Thursday, September 29, 2005

The Second Day of HITB

Today is the second day aka the last day as well, everything is cool, I have bought the HITB T-Shirt and now I have 3 in my collections[2003-2005].

I get to talk to Joanna about covert channel and from her point of view, as she is more in stealth tech stuffs, I can see that the way she defines covert channel is about making "things" invisible on the system itself, and tools like loki which tunneling through icmp is making sense because normally it won't show the port openned or closed since it is not based on that. If hacker want to use tcp or udp, he or she may modify the system kernel call to make it hiding the ports that been used for malicious purpose. However if you have IDS deployed in somewhere monitoring all the connections, you might still be able to locate the covert channel since your IDS is CLEAN :). So don't get your box to be DIRTY or NASTY.

The talk regarding Mobile device viruses is cool, it seems that nowaday people are so depends on the mobile device and this will be the next generation Main Target of virus and worms writers. Turn off your bluetooth :P

One of the presentation caught my eyes, Analyzing all that data by Dr. Jose Nazario. For me it is pretty cool, I'm not talking about fancy here. Cool in the ways that it makes analyzing process much more easier and bypassing the tricks of those spammer and phisher, at the same time you have FOCUS on the data you are looking for instead of defeated by those bad guys. Having Jose Nazario telling me that he will integrate the libdistance into flowgrep even makes me happy as I'm long time flowgrep user. I have talked to Dr. Jose Nazario, he is nice guy, and I learn a lot.

That's one sarcastic scenario of which when Red Cliff Director giving speech, he mispells the internet explorer as internet exploiter, everybody is laughing. Zone-H people are kind of funny as well as they make a lot of jokes over the conference, thumbs up for them.

Kudos to all the HITB crews to make this happen! See you guys next year.

Hopefully all the presentation slides will be available on the internet soon.

Wednesday, September 28, 2005

HITB Conference 2005

Today is the first day of HITB Conference, I can't say much about it as it is not ended yet, however this year seems not as crowded as last year, I'm not assured as I never count on it.

All the speakers are kinda cool as they are experts of their field and I have nothing to comment about it. But I heard that people was asking why there's no lunch even and only provide tea time, I'm fine with it but seems that they was thinking that taking lunch outside is kinda troublesome.

Anyway I came with 3 of my collegues and having fun in the conference, meeting Prabu, Filex, Alphaque, two guys from myoss meetup who never show up in irc junky talk channel and my friends as well. However I couldn't get to meet toxicle.

Finally I see Joanna, the girl I adore for so long, just kidding, actually I have been reading her blog site for quite sometimes as it is kinda impressive. She looks more cool than I can imagine :P.

Let's see what turns out for the second day of HITB Conf!

Sunday, September 25, 2005

- Non-Stop Testing Day -

Oops, I have been disconnected from streamyx, okay this time not the problem of TMnut, but rather problem of phone line, then we tried to call telekong to fix the problem and they said they will gonna charge over hundred Malaysia ringgit, isn't it sounds ridiculous as this is supposed to be under their responsibility and we need to pay for 'em'. No wonder they are getting big and rich.........argh.

Without internet connection, I started to test some stuffs :). Having Compaq laptop Presario X1000 in hand, I loaded up ubuntu CD and installed on top of it, everything goes smoothly and TADA......all devices working out of the box. If anyone want to buy a linux-compatible notebook, guess you can go for this one, however it is quite old model as you would only see them in refurbished store.

Then I tried to work on Fail Over Firewall setup, everything goes smoothly but I was kinda tiring and start to have symptoms of braindead ........ it's now 5 am morning, time to sleep ...zzzZZZZZzzzZZZZZ......................... stress testing TOMORROW !!!!!

Thursday, September 22, 2005

~FreeBSD Sguil Client~

I have tried to install sguil client using FreeBSD Sguil installation guide and it seems the itcl(incrtcl) part keeps giving me error when compiling from source. After all I decide to install itcl(incrtcl) from port as well as iwidgets, however sguil client giving me this error(segmentation fault) while I launch it. It seems the tclX that I installed using freebsd port causing the problem. Then I decide to install tclX from source and finally sguil client launching without problem. It's been a while to get it working and finally it does ...... below are the screenshots of how sguil client looks like in my FreeBSD workstation. For people who don't know what is sguil client, check this out.




Monday, September 19, 2005

Sunday is FREE day ......

I will be going to cyberjaya again, again the reason is still the same, Work Work! I just came back from cyberjaya on Saturday and need to go again on the coming Monday, so today - Sunday is my only free day, free = free time, free mind, free todo but no free beer, anyway hopefully all of myoss people enjoy life and stop geeking too much, you should spend sometimes to look around, maybe you will discover beautiful things that you have missed in your life ...... would love to see those children hanging around with tanglung ;-)

Thursday, September 15, 2005

FreeBSD Analyst Workstation

I'm now having fun with freebsd as I need to configure it as my freebsd workstation for my daily task. Hereby with my 2 screenshots of freebsd powered by fluxbox, can't imagine compiling gnome from ports in freebsd which killing my precious time.



Enjoy ......zzzZZZZzzzzZZZZZZZz

Thursday, September 08, 2005

Finally I'm back on track!

I have been busy after changing my job and now I'm finally back on track, I will start to write again to revive my half-dead blog. Everything seems more stable than previously and I should be able to blog more :)

My currently job now is more security focus and kind of challenge, however it's kind of pain while I enjoy it.

Recently I have came across a wonderful project called PFsense. This project is based on freebsd and using PF to do firewalling instead of using traditional ipfw, even it is in alpha stage, it is considered good enough to be my router to handle pppoe. You can find this project at

http://www.pfsense.com