I found this when wandering around the Internet, and think it's good to share out for packet monkeys, this is very good reference document for anyone who want to learn about point-to-point protocol, very straightforward indeed -
http://www.eit.lth.se/ppplab/PPPdocs/ppp-quick-ref.pdf
Check it out if you are interested.
Friday, April 25, 2014
Wednesday, April 23, 2014
Argus 3: Debug & Testing
If you are testing argus 3, the best way is always compile argus source with debug mode on -
Argus -
shell>tar xvzf argus-3.0.5.tar.gz
shell>cd argus-3.0.7.5
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Argus Clients -
shell>tar xvzf argus-clients-3.0.7.25.tar.gz
shell>cd argus-clients-3.0.7.25
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argusc-3.0.7.25
shell>sudo make && make install
If argus or its client suite fails to run or behaves wrongly, you can just run them with -D 1-5 depending on the debug information you want. I'm just writing this as note to myself and hopefully it helps others who are using argus as well.
Cheers ;]
Argus -
shell>tar xvzf argus-3.0.5.tar.gz
shell>cd argus-3.0.7.5
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Argus Clients -
shell>tar xvzf argus-clients-3.0.7.25.tar.gz
shell>cd argus-clients-3.0.7.25
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argusc-3.0.7.25
shell>sudo make && make install
If argus or its client suite fails to run or behaves wrongly, you can just run them with -D 1-5 depending on the debug information you want. I'm just writing this as note to myself and hopefully it helps others who are using argus as well.
Cheers ;]
Sunday, April 20, 2014
Ubuntu Linux: Argus 3 Installation
If you want to test the latest version of argus with all the features enabled on Ubuntu Linux, here's the fastest way, just follow the steps below -
I use stow to manage argus source -
shell>sudo apt-get install stow
shell>mkdir /usr/local/stow
Install mysql server -
shell>sudo apt-get install mysql-server
Install software dependencies for argus clients -
shell>sudo apt-get install flex bison libpcap-dev libmysqlclient-dev libncurses5-dev libreadline-dev libgeoip-dev libpcre3-dev
Now download argus and its client suite -
shell>wget http://qosient.com/argus/dev/argus-3.0.7.5.tar.gz
shell>wget http://qosient.com/argus/dev/argus-clients-3.0.7.23.tar.gz
Install argus -
shell>tar xvzf argus-3.0.7.5.tar.gz
shell>cd argus-3.0.7.5
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Install argus client -
shell>tar xvzf argus-clients-3.0.7.23.tar.gz
shell>cd argus-clients-3.0.7.23
shell>./configure --with-libpcre --prefix=/usr/local/stow/argusc-3.0.7.23
shell>sudo make && make install
Now you can use stow to link them to default PATH(/usr/local/sbin and /usr/local/bin) so that you don't need to define full path when running argus -
shell>cd /usr/local/stow
shell>sudo stow argus-3.0.7.5
shell>sudo stow argusc-3.0.7.23
Done and you can start testing argus for fun!
I use stow to manage argus source -
shell>sudo apt-get install stow
shell>mkdir /usr/local/stow
Install mysql server -
shell>sudo apt-get install mysql-server
Install software dependencies for argus clients -
shell>sudo apt-get install flex bison libpcap-dev libmysqlclient-dev libncurses5-dev libreadline-dev libgeoip-dev libpcre3-dev
Now download argus and its client suite -
shell>wget http://qosient.com/argus/dev/argus-3.0.7.5.tar.gz
shell>wget http://qosient.com/argus/dev/argus-clients-3.0.7.23.tar.gz
Install argus -
shell>tar xvzf argus-3.0.7.5.tar.gz
shell>cd argus-3.0.7.5
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Install argus client -
shell>tar xvzf argus-clients-3.0.7.23.tar.gz
shell>cd argus-clients-3.0.7.23
shell>./configure --with-libpcre --prefix=/usr/local/stow/argusc-3.0.7.23
shell>sudo make && make install
Now you can use stow to link them to default PATH(/usr/local/sbin and /usr/local/bin) so that you don't need to define full path when running argus -
shell>cd /usr/local/stow
shell>sudo stow argus-3.0.7.5
shell>sudo stow argusc-3.0.7.23
Done and you can start testing argus for fun!
Tuesday, April 08, 2014
Kali/Backbox Linux: Alfa AWUS036H
After migrating from Backtrack to Kali Linux, I encountered problem with WLAN cracking using Alfa awus036h wireless adapter. The initial probem was
shell>airodump-ng wlan0
ioctl(SIOCSIWMODE) failed: Device or resource busy
ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
sure RFMON is enabled: run 'airmon-ng start wlan0 <#>'
Sysfs injection support was not found either.
So it states that I should run airmon-ng -
shell>airmon-ng start wlan0
airmon-ng start wlan0
Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
2625 dhclient
2722 NetworkManager
2971 wpa_supplicant
Interface Chipset Driver
mon0 Realtek RTL8187L rtl8187 - [phy0]
wlan0 Realtek RTL8187L rtl8187 - [phy0]
(monitor mode enabled on mon0)
We used to be able to run airodump-ng on wlan0 if we are using Backtrack, however it's not the case here, what you need to do is running airodump-ng on mon0 pseudo interface instead -
shell>airodump-ng mon0
Now everything looks good, however there's minor bug that shows the channel -1, to get everything running smoothly without the error, I run the following command instead -
shell>airodump-ng --ignore-negative-one mon0
Now you can perform the wlan cracking routine(aireplay-ng,aircrack-ng to do packet injection and cracking), but remember to run the aircrack-ng suite with argument --ignore-negative-one and everything will be fine.
Cheers (;])
p/s: If you are using another Linux distribution - Backbox, the same applies to it as well.
shell>airodump-ng wlan0
ioctl(SIOCSIWMODE) failed: Device or resource busy
ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
sure RFMON is enabled: run 'airmon-ng start wlan0 <#>'
Sysfs injection support was not found either.
So it states that I should run airmon-ng -
shell>airmon-ng start wlan0
airmon-ng start wlan0
Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
2625 dhclient
2722 NetworkManager
2971 wpa_supplicant
Interface Chipset Driver
mon0 Realtek RTL8187L rtl8187 - [phy0]
wlan0 Realtek RTL8187L rtl8187 - [phy0]
(monitor mode enabled on mon0)
We used to be able to run airodump-ng on wlan0 if we are using Backtrack, however it's not the case here, what you need to do is running airodump-ng on mon0 pseudo interface instead -
shell>airodump-ng mon0
Now everything looks good, however there's minor bug that shows the channel -1, to get everything running smoothly without the error, I run the following command instead -
shell>airodump-ng --ignore-negative-one mon0
Now you can perform the wlan cracking routine(aireplay-ng,aircrack-ng to do packet injection and cracking), but remember to run the aircrack-ng suite with argument --ignore-negative-one and everything will be fine.
Cheers (;])
p/s: If you are using another Linux distribution - Backbox, the same applies to it as well.
Sunday, March 02, 2014
Interesting Rootkit: Uroburos
My friend ebf0 has shared with me this interesting analysis report from GData Security Lab, you can find the report here -
https://public.gdatasoftware.com/Web/Content/INT/Blog/2014/02_2014/documents/GData_Uroburos_RedPaper_EN_v1.pdf
To understand why the name "Uroburos", we should refer to
http://en.wikipedia.org/wiki/Ouroboros
Doesn't matter it comes from which party, we all know Intel gathering is always there, by the time we know it it seems late by miles. Internet security community needs to work harder together to uncover them as soon as possible.
Cheers (;])
https://public.gdatasoftware.com/Web/Content/INT/Blog/2014/02_2014/documents/GData_Uroburos_RedPaper_EN_v1.pdf
To understand why the name "Uroburos", we should refer to
http://en.wikipedia.org/wiki/Ouroboros
Doesn't matter it comes from which party, we all know Intel gathering is always there, by the time we know it it seems late by miles. Internet security community needs to work harder together to uncover them as soon as possible.
Cheers (;])
Monday, February 24, 2014
The Practice Of Network Security Monitoring
Year 2014 will most probably be a refreshing year to myself, everything is like new all over again and what should I do next is important.
NSM has been big part of my career and I'm back to the root, and I would like to discuss/share anything regarding this huge topic. The first thing I would most probably do is to grab the book that is written by my friend - Richard, The Practice Of NSM. Thank you for your effort to write this book, it is really tough to stay focused and finished a book especially for a busy person like you.
Second thing to do would be reviewing the new version of existing tools, and also new tools that kick in without me noticing - Netsniff-ng, Snort, Suricata, Bro-ids, Argus, NetworkMiner, SIFT and many more, you name it.
Third thing to do is sharing, to share what I have found and learned, in the world of IT security.
NSM has been big part of my career and I'm back to the root, and I would like to discuss/share anything regarding this huge topic. The first thing I would most probably do is to grab the book that is written by my friend - Richard, The Practice Of NSM. Thank you for your effort to write this book, it is really tough to stay focused and finished a book especially for a busy person like you.
Second thing to do would be reviewing the new version of existing tools, and also new tools that kick in without me noticing - Netsniff-ng, Snort, Suricata, Bro-ids, Argus, NetworkMiner, SIFT and many more, you name it.
Third thing to do is sharing, to share what I have found and learned, in the world of IT security.
Monday, August 12, 2013
Port Span: Packet duplication
I have stumbled across this issue multiple times lately, especially if you are trying to span multiple source ports, and there are couple of solutions worth to look at -
http://blogs.cisco.com/security/span-packet-duplication-problem-and-solution/
http://myoss.belgoline.com/despan
I think the packet duplication issue should be eliminated using hardware based solution(built-in), where the switch itself able to eliminate it, while it may add the workload to the network switch, it makes real time monitoring more accurate and possible especially tools such snort/bro are not going to identify duplicate packets.
http://blogs.cisco.com/security/span-packet-duplication-problem-and-solution/
http://myoss.belgoline.com/despan
I think the packet duplication issue should be eliminated using hardware based solution(built-in), where the switch itself able to eliminate it, while it may add the workload to the network switch, it makes real time monitoring more accurate and possible especially tools such snort/bro are not going to identify duplicate packets.
Sunday, July 15, 2012
HeX 3: On the way
We are in the development of HeX 3, this is for real. HeX 3 will be based on FreeBSD 9 and we are looking to create more FreeBSD ports for network security tools. Most of existing tools are compiled successfully in FreeBSD 9, we will provide two platforms this time, either i386 or x64.
We would like to list down all the new network security tools that are going to be included in HeX 3, currently I have 3 in mind -
- NetworkMiner
- Prads
- PassiveDNS
- Pcapfix
Thanks to Erik(NetworkMiner developer) for sending the installation guide to me, that saves my works ;)
Here's the screenshot of NetworkMiner running on upcoming HeX 3 -
If you are aware of any network security tools(especially for packet analysis) and would like us to add it to HeX 3, kindly let me know.
Cheers (;])
We would like to list down all the new network security tools that are going to be included in HeX 3, currently I have 3 in mind -
- NetworkMiner
- Prads
- PassiveDNS
- Pcapfix
Thanks to Erik(NetworkMiner developer) for sending the installation guide to me, that saves my works ;)
Here's the screenshot of NetworkMiner running on upcoming HeX 3 -
If you are aware of any network security tools(especially for packet analysis) and would like us to add it to HeX 3, kindly let me know.
Cheers (;])
Thursday, July 12, 2012
FreeBSD: Netmap
High speed network, big data technology are related terms, they are developed to meet the challenge of application demand today. We always see a lot of works for Linux regarding high speed network(10G and up) but not so much on BSD side. I reported FreeBSD ringmap in my previous blog post, Robert Watson has also implemented zero copy bpf buffers for FreeBSD. And thanks to the friends in #snort-gui, I just found netmap that is going to be part of FreeBSD 10, it seems promising to me and thanks Luigi and his team for the effort to improve the performance of network stack.
Right now there's nothing much we can do to test netmap, however if you want to try it out, you can basically download the images from the netmap website and play around with them, or install FreeBSD Current using the snapshot image which you can find here - http://pub.allbsd.org/FreeBSD-snapshots/
Here are few steps I did after FreeBSD current is installed -
shell>cd /usr/src/sys/modules/netmap
shell>make
shell>kldload ./netmap.ko
shell>kldstat
shell>ls -la /dev/netmap
shell>dmesg
Everything is there but you need to play around with them, so download -
http://info.iet.unipi.it/~luigi/netmap/20120608-netmap.tgz
After untar it, you can start play around with the pkt-gen and other binaries provided in there. Currently netmap is still under development and testing, hopefully when it reaches stable stage, we will be able to see a lot of network security monitoring tools ported to work with netmap since it will be in native FreeBSD system. For most of the detail stuffs, do check out the presentation slide and other information in netmap website.
Cheers ;]
Right now there's nothing much we can do to test netmap, however if you want to try it out, you can basically download the images from the netmap website and play around with them, or install FreeBSD Current using the snapshot image which you can find here - http://pub.allbsd.org/FreeBSD-snapshots/
Here are few steps I did after FreeBSD current is installed -
shell>cd /usr/src/sys/modules/netmap
shell>make
shell>kldload ./netmap.ko
shell>kldstat
shell>ls -la /dev/netmap
shell>dmesg
Everything is there but you need to play around with them, so download -
http://info.iet.unipi.it/~luigi/netmap/20120608-netmap.tgz
After untar it, you can start play around with the pkt-gen and other binaries provided in there. Currently netmap is still under development and testing, hopefully when it reaches stable stage, we will be able to see a lot of network security monitoring tools ported to work with netmap since it will be in native FreeBSD system. For most of the detail stuffs, do check out the presentation slide and other information in netmap website.
Cheers ;]
Flocon 2012: Argus Training Slide
If you are looking for detail information about latest argus development and offering, look no further -
http://www.qosient.com/argus/presentations/Argus.FloCon.2012.Tutorial.pdf
The slide is made by Carter and it contains a lot of information for state of the art flow analysis tool - argus. Though a long time argus user, I still learn something new from the slide.
Cheers (;])
http://www.qosient.com/argus/presentations/Argus.FloCon.2012.Tutorial.pdf
The slide is made by Carter and it contains a lot of information for state of the art flow analysis tool - argus. Though a long time argus user, I still learn something new from the slide.
Cheers (;])
Thursday, June 21, 2012
Inter VM NSM
Cloud is everywhere now, and I have been playing with OpenVSwitch for a while, it looks like a critical solution to provide network security monitoring to virtualization technology. If you want to know more about OpenVSwitch, information can be found in the website below -
http://openvswitch.org
The OpenVSwitch is not just a virtual switch, it offers many network traffic monitoring features such as span, rspan, netflow and sflow, I have tried out many features in OpenVSwitch and they are useful depending on your monitoring need.
Traditional network traffic monitoring is not going to help here, you can't simply deploy a network tap or port mirroring to monitor the traffic in the cloud server farms, of course you can still monitor when the virtual machines are talking to outside world, however you can't really see the conversation between virtual machines. For example, when vm1 performs network scanning on other virtual machines in the same cloud server.
More thoughts need to be put into cloud network security monitoring since it becomes a trend and widely used in enterprise world, I have encountered couple of times where performing forensics operation is much harder in the cloud.
OpenVSwitch seems to be promising, hopefully with the inclusion of OpenVSwitch in Linux 3.3 kernel, it will become more popular and widely used.
http://blog.sflow.com/2012/03/linux-33-released.html
Cheers ;]
http://openvswitch.org
The OpenVSwitch is not just a virtual switch, it offers many network traffic monitoring features such as span, rspan, netflow and sflow, I have tried out many features in OpenVSwitch and they are useful depending on your monitoring need.
Traditional network traffic monitoring is not going to help here, you can't simply deploy a network tap or port mirroring to monitor the traffic in the cloud server farms, of course you can still monitor when the virtual machines are talking to outside world, however you can't really see the conversation between virtual machines. For example, when vm1 performs network scanning on other virtual machines in the same cloud server.
More thoughts need to be put into cloud network security monitoring since it becomes a trend and widely used in enterprise world, I have encountered couple of times where performing forensics operation is much harder in the cloud.
OpenVSwitch seems to be promising, hopefully with the inclusion of OpenVSwitch in Linux 3.3 kernel, it will become more popular and widely used.
http://blog.sflow.com/2012/03/linux-33-released.html
Cheers ;]
Saturday, January 14, 2012
FreeBSD 9.0 Release is OUT!
If you haven't noticed yet, FreeBSD 9.0 Release is out, grab it while it is still hot. The announcement can be found at
http://www.freebsd.org/releases/9.0R/announce.html
You can check out the release note at -
http://www.freebsd.org/releases/9.0R/relnotes.html
I'm glad to see the driver improvement for network adapters especially intel based cards, and the netgraph ng_netflow supports NetFlow V9 export. Another interesting feature is usbdump which can be used to dump packets over usb controller. As always ipfw is improved in almost every FreeBSD release just like pf in OpenBSD. The FreeBSD team has also made a lot of improvement on file system wise. Finally we see new installer for FreeBSD ;)
With FreeBSD 9.0 Release is officially out, time to work on HeX 3!
Cheers ;]
http://www.freebsd.org/releases/9.0R/announce.html
You can check out the release note at -
http://www.freebsd.org/releases/9.0R/relnotes.html
I'm glad to see the driver improvement for network adapters especially intel based cards, and the netgraph ng_netflow supports NetFlow V9 export. Another interesting feature is usbdump which can be used to dump packets over usb controller. As always ipfw is improved in almost every FreeBSD release just like pf in OpenBSD. The FreeBSD team has also made a lot of improvement on file system wise. Finally we see new installer for FreeBSD ;)
With FreeBSD 9.0 Release is officially out, time to work on HeX 3!
Cheers ;]
Wednesday, January 11, 2012
Argus 3: Some hardly used scripts
There are couple of perl scripts come with argus 3 to process argus data, in case you haven't used them, do try them out, I will just show the result generated by those scripts -
shell>perl ./raips -r ~/pcap-repo/anubis.arg3
187.45.196.28
187.45.241.156
192.168.0.1
192.168.0.2
Raips will generate all unique IP addresses that are seen in the argus data.
shell>perl ./rahosts -r ~/pcap-repo/anubis.arg3
192.168.0.2: (3) 187.45.196.28, 187.45.241.156, 192.168.0.1
Rahosts will generate host report, and telling you the hosts that initiate network connection(transmitter) and also destination hosts that are probed(receiver), you may get an array of IP addresses in the same network if it is network scanning or worm outbreak activity.
shell>perl ./raports -r ~/pcap-repo/anubis.arg3
187.45.241.156 tcp: (1) 80
192.168.0.1 udp: (1) 53
187.45.196.28 tcp: (1) 1433
Raports will generate the port report, however only on server side, which means those ports that are probed by any host.
If you are not satisfied with the result generated by those scripts, you are free to modify them to fit your needs, basically Carter is just demonstrating what you can do with argus data using some scripting capabilities.
Cheers (;])
shell>perl ./raips -r ~/pcap-repo/anubis.arg3
187.45.196.28
187.45.241.156
192.168.0.1
192.168.0.2
Raips will generate all unique IP addresses that are seen in the argus data.
shell>perl ./rahosts -r ~/pcap-repo/anubis.arg3
192.168.0.2: (3) 187.45.196.28, 187.45.241.156, 192.168.0.1
Rahosts will generate host report, and telling you the hosts that initiate network connection(transmitter) and also destination hosts that are probed(receiver), you may get an array of IP addresses in the same network if it is network scanning or worm outbreak activity.
shell>perl ./raports -r ~/pcap-repo/anubis.arg3
187.45.241.156 tcp: (1) 80
192.168.0.1 udp: (1) 53
187.45.196.28 tcp: (1) 1433
Raports will generate the port report, however only on server side, which means those ports that are probed by any host.
If you are not satisfied with the result generated by those scripts, you are free to modify them to fit your needs, basically Carter is just demonstrating what you can do with argus data using some scripting capabilities.
Cheers (;])
Large Scale Pcap Analysis
It seems that the storage is not much an issue when comes to packet capture anymore, looking at terabytes become general everywhere, and many network analysis tools seem to gear toward large scale pcap data analysis, bro-ids has extended their functionality by using tons of community hardware and timemachine to capture and analyze network data, and now I just come to read about people in RIPE NCC are doing this using apache hadoop -
https://labs.ripe.net/Members/wnagele/large-scale-pcap-data-analysis-using-apache-hadoop
As we know as well, pcapr is also making use of cloud technology to share and analyze pcap data for internet community.
Enjoy ;]
https://labs.ripe.net/Members/wnagele/large-scale-pcap-data-analysis-using-apache-hadoop
As we know as well, pcapr is also making use of cloud technology to share and analyze pcap data for internet community.
Enjoy ;]
Monday, January 09, 2012
Picviz on Windows
I never know that someone has actually ported picviz to Windows OS platform for a while until I'm working on picviz stuffs and googling some information, you can find here if you are interested -
http://berise.blogspot.com/2011/01/picviz-for-win32-port.html
Open source really opens up many unknown possibilities ...
Cheers ;]
http://berise.blogspot.com/2011/01/picviz-for-win32-port.html
Open source really opens up many unknown possibilities ...
Cheers ;]
Sunday, December 18, 2011
Digital Forensics Tools For Linux
If you are using Fedora Linux Distro to perform Forensics works, you may want to look into this -
http://www.cert.org/forensics/tools/
CERT also provides vmware forensics appliance where you find at the link above.
Enjoy ;]
http://www.cert.org/forensics/tools/
CERT also provides vmware forensics appliance where you find at the link above.
Enjoy ;]
Friday, December 16, 2011
High Tech Fix For "Nokia N900: All telephony functions are disabled" issue
Last week, my Nokia N900 phone suddenly popped up with the message -
All telephony functions, including emergency calls, are disabled due to communication error. To recover, you might have to reboot the device
You will see something like a sim card icon on the top panel when this message appears.
Awesome, it seems I couldn't make or receive call after this message is shown, I rebooted my phone and it works again ... until this week, the phone is dead, I can't use it as a phone but small tablet. Maybe I should try google to see if there's any solution and here's what I have found -
Basically the solution is to claim the warranty and Nokia replaces a new one for you, what if you are out of warranty, just someone like me? Nokia has no answer for that, thank you Nokia ;)
I was thinking "Sim card icon and communication error", maybe it is sim card slot issue? I don't know, but here's what I try -
0. Switch off N900
1. Open up N900 case at the back(battery part)
2. Take out battery
3. Take out sim card from the slot, clean it
4. Put the sim card back to the slot
5. Tighten the slot
6. Take the toilet paper, yes I say toilet paper because it was on my desk when I was trying to fix this
7. Try to tear the toilet paper and make it thicker by layering them
8. Make the toilet paper slightly same size(square) as the sim card slot
9. Put the toilet paper on top of the sim card slot and push in a bit
10. Put back your battery and press it little hard, the toilet paper will be underneath
11. Close the case
12. Switch on your phone
The phone works automagically, don't ask me why, it's really high tech fix if you ever encounter this issue.
Have fun with N900 again, by the way no fun since not much apps for it(Thank you Nokia), BUT it works as PHONE again!
Cheers ;]
p/s: By the way let me know if this solves your problem, I would like to hear about it!
Friday, December 09, 2011
Time to Kill Bill
For all Malaysia IT people, do read this and spread out the words, it's time to kill Bill, what Bill? Computing Professionals Bill 2011!
Do read it in detail! Currently it is in drafting processing, thanks to my best pal - Mel to share this nonsense bill. By the way, if you have facebook, support this -
I will constantly update this post if there's any progress regarding the matter, voice out while you can regarding CPB2011 to the document below -
Mosti has put up their latest working draft which you can find here -
Please review it and make your voice loud and clear!
Some opinions from the individual who works in IT industry ;)
Petition!
Follow the Tweets regarding CPB2011
Flip-flop, uncertainty?
Makes yourself certified criteria?
Mosti is just facilitator?
Role model of CPB 2011, seriously?
Interview of Malaysia Deputy Minister Of Science, Technology And Innovation, Datuk Fadillah Yusoft by Astro Awani, if only you know Malay Language -
From Tony Pua, member of Parliament -
http://www.youtube.com/watch?v=6ilM5bKokkw&feature=youtu.be
While they can't define what is CNII properly during open meeting, now they want to include more sectors in this undefined crap? Seriously if the government sector has failed to deliver security all these years, that means PRISMA that was initiated to protect government ICT agency by our government is a big failure(so much money wasted and now this)? By the way if you read carefully at the last few paragraphs, you will notice "What we can do at CyberSecurity Malaysia is to continue to provide more training and capability building in cyber security, says CyberSecurity malaysia Chieft Executive Officer(CEO) Lt Col Prof Datuk Husin Jazri."
To me, that basically sounds like if this bill is passed, he can make big money by selling training and certification program, now we know who is really pushing this AGENDA at the back ;)
http://thestar.com.my/news/story.asp?file=%2F2011%2F12%2F18%2Fnation%2F10119744&sec=nation
Discussion about CPB 2011 on BFM radio station -
http://bfm.my/geeksquawks_ep53.html
The TeAM(The Technopreneuers Association Of Malaysia) objects to CPB 2011 -
http://techcentral.my/news/story.aspx?file=/2011/12/14/it_news/20111214141030&sec=IT_News
Speak out loud, geeks!
http://thestar.com.my/news/story.asp?file=%2F2011%2F12%2F18%2Fnation%2F10105092&sec=nation
While they can't define what is CNII properly during open meeting, now they want to include more sectors in this undefined crap? Seriously if the government sector has failed to deliver security all these years, that means PRISMA that was initiated to protect government ICT agency by our government is a big failure(so much money wasted and now this)? By the way if you read carefully at the last few paragraphs, you will notice "What we can do at CyberSecurity Malaysia is to continue to provide more training and capability building in cyber security, says CyberSecurity malaysia Chieft Executive Officer(CEO) Lt Col Prof Datuk Husin Jazri."
To me, that basically sounds like if this bill is passed, he can make big money by selling training and certification program, now we know who is really pushing this AGENDA at the back ;)
http://thestar.com.my/news/story.asp?file=%2F2011%2F12%2F18%2Fnation%2F10119744&sec=nation
Discussion about CPB 2011 on BFM radio station -
http://bfm.my/geeksquawks_ep53.html
The TeAM(The Technopreneuers Association Of Malaysia) objects to CPB 2011 -
http://techcentral.my/news/story.aspx?file=/2011/12/14/it_news/20111214141030&sec=IT_News
Speak out loud, geeks!
http://thestar.com.my/news/story.asp?file=%2F2011%2F12%2F18%2Fnation%2F10105092&sec=nation
No cheers this time, F it!
Tuesday, December 06, 2011
Intel X520
I want this for my Christmas present ;]
I never thought 10G network adapter can go very cheap, really need to get one for development and testing!
Subscribe to:
Posts (Atom)