Posted in InfoSec, tools on September 24, 2008 | No Comments »
After reading a news at detikinet.com mentioning about a phishing website, I try to access the site mentioned. Instead of getting the fake website, I was getting the following Reported Web Forgery message :
Luckily I am using Mozilla Firefox 3.0.
Oh before I forget, here is the Firefox 3.0 security setting (it’s a default [...]
Posted in events on August 20, 2008 | 2 Comments »
Yesterday, I gave a talk in KKI Security Night on DNS (in)security. The talk is mostly about the recent vulnerabilities in DNS discovered by Dan Kaminsky.
Here is the slide of the talk.
Posted in tools on March 5, 2008 | No Comments »
On Feb 12, 2008, TrueCrypt version 5.0a has been released. It has several fixes for the previous version, TrueCrypt 5.0. I don’t notice TrueCrypt latest release because I don’t check Internet regularly anymore.
Several features that I found very interesting in TrueCrypt version 5.0 are :
It has GUI for the Linux version
XTS mode of operations
Ability to [...]
Posted in tools on November 29, 2007 | No Comments »
Yesterday, my friend gave me a link to Fortress (http://www.steve.org.uk/Software/Fortress/).
Fortress is A simple script-based security scanner, using the LUA scripting engine for the writing of tests.
I then take a look at it and it’s quite interesting. Before I can play with it I have to install Lua first.
The Lua version provided by my distro is [...]
Posted in events on October 9, 2007 | No Comments »
On October 5, 2007, we at the Information Security Community (KKI) released a CD containing several portable computer applications. To be able to use the applications smoothly, you need to copy the content of the CD to a USB flash disk. We call this release “The Birth” aka version 1.0.0.
The ultimate reason we created this [...]
Posted in guides, tips on September 18, 2007 | 3 Comments »
Saya mengetahui akan adanya ujian CISSP di Jakarta dari seminar yang diselenggarakan oleh PT Unipro di sekitar bulan Juni 2007.
Setelah mengetahuinya, saya langsung mencari tahu bagaimana mendaftarnya. Akhirnya saya mendaftar ke PT ITPro sebagai penyelenggara ujian tersebut.
Proses pendaftaran relatif mudah, saya hanya perlu mendownload formulir pendaftaran dari site ISC lalu mengirimkannya ke PT ITPro. Untuk [...]
Posted in hacks, tools on March 26, 2007 | No Comments »
On March 19, 2007, TrueCrypt version 4.3 is released. There are many new features, improvements and bug fixes in this release, so I think it is the time to upgrade my installation.
I downloaded the TrueCrypt package, but they only provide for OpenSUSE 10.2 system. Last time I used the RPM version, it complained about kernel [...]
Posted in tools on March 26, 2007 | No Comments »
Researchers at Oxford have built an x86 emulator that runs purely on Java, making it ideal for security researchers who want to analyze and archive viruses, host honeypots and defend themselves against buggy or malicious software without hosing their machines. The JPC also emulates a host of other environments, giving technophiles the ability to play [...]
Posted in events on March 20, 2007 | No Comments »
Saya mengetahui informasi tentang “dibobolnya” situs Presiden SBY melalui sebuah televisi swasta pada hari Sabtu, 17 Maret 2007. Informasi tersebut saya peroleh dari newsline yang berjalan, dengan judul “Situs Presiden SBY di-hack”. Detik telah pula menurunkan berita ini dengan judul “Situs Presiden SBY Dibobol“.
Kemudian saya bertanya kepada beberapa orang rekan mengenai kebenaran berita ini, dan [...]
Posted in links on March 20, 2007 | No Comments »
There are now three RFCs regarding Intrusion Detection :
RFC 4765: The Intrusion Detection Message Exchange Format (IDMEF)
RFC 4766: Intrusion Detection Message Exchange Requirements
RFC 4767: The Intrusion Detection Exchange Protocol (IDXP)
