Sevgilerimle

Köksal ACİ

Now if I can just dig out a complete system from my closet at home I will be all set. . .

I predict that in 50 years, Windows could be a thing of the past.  Maybe even 25 years.  If Microsoft keeps following in the path they are taking now, who knows what kind of computer we will have to buy in five, ten, twenty years.  Are we going to need computing beasts, just to run a few simple word processing and internet browsing programs?  Are we going to lower our computing power standards?  I think not.  It has always been the goal of Linux and BSD based distrobutions to create an awesome user experience at no cost (with the exception of a few) and keep the resource use at a minimal level.  If we continue to use the Windows, all we will find is closed doors.  Linux is a clear box, and if we continue to develop it to perfection and for the use of our kids and future generations, we will live in a secure, safer, faster computing world.  Imagine how much money a company could save if they switched to, say, Fedora, and quit using Windows completely.  They could use slower machines for longer, have less need for newer machines less often, not have to pay hundreds of dollars for Office, Windows, Antivirus/Spyware, Firewalls, and other enterprise applications for each computer, but they would have free open source software that would cost $0.  That's it.  The software can be easily used, changed, and perfected to the exact needs of each department, or individual in the company.  Imagine the possibilities of a free, open source world.

2. Verify that the disk is present and there is nothing on it. Make note of the geometry, you will need the size of the disk in megabytes. It may vary slightly depending on drive brand and model.

# parted -s /dev/hdc print
Disk geometry for /dev/ide/host1/bus0/target0/lun0/disc: 0.000-78533.437 megabytes
Disk label type: msdos
Minor    Start       End     Type      Filesystem  Flags

3. Initialize the disk and create a partition.

# parted -s /dev/hdc mklabel msdos
# parted -s /dev/hdc mkpart primary ext2 0 78533.437

*** This last number needs to match the size of the drive in megabytes, as reported in Step 2 ***

4. You will need to reboot your server at this point to make sure the partition table is updated properly. If you do not, it is possible that the partition will disappear or be misaligned which will result in data loss.

5. After your server is rebooted, check the partition table and make sure your new partition is there and you do not receive any warnings from parted.

# parted -s /dev/hdc print
Disk geometry for /dev/ide/host1/bus0/target0/lun0/disc: 0.000-78533.437 megabytes
Disk label type: msdos
Minor    Start       End     Type      Filesystem  Flags
1          0.031  78528.669  primary

6. Now we can create a filesystem on our new partition.

# mke2fs -j /dev/hdc1

7. Create a mount point and add the new filesystem to the fstab so it is mounted automatically.

# mkdir /mnt/drive2
# echo "/dev/hdc1 /mnt/drive2 ext3 defaults 0 0" >> /etc/fstab

8. Mount your new filesystem and verify that it mounted correctly.

# mount /mnt/drive2
# mount
/dev/hdc1 on /mnt/drive2 type ext3 (rw)       <- make sure you see this line

First, let me give you an easy way: here is the link to the google chrome setup that you just run and it doesn't need to download anything.

Read on to find out how I discovered that...

If you download the ChromeSetup.exe and run it, in the end it will complain that it's unable to download the required files. After you get that message, go to your Event Viewer and look at "Application" events. You will see an Error event with the Source field set to "Google Update". In the message you will see the URL that it is trying to download. Now all you need to do is download that file somehow and run it. The self-contained setup, at the time of this writing, was around 7MB.

What is a Hub

A hub is a device that has several Ethernet ports on the back of the device. One of these ports will likely be labeled “Uplink”. This port allows you to connect multiple hubs together, if you run out of ports on your hub. If you do not have an uplink port on your hub, the hub cannot be easily extended if you run out of ports.

A hub is a device that attaches multiple computers on an Ethernet network. If you have a number different computers that you want to connect together, you could connect each to the hub. Any packet that is sent out by any computer on the network will immediately be transmitted to the other computers. Each computer will determine if the packet was really intended for it, and filter out packets that were intended for other computers.

You really should not use a hub in a modern home network. You should always use a switch in place of a hub. Switches will be discussed in the next section.

What is a Switch

A switch is a device that has several Ethernet ports on the back of the device. One of these ports will likely be labeled “Uplink”. This port allows you to connect multiple switches together, if you run out of ports on your switch. If you do not have an uplink port on your switch, the switch cannot be easily extended if you run out of ports.

A switch serves the same function as a hub. It allows you to connect multiple computers together, so that they can exchange packets. However, a switch is much more efficient than a hub. A switch will only send Ethernet packets to the computer that the packet was intended for. Because of this you should always use a switch in place of a hub.

What is a Router

A router is a device that has several Ethernet ports on the back of the device. One of the connectors will be labeled WAN. You should connect the WAN port to the Ethernet connection on a broadband source, such as a cable or DSL modem. The other ports on the router can be connected other computers or switches/hubs that will share the WAN connection.

Routers allow you to share your broadband connection with multiple computers in your house. Rather than connecting your computer directly into your cable or DSL modem you connect the router to the cable or DSL modem. Now any computer that you connect to the router will have access to the Internet.

If you run out of ports on your router you can always connect an additional switch to the router. To connect a switch to a router simply connects the switch’s "uplink" port to one of the routers Ethernet ports. Of course, don’t connect to the router’s WAN port. The WAN port should only be connected to something such as a cable or DSL router.

Some routers come with additional features installed. Most routers also include a firewall. Firewalls are discussed in the next section. Some routers will also include a wireless access point (WAP). The WAP allows you to use wireless devices, such as wireless laptops, with the Internet.

What is a Firewall

A firewall controls traffic flow between your network and the Internet. A firewall can be either hardware or software. Windows XP SP2 or higher includes a software firewall. A hardware firewall is included with most routers.

A firewall is a very good idea. It can protect you from inbound virus attempts. By inbound virus attempt I mean other computers that will connect to your computer and attempt to infect your computer. You do not want to run a computer directly connected to the Internet, without a firewall. There are just too many other computers out there that can connect and infect you without you even noticing.

What is a Network Attached Storage (NAS)

A network attached storage device is a device that allows a hard drive to be shared across the network. This hard drive is NOT attached to any of your computers. It is simply made available by the NAS. This can be a convent way to add a hard drive that can be accessed by several computers on your network. The other common way to add a network hard drive is to simply share a folder on one of your computers. However, with the NAS, you do not need to keep one of your computers on at all times.

There are two types of NAS commonly available. The first type comes with a build in hard drive. The second accepts a USB or Fire wire external hard drive. The advantage to using a USB or Fire wire hard drive is that you can upgrade the hard drive if it ever were to become too small.

What is a Print Server

Just like you can buy a device to allow you to share a hard drive, you can do the same with a printer. A print server connects directly to your printer. Your printer is then shared to all of your computers on the network. This is convent because you do not need to leave the printer hooked to a computer, which must be turned on to print.

Conclusions

As you can see there are many different components. Perhaps the final component that I ave yet to mention is the cable. These components are connected together with CAT5 Ethernet cable.

Highlights of the Cisco EOS/EOL annoucement -
End-of-Sale Date - July 28th, 2008
End of New Service Attachment Date - July 28th, 2009
End of Service Contract Renewal Date - October 23, 2012
Last Date of Support - July 27th, 2013

Migration Recommendations -
Cisco PIX Security Appliance customers are encouraged to migrate to Cisco ASA 5500 Series Adaptive Security Appliances. Built on the same software foundation as Cisco PIX Security Appliances, the Cisco ASA 5500 Series offers more robust firewall and IPsec VPN capabilities, as well as many additional benefits, including:

• Significantly better performance and scalability,
• Secure Sockets Layer (SSL) VPN support (including clientless, portal-based remote access),
• Advanced Unified Communications (voice/video) security
• A modular design that allows you to add features such as intrusion prevention (IPS), anti-virus, anti-spam, anti-phishing, and URL filtering

For more information about end-of-life, end-of-support, or migration parts for the Cisco PIX515E series, please visit Cisco's site at http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5709/ps2030/end_of_life_notice_for_the_Cisco_PIX_515E_Security_Appliance.html

For more information on the ASA 5500 Series Adaptive Security Applicances, check out http://www.cisco.com/en/US/products/ps6120/index.html.

Step one: is to configure the router that i have, seems it was leaking some services that it has (my fault though). I do not use the default firmware that came with the Linksys router i have, i use Tomato and i guess i didnt check erything as i should have, so check the settings and make sure they are as tight as you can make them, turn off any unused or un-required services and ports on the router first, as this is your first line of defense.

Step two: make sure there are no services running on the pc that you dont require, with most modern distros this can be done the admin or control panels (each distro has its own way of admining services - check the DOCS on your distro).

Step three: Last of all configure the firewall on the Linux PC itself, now as with most things all distros tend to handle this in their own way, so again you might have to check the DOCs of your distro to see how this is done. Most if not all use iptables, its just most use a gui to configure this, as its very powerful and if used incorrectly can block all traffic in and out of your pc. (as i found out when making up my script :p)

Here is the script i use, now im not going to say this is the greatest script in the world, but in combination with my router and the script itself, all web based scanners i have tried and nmap say that it cant find any services or open ports, so hopefuly im doing something right :)

#!/bin/bash
ext_if=eth0
int_if=eth1
iptables -F INPUT
iptables -P INPUT DROP
iptables -F OUTPUT
iptables -F FLUSH
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p udp -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
accept_port="21 80 443 2010 6300:6320"
names="some.dns.name1 some.dns.name2"
iptables -A INPUT -i $ext_if -j DROP
iptables -A INPUT -i $int_if -s 164.168.1.1/24 -j ACCEPT
iptables -A INPUT -i $ext_if -s 192.168.1.1/24 -j ACCEPT
for ip in $names
do
for port in $accept_ports
do
iptables -A INPUT -i $ext_if -s $ip --dport $ip --syn -m state --state NEW -j ACCEPT
done
done

OK so I'm not going to go through the above step by step as I'm not overly clear on it myself, yes i will admit i had help with the above, and i googled a lot, so it was pure luck really that it works :)

You will find explanations of what each function above does here i hope this helps you in some way :)

Some proof :p

root@carp-serv:/home/carpo# nmap -v -A xxx.xxx.xxx.xxx

Starting Nmap 4.60 ( http://nmap.org ) at 2008-09-02 22:52 BST
Initiating Ping Scan at 22:52
Scanning xxx.xxx.xxx.xxx. [2 ports]
Completed Ping Scan at 22:52, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 22:52
Completed Parallel DNS resolution of 1 host. at 22:52, 0.02s elapsed
Initiating SYN Stealth Scan at 22:52
Scanning xxx.xxx.xxx.xxx. (xxx.xxx.xxx.xxx.) [1715 ports]
Completed SYN Stealth Scan at 22:53, 36.78s elapsed (1715 total ports)
Initiating Service scan at 22:53
Initiating OS detection (try #1) against xxx.xxx.xxx.xxxx. (xxx.xxx.xxx.xxx.)
Retrying OS detection (try #2) against xxx.xxxx.xxx.xxx. (xxx.xxx.xxx.xxx.)
SCRIPT ENGINE: Initiating script scanning.
xxx.xxx.xxx.xxxx. (xxx.xxx.xxx.xxx.) appears to be up ... good.
All 1715 scanned ports on xxx.xxx.xxx.xxx. (xxx.xxx.xxx.xxx) are filtered
Too many fingerprints match this host to give specific OS details

Read data files from: /usr/share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 39.370 seconds
Raw packets sent: 3468 (155.704KB) | Rcvd: 5 (698B)

root@carp-serv:/home/carpo# nmap -T4 -A -p- xxx.xxx.xxx.xxx

Starting Nmap 4.60 ( http://nmap.org ) at 2008-09-02 23:14 BST
All 65535 scanned ports on xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) are filtered
Too many fingerprints match this host to give specific OS details

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1365.972 seconds

Features:

• Berjalan sebagai gateway... No clients to install!
• Mudah digunakan : Intuitive GUI, logging, reporting & automatic signature updates
• Bisa diinstalls pada standard Intel/AMD hardware

Highlights:

• Meliputi banyak perlindungan dari spyware, spam, viruses, hackers dan pencurian identitas. Untangle juga merupakan network security, web security, mail security & secure remote access.
• Meningkatkan kemampuan Block time-wasting websites & applications seperti MySpace, instant messenger, online games & gambling.
• Mudah digunakan karena menggunakan tampilan GUI yang sangat apik.

Hardware Requirements:

• Untangle Server membutuhkan PC yang berfungsi sebagai gateway pada jaringan.
• Tidak membutuhkan operating system, karena Untangle Server sudah merupakan operating system yang berdiri sendiri.
• Untangle Server software akan menghapus semua data yang ada pada PC hard drive, jadi jangan lupa untuk membackupnya terlebih dahulu.

Mas como tecnologia é evolução constante, e quem fica parado fica pra trás em uma velocidade impressionante, sempre procuro testar novidades. Foi assim com a implantação de um servidor de páginas e dois servidores DNSs para a loja. E uma palavra a muito vinha me chamando a atenção, ela é "appliance".

Mas o que é uma appliance?

Appliance - é um equipamento ou programa, com uma função específica. Ou seja, é como você criar um equipamento de rede para ele trabalhar como "guarda" da sua rede, ou então pegar um programa como o Linux, que tem uso genérico, podendo ser adaptado a várias funções e limitá-lo a certas funções, para com isso ganhar em produtividade, performance e facilidade de configuração.

Tenho testado algumas que realmente são uma grata surpresa, pois tornam o nosso trabalho como SysAdmin muito mais prático. Existem muitas appliances comerciais, mas a grande maioria disponibiliza pelo menos uma versão free ou open-source, mesmo que com alguma limitação. A limitação pode ser do suporte, ou até de algumas funções implementadas na versão comercial. Mas na grande maioria das vezes, a ver~soa open-source dá conta do recado.

E qual a vantagem de usar uma appliance em detrimento de uma versão completa do Linux? Já comentei acima, mas são três as grandes vantagens que podemos listar:

• facilidade de configuração - normalmente as appliances possuem uma interface de configuração facilidata e com tudo centralizado. Portanto, se você quiser fazer um servidor de firewall/proxy, não vai ter que mexer em 5, 10, 20 arquivos diferente. Basta apontar seu Mozilla Firefox para o endereço e a porta recomendada no manual de instalação, ajustar o computador para a suas necessidade.
• performance - como esses programas ou equipamentos normalmente fazem funções dedicadas, eles são menos maleáveis, mas também tem menos "gordura". Se você quer um appliance para controlar a rede, não precisar instalar um servidor de arquivos por exemplo. Se quer uma máquina apenas para ser web server, e já possue um firewall na rede, para que novamente configurar no servidor web. E essa é a filosofia, tirar o excesso para fazer mais e melhor com menos equipamento.
• produtividade - antigamente, vamos supor que para implementar um servidor de firewall e proxy eu levava 8 horas. Da instalação do sistema até a atualização dos componentes e posterior configuração e adequação ao cenário do cliente. Agora eu posso fazer o mesmo serviço em quatro horas! Pois como ele normalmente é específico para aquilo, e a administração é centralizada, tudo fica mais fácil.
• testar antes de usar - algo que muitos fabricantes de appliances fazem, é disponibilizar um demo online, ou mesmo empacotar uma máquina virtual, seja via R-Path ou VMWare, para que os usuários possam baixar, testar e conhecer os produtos.

E quais são os contras?

Como todas as coisas nesse mundo, usar appliances também possue contras. Acredito que o mais relevante é o fato de muitas vezes você ficar "engessado" pelo formato do appliance. Com um servidor squid, você pode definir redes, horários, endereços, domínios, usuários, etc... ele é muito flexível para ser configurado. Já com a appliance, essa cofigurações muitas vezes são abandonadas, em prol de uma interface mais limpa e fácil de usar. Além disso, quando a appliance possue as funções desejadas, pode acontecer de haver algumas restrições no uso delas. Algo que não acontece quando você configura tudo na unha.

Mas agora vamos ao que interessa. Vamos listas apenas algumas appliances de uma lista realmente variada que existe hoje. Essas são as minhas preferidas! Se você quiser ver mais appliances visite o site da VMWare Appliances e o R-Path Appliances.

• Mikrotik - a MikroTikls foi fundada na Latvia em 1995 para criar sistemas para provedores wireless. Com uma experiência tão grande, e acostumada com ambientes hostis, eles criaram o RouterOS. Pense nessa plataforma como uma plataforma derivada do Linux/Unix, mas com um console totalmente diferente do que você está acostumado. É uma appliance completa para redes, podendo atuar desde routeadores, hotspot wireless, balanceamento de links, controle de tráfego, firewall, proxy web e socks, autenticados radius e etc. A grande vantagem do software Mikrotik, é a total customização para absolutamente toda necessidade de rede. Mas isto tem o custo da complexidade. Para facilitar, eles criaram um programa para windows chamado Winbox, para controle do programa, o The Dude, para monitoramento de redes, e vendem também as Routerboards, sistemas prontos para rede com o software deles embarcados. Realmente recomendo este programa/equipamento par aquem mexe com rede cabeadas e principalmente wireless.
• E-Box - appliance de segurança de rede. Também tem tudo que você quer para trabalhar com redes de forma integrada. Um diferença em relação aos outros pacotes, é que ela pode ser instalada sobre uma versão padrão de Linux, como o Ubuntu por exemplo. Com isso você tem todas as facilidades de uma interface de administração única, mas pode fazer um pequeno tunning na plataforma. Além disso, com isso o acesso aos arquivos de configuração e portanto o entendimento da plataforma crescem sobremaneira. Ótima opção se você que fazer controle de banda dos micros da rede, já que usa o CBQ.
• Endian - appliance de segurança da rede. Incorpora a administração dos serviços de rede, como firewall, tem um sevidor dns/dhcp integrado (dnsmasq), proxy (squid), controle de conteúdo (dansguardian), ids (snort), controle de banda (htb), controle de tráfego (ntop) e monitoramento de tráfego (mrtg-rrdtool), antivirus (clamav) e protetor contra spam (spam blocker). Apesar de algumas limitações de configuração é uma appliance ótima. E para ser sincero, nunca vi o Dansguardian funcionando tão rápido!
• Untangle - outra appliance de seguração de rede. Também tem todos as ferramentas necessárias que você precisa para ter uma rede segura. Adiminstração completamente centralizada, e um aplicativo muito bacana que simula um rack. Para acrescentar ou retirar funções, você acrescenta ou retirar "equipamentos" desse rack. Só achei a interface um pouco demorada.
• Free-NAS - appliance de storage. Se você tem necessidade de compartilhar espaço para armazenamento de forma segura e prática, essa é a dica.
• Zimbra - pacote de colaboração comprado pelo Yahoo. A maior vantagem de se optar por um pacote desse tipo, é a facilidade de instalação de instalação e manutenção. Servidores de emails são chatos e difíceis para implementação. Com esses pacotes você tem uma plataforma estável, integrada e segura para seus colaborados. Particularmente o pacote da Zimbra é muito bacana, mas tem um pequeno problema de performace por trabalhar em Java.
• Scalix - uma compania do grupo XandrOS. É uma plataforma de colaboração online, com agenda, mensagem e email integrados. Se você procura por uma plataforma de comunicação integrada, deve seriamente pensar nesta plataforma.

Headerbutton  Bypass restrictive firewalls and filtering web proxys. Itulah kata-kata yang menjadi motto dari Your Freedom.Apa sih YF itu ??

Are you trapped behind a firewall or a filtering web proxy and cannot access some or many web pages or use an application you would like to use or play a game you would like to play? Is your Internet connection being censored and you would like to stick censorship where the sun doesn't shine? Would you prefer to stay anonymous, that your IP address is not logged with every access to someone's web page? Then look no further, you've found the solution!

The Your Freedom services makes accessible what is unaccessible to you, and it hides your network address from those who don't need to know. Just download our client application and install or just run it on your PC; it turns your own PC into an uncensored, anonymous web proxy and an uncensored, anonymous SOCKS proxy that your applications can use, and if that's not enough it can even get you connected to the Internet just as if you were using an unrestricted DSL or cable connection -- just like the firewall suddenly went boom! You can even make your PC accessible from the Internet if you like. Nearly all applications work with Your Freedom, and so far no-one has managed to block our service completely and permanently without blocking your Internet access entirely.

Every day, more than 10,000 people in over 140 countries use our service, some because their government would rather not have them exercise their human rights, some because their school or university feels they are not mature enough to decide for themselves whether playing the odd game interferes with their studies or not, others because they don't want traceable IP addresses in every logfile. There are probably as many good reasons to use Your Freedom as there are restrictive firewalls in the world!

Your first step to an unrestricted Internet access is to register on this web page -- all you need to provide is a contactable email address and a username and a password, nothing else is required. Then download the client application (available for Windows, Mac OS X, Linux and everything else that can run Java apps) and run it -- the wizard will guide you though configuring it properly. Then configure your applicationstransparent OpenVPN mode. to use your own PC as web or SOCKS proxy or use our

HEADERBUTTON WHAT DOES IT COST

A rudimentary service is available for free. It will provide a bit more bandwidth than a modem connection and up to six hours of usage per day (up to 18 hours per week), and will probably be enough for all casual users -- it's certainly enough to visit blocked web pages and join chats, and if it suits your needs you are welcome to use it as much as you like.

For those who want more, upgrade packages are available. Please check out our Packages page for details. There are also upgrade vouchers available for those who don't want time based packages. Your bought packages and vouchers keep this service alive!

HEADERBUTTON PLAY MANY ONLINE GAME TROUGHT WEB PROXIES

HEADERBUTTON HOW TO USE OPENVPN MODE

It's simple, and since many people don't figure out how to do it or where it is documented, we've decided to tell you on the front page. So once you've set up the Your Freedom client (and the configuration wizard congratulates you that now all is fine), be sure you read how to use OpenVPN mode, because it will magically solve most if not all of your problems, and you don't have to reconfigure any applications.

HEADERBUTTON SPAM

Our domain names (your-freedom.net, resolution.de, some others as well) are frequently being used to make email SPAM appear to originate from us. Rest assured that we do not SPAM the net. We detest SPAM as much as virtually everyone else, and it is not possible to propagate SPAM through our service in substantial amounts. If you have reason to believe that someone sent SPAM through our system, please notify us at abuse@your-freedom.net immediately -- we will certainly take care of it!

PENDAFTARAN ACCOUNT

Click Account akan ada pilihan AVAILABLES PACKAGES yaitu FREE, BASIC, ENHANCED, TOTAL. Kita jelas pilih yang Free :-)

	Free	Basic	Enhanced	Total
Bandwidth	64 kbit/s	256 kbit/s	4 Mbit/s	unlimited
Concurrent Streams	10	50	100	200
Web Proxy
Socks Proxy
OpenVPN mode
Link encryption
HTTP connection
HTTPS connection
CGI connection
FTP connection
UDP connection
Relaying permitted
Connection time	6 hours*	unlimited	unlimited	unlimited
Server Ports				(5)
1 month package	free	€ 4.00	€ 10.00	€ 19.99
3 month package	free	€ 10.00	€ 28.00	€ 57.99
6 month package	free	€ 17.00	€ 50.00	€ 109.99
12 month package	free	€ 30.00	€ 95.00	€ 199.99

Untuk daftar baru, click First visit? Click here to register untuk masuk ke USER REGISTRATION.

Masukkan USERNAME, PASSWORD, EMAIL ADDRESS dan FIRST NAME, LAST NAME, ADDRESS, CITY, ZIP CODE, COUNTRY, TELEPONE. Click SUBMIT. Tinggu balasan di Email yang anda isi tadi untuk Activation.

Selesai... Tinggal kita mengaplikasikannya untuk apa....

DOWNLOAD dan INSTALL

YF membutuhkan Java 6 atau lebih baru untuk running-nya. Dari pada install berulang-ulang, download saja yang type Windows installer
Install..... Running ....

isi Proxy Address Internet Connection... Jika sukses akan muncul tulisan hijau seperti ini...

Pilih Protokol.... Pencarian Your Freedom Server... Pilih Salah satu... Isi Username yang telah terdaftar...

Pen-setting-an selesai .... Simpan dan Keluar....

Mulai Start Connection ....  Tunggu sampaiseperti tampilan kanan bawah ini....

Dikarenakan kita menggunakan user free Pagkages, maka tiap satu jam connection akan terputus dan jika ingin melanjuttan tinggal click start connection lagi. Dan akan muncul isian seperti dibawah ini

Untuk penerapan YF di XL silahkan ke Internet PRO-XL, YF & cFos

Spyware Nuker XT

If you have Spyware Nuker 2004 or Spyware Nuker 2005 already installed you are eligible for a FREE upgrade. To upgrade your version of Spyware Nuker to Spyware Nuker XT you should download and execute the update file through your current Spyware Nuker version (Start Spyware Nuker 2005, go to Advanced Option, click on 'Check Now' button and click 'Yes' when prompted for update).

Here is an overview of the exciting new features we have included:

Improved and easier-to-use interface.
Active Protection which tracks execution of every program in the system and notifies you if a program being started is a potential threat.
SpyShield to help identify new threats.
IBLOGFAntegrated support form to streamline technical support requests.
INAC Startup Manager to assist you with managing applications that run with Windows.

Spyware Nuker XT includes a streamlined and easier-to-user interface. Commonly used scan options are now present on the first screen rather than buried in the Options dialog, the scan results are easier to manage, and an easy-to-read HTML scan report is available.

Active Protection
The most significant new feature of Spyware Nuker XT is Active Protection. This feature tracks execution of every program in the system at the kernel-level, the lowest level possible, and notifies you if a program being started is a potential threat. If a threat is detected, Spyware Nuker XT with Active Protection will pop up a message offering an option to prevent suspicious from running or to allow it to run. This is a critical method of protection and prevents your system from even becoming infected by spyware or adware.

SpyShield
The creators of malicious applications employ ever changing methods to infect computers and to thwart detection and removal. Spyware Nuker XT users can play an important role in staying one step ahead of a new adware and spyware by voluntarily participating in 'SpyShield'. Users that join SpyShield help identify new threats by submitting anonymous scan results. Review of this data directly results in improvements to the Spyware Nuker XT database signatures which in turn helps to better protect all of Spyware Nuker XT users.

Once you install Spyware Nuker XT the software will ask you if you want to join the SpyShield. The software performance will not suffer either way, but all of the Spyware Nuker XT users will benefit from every single SpyShield member.

Integrated support form
Included in Spyware Nuker XT is an integrated support form available from the Help menu. This streamlines submitting support requests, particularly for those users experiencing unresolved threats. Fill out the simple form, opt to submit a diagnostic log (default), and submit and one of our technical support agents should contact you quickly.

INAC Startup Manager
This optional tool provides an easy-to-use method of viewing and controlling which applications start with Windows.

Size : 7.10 MB

Download Spyware Nuker XT v4.9.02.1815

Here are the steps involved in moving your large database to a new server easily.

1. First you will have to download your old mySQL database to your local computer. This can be done via phpMyAdmin using the Export function.
2. Download the dumper from BigDump website, and unzip it to your local computer, using Winzip or any other unzip tool.

3. Create a new folder named e.g. “dump” on your new web server, and change its permissions to chmod 777. (Do change it back to default when you’re don’t with importing database.)
4. Open the unzipped file bigdump.php in a text editor like notepad, and adjust the database setting, i.e. database name, username, password.
5. Upload bigdump.php along with the dump file (downloaded from old server) to the new server under the directory we just created named “dump”

6. Now open the bigdump.php file by using a browser, i.e. Firefox, Internet Explorer, using address something like http://www.yourwebsite.com/dump/bigdump.php
7. Select the appropriate options and start the process, then wait for the process to finish, do not close your browser, if you do so, then you will have incomplete database on your new server. As the dump file is present on the server it will take less than a minute to complete the process, if the dump file is, consider 40 MB.
8. You must remove your dump (MySQL) file and the bigdump.php file from your server, also delete the dump folder, or change its permissions back to default.

2. Down load the chkrootkit.
Type: wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

3. Unpack the chkrootkit you just downloaded.
Type: tar xvzf chkrootkit.tar.gz

4. Change to new directory
Type: cd chkrootkit*

5. Compile chkrootkit
Type: make sense

6. Run chkrootkit
Type: ./chkrootkit

If it says "Checking `bindshell'... INFECTED (PORTS: 465)"
This is normal and it is NOT really a virus.

¿Sabes que es un virus, como afecta tu sistema?
¿Conoces como actúa un Spyware, o que daños puede causarte?

Estas preguntas nos hicimos nosotros y decidimos investigar para traerte estas y muchas mas respuestas.

En el centro de seguridad encontrarás todo lo necesario para que tu PC este sana... si no me crees ingresa a la noticia y date una vuelta por el Centro de Seguridad Informática . LEER MAS >> ]]> http://n0ir.wordpress.com/?p=560 Thu, 28 Aug 2008 16:58:16 +0000 n0ir http://n0ir.wordpress.com/?p=560 Beaucoup de personnes se demandent comment faire pour empêcher un programme d'accéder à internet sans devoir passer par des solutions payantes ou gratuites comme les logiciels ZoneAlarm, Outpost et cie. Je me suis encore penché sur la question suite à la connexion systématique de Photoshop pour m'installer de multiples trucs dont je n'ai pas envie. Sachant qu'un logiciel comme celui-ci coûte assez cher, je pense pouvoir dire que celui-ci est souvent installé de manière illégale pour un usage personnel.

Oui parce que nous savons tous que le piratage est une solution c'est mal. Pour combler le fait de ne pas devoir télécharger et configurer un autre software qui va en plus me prendre des ressources mémoires ou encore me faire la gueule parce qu'il ne veut pas faire ce que je lui demande, j'ai peaufiné mes recherches sur la façon de pouvoir enfin gérer le trafic entrant ET sortant du pare-feu de Windows Vista. Après tout, il est déjà intégré au système alors pourquoi se faire chier avec un autre si ce n'est pour protéger des données supra-méga-giga important en provenance de la maison blanche des US.

Jusqu'à présent, je ne connaissais (comme beaucoup d'autres personnes) que la fonction basique du firewall situé dans le centre de sécurité (panneau de configuration). Mais voilà, il n'y a pas tout ce que l'on veut empêcher de sortir et entrer ! Quelle surprise lorsque j'ai enfin découvert les fonctions avancées de sécurité.

C'est un peu comme si vous découvriez la cave à momo. Bien sûr, je suis l'un des pigeons à ne pas avoir vu l'option depuis plus de 2 ans maintenant... Mais mieux vaut tard que jamais !

Voilà pourquoi, Mesdames et Messieurs (oui, j'ai trop regardé Bigard ces temps-ci), avec toute votre attention, je vais me permettre de vous faire découvrir LE pare-feu de Windows Vista (pour les autres sous XP, bah vous n'avez qu'à passer sous Vista, point).

Première étape

Accéder au menu démarrer. Vous pouvez vous y rendre dans le panneau de configuration mais on va utiliser la fonction très pratique de Vista.

Taper "pare-feu" dans la case recherche et vous obtiendrez tout au dessus, les fonctions avancées du firewall.

Deuxième étape

Nous y voilà. Le menu des fonctions avancées. Le menu à gauche est celui qui nous intéresse le plus. Vous pouvez voir et lire Règles de trafic sortant. Cliquez dessus (Faites de même pour le frafic entrant pour un logiciel comme photoshop).

A droite, comme vous pouvez le constater, vous avez un menu avec le bouton Nouvelle règle. Cliquez et c'est alors qu'apparaît une nouvelle fenêtre.

Troisième et dernière étape

Choisissez l'option Programme et faites suivant.

C'est là qu'arrive le moment de choisir le programme que vous souhaitez tyranniser en l'obligeant à ne pas transmettre de données à l'extérieur de votre système. Un petit clique sur Ce chemin d'accès au programme et il ne vous restera qu'à cliquer sur parcourir pour aller chercher le fichier .exe en question.

Maintenant, vu que c'est l'intérêt du tutorial en question, il vous faut cliquer sur Bloquer la connexion. Oui parce que sinon je ne vois pas trop à quoi a pu servir tout ce que j'ai écrit plus haut.

Ici, bah à vous de voir ce que vous voulez vraiment... Dans mon exemple, je n'ai pas chipoter, j'ai tout coché.

Dernière étapes, vous indiquez un nom à votre règle histoire de vous y retrouver dans la liste. Cliquez sur terminer.

Résultat

Astuce découvert sur le site 01net mais, très abrégé. J'espère que celui-ci permettra de vous faire changer d'avis sur le pare-feu de Windows Vista.

With all that said, I am on the mainland. It's pretty crazy. We left Hong Kong yesterday afternoon after saying all our goodbyes and made our way towards the border at Shenzhen. It was a relatively pleasant trip up here, especially compared to the other fellows who had overnight train rides on hard sleepers ahead of them. We basically hopped on a commuter train that took us from Shenzhen to Guangzhou in a little over an hour.

Celia, one of the other fellows here at Zhongda, and myself came up last night. Hanna and Alexa, the other two fellows, are due to arrive tomorrow evening. It's great to finally be up here, but I am so impatient and there is so much that I want to do in order to get settled in. But I feel linguistically impotent because my Mandarin is so inadequate and Celia is practically fluent. Thankfully, she has been kind enough to accompany me as I take care of the basics like buying a mobile phone and joining a gym. It looks like we are going to have an extra week to plan our classes since my work visa will not be coming before next week at the earliest. That means we will begin teaching the 8th of September.It's actually really nice to have the extra week because we still need to figure out a course syllabus and we want to make sure it is as well developed as can be before we go into the classroom.

As for Guangzhou, it's chaos, but definitely not like I remember it from ten years ago. Zhongda, short for Zhongshan Daxue or Sun Yat-sen University, is located south of the Pearl River and it is a beautiful campus. Once I figure out this firewall, I will post some pictures. It's very green and feels like a self-contained village amid the mayhem that is Guangzhou. We have a great three bedroom, two bath apartment and we are going to make some improvements to make it more homey this year. I'm definitely excited about the campus, the apartment, and most of all, just exploring the city. Of course I have already seen my share of signs with incorrect English and I will be sure to post some of the more amusing ones in the future.

Therefore, it is an absolute necessity to have some form of firewall to keep you protected.

Normally software is the way to go, although not always the best option as some packages can literally drain every last bit of resource from your PC.

So wouldn’t it fantastic if you could control the safety of your computer on the Net without it killing your computer in the process?

Thanks to the wonderful Yoggie Pico Personal Firewall this is now more than possible.

The USB device is a mini computer in its own right running Linux software – its sole aim is to protect your PC from the nasties online.

I first saw this device on The Gadget Show and was completely blown away with its power without it requiring hours of clicking on yes/no boxes.

Taking the unit out of the box, I installed the supplied software and plugged the device into a spare USB 2.0 slot. The entire process took no longer than 10 minutes.

From that moment onwards, anything and everything that wants to connect to the outside Internet world has to go through the Pico…and it takes no prisoners!

A word of warning though, once you’ve set a user name and password – DON’T FORGET IT.

I did and it caused me all sorts of problems and I more or less had to reinstall my entire operating system – but it was my own fault and nothing to do with the Pico.

Your user name and passwords gives you access to the Pico’s security central – the place where you need to be to monitor what is going on and how you would like to configure the unit to allow or deny programs or connections.

I have to say that I have become more than a fan of this device as it is so easy to use and because it doesn’t steal any CPU cycles, it runs my oldest 512mb laptop with no problem.

I used to have a software solution and at times, I could barely run Notepad without having to wait ages to click on something – it was more than frustrating.

As I only really use the laptop for web browsing, the Pico is the perfect accompaniment for providing support for the following:

• Anti-spam
• Anti-phishing
• Antispyware
• Antivirus
• Parent control system
• Transparent email proxies (POP3; SMTP)
• Transparent web proxies (HTTP; FTP)
• Intrusion detection system
• Intrusion prevention system
• Firewall
• Adaptive security policy

You access the settings for the Pico via a web interface with a few colourful dials and 3D charts.

To the purist tech-bods there may not be enough control here to delve heavily into the Pico backbone, but to someone who just wants protection it is perfect. It also allows easy access to the Yoggie’s log files.

Putting the Yoggie through it’s paces, I ran a series of tests and I have to say it performed very well and kept its cool…well the unit became a little warm, but no more so than say being on a mobile phone for 10 minutes.

The light on the unit blinks away letting you know that it’s protecting your every move – very impressive.

If there’s one little request I could make to Yoggie headquarters it would be to include the software installation in the unit itself, then you take the unit with you, plug it into any PC and be safe in the knowledge that you’re protected.

The Yoggie Pico is an excellent piece of kit and is something that all PC users should have in their arsenal against the nasties on the net.

For more information check out www.yoggie.com

Die Äuglein hinter dem Schnauzbart fast gänzlich verborgen grinst er breit, als ich ihn nach Zugang zu seinem Netz frage. Das tut nämlich so, als wäre es da, lässt einen aber dank Reverse-Proxies weder ins Internet noch sonst wohin. Was doof ist, weil ich ohne Internet nicht viel machen kann. Wegen der Präsentation einer Software im Internet bin ich aber eingeladen worden.

"Tjaaaa. Zu welcher Abteilung gehören´s denn?", fragt der Schnauzbart.
"Zu gar keiner. Ich bin hier zu Gast."
"Und welches Laptop wollen´s da benutzen?"
"Meins."
"Uiii. Da hen´s bestimmt a Externes."
"Wenn Sie damit meinen das es meins ist: ja."
Der Schnauzbart zuckt. "Na, des geht nicht."

Ohje. Hier haben wir es offensichtlich mit einem "Ursus Rechenzentriis" zu tun. Einem IT-Bären, der in den 70ern noch mit Begeisterung Lochkarten gestanzt hat und jetzt der Pension entgegedöst. Der überhaupt keinen Bock darauf hat, irgendwas zu tun, geschweige denn, "Externe" in "sein Netz" zu lassen.

"Wir sind in einem Schulungsraum. Kann ich den dortigen Dozentenrechner benutzen um ins Netz zu kommen?"
"Na, des geht nicht."

Oh, noch schlimmer: einer von der Sorte, die an Ihre Rechner und Netze NIEMANDEN lassen. Wegen der Sicherheit. Ist klar. Nutzer sind immer unsicher. Keine Nutzer bedeutet für den Rechenzentrumsbären Risikominimierung.

Darauf habe ich gerade gar keinen Bock.
"Hören Sie, ich bin um fünf Uhr aufgestanden, habe eine grauenvolle sechstündige Zugfahrt hinter und in 30 Minuten die Live-Demo einer Internetsoftware vor mir. Wenn ich jetzt nicht irgendwie Internetzugang auf IRGENDEINEM Rechner bekomme, setze ich mich jetzt wieder in den Zug zurück gen Heimat, und Sie erklären Frau $Oberboss wieso die heißerwartete Präsentation nicht stattfindet."

Das erzeugt ein Absinken der Mundwinkel und ein leichtes Zittern des Schnauzers. Offensichtlich hat der Bär Angst vor zierlichen Frauen in teuren Kostümen und Manolo Blahniks an den Füßen. Er greift zum Telefon um sich Rückendeckung herbeizutelefonieren.

"Chef, da will einer in unser Netz." Joa, ein Externer. Der hat auch ein externes Notebook dabei. Joa. Joa. Moment, Ich frag ihn".
Er bedeckt die Sprechmuschel mit einer Pranke, lupft die Augenbrauen und fragt: "Was haben´s denn für einen Virenscanner drauf?"
Ich starre ihn an. Was will der?
"Es handelt sich um einen Mac."
Er reagiert nicht und sieht mich weiter erwartungsvoll an, die Augenbrauen verharren in luftigen Höhen.
"Von A-p-p-l-e" sage ich ganz langsam.
Die Augenbrauen kriechen die Stirn noch ein wenig höher hinauf. Dann fragt er in einem Tonfall, den die meisten Menschen für Konversationen mit kleinen Kinder reservieren: "Und-welchen-Virenscanner-benutzen-Sie-denn-wohl?"
"KEINEN, verdammt noch mal! Einem Apple sind Windows-Viren EGAL, und ich habe nicht vor in Ihrem Netz zu mailen! Ich brauche nur einen verdammten Browser!"

Der Bär hat sich aber schon wieder dem Telefon zugewandt. "Chef, der hat nicht mal nen Virenscanner. Joa. Joa. Moment, ich frag ihn." Er dreht sich wieder zu mir. "Wie-schützen-Sie-sich?"
"WTF? Wird das jetzt intim oder was?"
"Haben-Sie-eine-Firewall?"
"Natürlich!"
"Ist die auch an?"
"Wollen Sie mich veralbern?"

"Firewall hat er. Joa. Joa. Ich frag ihn, Moment."
"Grrrrrrh"
" Was geht denn da durch, durch diese "Firewall" auf Ihrem MacApple?"
"DER. BROWSER. UND DEN BRAUCHE ICH. JETZT!"
"Ah. Na, sobald Port 80 offen ist, ist alles offen, nicht wahr? Chef, keinen Virenscanner und Firewall offen wie Scheunentor. Joa. Joa. Ich sag´s ihm"

Er legt auf und guckt mich an.
"Des wird nix mit ihrem externen Laptop in unserem Netz."
"Dann geben Sie mir Eines von ihren. Ich brauche nur einen Browser."
"Ach, ist auf ihrem Externem keiner drauf?"
"UND INTERNETZUGANG!"
"Aber nicht mit ihrem externen Dingsda! Das ist unsicher!"
"Los, geben Sie mir eins von ihren Notebooks! Irgendeines! Hauptsache Browser und Internet!"
"Na, des geht so einfach nicht, Sie sind ja ein Externer. Notebooks dürfen nur Leute aus der Abteilung haben. Wenn ich ihnen eins gebe, brauchen´s eh noch eine Kennung, und die müssen Sie erst beantragen mit dem Formular da, aber das ist auch nur für Leute aus der Firma..."

Mir rauscht das Blut in den Ohren. Die Sicht wird unscharf, die Hände krampfen an der Tischkante. Ich bin kurz davor in einen Blutrausch zu verfallen, zum Berserker zu werden und dem alten Bären die Eier abzureißen, als mich plötzlich jemand am Ärmel zupft. "Kommen Sie bitte hierher", nuschelt der Praktikant und zieht mich aus dem Raum. Plötzlich rauscht mit hoher Geschwindigkeit und klappernden Absätzen etwas an uns vorbei, gefolgt von der dezenten Note eines sehr teuren Parfums. Aus den Augenwinkeln meine ich, ein schwarzes Burberry-Kostüm zu erkennen. Die Tür zur Höhle des Rechenzentrumsbären fällt zu. Ganz kurz wird es drinnen laut, danach sehr still.

Zwei Minuten später wird mir von einem dienstbeflissenen, jungen Mitarbeiter ein Notebook aufgebaut, der Internetanschluss konfiguriert und ein Kaffee gebracht. Präsentation und Livedemo sind erste Sahne, die Leute begeistert.

Sollte Morgen in den Zeitungen von einem furchtbaren Gewaltverbrechen mitten in Basel berichtet werden, bei dem ein IT-Angestellter zu Tode gekommen ist, weil ein ein/-e unbekannte/-r Täter/-in ihm die Hoden mit Stilletto-Absätzen perforiert und ihn danach gezwungen hat, den eigenen Schnäuzer zu essen, an dem er qualvoll erstickte - nun, jede Story hat ihre Hintergründe.

So I am asking myself, how come we are still spending so much money – estimated to be $5B/year - on 15 years old firewalls? What makes us avoid innovative technologies? And why is it that we do not demand innovation from our firewall vendors?

Actually, these questions are somewhat easy to answer. Why are we still buying firewalls? Because everybody knows they need a firewall and there is no better alternative – or is there? Why are we avoiding innovative technologies? Because we are tired of the appliance fatigue caused by the number of appliances we need to buy, install, manage and support to achieve our network security goals. And why aren’t we demanding more innovation from our firewall vendors? Because we know they cannot innovate -they are big and slow and they haven’t read the Innovator Dilemma. Which basically means that they believe that if they pump R&D money into innovating their stock price will be punished…

So what do we do? As we all need firewalls and none of us want to purchase additional security appliances, my conclusion is; network security innovation must be in the firewall. And the Innovator Dilemma leads to me conclude that a new firewall will come from small and innovative companies. Not from our existing firewall vendors…

More on that later…

Nir.