Sunday, September 2nd, 2007

Daily Archive

September 2, 2007

Hari yang buruk ndez

Posted by antoxz under Other
[3] Comments 

Njancuki tenan iks, dua hari selalu seneng – seneng, eh setelah dua hari di yogya malah terjadi hal – hal yang tidak diinginkan. Kisah nyata seorang antoxz tanggal 1 – 2 September 2007, begini ceritanya ndez..

Selesai nyuci motor di salah satu cucian motor tidak terkenal sama sekali di yogyakarta, eh ternyata karbu motorku ke isi air juga. APA KATA DUNIA motor habis di cuci bersih mesti masuk bengkel dan bercampur lagi dengan oli hiks hiks. Total biaya cuci motor Rp. 14 rb, – sial too?? Hmmm, mungkin bener saya mesti nyuci diri sendiri dulu baru nyuciin motor atau memang motor saya sama joroknya dengan yang punya (gag mau di mandiin gitu….)

Terus pagi – pagi di yahoo sudah banyak yang bazz buzz saja, di hape sudah ada message received “Aooo bangunnnnnn….”. Berhubung males sekali saya cuma bilang mau mandilah mau pergilah de el el. Akhirnya saya ajak temenQu ke Bungo Palo makan tanpa mandi dulu, itu juga sudah jam 10.30 rada panas. Sesampainya di Bungo Palo ada tanda – tanda bensin motor saya habis, tapi mana peduli aQu makan de pakek rendang Bungo Palo di akhiri sebatang A mild. Keluar dari Bungo Palo hal yang di impikan terjadi bensin motorQu habis SIALLLL APA KATA DUNIA…!!!. Dari laper, makan kenyang, terpaksa deh laper lagi . Panas – panas jam 11.30 akhirnya dorong motor sekitar 500 Meter dari Bungo Palo sampe pom jakal deket ring road utara hiks hiks.

Jam 13.00 baru deh aku mandi pagi qe3x berhubung ada janji ituww…., Tapi APA KATA DUNIA selesai mandi di hape nongol “new message received intinya janji batal” . Woalah, eduunnnnn sial kali hari ini. Hmmmm, memang ada kalanya kita di atas dan ada kalanya kita di bawah, itu uda suratan takdir ndes diterima saja dengan sabar yaaa……

TAMAT (kalo ga tamat nanti sial lagi..!!!)

 

September 2, 2007

Someone Learns Remote Exploit

Posted by antoxz under Informatics
Leave a Comment 

It has been for a long time, i don’t see an attacker using remote exploit to attack my server. Ussually, many attacker use web application programming flaw such as SQL injection, Remote File Inclussion and XSS. I found a shellcode x86 on my snort logz. For a notice this snort is installed on my own server and not on a gateway.

[**] [1:648:8] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
08/30-09:56:51.720999 202.46.129.23:873 -> xxx.xxx.xxx.xxx:42742
TCP TTL:57 TOS:0x0 ID:5898 IpLen:20 DgmLen:1476 DF
***A**** Seq: 0x8B948072 Ack: 0x3F0B0E6C Win: 0x5FD TcpLen: 32
TCP Options (3) => NOP NOP TS: 29658221 951688730
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:8] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
08/30-09:56:56.714053 202.46.129.23:873 -> xxx.xxx.xxx.xxx:42742
TCP TTL:57 TOS:0x0 ID:8299 IpLen:20 DgmLen:1476 DF
***A**** Seq: 0x8BC72C32 Ack: 0x3F0B0E6C Win: 0x5FD TcpLen: 32
TCP Options (3) => NOP NOP TS: 29659470 951693188
[Xref => http://www.whitehats.com/info/IDS181]

host 202.46.129.23
23.129.46.202.in-addr.arpa domain name pointer ares.its.ac.id.

six months ago,
host 167.205.22.101
101.22.205.167.in-addr.arpa domain name pointer maxwell.ITB.ac.id
etc..

A nice try guys, but seems my firewall dropping your connection. Security of this server is in moderate category. Someone who installs this server doesn’t know security as well as me. I just hope this mirror server is usable for you. Be a paranoid is good but giving a nice service is better. Btw, i support you learning IT security.