Posted on June 28, 2008 by harrychanputra
(c) 2007 - Andres Tarasco (atarasco_at_gmail.com)
url: http://www.514.es
——————————————————
Fast Auth Scanner, is a new web security scanner that allows pen-test automatization against routers and other web-based devices that requires HTTP authentication.
This tool has the following features:
- scan: Fast scanning against a large number of systems, fingerprinting webservers
- protocols: Establish connections against http or https
- Authentication: bruteforce [...]
Filed under: Advisories | No Comments »
Posted on June 27, 2008 by harrychanputra
Attack ke Speedy Batam
telkomnet@GW-JKT-SM2> show services accounting flow-detail terse | match 125.162.x.x
udp(17) 85.25.26.55 0 125.162.92.116 0 284 382480
udp(17) 85.25.26.55 50279 125.162.x.x 1465 4 6000
udp(17) 85.25.26.55 50280 125.162.x.x 5611 4 6000
udp(17) 85.25.26.55 50296 125.162.x.x 4533 2 3000
Act : Block IP destination di PE-D2-ELK
Attack Alert : UDP Packet
Filed under: Advisories | No Comments »
Posted on June 25, 2008 by harrychanputra
PPP adapter speedy:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . [...]
Filed under: Advisories | 7 Comments »
Posted on June 9, 2008 by harrychanputra
Trojan-Downloader.VBS.Psyme.ap
Other versions: .ci, .cr, .cu, .cv, .dr, .du, .ee, .ef, .eh, .ei, .f, .fc, .gr, .gz, .hp, .hq, .ii, .ij, .ik, .im, .io, .ip, .iq, .ir, .jk, .js, .jt, .ju
Aliases
Trojan-Downloader.VBS.Psyme.ap (Kaspersky Lab) is also known as: VBS/Psyme (McAfee), Download.Trojan (Symantec), Trojan.MulDrop.1340 (Doctor Web), VBS_PSYME.AP (Trend Micro), VBS/Psyme (Grisoft)
Description added
May 27 2005
Behavior
TrojanDownloader
Technical details
This Trojan downloader exploits a vulnerability in Internet Explorer to launch other Trojan [...]
Filed under: Advisories, Berita, Security | No Comments »
Posted on June 6, 2008 by harrychanputra
To all staff echo. please check that web site
to ammar, dedi, irvan, hadad and all member staff.
regard
Filed under: Advisories, Berita, Security | No Comments »
Posted on June 6, 2008 by harrychanputra
i found some web site has been infected with vbs/psyme
example site
1. detik.com
i check with mcafee antivirus. and i found some javascript has been injected to the web script.
i mail that redaksi@staff.detik.com. my the detik crew get my mail and read so do action.
couse many pepole can be infected this vbs/psyme.
2. Jasakom.com
i has been send to information to that admin. to check that web site
3. Lyto.net and all games-online web site
rf-online has been infected. to that admin ilove this games please clean up u server from virus
4. Geocities.com
all netter on the worl be carefull .
regard
Filed under: Advisories, Berita, Security | No Comments »
Posted on May 21, 2008 by harrychanputra
NAT TABLE
NAT Translation Lists
=====================
NAT TCP Translation List
————————
# Wan Local Address Port Global Address Port Remote Address Port
1 3 192.168.1.2 4808 192.168.13.100 4808 116.12.40.87 [...]
Filed under: Advisories | No Comments »
Posted on March 15, 2008 by harrychanputra
Ada banyak faktor yang akan menyebabkan kecepatan menjadi pelan. Pada dasarnya ada empat (4) wilayah masalah yang menyebabkan masalah pada kecepatan, yaitu,
PC anda / network di LAN anda.
Jaringan di Telkom
Jaringan di ISP ke Internet
Jaringan di tujuan anda di Internet.
Gangguan di sisi Telkom biasanya terjadi jika tone telepon terdengar normal akan tetapi sambungan PPP pada ADSL [...]
Filed under: Advisories, Speedy, Virus | 2 Comments »
Posted on March 15, 2008 by harrychanputra
Belakangan ini sering terjadi serangan Distributed Denial of Service (DDOS) di jaringan ADSL Speedy. Serangan ini berbentuk banyak paket menuju modem ADSL kita tanpa kita minta. Bahasa “hacker”-nya teknik serangan ini di kenal sebagai “flooding“ atau banjir paket. Serangan ini sering datangnya dari negara lain, yang pernah terdeteksi dari Belgia dll.
[...]
Filed under: Advisories, Speedy, Virus | 3 Comments »
Posted on February 29, 2008 by harrychanputra
ada 3 titik putus di noding fo telkom :
1. Selat Sunda
2. Kalimantan - Sumatera
3. Kalimantan - Jawa
Eskalasi Gangguan di harapkan 6 jam.
regard
Filed under: Advisories | No Comments »
Posted on February 27, 2008 by harrychanputra
Ada artikel dari teman ketika di ketemukan sebuah penyebab aneh speedynya melambat di warnet pelanggannnya. kebetulan beliau support warnet tersebut. ini di sebabkan oleh Worm/virus dan familynya.
Hasil Capture trafik pada Router Mikrotik disebuah warnet yang make ADSL, disalah satu PC nya terinfeksi Worm. Lumayan bikin abis Bandwidth Local dan Internet, yang dapat di kategorikan jenis Internal [...]
Filed under: Advisories | No Comments »
Posted on February 4, 2008 by harrychanputra
Operation Data Upstream Downstream
Noise Margin 37 dB 26 dB
Attenuation 28 dB 33 dB
snr qulity melebih standart
PI/VCI 8/81
Encapsulation LLC
Protocol PPPoE
IP Address 125.162.90.197
Subnet Mask 255.255.255.255
Gateway 125.162.90.1
Primary DNS 203.130.193.74
Secondary DNS 202.134.0.155
Filed under: Advisories | No Comments »
Posted on January 30, 2008 by harrychanputra
\
Ping ke dns ada tanda aneh. ada apa kira?
statistic table route tidak kelaur apa2.
so kesimpulannya ada spyware apa virus
regard
Filed under: Advisories | 3 Comments »
Posted on January 7, 2008 by harrychanputra
> cat portsentry.history
1199380689 - 01/03/2008 17:18:09 Host: bob.esthost.eu/195.5.116.234 Port: 1080 TCP Blocked
1199381847 - 01/03/2008 17:37:27 Host: bin.esthost.eu/195.5.116.238 Port: 1080 TCP Blocked
1199383844 - 01/03/2008 18:10:44 Host: 122-116-112-161.HINET-IP.hinet.net/122.116.112.161 Port: 1080 TCP Blocked
1199394885 - 01/03/2008 21:14:45 Host: 122-118-96-124.dynamic.hinet.net/122.118.96.124 Port: 1080 TCP Blocked
1199402107 - 01/03/2008 23:15:07 Host: 80.subnet125-162-100.speedy.telkom.net.id/125.162.100.80 Port: 79 TCP Blocked
1199403908 - 01/03/2008 23:45:08 Host: swiftco.irc.proxy.monitor.dal.net/208.99.203.190 Port: 1080 [...]
Filed under: Advisories | 2 Comments »
Posted on January 5, 2008 by harrychanputra
Jan 3 04:17:35 router portsentry[336]: attackalert: Connect from host: bob.esthost.eu/195.5.116.234 to TCP port: 1080
Jan 3 04:17:35 router portsentry[336]: attackalert: Host 195.5.116.234 has been blocked via wrappers with string: “ALL: 195.5.116.234″
Jan 3 04:17:35 router portsentry[336]: attackalert: Host 195.5.116.234 has been blocked via dropped route using command: “route add -net 195.5.116.234 -netmask 255.255.255.255 127.0.0.1 -blackhole”
Jan 3 04:19:11 [...]
Filed under: Advisories, Berita | No Comments »
Posted on December 16, 2007 by harrychanputra
[ISP1]——-[GW1]—-\ [-------] |———[DMZ]
[ISP2]——-[GW2]——[Router ]——[SWITCH]
[ISP3]——-[GW3]—-/ [-------] |——–[CLIENT]
Filed under: Advisories | No Comments »
Posted on December 8, 2007 by harrychanputra
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\ctftmh>tracert yahoo.com
Tracing route to yahoo.com [216.109.112.135]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.0.1
2 1 ms <1 ms <1 ms 192.168.12.254
3 157 ms 266 ms 130 ms 1.subnet125-162-88.speedy.telkom.net.id [125.162
.88.1]
4 71 ms 84 ms 128 ms PE-BTM-HUAWEI.telkom.net.id [125.160.0.5]
[...]
Filed under: Advisories | 7 Comments »
Posted on December 8, 2007 by harrychanputra
http://www.leetupload.com/dbindex2/index.php?dir=Win32/0day/
Filed under: Advisories | Tagged: http://www.leetupload.com/dbindex2/index.php?dir=Win32/ | No Comments »
Posted on November 27, 2007 by harrychanputra
Index Protocol Local IP Local Port Pseudo IP Pseudo Port Peer IP Peer Port
21 TCP 192.168.10.2 445 125.162.85.117 445 125.162.58.111 4782
22 TCP 192.168.10.2 445 125.162.85.117 445 125.162.58.111 4794
23 TCP 192.168.10.12 1144 125.162.85.117 1144 72.233.2.56 80
24 TCP 192.168.10.12 1145 125.162.85.117 1145 72.233.2.88 80
25 TCP 192.168.10.12 1146 125.162.85.117 1146 72.233.2.88 80
26 TCP 192.168.10.12 1147 125.162.85.117 1147 60.254.131.94 [...]
Filed under: Advisories | No Comments »
Posted on November 26, 2007 by harrychanputra
TCP 192.168.1.104:1637 125.165.39.199:135 SYN_SENT
TCP 192.168.1.104:1638 125.162.129.127:135 SYN_SENT
TCP 192.168.1.104:1639 125.162.130.161:135 SYN_SENT
TCP 192.168.1.104:1640 125.162.38.197:135 SYN_SENT
TCP [...]
Filed under: Advisories | No Comments »
Posted on November 12, 2007 by harrychanputra
ADSL BER Test - Result
The ADSL BER test completed successfully.
Test Time (sec): 20
Total Transferred Bits: 0×0000000000694E00
Total Error Bits: 0×0000000000000000
Error Ratio: 0.00e+00
Filed under: Advisories | Tagged: ADSL BER Test - Result | No Comments »
Posted on November 12, 2007 by harrychanputra
Statistics — ADSL
Mode: ADSL2+
Line Coding: Trellis On
Status: No Defect
Link Power State: L0
Downstream Upstream
SNR Margin (dB): 33.4 42.0
Attenuation (dB): 28.5 10.3
Output Power (dBm): 0.1 10.3
Attainable Rate (Kbps): 7576 68
Rate (Kbps): 381 59
MSGc (number of bytes in overhead channel message): 64 14
B (number of bytes in Mux Data Frame): 11 1
M (number of Mux Data Frames [...]
Filed under: Advisories | No Comments »
Posted on November 12, 2007 by harrychanputra
System Log
Date/Time Facility Severity Message
Jan 1 00:00:15 syslog emerg BCM96345 started: BusyBox v1.00 (2006.03.28-06:09+0000)
Jan 1 00:00:15 user crit kernel: [...]
Filed under: Advisories | No Comments »
Posted on November 10, 2007 by harrychanputra
wew keren masih itu-itu juga.
Time: 11/10/2007, 11:31:58
Message: SYN Flood (per Min)
Source: 192.168.1.2, 1945
Destination:161.197.8.94, 445 (from PPPoE1 Outbound)
Time: 11/04/2007, 18:40:20
Message: SYN Flood (per Min)
Source: 192.168.1.2, 1715
Destination:170.28.23.42, 445 (from PPPoE1 Outbound)
Time: 11/04/2007, 18:41:12
Message: SYN Flood
Source: 125.162.88.19, 32793
Destination:125.160.6.254, 25 (from PPPoE1 Outbound)
Time: 11/04/2007, 18:41:18
Message: SYN Flood
Source: 192.168.1.2, 2441
Destination:126.115.100.172, 445 (from PPPoE1 Outbound)
Time: 11/04/2007, 18:57:49
Message: SYN Flood
Source: [...]
Filed under: Advisories | No Comments »
Posted on November 6, 2007 by harrychanputra
Alternatif dns
203.130.206.250
202.134.0.155
203.130.196.5
203.130.196.6
202.134.2.5
Filed under: Advisories | No Comments »
Posted on November 4, 2007 by harrychanputra
wah nambah kerjaan untuk mengaudit id bermasalah. wew. asik banyak masalah banya oprek2. begadang2
lagi. wew. aku senang begadang.
regard.
Filed under: About Me, Advisories, Berita | No Comments »
Posted on November 4, 2007 by harrychanputra
System Log
Date/Time Facility Severity Message
1st day 00:32:34 user alert klogd: Intrusion -> IN=ppp33 OUT= MAC= src=125.162.61.83 DST=125.162.86.135 LEN=48 TOS=0×00 PREC=0×00 TTL=127 ID=8554
DF PROTO=TCP SPT=3294 DPT=445 WINDOW=65520 RES=0×00 SYN URGP=0
1st day 00:20:44 user alert klogd: Intrusion -> IN=ppp33 OUT= MAC= src=208.99.203.190 DST=125.162.86.135 LEN=48 TOS=0×00 PREC=0×00 TTL=52 ID=1656
DF [...]
Filed under: About Me, Advisories | No Comments »
Posted on November 4, 2007 by harrychanputra
From: <harrychanputra@telkom.net>
Subject: Alert Message!!!
Date: Sun, 04 Nov 2007 20:56:25 +0700
To: harrychanputra@telkom.net
Dear User
Your router has detected and protected you against an attempt to gain access to your network. This may have been an attempted hacker intrusion, or perhaps just your Internet Service Provider doing routine network maintenance.
Most of these network probes are nothing to be worried [...]
Filed under: Advisories | No Comments »
Posted on November 4, 2007 by harrychanputra
Posted on November 4, 2007 by harrychanputra
Dear Rekan-rekan. Admin,
Sekedar informasi buat rekan-rekan yang pengen nambah uang saku atau jajannya. Nih ada ide aja jadi admin warnet yang gunain speedy. Speedy kan udah merajai Internetan Nasional. Dipikir-pikir bisa mengganggu peluang kerja kita. Gimana kalau speedynya di jadikan teman. konsumen speedy ditawari bikin router pc yang jago untuk koneksi internetannya.
Speedy itu bandwithnya berfluktuasi [...]
Filed under: Advisories, Berita | No Comments »
Posted on November 2, 2007 by harrychanputra
TCP 125.162.62.175:1235 125.162.4.52:445 TIME_WAIT
TCP 125.162.62.175:1476 125.162.63.67:445 TIME_WAIT
TCP 125.162.62.175:1495 125.162.1.126:445 TIME_WAIT
TCP 125.162.62.175:1502 125.162.63.67:445 [...]
Filed under: Advisories | 23 Comments »
Posted on October 31, 2007 by harrychanputra
Oct/31/2007 07:18:50
Drop TCP packet from WAN
125.162.61.57:3429
125.162.90.141:445
Rule: Default deny
Filed under: Advisories | No Comments »
Posted on October 20, 2007 by harrychanputra
Wew Lagi attacking
oct/20/2007 04:49:30
Drop TCP packet from WAN
125.162.90.69:3712
125.162.90.141:445
Rule: Default deny
Filed under: Advisories, Speedy | No Comments »
Posted on October 17, 2007 by harrychanputra
Warning: mysql_real_escape_string() expects parameter 2 to be resource, integer given in /home/jasakm/public_html/includes/db/mysql.php on line 83
Warning: mysql_real_escape_string() expects parameter 2 to be resource, integer given in /home/jasakm/public_html/includes/db/mysql.php on line 83
Warning: mysql_real_escape_string() expects parameter 2 to be resource, integer given in /home/jasakm/public_html/includes/db/mysql.php on line 83
Warning: mysql_real_escape_string() expects parameter 2 to be resource, integer given in /home/jasakm/public_html/includes/db/mysql.php on [...]
Filed under: About Me, Advisories | No Comments »
Posted on October 13, 2007 by harrychanputra
Banyak sekali pertanyaan yang masuk ke milis yang saya amati berulang-ulang dan pertanyaannya selalu sama yaitu bagaimana mendapatkan free account di RapidShare atau bagaimana cara download file yang di request (melalui FREE ACCOUNT) tanpa perlu menunggu counter time habis. Saya sarankan cukup gunakan akses FREE download dari RapidShare yang memang di sediakan gratis.
Memang sedikit mengesalkan [...]
Filed under: Advisories | No Comments »
Posted on October 11, 2007 by harrychanputra
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP [...]
Filed under: About Me, Advisories | No Comments »
Posted on October 7, 2007 by harrychanputra
quality network bagus
Statistics — ADSL
Mode: ADSL2+
Line Coding: Trellis On
Status: No Defect
Link Power State: L0
Downstream Upstream
SNR Margin (dB): 33.2 32.0 –> SNR Bagus
Attenuation (dB): 33.0 11.1 –> Tahanan Kecil
Output Power (dBm): 32.0 10.4
Attainable Rate (Kbps): 5248 68
Rate (Kbps): 381 59
MSGc (number of bytes in overhead channel message): 64 14
B (number of bytes in Mux Data [...]
Filed under: About Me, Advisories | Tagged: Statistics -- ADSL | No Comments »
Posted on October 4, 2007 by harrychanputra
kenapa speedy anda melambat ini salah satu jawabannya !!
System Log
Date/Time Facility Severity Message
Jan 1 04:07:23 user alert kernel: Intrusion -> IN=ppp_8_81_1 OUT= MAC= src=122.116.17.144 DST=125.162.87.79
LEN=40 TOS=0×00 PREC=0×00 TTL=113 ID=336 PROTO=TCP SPT=10391 DPT=1080 WINDOW=32 RES=0×00 SYN URGP=0
Jan 1 04:17:35 user alert kernel: Intrusion -> IN=ppp_8_81_1 [...]
Filed under: Advisories, Berita, Virus | 3 Comments »
Posted on October 2, 2007 by harrychanputra
fscan.exe –ports 80 –sslports 443,1433 –hosts ip range –threads 200
hati2 buat pengguna adsl speedy atau cbn. karena modem bisa di obok2.
regard
Filed under: Advisories | No Comments »
Posted on June 7, 2007 by harrychanputra
SecurityTracker Alert ID: 1006707
CVE Reference: CAN-2003-0243 (Links to External Site)
Updated: May 6 2003
Original Entry Date: May 6 2003
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Exploit Included: Yes Vendor Confirmed: Yes
Version(s): 4.3, 4.4
Description: Revin Aldi reported an input validation vulnerability in the Happymall e-commerce software. Two scripts allow remote users [...]
Filed under: Advisories, Security | No Comments »
Posted on June 7, 2007 by harrychanputra
SecurityTracker Alert ID: 1009569
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Mar 28 2004
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Exploit Included: Yes Vendor Confirmed: Yes
Version(s): prior to version 1.42
Description: Harris JeJENg reported in input validation vulnerability in psInclude. A remote user can execute arbitrary commands on the target system.
It [...]
Filed under: Advisories, Security | No Comments »
Bank Mandiri
KCP Indarung
Rek. 111 0000 454 7697
A/N : Harry Chan Putra
