 667MHz memory set at 4-4-4 timings. The graphics setup consisted of a Radeon X1900 XTX and a Radeon X1900 XT CrossFire Edition running together in dual-GPU mode. (We checked around back, and the CrossFire dongle was there as expected.) The Conroe processor itself was running at 2.66GHz. Here's a look at the system properties page. You can see that the system was running Windows XP SP2.
Intel configured a competing AMD-based system for comparison that they said was intended to approximate, as much as possible, where Athlon 64 performance may be by the time Conroe hits the market. To that end, the Athlon 64 FX-60 processor was overclocked to 2.8GHz, and the system's 1GB of DDR400 RAM was set to 2-2-2 timings with a 1T command rate. The same Radeon X1900 CrossFire graphics subsystem was in the AMD box, along with a DFI LANParty RDX200 motherboard based on the Radeon Xpress 200 CrossFire Edition chipset.
p/s: I've been looking for a topic to post and discuss for awhile now. Thanks to the mods for inviting me over to join fakap! I think this one would be interesting enough? I must admit I am a fanboy of Intel, yet I am not so biased to ignore others views or reasonable thoughts. Do correct me if I'm wrong though. Sorry coz couldn't provide any pictures, as we know hotlinking is illegal and is just plain wrong.
Sunday, June 25, 2006, posted by kakisembang
Cuba korang baca kenyataan mamat yang run service web hosting kat
http://hos-melayu.com, apa pengalaman baru yang korang dapat?
hos-melayu
post Dec 27 2004, 03:12 AM
Nak ke unlimited bandwidth ? Aku ada. Server Apache, OS Unix, support MySql, Perl, Cgi dan apa-apa yang ada pada CPanel 9.9. Disertakan dengan 61 skrip PHP free. Sekali tekan je, dia install automatik. Tak perlu Fantastico sebab Fantastico tu hanya gimik sedangkan fungsi dia tetap sama. Sebelum ada yang nak buat tuduhan kononnya unlimited bandwidth tu takda, AWAK SILAP BESAR ataupun tak reti pasal bandwidth. Sila pegi ke The Planet. Dia orang punya server ada yang unlimited bandwidth dengan kelajuan 10mbps. Karan diaorang pakai generator sendiri jadi boleh bagi unlimited bandwidth. Aku punya hosting, host kat The Planet dengan unlimited bandwidth. Pakai server USA sebab setiap kali orang diseluruh dunia buat connection, talian akan disambung terus ke USA melalui ISP. Surfer boleh surf dengan cepat lagi kalau server kat USA.
Yang takda ialah unlimited space sebab setiap harddisk ada hadnya. Unlimited dan unmetered bandwidth adalah dua perkara yang berlainan maksud.
Dipetik dari,
Forum Ittutor - Web hosting
Saturday, June 24, 2006, posted by kakisembang
After much hype from Microsoft, we still haven't heard much about
WinFS (Windows Future Storage) to be included with it's upcoming operating system, Windows Vista.
Shortly after that, despite all the hype, Microsoft announced that WinFS won't make it into Windows Vista, but will be available as a separate product.
Now, Microsoft make yet another move to
by dissolving the WinFS project into their various other data access products (SQL Server and ADO.NET), degrading WinFS role considerably from its original intended role.
Yeah, WinFS is indeed just another
vaporware.
Friday, June 23, 2006, posted by ~ayoi~
Sorry it's lil bit personal but ..
The most precious gift I ever received. It really touches my heart..
well today i've received a mail regarding the 9/11 incident which occured a in 2001 and a after a few years (nearly 5years) this conspiracy suddenly came out.
it's was told that the incident which happen was actually plan before yet to put the blame on ISLAM.After a reading throught the fowarded email and website, i decided that this might be a usefull information to share regarding those FUCKING JEWS!
Other Related Links
911 BloggerDownload Docwell this makes me remember the song "Wake Up" by "Rage Against The Machine"
Quote :
" The networks at work, keepin' people calm
Ya know they murdered X
And tried to blame it on Islam
He turned the power to the have-nots
And then came the shot "
Yeah...people keep blaming ISLAM on terrorist kind of stuff why?
Thursday, June 22, 2006, posted by encik tapa
KUALA LUMPUR: It wouldn’t surprise anyone who drives, parks, shops or uses public transport here, but Malaysia’s capital city has emerged the third-worst in the world for sheer rudeness.
Only Bucharest and Mumbai are worse when it comes to common courtesy, a Reader’s Digest survey of 35 of the world’s capitals has found.
Asian cities generally fared poorly in these rankings, eight of nine of them in the bottom 11, raising the notion that what is considered courtesy in the West — holding doors, helping strangers, service with a smile — is culturally alien in Asia.
The Times of London reported that Reader’s Digest magazine sent reporters into the principal city of each of the 35 countries in which it publishes to conduct a survey of local politeness. Three tests were employed: Dropping papers in a busy street to see if anyone would help; checking how often shop assistants said "thank you"; and counting how often someone held a door open.
London and Paris came a disappointing joint 15th, beaten by such cities as Berlin, Warsaw, Madrid and Prague. New York came top in the survey, with a score of 80 per cent, compared with 57 per cent for London and Paris.
Ed Koch, a former mayor of the city, said: "Since 9/11, New Yorkers are more caring. They understand the shortness of life."
The rudest city in the world, according to the survey, is Mumbai, which is even ruder than Bucharest, judged the rudest city in Europe, where door-holding, paper-picking and thanking the retail customer are not part of the culture. The Romanians are, the results show, much surlier than even the French.
Citizens of Zagreb, in Croatia, are the most willing to help you to pick up a pile of papers; one man insisted on helping despite arthritis and a bad back. The shop assistants of Stockholm are the most polite, unfailingly thanking customers for making a purchase.
In São Paulo, Brazil, even the criminals are civil; the researchers were attempting to buy sunglasses in an illegal market when the police arrived; the stallholder said "thank you" as he fled.
Moscow, meanwhile, is a very rude place indeed, with a score of only 42 per cent.
One woman, refusing to hold a door open, sneered to a Reader’s Digest researcher: "I’m not a doorman; it’s not my job to hold doors. If someone gets hurt, they should be quicker."
Courtesy is not big in Asia, either. Every city on that continent tested, with the exception of Hong Kong, finished in the bottom 10.
None of the three tests scored more than 40 per cent in any Asian city.
Overall, the tests found that the under-40s were the most courteous, and the over-60s, particularly the men, the least. Some claimed that they were concerned about patronising modern independent females, and were particularly unwilling to hold a door open for a woman. Grumpy old men are clearly not a purely British phenomenon.
Katherine Walker, editor in chief of the Digest’s British edition, said: "This was the world’s biggest real-life test of common courtesy; our researchers conducted more than 2,000 separate tests."
Analysis of the results suggest that the worldwide level of politeness stands at 55 per cent. If common courtesy is the oil that keeps society running, Reader’s Digest concludes, some cities could do with a top-up.
Do you consider yourself rude ? i am. wtfakapukiesialancibai :D
It's a local product, developed by my school mate, Mr Azril Azam, currently working at MIMOS Cyberspace Crime Science Lab . To quote him
"FIRST = Forensic Investigation & Recovery System
OK, FIRST ni bukan Encase (http://www.guidancesoftware.com).
Encase is just an expert software while FIRST will be expert
software + Linux Distribution (mcm RedHat) + Distro (Helix,
Knoppix, Fire) + Open Source Solution.
Lebih tepat FIRST current version is mcm other Linux Distro for
Forensics mcm Fire and Helix.
Beza dia ialah, Fire + Helix, is just a software rebundle
running on Linux either gentoo or Knoppix distribution.
Unlike FIRST, aku built up the kernel 100%. Infact the kernel
itself aku dah modified for fast bootup + memory efficient.
Scripting pun aku tukar. Add certain libraries for direct comm
between Apps + Kernel + Hardware.
Current FIRST version, aku bundle semua security OSS software yg
ada. In addition to that, aku ade letak FIRST DiskImager. Yg ni
developed 100% by aku la. Soon, Banyak lagi akan ditambah
termasuk la FIRST Window Manager. Sekarang aku tibai guna IceWM.
Hopefully by next year, aku akan announced FIRST Mobile Phone
Forensics."
Well to learn or know more about it just proceed to my
blog here.
Wednesday, June 21, 2006, posted by ~ayoi~
I have to admit, long before I owned my car, I always dreaming of owning an easy rider bikes. I'm fascinated by the sleek design of these motorbikes esp ones that have "
Harley Davidson" stamped on its oil tank. Nowadays eventho the passion of owning these bikes faded with times, I'm still keen on riding them (but poor me, I didnt have any bikes license).
(This bike is build based on Discovery Channel Theme)
Anyhow thanks to the
Discovery Channel, they have this show called
The American Chopper. This show is more on the process of building bikes (customary bike building) from fabrication process till the end product. It's nice to see how these ppl sweat over the machine in order to meet their dateline and to fulfil their customers requirement. Sometimes they build bikes for special occasion whether for corporate or personal. And of coz this program is about the Orange County Chopper or better known as OCC. Their collection of bikes is amazing and astonishing. (for me la). Well just visit the
official OCC Website and see it yourselves.
This is the collection of Malay ghosts information gathered from the internet. The author shall not be held responsible if you get nightmares when your try to imagine how horrible (although one or two have funny names) these ghosts look like.
Starting from the most popular one,
Pontianak
Malay Female Vampire probably related to the Evil Change Of A Woman who died together with her child during Child LAbour. With the aid of its companion spirit the pelesit it causes illness and insanity.
Polong
A tiny woman like creature approximately one inch tall. With the aid of its companion spirit the pelesit it causes illness and insanity. With the aid of its companion spirit the pelesit it causes illness and insanity.
Pelesit
It appears as a house cricket. It enters the body of the victim (usually to prepare the way for the polong) and causes illness and/or madness.
Penanggalan
She may be either a woman who died in childbirth or a woman who is surprised by a man as she performs a religious penance. When in flight she is only a head with trailing intestines, which glow in the dark. She can also rejoin the head to the rest of her body and appear normal. The penangglan can fly, and the fluid which drips from her intestines causes sores in human beings.
Langsuir Liar
After forty days a woman may become a langsuir is she died in childbirth or if she died from the shock of hearing her child was stillborn. She appears as a very beautiful woman with long nails, green robes, and ankle length black hair. This hair conceals a hole in the back of her neck. She can also appear as a night owl. The langsuir has the ability to fly and also has a powerful wail called a ngilai.
Toyol
This is a spirit which is kept in a jar with a foetus and some special liquid to preserve it. The toyol is kept by people to do their bidding, but the price for keeping it is you HAVE to feed it your own blood EVERYDAY.
Kum Kum
The Kum Kum is an old witch who attacks young virgins in her attempt to regain her youth and beauty. According to legend, she got her name as she cannot say the whole Malay greeting and can only say these 2 syllables.
Hantu Tetek
Loosely translated from Malay, Hantu Tetek means 'Ghost Breast'. This ghost is female and has huge breasts, which she is said to use to suffocate her victims.
Orang Minyak
There are several version of the orang minyak (literally means 'oily man'). According to history, Satan offered to help and grant worldly desires if the "orang minyak" raped 21 girls within seven days and worship Satan as a God. During the 1960s, the orang minyak existed around several towns of Malaysia raping young women. They covered their nude body with oil so that it would be difficult for anyone to catch them
Pocong/Hantu Bungkus
The hantu bungkus, also known by many as pocong. It is usually found in villages wandering around and jumping off as though in search of something. Its jumps can range from 50 meter per jumps or at most 100 meter or more. The hantu bungkus got its name from its physical appearance. Its body is wrapped with 'kain kapan' (a cloth made for wrapping the dead in Malay culture) and its face could not be seen.
Hantu Tinggi
Hantu tinggi or in English means the Tall Ghosts. Usually this type of ghost is not so tall when one encounters it. It only increase in height after somebody approaches it. Soon after, it will increase it height little by little until a person can barely look up to measure its height.
Hantu lilin
Hantu Lilin means the candle ghost. It carries a candle around to wherever it goes. Why? Nobody knows. Hantu Lilin first made quite a stir on the newspaper somewhere back in the early 90's when a group of youngster was taking picture by the sea at early dusk. The ghost's form appeared on the picture that was getting developed as a very old and ugly lady holding a candle.
Hantu Raya
The hantu raya is a shape shifting ghost. Usually, this ghost doesn't use its natural ability. This is a ghost with a master (owner) and its purpose is to give its master wealth and richess. The master is responsible for taking care of the ghost until his death.
Penunggu
The penunggu is also known by people of the west as the poltergeist. It is an evil spirit or more specifically a restless spirit that dwells an area or place. The type of area that is considered a 'keras' or haunted area is usually and old burial ground, a brutal crime spot or even a house of a person that practices black magic.
Mambang Kuning
Mambang Kuning or known as the Yellow Spirits, dwell during sunset. At this time, they are at their peak and most mischevious. For a bomoh ( a witchman ) to summon them to do their bidding, their power must be at least as strong as the Mambang Kunings or more than that.
Sundelbolong
This ghost goes after young men ( those of you handsome ones watch out! ). It takes form of a beautiful lady and if it manages to tackle you, she will show you her very smelly butt with an '0' hole shape instead of the normal one ( you know )
.
Buaya Puteh (White Crocodile Spirit)
Buaya puteh is believe to the the siamese twin of a human being. According to the legend, a baby girl was born together with a baby of a white crocodile in 1954 in a village. The whole village was shocked! But it was no surprise for the mother cause she herself practice bomoh magic. She care and love the baby girl and crocodile every single day without fail but when the goverment wanted to repossed the land they are living on, she had to let the crocodile free into the sea. Before doing that, the crocodile came as a human in her twin sister dream and warn her to feed her on every full moon on a thursday nite. She wanted live white chicken to be slaugther on the beach. If she fail to do so, the crocodile will claim a victim from the nearby beaches(sembawang park).
Tuesday, June 20, 2006, posted by kei
Saya orang bandar yang moden dan dungu bila
saya berjumpa dengan rakan-rakan sebangsa
dengan saya dan kami berbual-bual dalam bahasa
melayu sambil diselang-selikan bahasa inggeris.
saya orang bandar yang moden dan dungu bila
orang bertanya bagaimana keadaan saya ketika
saya lapang dengan ayat-yang mengandungi
perkataam 'buhsan', 'borink', dan seumpamanya.
saya orang bandar yang moden dan dungu bila
saya terlalu sibuk memikirkan apa yang ingin saya
tampilkan dalam profil friendster saya.
saya orang bandar yang moden dan dungu bila
saya menidakkan baka melayu yang ada pada diri
saya dengan mewarnakan rambut selain daripada
warna hitam.
saya orang bandar yang moden dan dungu bila
saya terlalu sibuk memikirkan pakaian jenis apa
yang saya patut kenakan supaya kelihatan bergaya
saya orang bandar yang moden dan dungu bila
saya dalam senarai makanan kegemaran saya
yang ada hanyalah nama-nama rangkaian restoran
makanan segera yang datangnya dari barat.
saya orang bandar yang moden dan dungu bila
saya membelanjakan ribuan ringgit hanya untuk
memiliki sebuah alat yang bernama telefon bimbit
yang acapkalinya lebih berfungsi sebagai
pelengkap gaya daripada sebuah telefon.
saya orang bandar yang moden dan dungu bila
saya merasakan muzik sesuatu yang amat saya
dambakan dalam kehidupan ini dan saya berasa
tidak berguna apabila ia tiada.
saya orang bandar yang moden dan dungu apabila
perbualan saya bersama rakan-rakan saya
biasanya berkisar tentang awek, filem terbaru di
pawagam, telefon bimbit, dan apa-apa saja selagi
ianya hip.
saya orang bandar yang moden dan dungu bila
hari lahir saya merupakan suatu kemestian untuk
disambut baik dengan parti, kek ataupun ucapan-
ucapan selamat walhal saya sendiri tahu satu-
satunya pencapaian terbesar pada hari tersebut
ialah bumi telah berjaya melengkapkan satu
bulatan lengkap berbanding tarikh yang sama
tahun sebelumnya.
saya orang bandar yang moden dan dungu bila
saya mempunyai agama dan tuhan tapi sedikit
benar ajarannya yang saya perlakukan.
saya orang bandar yang moden dan dungu bila
saya berpendapat kawan yang baik ialah kawan
yang sentiasa menyokong segala tindakan saya
dan mereka-mereka yang mengkritik saya ialah
orang-orang yang dengki kepada saya.
saya orang bandar yang moden dan dungu kerana
tidak mempercayai bomoh, pawang dan dukun
boleh berhubung dengan dunia ghaib tetapi
membaca ruangan horoskop dan menghantar
pesanan berantai yang bukan-bukan kononnya
boleh membawa tuah.
saya orang bandar yang moden dan dungu bila
saya sedar akan kepentingan teknologi terkini
tetapi hanya mampu menggunakannya sebagai
alasan untuk kelihatan mengikuti perkembangan
semasa.
saya orang bandar yang moden dan dungu bila
saya nak buat perkara-perkara yang 'happening'
sahaja. orang ke futsal saya ke futsal walau saya
kaki bangku, orang demam piala dunia saya turut
demam walau saya tak pernah ambil tahu tentang
bola sepak, orang ke konsert akadeni fantasia
saya ke situ jua walau seorang peserta pun saya
tak kenal dan terus-menerus.
saya sememangnya orang bandar yang moden
dan dungu.
*nota: penggunaan perkataan inggeris 'happening'
di atas adalah disebabkan saya tidak dapat
mencari perkataan yang paling sesuai yang dapat
menggambarkan dan mengekspresikan situasi
yang dialami pada keterangan tersebut.
credit to acong
After a brief discussion about the stupidity of Malaysians who are too obsessed with HYIP and quick rich scheme, our discussion shifted to Cikgu Shahrul Denial (mispelling intended).
Dunno what happened to Cikgu Shahrul Denial's scammy website
http://RajaRinggit.com, which i'm not sure that is his real name (which is johari?), but seems like it gone shitty with all of Mr Denial's promises.
If it really gone shitty, then I pity those who has been conned with his ponzi-like scheme (note to other HYIP and "Auto" website like Studiotraffic and 12DailyPro).
Cikgu Shahrul Denial aka johari, please close your mouth when posting your picture next time, you looked like a real kawaq that way.
Where are you Cikgu Shahrul Denial? Spending your holidays in Dubai Internut city? or just laughing away as you read this post because nobody can't trace you to get their poor money back?
Monday, June 19, 2006, posted by kei
Pernah dengar selinder gas LPG ada expiry date. I pun tak tahu juga sebelum ini. Very important information.
Ramai kat luar sana yang tak tahu. I pun tahu dari stokist gas sebab ada accident. Selinder gas yang dah expired tidak selamat diguna dan boleh menyebabkan
accident. So hati-hati bila menerima selinder gas dari penjual gas.
Di sini caranya bagaimana memeriksa selinder gas LPG :
Di salah satu sisi selinder gas expiry date akan dikodkan secara alpha-numerical seperti berikut;
A , B , C atau D diikuti dua digit, contohnya D06.
Huruf bermaksud suku ke berapa dalam satu tahun -
A utk March ( Suku pertama ),
B utk June (Suku kedua ),
C utk Sept ( Suku ketiga ), &
D utk December ( Suku keempat ).
2 digit itu pula menunjukkan sehingga tahun berapa selinder itu selamat
digunakan Jadi D06 bermaksud selamat digunakan sehingga December 2006.
Kongsi message ini dengan rakan-rakan anda. Ia mungkin dapat menimbulkan
kesedaran dan menyelamatkan nyawa.
Sunday, June 18, 2006, posted by Faizi
How do you breathe?Of course by inhaling and exhaling air through your lungs, as you would answer. But not many of us practice the proper breathing technique that could improved our health and well-being.
To cut the story short, to breathe properly is to expand the stomach first during inhaling, expanding to the lungs and chest, and vice versa during the exhaling. Most of us did the opposite during our breathing process. To make sure you do it correctly, take a seating position, most us malay call it "sila panggung" , or any other seating position that you feel comfortable in. Or, you could just sit on a chair if you feel like it. Put your right palm on your chest, and your left palm on your stomach. Now, take a deep breath, feel the air in the stomach first, but do not try to force the stomach to extrude, just let the air fill the stomach gently, and then slowly filling the air into your ribcage, lungs and chest. Feel the air filling your body, full of energy. Do the opposite during the exhale, and try to empty your body completely, but do not force it, just let go and relax.
This correct breathing technique is quite important to ensure our bodily needs function properly, in order for better health.
I'm a martial art practitioner, and almost every martial arts practices believe that the air contains a powerful life force that can increase our energy. It's come to be known in different terms, such as
Chi in Chinese martial arts,
Qi in Japanese,
Prana in India,
Tenaga Dalam for us Malay, and so on. There is nothing spiritual or mystical about this belief, as maybe some of you might think, in fact it has been proven by science and technology. Ever wonder why we'll take a deep breath whenever you are in pain, for example a cut? or we will take a deep breath unconsciously before lifting heavy weight?
So try to breathe correctly, you'll be amazed how it will improve your health.
Saturday, June 17, 2006, posted by kakisembang
An outing to the local pasar malam. How much does murtabak cost at your place?
Thursday, June 15, 2006, posted by kei
Seorang insan telah dirasuk syaitan. Aku ditugaskan bertanya si syaitan. Sebelum sesi dialog berlangsung kami telah membacakan bebarapa ayat suci Al-Quran sebagai melemahkan si syaitan yang merasuk tersebut.
Aku: Hai syaitan ke jin… siapa namamu kenapa kamu menganggu si polan.
Syaitan: Hai bodoh! Syaitan dan jin samalah…hey bodohnya kamu ni…
Nama ku Saragon
Aku: Oh…syitan dan jin sama sahaja.. Jadi yang jin Islam tu siapa?
Syaitan: Jin Islam tu sama bodoh macam kamu.
Aku: Patutnya kamu masuk Islam beriman kepada Allah.
Syaitan: Mana ada (marah)….patut kamu sembah Iblis. Dia yang berkuasa.
Aku: Berapa umur kau syaitan?
Syaitan: Umurku 60,000 tahun.
Aku: Oh …60,000 dah tua lah kau ni…
Syaitan: Aku masih muda lah macam kamu. 60,000 itu baru macam umur kamu.
Aku: Kalau macam ni aku bacakan ayat Quran..
Syaitan: Jangan (takut) ..sakittt
Aku: Tahu pun sakit. Kalau macam tu keluar lah kamu dari tubuh si polan. Kalau tidak kami akan bacakan ayat Al-Quran. (membaca Bismillahirahamanirrahim)
Syaitan: Jangan sakit..sudahlah bodoh..pergilah tengok bola..pergilah..jangan ganggu aku. Aku bukan kacau kamu. Bodoh lah kamu ni..buang masa saja..pergi baliklah.
Aku: Tahu pun sakit. Kenapa kalau kita baca ayat Al-Quran apa yang kau nampak.
Syaitan: Kamu penipu…. kamu ramai.
Aku: Ramai macammana?
Syaitan: Ramai..penuh satu rumah
Aku: Berapa ramainya….ratus…ribu ?
Syaitan: Banyak..ramai…
Aku: Macamana rupa bentuknya?
Syaitan: macam cahaya bersinar.
Aku: Dia datang macam mana?
Syaitan: Dia datang bersama setiap huruf ayat yang dibaca?
Aku: Kalau azan macammana ? apa yang kamu takutkan?
Syaitan: Itu lagi ramai yang datang macam hujan.
Aku: Kemana kamu lari?
Syaitan: Kami cuba lari sedaya upaya tapi tiada tempat lari ..
Aku: Masuk dalam tanah macam mana?
Syaitan: Dalam tanah pun ada (takut)
Aku: Dalam laut?
Syaitan: Dalam laut pun banyak. (takut)...kami masuk dalam lubang najis dan longkang.
Aku: Jadi apa tunggu lagi keluarlah kau syaitan lahnattullah..
Syaitan: Aku tak mau. Aku mau tinggal di sini. Aku tak ada rumah. Biarlah aku di sini. Jangan ganggu aku.
Aku: Kau mesti keluar. Kau menyakiti diri si polan. Keluar kau segara.
Syaitan: Aku kuat. Aku tak mahu keluar.
Aku: OK. (baca Ayt Kursyi)
Syaitan: Jangan (merayu)…Aduh!..ahhh……Kamu jahat…aghh
Aku: (diam seketika)…
Aku: Hai syaitan …tak mau keluar lagi?
Syaitan: Baliklah kamu….buang masa saja..pergi tengok bola. Pergilah (memujuk)....Kau tahukah Kamu ni manusia jahat.
Aku: Kenapa kami jahat?
Syaitan: kamulah menyebabkan kami kena buang dari syurga.
Aku: Siapa bagi tahu kau macam tu.
Syaitan: Iblis tuhan kami
Aku: Sebenarnya Iblislah yang telah menggoda manusia. Engkar printah Allah. Kamu dilaknat. Dibakar dalam neraka di akhirat kelak. Tunggulah dunia kiamat nanti.
Syaitan: Mana ada kiamat.
Aku: Allahuakhbar!
Syaitan: Aduhhh!
Aku: Hai syaitan…kamu kah yang membawa angin ahmar?
Syaitan: Itu senjata kami yang hebat..(senyum)..
Aku: Macam mana kamu gunakan? Siapa yang akan kena?
Syaitan: Bila manusia lalai…
Aku: Bagaimana dengan penyakit HIV, AIDS, SELESMA burung?
Syaitan: Itu semua kami punya (senyum)
Aku: Bukan kah kerana makanan? (saja bertanya)
Syaitan: Makanan itu sebab sahajalah bodoh!...
Aku: (Sabar) (Berastagafar)
Syaitan: hei! sudah lah bodoh…buang masa saja.! Pergilah kamu balik..Tengok mata iblis merah sudah tengok aku.
Aku: Kenapa pulak dengan iblis.
Syaitan: Dia marahlah bodoh!.Dia tu tuan aku.
Aku: Dalam sembahyang kau mengoda juga kah.
Syaitan: Dalam sembahyang kami goda..kalau kamu lalai.
Aku: Kalau kami baca ayat al Quran sebelumnya.
Syaitan: kami pergi jauh..lepas tu kami balik..perhati kalau kamu lalai kami masuk lah dalam hati dan lalaikan kamu. Kami senang hati kalau sembahyang kamu tak sempurna.
Aku: Kamu nampak kah kalau sembahyang tak sempurna.
Syaitan: Sembahyang tak sempurna akan dilempar. Tapi kami sedih kalau sembahyang yang sempurna.
Aku: Macammana rupanya sembahyang sempurna?
Syaitan: Kami nampak dia naik keatas langit.
Aku: Oh begitu. Bagaimana dengan orang yang tak sembahyang. Kamu tak goda.
Syaitan: Buat apa goda orang tak sembahyang. Mereka pun macam kami. Bodohlah kamu!
Ini hanyalah sebahagian dailog yang berlansung dan dapat dikongsi bersama. Dalam dailog ini alhamdulilah syaitan akhirnya menyerah kalah setelah tidak tahan dengan kekuatan kalimah-kalimah Allah serta ayat suci yang telah dibacakan kepadanya.
Dailog ini benar berlaku dan disaksi oleh bebarapa rakan seperjuangan.Bahasa di perbaiki agar mudah difahami.
Sentiasa lah ingat kepada Allah dengan mengerjakan perintahNya dan Sunnah RasulNya.Senitasa beristagafar, bertaubat serta menjauhi laranganNya. InsyaAllah kita akan sentiasa dilindungiNya.
Wednesday, June 14, 2006, posted by encik tapa
me first post ? yeap !
Talent, teamwork and a level playing field - it's no wonder we look up to the World Cupby Kofi Annan
THE World Cup makes us at the United Nations green with envy. As the pinnacle of the only truly global game, played in every country by every race and religion, it is one of the few phenomena as universal as the UN. You could say it's more universal. Football's world governing body, FIFA, has 207 members; we have only 191. But there are better reasons for our envy.
This is an event in which everybody knows where their team stands, and what it did to get there. They know who scored and how, and in what minute of the game; they know who saved the penalty. I wish we had more of that sort of competition in the family of nations. Countries vying for the best standing in the table of respect for human rights, and trying to outdo one another in child survival rates or enrolment in secondary education. States parading their performance for all the world to see. Governments being held accountable.
Millions of people around the planet love talking about the World Cup. In Paraguay fans will pick over that own goal; in Japan they will analyse last night's contest with Australia. Everywhere people are dissecting the games, revealing an intimate knowledge of their own teams and many others. Tongue-tied teenagers suddenly become eloquent and dazzlingly analytical. I wish we had more of that sort of conversation in the world at large: citizens consumed by the topic of how their country could do better on the Human Development Index, or exercised about how to reduce carbon emissions or HIV infections.
The competition takes place on a level playing field. Only two commodities matter: talent and teamwork. I wish we had more levellers like that in the global arena. Free and fair exchanges without the interference of subsidies, barriers or tariffs. Every country getting a real chance to field its strengths on the world stage.
The World Cup illustrates the benefits of cross-pollination between peoples and countries. More and more national teams now welcome coaches from other countries, who bring new ways of thinking and playing. The same goes for the players who represent clubs away from home. They inject fresh qualities into their new team and are able to contribute more to their home side when they return. In the process, they often become heroes in their adopted countries - helping to open hearts and minds.
I wish it were equally plain for all to see that human migration in general can create triple wins - for migrants, for their countries of origin, and for the societies that receive them. Migrants not only build better lives for themselves and their families, but are also agents of development - economic, social and cultural - in the countries they work in, while theyinspire with new-won ideas and know-how when they return.
Playing in the World Cup brings profound national pride. For countries qualifying for the first time - such as my native Ghana - it is a badge of honour. For those doing so after years of adversity - such as Angola - it provides a sense of national renewal. And for those that are currently riven by conflict, but whose World Cup team is a unique and powerful symbol of national unity, such as Ivory Coast, it inspires nothing less than the hope of national rebirth.
Which brings me to what is perhaps most enviable of all for us in the UN: the World Cup is an event in which we see goals being reached. I'm not talking only about the goals a country scores; I also mean the most important goal of all - being there, part of the family of nations and peoples, celebrating our common humanity. I'll try to remember that during each game. Of course, I can't promise I'll succeed.
Kofi Annan is Secretary-General of the United Nations.
© 2006 The Sydney Morning Herald
Get real !! Peace is not something you can get in this life, in after life...... perhaps ...
Tuesday, June 13, 2006, posted by ~ayoi~
Ok perhaps we can use these terms properly now :D
Threat : a party with the capabilities and intentions to exploit a vulnerability in an asset
Vulnerability : a weakness in an asset that could lead to exploitation
Let me put in these context :
1). This is the situation in the view of Wayne Rooney
Risk : Getting injured again and missed the WC tournament and perhaps starting of EPL season. (Perhaps receiving the hair dryer treatment from Sir Alex Ferguson can be included as well)
Asset : Wayne Rooney footballing abilities
vulnerability : "Fully recovered" broken metatarsal
Threat : Rough Defenders
Exploit : Rough/hard tackles to that "fully recovered" foot.
2). This is the situation from the view of fenris (sorry for using ur nick :D)
Risk : Expelled from the higher learning institution
Asset : Diploma/degree
vulnerability : A case about his abusing the Institution's IT facilities.
Threat : The System Admin that's going for fenris blood
Exploit : His Mac address using illegal PIN number access logfiles.
3) This is the situation from England's view
Risk : Booted out from World Cup at early stage
Asset : A good set of players (or so called good set of players)
Vulnerability : Depending too much on 21 years old striker that thought he is fully recovered from his broken metatarsal. Played a boring football and have a lousy coach/manager.
Threat : Any other teams that can score 1st against England
Exploit : Beautiful football :D
p/s: No 3 is my personal opinion aaa..
Robert Scoble, Microsoft employee that regularly blog about his life and the software giant resigns as he want to start a company in Silicon Valley. His blog, Scobleizer has been frequented by many including hi-tech industry watchers for latest gossip and news regarding Microsoft.
His blog is widely seen as helping to humanise Microsoft and shift its stance from arrogant and aloof to one that is more inclusive and accepting of criticism. It also commented on broader changes in the net world and how they affected the company.
In a post made in 10 June 2006, he explains that his departure is not caused by fallout with his company, quoting ""I love Microsoft and Microsoft did not lose me, at least as a supporter and friend"
His blog can be reached at
http://scobleizer.wordpress.com/
Monday, June 12, 2006, posted by kei
Walau sedikit pelik tajuk aku ini, tapi rasa patut aku kongsikan dengan kau orang semua terutama kepada pemborong, peruncit, pekedai malah kalau-kalau ada pengguna yang sudi cuba…
Sebelum itu sedikit mukadimah. Sekarang ini adalah zaman untuk kerajaan Islam Tamadhun "membela" rakyat, maka pelbagai kenaikan harga "perlu" dilakukan untuk menambah hasil kerajaan dan poket kerajaan.
Dengan hasil pendapatan tersebut maka bolehlah kerajaan membangunkan pelbagai kemudahan kepada golongan yang berpendapatan rendah seperti penoreh, petani, nelayan dan yang sedaif sepertinya. Projek-projek yang dimaksudkan adalah seperti padang golf 18 lubang (untuk penoreh dan nelayan melepas penat selepas bekerja), lapangan terbang antarabangsa (untuk nelayan, penoreh dan petani mengeksport hasil mereka ke luar negara), perkampungan pelancongan atau marina (untuk nelayan buat latihan dan membaiki bot mereka) dan bermacam-macammmmmm lagi "kesenangan" buat rakyat yang berpendapatan rendah semua.
Dan projek-projek tu semua akan kerajaan "tenderkan" kepada Ah Chong, Balakrisnan, John. Ini pun untuk kesenangan rakyat semua… eh... kenapa terkejut? Kan semua tu saudara dan sepupu kau orang semua… apa salahnya... kan untuk kesenangan kita semuaaaaaa….
Rasanya cukuplah mukadimah tersebut. Kita berbalik kepada "petua" yang nak aku sampaikan... tetapi sebelum tu dinasihat kepada semua syarikat pengangkutan, pastikan pemandu-pemandu lori kamu jangan isi "air" dalam tangki... isi minyak sepenuhnya.
Petuanya ialah:
i. Permulaannya kau pastikan barang-barang yang nak dinaikkan harganya barangan keperluan harian dan sangat perlu kepada rakyat jelata yang berpendapatan rendah kerana jika ianya barang mewah aku pasti seratus peratus akan ditentang oleh kerajaan (katanya takut pelabur lari)
ii. Lepas tu... kau orang pindahlah stok barang-barang kau yang banyak dalam stor tu ke tempat lain (pastikan tempat yang penguatkuasa bawahan tidak syaki seperti. alah kau fikirlah sendiri)
iii. Tapi sebelum kau orang nak naikkan harga barang, berpakatlah dengan mana-mana media massa terutama media eletronik (TV... lah) buat berita tentang berlaku kekurangan bekalan barangan walaupun sebenarnya barang tu memang banyak...(alah... pandai-pandai lahhhh)
iv. Seterusnya kau orang hantarlah wakil kau orang untuk "bincang" dengan kementerian (lebih tepat menteri) yang berkenaan dengan perdagangan ni... cakaplah kau orang nak naikkan harga barang. Dan kalau dia cakap tak boleh kerana takut rakyat marah, kau terangkan macam ni... (sebenarnya aku rasa kau orang dah buat pun...) suruh menteri tu buat kenyataan (setelah kau janjikan menteri tu bahawa keuntungannya nanti..adalah masuk sikit... haha) yang kau orang ada mintak nak naikkan harga barang kerana alasan kos meningkat dan bekalan tidak mencukupi tetapi kononnya menteri tu tak setuju dan kementerian akan ambil tindakan... kemudian kau orang suruhlah menteri tu hantar orangnya untuk "buat-buat" pemeriksaan ke atas gudang-gudang yang kau orang dah pilih...
v. Selepas tu... kau orang kenalah tunggu dalam masa 2 hingga 3 minggu selepas kau orang sembunyikan barang tu... yakni selepas rakyat dah benar-benar tertipu kononnya barangan tersebut memang kurang di pasaran...
vi. Kemudian barulah kau orang suruh menteri tu buat kenyataan sekali lagi bahawa bekalan barang memang tidak mencukupi kerana pengilang terpaksa mengurangkan operasi disebabkan kos meningkat dan kerajaan "terpaksa" bersetuju untuk menaikkan harga barang... kan sonang tu... barulah kau untung dan baru kerajaan terselamat daripada dimarahi oleh rakyat kerana pada fikiran rakyat (yang tentu sahaja...) nak buat macamana... dah memang benda tu kena naik... naiklah ia... (Perhatian: ini sebenarkan salah satu prinsip muslihat atau taktik yang selalunya diterapkan oleh kerajaan... jadi, jangan kecoh-kecoh bagi tau sesiapa...)
Jadi, aku rasa cukuplah untuk kali ini... dan jika ada lain-lain petua yang baru, aku akan "ajarkan" lagi... dan aku ucapkan selamat mencuba... aku pasti kau orang akan berjaya kerana aku tengah buat benda nie dan aku rasa dah nak berjaya pun... hahahaha kan sekarang ni, kau orang minum kopi pahit.....
Instlux adalah merupakan projek bagi memudahkan pengguna Windows untuk berhijrah ke Linux.
Ia membekalkan antaramuka gui untuk install linux dari dalam windows. Semua maklumat berkaitan system dan user diambil dari windows untuk digunakan sewaktu install linux.
Setelah mengumpul semua maklumat, ia akan mengubah boot.ini windows dan masukkan menu untuk installer yang akan di gunakan apabila reboot. Jika menu installer dipilih, installasi akan diteruskan.
Jika anda memilih untuk terus boot ke windows, uninstaller akan dibuka sebaik sahaja anda masuk ke windows.
Setakat ini ia cuma boleh digunakan untuk install Ubuntu dan OpenSuse sahaja dengan pilihan pelbagai bahasa serta 2 jenis installasi iaitu menggunakan Cd dan Network.
Maklumat lanjut boleh didapati di
http://instlux.sourceforge.net/
For some reason on suse 10.0 and 10.1 I cannot overflow the buffer so as
to overwrite EIP no matter what. The attached code is a very simple
example to illustrate my issue. Basically the following is what I get
when the program segfaults on SuSE 10.1.
However, the attached program produced the expected results 0x41414141
in main () on FreeBSD versions 5.3 and 6.1, on redhat 7.2
Any ideas why this is happening?
------------------------------
-----
plato@###:~> gdb ./overflow
GNU gdb 6.4
Copyright 2005 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "x86_64-suse-linux"...Using host libthread_db
library "/lib64/libthread_db.so.1".
(gdb) run
Starting program: /home/plato/overflow
warning: Lowest section in system-supplied DSO at 0xffffe000 is .hash at
ffffe0b4
Program received signal SIGSEGV, Segmentation fault.
0x080483ec in main () at overflow.c:6
6 }
(gdb)
overflow.c :
main () {
char str1[10];
strcpy (str1,
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
}
This script is for FreeBSD, but feel free to correct it, call me an ass,
or adapt it for any means needed, so long as my name appears as the
original source of the idea. If you do make changes, please mail me, I'd
love to hear about it and see your script.
#!/usr/local/bin/bash
#-------------------
#killapnic
#by IcE tRe
#--------------------
#I am sick to death of apnic trying to login as root on my server,
#even though root logins aren't allowed
#
#Deletes policy 666-699 by default, hope that doesn't clobber your crap
#
#If so, edit the following variables
IPFWCMD="/sbin/ipfw"
LYNXCMD="/usr/local/bin/lynx"
LYNXFLAGS=" -source"
URL="http://www.iana.org/assignments/ipv4-address-space"
STARTIPFW=665
RANGE="666-699"
MIDDLE=".0.0.0/"
#end variables
SCORE=`$IPFWCMD show $RANGE`
CURRENTRULES=`echo "$SCORE" | awk '{ print $7 }'`
for DELETE in `$IPFWCMD show $RANGE | awk '{ print $1 }'`
do
$IPFWCMD delete $DELETE
done
echo "Deleted all rules numbered $RANGE and added the following rules:"
for EACH in `$LYNXCMD $LYNXFLAGS $URL | grep -i apnic | awk '{
print $1 }'`
do
START=`echo $EACH | awk -F/ '{ print $1 }'| bc`
END=`echo $EACH | awk -F/ '{ print $2 }'| awk '{ print $1 }'`
IP=$START$MIDDLE$END
ENDIPFW=$(echo "$STARTIPFW + 1 " | bc)
STARTIPFW=$ENDIPFW
CMDTEMP=`echo "$IPFWCMD add $ENDIPFW deny ip
from $IP to any"`
# CMDTEMP2=$CMD$CMDTEMP
# CMD=$CMDTEMP2
$CMDTEMP
done
#$CMD
echo $CMD
echo "Old counts were:"
echo "$SCORE"
echo "Old IP's:"
echo "$CURRENTRULES"
#end script
I usually run it in cron with stdout piped to /dev/null, but here's the
output if your curious.
digitalfreezer# /etc/killapnic
Deleted all rules numbered 666-699 and added the following rules:
00666 deny ip from 58.0.0.0/8 to any
00667 deny ip from 59.0.0.0/8 to any
00668 deny ip from 60.0.0.0/8 to any
00669 deny ip from 61.0.0.0/8 to any
00670 deny ip from 121.0.0.0/8 to any
00671 deny ip from 122.0.0.0/8 to any
00672 deny ip from 123.0.0.0/8 to any
00673 deny ip from 124.0.0.0/8 to any
00674 deny ip from 125.0.0.0/8 to any
00675 deny ip from 126.0.0.0/8 to any
00676 deny ip from 202.0.0.0/8 to any
00677 deny ip from 203.0.0.0/8 to any
00678 deny ip from 210.0.0.0/8 to any
00679 deny ip from 211.0.0.0/8 to any
00680 deny ip from 218.0.0.0/8 to any
00681 deny ip from 219.0.0.0/8 to any
00682 deny ip from 220.0.0.0/8 to any
00683 deny ip from 221.0.0.0/8 to any
00684 deny ip from 222.0.0.0/8 to any
Old counts were:
00666 5 202 deny ip from 58.0.0.0/8 to any
00667 53 3022 deny ip from 59.0.0.0/8 to any
00668 23 1085 deny ip from 60.0.0.0/8 to any
00669 27 1282 deny ip from 61.0.0.0/8 to any
00670 0 0 deny ip from 121.0.0.0/8 to any
00671 1 408 deny ip from 122.0.0.0/8 to any
00672 0 0 deny ip from 123.0.0.0/8 to any
00673 8 394 deny ip from 124.0.0.0/8 to any
00674 6 312 deny ip from 125.0.0.0/8 to any
00675 0 0 deny ip from 126.0.0.0/8 to any
00676 9 1500 deny ip from 202.0.0.0/8 to any
00677 23 1152 deny ip from 203.0.0.0/8 to any
00678 14 653 deny ip from 210.0.0.0/8 to any
00679 12 1504 deny ip from 211.0.0.0/8 to any
00680 27 1970 deny ip from 218.0.0.0/8 to any
00681 20 973 deny ip from 219.0.0.0/8 to any
00682 30 1809 deny ip from 220.0.0.0/8 to any
00683 43 2413 deny ip from 221.0.0.0/8 to any
00684 50 3161 deny ip from 222.0.0.0/8 to any
Old IP's:
58.0.0.0/8
59.0.0.0/8
60.0.0.0/8
61.0.0.0/8
121.0.0.0/8
122.0.0.0/8
123.0.0.0/8
124.0.0.0/8
125.0.0.0/8
126.0.0.0/8
202.0.0.0/8
203.0.0.0/8
210.0.0.0/8
211.0.0.0/8
218.0.0.0/8
219.0.0.0/8
220.0.0.0/8
221.0.0.0/8
222.0.0.0/8
digitalfreezer#
I used to reset the connections, but in the interest in making the
scripts run slower, I let em hang.
Adam.Chesnutt - icetre@digitalfreezer.net
Sunday, June 11, 2006, posted by kakisembang
Kita mungkin sudah biasa dengan sejarah kedatangan kaum cina dan india ke Tanah Melayu (Malaya), tetapi adakah anda tahu berkenaan sejarah kedatangan kaum Sikh ke sini?
Mari kita baca artikel yang membincangkan mengenainya
Kedatangan Sikh ke Tanah Melayu
Saturday, June 10, 2006, posted by kakisembang
This is the top 10 most stupid and memorable engineering mistakes made throughout the history.
- St. Francis Dam, 1928
- Kansas City Hyatt walkways, 1981
- Vasa, 1628
- Northeastern US power grid, 1965
- McDonnell Douglas DC-10, 1970s
- Firestone 500 tires, 1970s
- Purity Distilling Company tank, 1919
- Skylab, 1973
- Citigroup Center, 1978
- R101 airship, 1930
More information could be read at
Stupid Engineering Mistakes and
List of famous failures in science and engineering.
Thursday, June 08, 2006, posted by fenris
Ok.. sekarang nie ramai yg nak dekat kahwin ataupun ramai yg ader plan nak kahwin. Sumer orang tahu lah persiapan untuk kahwin bukannyer mudah banyak persiapan yg perlu di aderkan... . ia memerlukan satu perancangan yg cukup teliti bagi dua dua blah pihak
Kekadang tu pasangan tak jadi kahwin pasal plan nak kahwin. Maknernyer diorang plan nak buat majlis abih tak boleh agree with each other so they bergaduh and taklah jadi kahwin.
Jadi ader orang yg tak jadi kahwin pasal nak kahwin. Kalau kahwin mestilah nak buat majlis Walimah... untuk mereka yg tak tahu, majlis walimah ialah majlis sambutan hari perkahwinan dimaner sanak saudara sahabat handai jiran tetangga dijemput hadir makan bersamer.
Pasangan sekarang lebih stress memikirkan majlis ini daripader memikirkan maser depan dan hala tujuan hidup bersamer selepas nikah.
Ok berikut aderlah sedikit sebanyak panduan dan kos untuk persiapan majlis ini. Supaya menjadi pedoman untuk mereka yg ingin berkahwin dan yg ingin berkahwin lagi.
1. Kadi :
At least 6 mths b4 the proposed nikah date korang misti kener gi register kat jabatan, and biler korang gi register korang mistilah dah tahu asas kahwin yg akan diberikan, tarikh dan tempat nikah. Lepas register orang bolehlah book kadhi. Sorang je book... . jgn dua dua gi book plak.
kos kadi : RM80++
2. Kursus rumahtangger:
Kener pergi... . kalau tak pergi korang takleh amek sijil nikah. Tapi when u go and collect the sijil nikah at Jabatan they never ask for the sijil kursus... . whatever it is kan baik kalau korang pergi attend the kursus. walaupun kiter dah terer dlm bab rumahtangger tapi ader baiknyer kalau kiter refresh balik aper yg telah kiter ketahui.
kos kursus : around RM80 for the whole session (tengok tempat)
3. Book Mak Andam:
Mak Andam is one of the most important people dalam perkahwinan. Nak owang pompan... .. pilih mak andam boleh makan tahun lamernyer. Of courselah, lelaki nak amek mak andam buat aper sey. At least six months misti nak book... later than that u might have a problem finding one... .. kalau ader pun mak andam dari Kreta Ayer Chinese Dance Troupe.
Kos : RM1200 (tengok baju aper... kalau ader baju batman atau otromen (mungkin mahal sikit)
4. Photographer:
Selalunyer mak andam akan rekomenkan photographer sekali. Kalau tak korang kenerlah carik sendiri. Sekarang owang melayu dah pandai... . dah pandai amek studio, dah pandai amek outdoor.
Kos : RM800
5. Kompang / Hadrah
Unless korang nak pakai loktang takyah panggil kompang. Kalau nak panggil at least 3 mths notice.
Kos :RM300
6. Dekorasi blok dan pelamin
Sekarang sudah canggih... kolong blok diorang transform jadi macam istana Taj Mahal... . kalau tak pun jadi macam lori cina mampos... . letak kacang samer kuaci sudah original beb... . tinggal nak campak kerander je kat tengah-tengah. Macam macam design macam macam pattern.
Kos :RM1000
7. Tukang Masak and Khemah Kosi Meja
Tukang masak mesti ader beb... kalau takder camner owang nak makan? Lainlah kalau korang buat majlis kat Mac Donald's.
Kos : RM7000 (tengok kepaler yg datang)
8. Kerete
Unless korang nak gi bertandang jalan kaki takyahlah sewa kereter (*naik basikal bleh gaks..) Kalau nak sewa, kenerlah sewa yg special punyer... Merc ke?... Jag ke?. kira yg besau punyer kereter lah. Janganlah plak badan korang besau abih sewa Kancil... ... sampai besok pun takleh masok!
Kos : RM300
9. DJ/Karaoke
Kalau majlis senyap dan sunyi je taklah meriah kan? Lazimnyer owang akan engage DJ/ Karaoke services. Ader jugak yg amek band industan, brass band.
At least 6 mths mesti nak kener book.
Kos :RM850 (dengan dinner sekali)
10. Berkat
Kira door gift lah. Yg biaser telur rebus owang kasi... tapi sekarang dah maju... diorang lagi kreatif... ader yg kasi tuala, sabun buku, cokelat, agar-agar, mangkok, gelas, surah Yasin, etc etc.
Kos : RM3000++
11. Miscellaneous
Perkara perkara kecik owang selalu overlook... perkara perkara kecik ginilah yg selalu membuat kocek kiter tebakar. Bender bender seperti Bunga Pahar, Sireh Dara, Kek, Sabun, Rokok Rewang, Sewa kolong blok, Tuala rewang, pisau rewang, barang barang hantaran, cadar, kelambu, langsir, carpet, bill,lauk pauk pre and post majlis, plastik buat bungkusan, kad jemputan...
Kos : RM2500 ++
TOTAL ESTIMATED COST YG KORANG KENER KLUARKAN IALAH : RM17,110
Belom termasok hantaran lagi beb... . korang pandai pandailah plus sendiri. Dari itu saper saper yg dah nak berkahwin... ... . SELAMAT PENGANTIN BARU!
Untuk mereka yang bakal-bakal... . yang dah lepas tu, mungkin nak tahu jugak sebab musababnyer... .
Zaman sekarang ni kan; hantaran makin naik harga. Maklumlah; kata dorang ikut market price. Kalau harga mas naik; naik lagi harga bakal2 bini.
Tak ikut market price nanti orang kata kedekut lah; sengkek lah; tak mampu jangan ada hati nak kahwin lah; hai... macam-macam story lagi. Biasanya yang letak harga ialah mak sebelah pompan. Bapak selalu ikutkan aje; ni semua kerja orang pompan, dorang kata. Kadang2 ada jugak pompan sendiri yang letak harga; lepas tu pakat dengan mak.
Mengikut survey;
sekarang paling minimum RM6000.
Hantaran RM5000; RM4000 masih ada jugak;
tapi dah boleh kira pakai jari tangan je.
Yang ada hantaran kira okay lah; tapi ada serba satunya lagi. Cuma serba-serbi dan serba boleh je belum ada lagi.
Kat sini aku ada beberapa sebab kenapa sekarang hantaran makin mahal.
Sebab
1. Anak pompan sorang
2. Anak pompan sekolah tinggi 20 tingkat
3. Anak pompan paling jambu dalam family
4. Anak pompan kerja high post
5. Anak pompan biasa pakai barang branded
6. Anak pompan yang tastenya... berkajang-kajang kalau disenaraikan
7. Kakak belum kahwin; jadi kena kasi double untuk belanja kakaknya sekaligus
8. Anak pompan yang rasa dirinya... lengkap segala-gala
9. Bapak pompan towkay kayu balak; mak pulak bekas eksekutif
10. Anak pompan tu pun jenis ek... semacam jer
Selalunya jawapan yang diberi oleh pihak lelaki kalau hantaran melampau sangat (ni dorang bebual antara family lelaki je):-
1. "Eh! Nak meniaga anak ke pe?" Kadang tu mak bapak ok jer si anak lak lebih-lebih
2. "Kalau pandai masak ke jahit ke; satu hal jugak. Ni asik pandai mekap je."
3. "Camni bilang dorang simpan anak tu dalam store buat perhiasan."
4. "Kalau lawa macam Karisma Kapoor tu takpe jugak. Ni idung pesek macam kena lenyek je."
5. "Apa dorang ingat kita sedara Bill Gates ke?"
6. "Lupakan sudah budak pompan tu. Nanti mak carik kan yang lebih power dari Catherine Zeta-Jones eh?"
Kata2 dari sebelah pompan yang lelaki ingin sangat nak dengar :-
1. "Ikut suka hatilah. Berapa yang lelaki kasi; kita ambik je. Member tak cerewet."
2. "Takpelah. Kalau tak boleh adakan sekarang; kahwin dulu. Lepas tu bayar pelan-pelan cara instalment."
3. "Jangan bimbang. Korang cuma adakan hantaran je. Duit majlis semua kita sponsor."
4. "Pasal sekarang ni musim great sale sana sini; jadi kita ada staff discount. Korang cuma kasi 10% je."
5. "Berapa korang nak kasi, kasilah. Nak ambik free pun takpe. Anak pompan kita ramai lagi."
6. "Apakata kalau korang ambik kakaknya sekali. Tapi hantaran tetap sama. Kira 2 for the price of 1 ler. Risaulah kakaknya tak kahwin-kahwin."
Kalau kena pulak family lelaki yang loaded makan tak abis punya; jawapannya :-
1. "Okay setuju. Kita up lagi RM10,000. Nothing much ler."
2. "Ehh sikit nah! Camni tak nak lah. Tak sama standard dengan kita punya expectation ler."
3. "Ni hantaran kira Rupiah ke Sing dollars? Kita cuma simpan American dollars je."
4. "Kita tak kasi pakai cash ler. Korang pilih nak AMEX ke; Diners ke; boleh kata semua credit card kita ada lah."
5. "Sebagai hadiah upacara masuk minang ni; kita ada siapkan kereta Lambhorgini. Tu anak bujang kita tengah parking kat bawah tu."
6. "Ni korang mintak hantaran ke; mintak duit nak belikan dia baju tidur.Murah nah?"
Haa... tu lah beberapa kerenah orang melayu kita ni. Jadi untuk pasangan2 yang nak kawin tu; bincang betul2 antara korang dengan family dalam hal ni.
Mak pompan tu pun kalau nak letak harga; berpatutanlah dengan kemampuan pihak lelaki. Kalau tak berdengek lelaki tu nak adakan hantaran mahal2.
Hati dah suka punya pasal, semua boleh aje. Cukup time badan cengkung-mengkung tak larat nak naik pelamin pasal kerja tiga empat macam untuk kumpul duit. Ada pulak tu..yg terpaksa amik personal loan.. bank rakyat... bank Islam... atau guna kredit card.. lepas kawin.. kepala lagi sewel, dok pikir nak bayar hutang, loan rumah, loan kereta, loan komputer, 'loan bini',.. tak tercapai lah maksud perkahwinan yg sepatutnya semakin memudahkan kehidupan.. dah terbalik.. jadi semakin susah. Entahlah... . dunia... dunia... "
Secure Ethernet Bridge over TCP/IP
The main goal of this tool is to act as a completely Secure Ethernet Bridge over TCP/IP, tunneling in a transparent, safe and easy way, network traffic to a remote location without the need of any kernel patches or modules, or even the need to hide routing in the honeypots.
It can be used to easily deploy honeypot farms of distributed honeypots, transporting network traffic to a central honeypot architecture where data collection and analysis will be done. It can also be used as a very simple and efficient VPN (Virtual Private Network) for any other purposes.
- What is HoneyMole's value to me?
Deploying traditional honeypots and honeynets can be a problem if you have in mind that every honeypot you deploy means more work and resources required to maintain and analyze everything it collects. In the other hand the more honeypots you deploy, the more valid information you can collect.
Honeypot Farms are one way to solve this problem. A honeypot farm is nothing more then a several honeypots located in a single location. You then place redirectors anywhere you want in the world. The redirectors are nothing more then 'virtual honeypots' that redirect traffic to the honeypot farm.
People when attacking one of those systems think they are interacting with a system (your virtual honeypot) in Portugal, United States or United Kingdom, yet in reality all of their activity is being redirected to your single collection of honeypots. The redirectors make it very easy to virtually deploy lots of honeypots all over the place, but you only have to maintain a small number of real honeypots in a single location.
As presented by Edward Balas in chapter 7 of “Know Your Enemy, 2nd Edition”, Honeypot Farms are used as a way of virtually distributing honeypots, transporting IP packets from remote locations to the physical honeypots. It aims to reduce cost, deployment time and analysis time.
Advantages of Honeypot Farms
- Honeynets can be deployed with in a very short amount of time;
- Forensic analysis can be done faster;
- Honeypot farms can be used to protect production servers (hot-zoning);
- Participant networks don’t need to configure or monitor the honeypots.
Disadvantages of Honeypot Farms
- Geographic unrelated positions cause anomalies in network latency;
- Honeypot farms use routing rather than bridge, so they are complex to configure and require good network knowledge to operate properly;
- This technology is fair new, there are no tools to help automate the configuration and operation of the infrastructures.
HoneyMole is the result of the work we have decided to embrace on simplifying the Honeypot Farm concept and the necessary traffic tunneling.
Our aim was to use bridging rather than routing for transporting the traffic from remote locations to our honeypots on the farm and at the same time to reduce all the previously identified disadvanges except the network latencey.
- What technologies it uses?
Honeymole is developed in C using Libpcap, Libnet and OpenSSL libraries.
-
The performance it is fairly good. It is being used for some months in production environments without any problem. Since libpcap uses BPF (Berkeley Packet Filter), it is possible to apply filter rules on both directions in order to reduce the traffic in the tunnel to the operational needs.
-
Honeymole authentication and encryption uses OpenSSL. Some scripts are available to generate all the necessary certificates for the CA (Certificate Authority), used in the communication between the server and client.
- What operating systems are supported?
At the moment Honeymole works fine on Linux, OpenBSD, FreeBSD, NetBSD, Solaris and Mac OS X. Since it is based on Libpcap, Libnet and OpenSSL, it should be easy to port it to Microsoft Windows also.
http://www.honeynet-pt.org/index.php/HoneyMole
New and stable release of "<< BackTrack".Merger out of two well known security penetration testing focused linux live distributions (Whax and Auditor). After hundreds of combined man hours, can provide you with the finest linux and windows tools on one CD.Using Wine,also embedded some of the tools missing in the linux environment.
Whax and Auditor
Combining the best features from both distributions, and paying special attention to small details, this is probably the best version of either distributions to ever come out.
Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.
Get your free copy at one of our mirror at
http://www.remote-exploit.org
Firman Allah SWT di dalam al-Quran, yang bermaksud:
" Orang-orang yang beriman menjadi tenteram dengan mengingati Allah,
ingatlah bahawa dengan mengingati Allah itu tenteramlah hati."
(al-Ra'du: 28)
Lalai dari sudut pandang agama merupakan lawan kepada tafakkur. Dari
segi akhlak, setiap kali tafakkur dan perenungan yang tinggi, maka hal
itu akan menyebabkan ketinggian dan kesempurnaan manusia.
Sebaliknya kelalaian, betapapun kecilnya, ia pasti akan menjerumuskan
manusia. Ini berdasarkan kepada ungkapan al-Quran bahawa kelalaian
akan menjerumuskan manusia hingga ke tahap haiwan, bahkan lebih rendah
dari itu. Allah SWT berfirman:
"Dan sesungguhnya Kami jadikan untuk isi neraka Jahannam kebanyakan
dari jin dan manusia, mereka mempunyai hati, tetapi tidak digunakan
untuk memahami (ayat-ayat Allah) dan mereka mempunyai mata tetapi
tidak digunakan untuk melihat (tanda-tanda kekuasaan Allah), dan
mereka mempunyai telinga tetapi tidak digunakan untuk mendengar
(ayat-ayat Allah). Mereka itu sebagai binatang ternak, bahkan mereka
lebih sesat. Mereka itulah orang-orang yang lalai." (al-A'raf: 179)
Bagi orang-orang yang hati mereka telah dikuasai oleh kelalaian,
mereka mempunyai mata namun mereka tidak melihat dengan mata itu,
mereka mempunyai telinga namun mereka tidak dapat mendengar dengan
telinganya, dan mereka mempunyai hati namun mereka tidak memahami
dengan hatinya, mereka itulah yang disifatkan menguasai cirri-ciri
sebagai binatang. Mereka juga digambarkan lebih sesat, lebih teruk
dari sifat-sifat binatang.
Kelalaian tidak lain merupakan sifat yang tercela. Pada ayat yang lain
Allah SWT berkata bahawa kelalaian boleh mengunci hati dan menutup
pendengaran dan penglihatan. Firman Nya:
"Mereka itulah orang-orang yang hati, pendengaran dan penglihatannya
telah dikunci oleh Allah, dan mereka itulah orang-orang yang lalai."
(al-Nahl: 108)
Orang-orang yang lalai tidak mempunyai hati. Hati mereka seakan
terkunci. Mereka tidak mempunyai hati yang sedar, tidak mempunyai
pendengaran yang mampu mendengar dan tidak mempunyai penglihatan yang
mampu melihat. Sehingga akhirnya sifat kelalaian ini telah menjadikan
mereka jatuh ke darjat haiwan dan binatang.
Sifat kelalaian adalah lawan kepada sifat sedar dan prihatin diri.
Sifat kelalaian mendorong kepada kehilangan dunia dan lebih malang
lagi, kehilangan akhirat.
Wallahu'lam
We are pleased to announce that today Red Hat has completed the acquisition of JBoss.
As one company, we believe we can change the economics of the industry. Creating better software faster. Systematically driving out costs and simplifying IT. And bringing exponential value to customers.
JBoss will become a division of Red Hat with a common business model of delivering and providing production support of open source software. Customers will now have access to a single, proven global production support organization that can service both Red Hat and JBoss customers, in addition to supplying JBoss offerings through the established global channels of Red Hat.
We'd like to hear from you, understand what you'd like to see from the new JBoss division. Please take a few moments to
complete our survey.
Learn more about the JBoss acquisitionVisit the JBoss website
Dear ############,
From the desk of
Paul Morton,LPR Marketing Sdn Bhd (282141-M).
Thank you for your application.
We are pleased to announce that your application is in fact a “match” to the “profile” of the types of positions which are available. I wish to interview you personally, which is why you are not being contacted by my secretary but by me in person.
As we are expanding our business here in Asia, we need Part Time & Full Time Dynamic & Resourceful Leaders to work in our - “WELLNESS - HUMAN RESOURCES DIVISION” - for the following departments:
• Customer Care Services
• Customer Care
• Recruitment
• Team Building & Management
• Training & Coaching
(Approximately 1 out of 50 resumes are selected to meet us personally).
Our interview schedules (last approximately 1 hour) are as following:
- Wednesday 7thth June at 8.30pm in evening.
- Thursday 8th June 11.00am in the morning or 12.30pm
Our head office is at Jalan Raja Chulan and above interviews will take place at one of our offices in Central KL areas and Due to huge responses we have had recently, the addresses will ONLY be disclosed to you when you SMS us back on our Office Mobile number confirming your interview slot with your FULL NAME. After the confirmation, do come in your smart business attire, 5-10 minutes prior to the meeting. You do not need to bring your resume as we already have your profile. Just bring a pen and paper, as you may have questions and you might also need to take some notes.
Office
Mobile
Number (for SMS Only) : 016 2149129
As you are specially short-listed from our list of candidates, we are definitely looking forward to meeting you personally so we can have a formal introduction of yourself and our company and knowing who we are working with in future.
We will be looking forward to meeting you.
Yours sincerely,
Paul Morton,
LPR Marketing Sdn Bhd.
P/S : Guys if u get this email .... dont try to believe that scammer .. if u dont believe me ... u can try to see this http://soleilinaism.blogspot.com/2006/05/interview-hoax.html
Wednesday, June 07, 2006, posted by cr0mok
LONDON - Akhbar Britain semalam dibanjiri gambar penyerang England, Wayne Rooney yang melakukan tendangan libas kanan pada hari pertama latihan penuh sejak patah tulang kaki.
Pemain Manchester United berusia 20 tahun yang tercedera sejak April lalu itu, kerap diperkatakan oleh wartawan Britain sama ada dia akan pulih atau tidak menjelang pusingan akhir bola sepak Piala Dunia, Jumaat ini.
Semua pihak bersetuju dengan gambar pemain utama itu yang diambil sebelum berlepas ke Jerman, kelmarin akan memberikan keyakinan kepada penyokong juara dunia 1966 itu.
Bagaimanapun The Sun mendakwa jurulatih Alex Ferguson berang dengan pendedahan Rooney itu tanpa merujuk terus kepada pengurus Manchester United terlebih dahulu.
Ferguson dilaporkan, bimbang jika anak muda berbakat besar itu akan mengalami kecederaan yang lebih lama jika dia dibawa kembali beraksi, terlalu awal.
Rooney akan kembali ke Manchester, England untuk menjalani ujian imbasan kakinya tetapi bagi pengurus, Sven-Goran Eriksson, “saya tahu ini berita besar tapi tunggulah sehingga esok (hari ini).”
England masih mempunyai tempoh sehingga Jumaat ini untuk memastikan penyerang terbilangnya mampu menyertai Piala Dunia.
:)
Offer kat Plaza Sentosa Alor Star, just for reference only
256MB -> RM45
512MB -> RM60
1GB -> RM90
Mari,mari,mari... rapat-rapat
Tuesday, June 06, 2006, posted by kei
George: Condi! Nice to see you. What's happening?
Condi: Sir, I have the report here about the new leader of China.
George: Great. Lay it on me.
Condi: Hu is the new leader of China.
George: That's what I want to know.
Condi: That's what I'm telling you.
George: That's what I'm asking you. Who is the new leader of China?
Condi: Yes.
George: I mean the fellow's name.
Condi: Hu.
George: The guy in China.
Condi: Hu.
George: The new leader of China.
Condi: Hu.
George: The Chinaman!
Condi: Hu is leading China.
George: Now whaddya' asking me for?
Condi: I'm telling you Hu is leading China.
George: Well, I'm asking you. Who is leading China?
Condi: That's the man's name.
George: That's who's name?
Condi: Yes.
George: Will you or will you not tell me the name of the new leader of China?
Condi: Yes, sir.
George: Yassir? Yassir Arafat is in China? I thought he was in the Middle East.
Condi: That's correct.
George: Then who is in China?
Condi: Yes, sir.
George: Yassir is in China?
Condi: No, sir.
George: Then who is?
Condi: Yes, sir.
George: Yassir?
Condi: No, sir.
George: Look, Condi. I need to know the name of the new leader of China. Get me the Secretary General of the U.N. on the phone.
Condi: Kofi?
George: No, thanks.
Condi: You want Kofi?
George: No.
Condi: You don't want Kofi.
George: No. But now that you mention it, I could use a glass of milk. And then get me the U.N.
Condi: Yes, sir.
George: Not Yassir! The guy at the U.N.
Condi: Kofi?
George: Milk! Will you please make the call?
Condi: And call who?
George: Who is the guy at the U.N?
Condi: Hu is the guy in China.
George: Will you stay out of China?!
Condi: Yes, sir.
George: And stay out of the Middle East! Just get me the guy at the U.N.
Condi: Kofi.
George: All right! With cream and two sugars. Now get on the phone.
kohkohkohkohkohkoh
Well spent my weekend by watching X-Men : The last stand with my wife at Sunway. And then doing what I love most : reading.
1. Da Vinci Code - Dan Brown
Do I have to ellaborate more? I guess most of u have read/watch the movie, but trust me, reading the books is totally different from watching the movie. In the book, the characters are more properly described and developed. You can feel/imagine the situation that they are in (based on how imaginative you are eh?) But overall for a person who loves conspiracy theory, this book is top notch. A recommended reading. p/s: Before start reading, U have to know that this story is totally fictious.
2. Angel and Demon - Dan Brown
This book actually need to be read before Da vinci code (IMHO) even tho both of those stories are not linked to each other (besides the protagonist Mr Robert Langdon the symbologist). More about conspiracy theory on Vatican city. Well a good book. Basically about one party (actually one person) in the vatican who against the liberalisation of the vatican onto certain topics/aspects. This person is actually the Pope's trusted clergy. So this fella plot the downfall/killing of the Pope and hijack the fav cardinals during the conclave and pointing all the evidence towards the ancient movement of renaissance. The Enlightment. Well it's up to Mr Robert Langdon to solve the mystery of missing cardinals. And not only that, this fella also plant a powerful bomb based on fussion tech developed by CERN in the heart of vatican.
My verdict? Up to the level of da vinci code. If Tom Clancy and Umberto Eco got fused together, Dan Brown would be the result. :D
3. Deception Point - Dan Brown
When a new NASA satellite spots evidence of an astonishingly rare object buried deep in the Arctic ice, the floundering space agency proclaims a much-needed victory… a victory that has profound implications for U.S. space policy and the impending presidential election. With the Oval Office in the balance, the President dispatches White House Intelligence analyst Rachel Sexton to the Milne Ice Shelf to verify the authenticity of the find. Accompanied by a team of experts, including the charismatic academic Michael Tolland, Rachel uncovers the unthinkable—evidence of scientific trickery—a bold deception that threatens to plunge the world into controversy. But before Rachel can contact the President, she and Michael are attacked by a deadly task force…a private team of assassins controlled by a mysterious powerbroker who will stop at nothing to hide the truth. Fleeing for their lives in an environment as desolate as it is lethal, they possess only one hope for survival: to find out who is behind this masterful ploy. The truth, they will learn, is the most shocking deception of all…
A suspence thriller ala Tom clancy's. A good reading. :D
4. The Bear and the Dragon - Tom Clancy
President Jack Ryan faces a world crisis unlike any he has ever known, in Tom Clancy's extraordinary new novel...
A high-level assassination attempt in Russia has the newly elected Ryan sending his most trusted eyes and ears — including antiterrorism specialist John Clark — to Moscow, for he fears the worst is yet to come. And he’s right. The attempt has left the already unstable Russia vulnerable to ambitious forces in China eager to fulfill their destiny — and change the face of the world as we know it...
I have to admit, Tom Clancy is my fav author. Especially
Jack Ryan series. I've been following this Ryan fella starting from him being the CIA analyst till he became the POTUS. Tom Clancy is the master of conspiracy thriller, millitary stories where every details, every accounts will be told in such manner that I just simply can't put the books down. The Red Rabbit, Hunt for Red October, Cardinal of Kremlin, Patriot Games, Without Remorse, Debt of Honor, Executive Orders, The Red Storm Rising, The Bear and the Dragon, and recently The teeth of the Tiger. It seems like nowadays Mr Clancy concentrates more on Ops-Centre and Splinter Cells series. Well now u guys know how the hell did I get the nick Jack Ryan :D
Sunday, June 04, 2006, posted by -o-
i have 1 situation for u .. hope u guys can give comment or advise
i have a bf and we only been together for almost 3 or 4 months .. recently i chatted with one gal and she claimed or said that she's my bf's gf .. after that i did asked few of his friends abt that lah .. but maybe they being a great pal to my bf .. all of them jz said that they don't know anything abt it .. when i asked my bf .. he jz said he'll explain it to me since he's not in kl at that moment .. and when he was back in kl, he jz said that i dont trust him .. really pissed off .. seems like it was all my faults walhal its abt him having another gf not me
then, this morning one of his friends said that my bf did have another gf .. wooo .. haha .. should i dumped him or not?
past few weeks after the incident (that gal pm me) i did really cried my heart out
but now come to think back, i can find someone better than him .. sbb ramai lg yg minat aku, rite? :P
Friday, June 02, 2006, posted by ~ayoi~
Day of vulnerabilities.
1.
Snort HTTP Inspect Pre-Processor Uricontent Bypass"The evasion technique allows an attack to bypass detection of
"uricontent" rules by adding a carriage return to the end of a URL, directly before the HTTP protocol declaration. This affects thousands of rules in the standard Snort base rule sets.
Due to the seriousness of this vulnerability, we have developed a
working patch for public review. See below. This patch addresses the carriage return bug and should catch the known evasion attempts but further research needs to be done to determine if there are any other possible impacts of this bug. The detection for evasion is turned on
by default under all profiles but can also be used as a server configuration option:
-----HTTP Inspect Server Configuration-----
non_std_cr
This option generates an alert when a non standard carriage return character is detected in the URI.
-----end-----
More information including a pre-patched tarball, a simple proof of
concept, and a copy of this patch ..."
http://www.demarc.com/support/downloads/patch_20060531
http://www.osvdb.org/25837
feofil@gmail.com
2. Squirrelmail local file inclusion
Squirrelmail local file inclusion bug in functions/plugin.php .
Tested on the latest 1.4.x version.
No authentication needed.
#if (isset($plugins) && is_array($plugins)) {
# foreach ($plugins as $name) {
# use_plugin($name);
# }
...
#function use_plugin ($name) {
# if (file_exists(SM_PATH . "plugins/$name/setup.php")) {
# include_once(SM_PATH . "plugins/$name/setup.php");
# $function = "squirrelmail_plugin_init_$name";
# if (function_exists($function)) {
# $function();
# }
# }
#}
....
If register_globals is on we can control the $name variable.
In order to avoid errors SM_PATH needs to be defined. Exploitation
is done through src/redirect.php ( it includes functions/plugin.php
prior to authentication and it defines SM_PATH ).
magic_quotes_gpc needs to be off.
Example:
http://[host]/[squirrelmail dir]/src/redirect.php?plugins[]=../../../../etc/passwd%00
Denix Solutions
Unix/Linux Solutions for your Business
http://www.denixsolutions.com
3. VMware ESX Server Cross Site Scripting issue
Title: VMware ESX Server Cross Site Scripting issue
Date: 14.11.05
Application: VMware ESX prior to 2.5.2 upgrade patch 2
VMware ESX prior to 2.1.2 upgrade patch 6
VMware ESX prior to 2.0.1 upgrade patch 6
Environment: VMware ESX
Author: Stephen de Vries [stephen.de.vries@corsaire.com]
Audience: General distribution
Reference: c051114-002
-- Scope --
The aim of this document is to clearly define an issue that exists with the VMware ESX Server product [1] that will allow a remote attacker to inject arbitrary active scripting content, such as JavaScript, into a web session.
-- History --
Discovered: 11.11.05 (Stephen de Vries)
Vendor notified via client: 15.11.05
Vendor notified directly: 19.05.06
Document released: 01.06.06
-- Overview --
VMware ESX Server is described [1] as virtual infrastructure software for partitioning, consolidating and managing servers in mission-critical environments.
The software provides a virtualization layer that allows multiple x86 based operating systems to run on the same hardware concurrently. The ESX Server product differs from other VMware products in that it does not require a "host" operating system to be provided by the user. Instead, it uses a custom x86 kernel as the host, along with a customised Linux operating system as a "console O/S".
VMware ESX Server includes a number of network services and a web application, called the "VMware Management Interface" that can be used to perform remote administration of the system.
-- Analysis --
The VMware ESX Server product provides a web application to perform management of the system. One of the functions of this application is to allow administrative users to view log files, such as syslog, through a browser. No encoding of syslog data is performed to ensure that HTML meta-characters are not interpreted by the browser. This allows an attacker to inject HTML content, including JavaScript, into the syslog file where it would be rendered or executed when viewed through the Management Interface. Since the raw syslog data is displayed between tags, it is necessary to close the tag for a clean injection. Two injection methods were detected:
1. An attacker could simply attempt to log in to the Management Interface with a username that contains the injection script, such as:
#//
<$cript>alert('XSS')
2. An attacker could attempt to log in to the ftp server with a username containing a similar injection string.
It should be noted that the ftp server is not enabled by default, however, the Management Interface is.
This flaw could be used to conduct any number of Cross Site Scripting attacks [2], such as Session Hijacking, Cross Site Request Forgery or apparent falsification of the syslog data.
The risk of this vulnerability is increased due to the fact that only administrative users have permission to view the syslog files through the Management Interface. Should a Session Hijacking attack be successful, it would therefore likely yield administrative access.
-- Recommendations --
Upgrade to a version of the VMware ESX product that does not exhibit this issue:
VMware ESX 2.5.2 upgrade patch 2 and later
VMware ESX 2.1.2 upgrade patch 6 and later
VMware ESX 2.0.1 upgrade patch 6 and later
-- CVE --
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2005-3619 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardises names for security problems.
-- References --
[1] http://www.vmware.com/products/esx/ [2] http://www.aspectsecurity.com/topten/xss.html
-- Revision --
a. Initial release.
b. Minor edits.
c. Released.
-- Distribution --
The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Corsaire accepts no responsibility for any damage caused by the use or misuse of this information.
-- Disclaimer --
The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Corsaire accepts no responsibility for any damage caused by the use or misuse of this information.
4. Microsoft Windows "mhtml:" URI Handling Remote Buffer Overflow Vulnerability
Technical Description
A vulnerability has been identified in Microsoft Windows, which could be exploited by attackers to cause a denial of service or potentially take complete control of an affected system. This flaw is due to a buffer overflow error in the Microsoft Internet Messaging library "inetcomm.dll" that does not properly handle an overly long "mhtml:" URL, which could be exploited by attackers to crash an affected application (e.g. Internet Explorer or Windows Explorer) or potentially execute arbitrary commands by convincing a user to visit a specially crafted web page or open a malformed Internet shortcut.
Note : Arbitrary code execution has not been confirmed at the moment.
Affected Products
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Solution
The FrSIRT is not aware of any official supplied patch for this issue
Vulnerability reported by Mr.Niega
5. MySQL Multi-byte Encoding Processing Remote SQL Injection Vulnerability
Technical Description
A vulnerability has been identified in MySQL, which could be exploited by remote attackers to bypass security restrictions and execute arbitrary SQL commands. This flaw is due to an error when operating in multi-byte character sets (e.g. SJIS, BIG5 and GBK) and parsing certain ASCII characters escaped with the "mysql_real_escape_string()" function, which could be exploited by malicious people to bypass standard string-escaping methods and conduct SQL injection attacks against a supposedly secure script.
Affected Products
MySQL version 4.1.19 and prior
MySQL version 5.0.21 and prior
MySQL version 5.1.10 and prior
Solution
Upgrade to MySQL version 4.1.20, 5.0.22, or 5.1.11 :
http://dev.mysql.com/downloads/
References
http://www.frsirt.com/english/advisories/2006/2105
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-20.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-11.html
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-22.html
http://bugs.mysql.com/bug.php?id=8378
Credits
Vulnerability reported by Josh Berkus
And plus 2 advisories regarding FreeBSD 5.X and 6.X Release. ypserv and smbfs
check ur systems.
An interesting picture to share with...with phrase "UBUNTU or UBUNTUT?"
Thursday, June 01, 2006, posted by kakisembang
Forum ittutor kena deface lagi! Kali ni kena deface time maghrib lak. Apa nak jadi ni wei? dah takder kerje ke sekerip kiddie sekalian? time maghrib pi semayang la (kalau tak kapir). Jadah apa lak pi deface website perbincangan ilmu ni? Camna la Malaysia nak maju?
p/s: Di harap ittutor dapat bangkit online kembali secepat mungkin. Majulah IT di Malaya!
