Friday, 29 January 2010

It is there but INVISIBLE


Salam Anak IT. Al-kisah...
Pada suatu hari, ada penjual kupi-take-away or nya urang kitani kupi-tapau yang bernama Buajah Lintuk. Setiap pagi, beliau akan menyiapkan kupi-tapau nya dan pergi kerumah-rumah untuk menjual kupi tersebut. Buajah Lintuk akan pergi dari kampung ke kampung untuk menghabiskan jualan beliau.
Pada suatu hari *balik-balik jua* beliau ternampak satu rumah yang agak besar dan "attractive" dengan puluhan mutuka misidis itam bacilat bejuritan dihalaman rumah tersebut. Beliau menghampiri rumah itu dan mendapati pintu utama rumah melayah-layah. Beliau memberi salam namun tiada yang menjawabnya. Beliau berkata di dalam hati "sah inda hada bejelama ni rumah ani..." dan terus melangkah masuk ke dalam rumah tersebut. Beliau ternampak kunci mutuka bertanda "misidis BAA1024.768" di atas mija dapur dan terus mengambilnya. Dengan rasa "gagau ati", beliau terus mencari mutuka misidis yang berdaftar BAA1024.768 diperkarangan rumah itu. Apabila terjumpa, Buajah Lintuk terus membuka pintu mutuka tersebut dan "hooraaayyy inda jua ku lalah bejalan batis menjual kupi ku ane".
Selepas kejadian itu, Buajah Lintuk tidak lagi menjual kupi-take-away dan kini beliau menjual Cappucino-style-melayu di laman jaringan "eBay".
Buajah Lintuk pada waktu sekarang
So... Cuba sama-sama tani pikirkan... If kami yang empunya misidis, apa yang patut disalahkan?...
  • Pasal inda menutup and mengunci pintu rumah?
  • Pasal ampaikan kunci mutuka atas mija?
  • Pasal inda bejalama?
  • Pasal namanya Buajah Lintuk?
Mmmm mungkin... But in my opinion pasal RUMAH ATUE PAMPANG-PAMPANG DAPAN MATA... And yes the second reason is pasal rumah atue attractive and melagau-lagau... hahaha "bah miana jua? inda jua kan di gulung kalie rumah atue masukkan dalam pukit seluar?" haha yeah that is true but face the fact that the main reason is pasal Buajah Lintuk nampak rumah atue IN THE FIRST PLACE... Imagine if ia INDA NAMPAK rumah atue... Is she going to enter it? Obviously its a NO... Just imagine peradian kamu cakap "agatah makan nasi katuk atas mija rah dapur ah" then kamu cek INDA ADA. Are you still going to sit down and baca doa sebelum makan? Hahahaha *imagine* and yes in real life, you can't make things INVISIBLE unless kamu ada selimut Harry Potter hehe but what I am going to write today is in CYBER WORLD.
If you want to steal a thing from someone's house,
  • First, ambil alamat rumah atue
  • Second, aga rumah atue
  • Third, masuk rumah atue
  • Fourth, cari barang atue
  • Fifth, pigang barang atue while liat kiri kanan
  • Sixth, ambil barang atue
This method is just the same basic method used by "crackers" or I should say "hackers with bad intentions" in order to steal things from your machine through network,
  • First, find victim's machine's IP Address
  • Second, connect to the victim' machine through IP Address
  • Third, infiltrate the machine
  • Fourth, browse the files in the machine
  • Fifth, transfer the files to attacker's machine
  • Sixth, remove any possible traces and close connection
Understood now? So... First, find victim's machine's IP Address. In my previous post, I have wrote on how to check or even tracing IP Addresses using a software named Angry IP Scanner. The software is basically using "ping" method (or other relatively-close technique) to see whether the IP address is alive or not. Actually there are tons of software available on the internet with the same capabilities. If the attacker have got your IP Address and found that it is active and alive, the attacker will proceed to the next stage. So, is there a way to hide our machines from the network? In my case, YES there is.
Original picture was taken from here
This tutorial is specifically for those who runs on Windows XP Operating System. For those who are not using Windows XP, you may just read to understand the technique and then do a research on it based on Operating System that you are using.
Go to Control Panel and click on Windows Firewall,
Click on the "Exceptions" tab and select "File and Printer Sharing",
Click on "Edit..." button,
Select "TCP 445" and click on the box next to it to DISABLE it then click "OK" button
Tadaaaa~ *haha malar* use Angry IP Scanner from other computer within the same network to scan your machine.
BEFORE
AFTER
That is it for today and I hope you gain at least a bit of extra knowledge and awareness. Until next time, sekian. Wabillahi taufiq walhidayah...

Thursday, 28 January 2010

Angry IP Scanner


Salam Anak IT.
Today, I would like to write about a software which has close relation with my previous post regarding IP Address (inda jua luan rapat la kira bejiranan saja haha). Different network administrator use different tools based on different skills and here I would like to share one of my must-have software tools for networking diagnosis.
Pernah abiskita mendangar "ANGRY IP SCANNER"? If alum, biskita aga arah website bisdia tapinya if biskita kan muat-turun or download slajur, click ja rah sini. Basically what it does is scanning IP range whether "hidup" or "inda". For example, if my computer inda dapat connect to internet but every cable is connected, first thing I would do is to check my internal IP address. If sekiranya my IP address is 192.168.1.123, I will usually aga arah komputer urang lain under the same network and use "ping 192.168.1.123 -t" right from command prompt.
But this Angry IP Scanner is a bit special sedikit. "Ping" command may only be used to check one IP address while this software can check more than one IP address. We can even specify the IP range dari mana hingga kemana. So, in my case, since my IP address is 192.168.1.123, I would probably just check all IP addresses between IP range 192.168.1.0 to 192.168.1.255 (you have to know that it could not be more than 255. Well even the 255 itself could not be used for personal IP address since it is a RESERVED or I should say a special one haha). From here I can monitor if other computers in the same network have the same problem like my machine does.
Let us do the practical part. Make sure you have downloaded the software and run the program. The window should be look like on the picture below:
Arah "IP range", type 192.168.1.0 (it depends on your DHCP service provided by router or dedicated gateway). If you are still not sure what is your IP address, go to Start>Run or simply press CTRL+R and the type "cmd" to open Command Prompt. Then type "ipconfig /all" without quote. Look for "IP Address........" and there you are. In my case, it is 192.168.1.123
Ignore the last byte (mine is 123) and you will get 192.168.1.* ;) easy? and now we will check the IP addresses ranged from 192.168.1.0 to 192.168.1.255. Type that in and click on Start button.
Tadaaa~ the software is scanning the entire network. The active IP address will have BLUE coloured circle next to it and those which is "dead" will have RED coloured circle as shown below:
At the end of the scanning process, the program will print out number of active/alive hosts. I got 2 active hosts under my home network right now *subuk router di luar checking arah siapa yang kalap2nya luan cakah* hahaha apa yang kan di liat jua OF COURSE the other one is my ROUTER hehe so I am the only user currently in our home network...
Well yeah that's about it... This is actually very useful for those yang makai GO! or ZOOM! broadband... If usulnya maliging or apa nya urang kitani "unggai-unggai", baik check pakai this software mana tau active/alive hosts nya limpar hehehe so goodluck!
InsyaAllah tomorrow I will post how does it work and a way to make your machine "invisible" to others for security measurement... (so under category Security la tue...)
Sekian.
P/S: Bisai-bisai makai software ane... Pemarah kalie ha... Baca basmalah jua...

Monday, 25 January 2010

Key Logger


Salam Anak IT.
As I promised in the last post regarding Virtual Keyboard under Security category, here is the key logger that I was writing about. Gambarnya inda berubah tue purely RAW dari camera hahaha and yes warna purple since the international colour standard for PS/2 keyboard is purple and green for PS/2 mouse. If inda paham jua, cuba silak belakang computer biskita ada tue port warna purple sama hijau bersebelahan or bejiranan nya urang kitani. But nowadays PS/2 socket type jarang lagi kana gunakan pasal mostly mouse and keyboard zaman sekarang menggunakan USB sudah.
Hehe but I am STILL using PS/2 type of keyboard and mouse. The reason is to reserve the USB ports for other USB devices. Inda jua kan mouse sama keyboard yang memajak USB slot atue, inda ja? Hahaha so since masih ada PS/2 ports, penuhkan saf-saf yang kosong.
So... Miana gayanya kan makai tue?... Sanang ja... Just place the key logger IN BETWEEN the keyboard and the PS/2 keyboard port di belakang komputer biskita. OK tia! hehe inda payah install any software. Plug-and-Forget *aiseh*... The key logger has memory built-in inside to record any key stroked and you do not have to worry if your Random Access Memory (RAM) rendah or maybe takut komputer jadi lagging since this device inda ada kena mengena sama system's operation.
The best part is that you can use it ANYWHERE and you can unplug it ANYTIME. In order to retrieve the stored data inside key logger, you will just need a typing program such as Notepad, Wordpad or even MS Word. Simply enter your password and menu-driven interface will be typed out. Simple?
As I mentioned earlier in the "Virtual Keyboard" post under Security category, this device is usually used by those anak-anak IT with BAD intentions. Again, it depends on you on how are you going to use it. If biskita "ajar" anak damit biskita berbuat baik, then ia mengikut. But if biskita "ajar" untuk membuat perkara yang tidak baik, paham-paham biskita la tue aa...
In my case, I write programs and even website and so I need a BACK-UP if something happen to the machine mana la tau temparik mengajut inda lagi sampat di"save" so I'll just retrieve it from the device *yes it happened once haha but bukan pasal temparik*
Other than that, it also act as my personal protection mana la tau one day ada "urang" makai my computer tanpa izin so that I could monitor their activities easily ;) hehe but those yang membaca ani and saying "ohhh panyaaa... nanti mun ku makai ku cabut dulu benda atu belakang komputer nya then abis pakai pasang balik" think twice pasal this is only the HARDWARE solution to that. I haven't mention about the SOFTWARE alternative hehe apa nya urang jaman dahulu "pandai-pandai baidup".
Sekian. Wassalam.

Sunday, 24 January 2010

File Transfer Protocol


Salam Anak IT.
File Transfer Protocol or nya bisdia FTP is a service to transfer or receive barang in electronic/digital form from one machine to another. Mengikut sejarahnya, FTP wujud lebih awal dari WWW (World Wide Web). It works by means of client-server architecture or apa nya urang kitani mesti ada penghantar dan juga penerima or else hukumnya tidak sah.
In real life, just imagine ada seorang pembuat sambal padas yang bernama Buajah Kembayau. Beliau tinggal di kediaman No. 10, Simpang Kiri, Jln. Kedapan, Kg. ABC. Pada suatu hari beliau menyuruh anaknya yang bernama Awang Lamat (bukan nama sebenar) untuk menghantar Nasi Katuk buatan tangannya kepada adik kandungnya iaitu Tangahnya Laki yang tinggal di alamat No. 6, Simpang Kanan, Jln. Belakang, Kg. XYZ.
Moral of the story is *echewah luan awal* biskita dapat fahami something kana antar dari satu tempat ke satu tempat yang lain. So cuba kumpul semua information yang ada...
  1. Nama Pemilik Rumah (Penghantar)
    • Buajah Kembayau (tapi suruhnya anaknya ngantarkan sal ia inda telarat bejalan batis)
  2. Alamat Penghantar
    • No. 10, Simpang Kiri, Jln. Kedapan, Kg. ABC
  3. Barang yang dihantar
    • Nasi Katuk (sambal padas)
  4. Laluan yang digunakan untuk menghantar barang
    • Laluan berjalan kaki (Siring jalan raya)
  5. Nama Pemilik Rumah (Penerima)
    • Tangahnya Laki
  6. Alamat Penerima
    • No. 6, Simpang Kanan, Jln. Belakang, Kg. XYZ
Cuba bayangkan if anaknya ane inda tau alamat Tangahnya Laki? Of course ia inda kan mengantar Nasi Katuk or pasingnya arah adinya then sambung main game. Or maybe babunya cakap "lai, antati rah tangahmu laki" tapi nada barang yang kan diantar. Yang lebih teruk if nada jalan raya or bisdia tinggal tangah lautan inda lagi tedapat perahu tue. Yetah tue segala informasi yang tertera di atas mesti ada in order to make it happen.
So, untuk mengantar barang in computing/digital/cyber life, we also must have those information. Inda jua kan biskita talipaun urg UPS or even Pos Laju kalie ganya kan mengantar gambar melalui email hahaha bah adang... Straight to the point:
  • Nama Pemilik Rumah (Penghantar) = Client Hostname
  • Alamat Penghantar = Client's IP Address
  • Barang yang dihantar = Data/information/file in electronic form (e.g HTML file)
  • Laluan yang digunakan = Internet
  • Nama Pemilik Rumah (Penerima) = Server Hostname
  • Alamat Penerima = Server's IP Address
Here is the example of sending file through internet (digital form):
But FIRST! You need to understand between CLIENT and SERVER. Client is the one yang MENGHANTAR (SENDING) while server is the one yang MENERIMA (RECEIVING). To transfer data/file through FTP, we need FTP Server as well as FTP Client but here I will only write on how to use FTP Client to transfer data/file. Click here to learn further on client/server.
Siapa saja yang menggunakan FTP ane?...
  • Web developer yang tedapat Web Hosting arah lain (external hosting)
  • Users who need to send bigger files to other users
  • Users who work outside and need to retrieve their files from personal computer located at home
  • People yang inda tau apa FTP but kan belajar-lajar
  • Students yang kana suruh oleh teacher/lecturer bisdia untuk belajar FTP
  • Dan yang sewaktu dengannya
One of the most famous FTP Client (pasal ia free kalie haha) is FileZilla FTP Client. You may click hereand read further about it.

Saturday, 23 January 2010

Virtual Keyboard


Salam Anak IT.
A word "virtual" means... Anyone can define it in malay or even bahasa melayu kitani? hahaha "aaaaaa virtual means... virtual lah... yang cematu atue bah" or I should say something that is not really that something?... *cana kan tue?* If I say "virtual keyboard" you might imagine something like in the picture below:
Or even worse...
Hahaha no... What I will be writing about is "On-Screen Keyboard". If you are running on Windows Operating System, go to Start>Run or simply press Windows+R keys on your keyboard then type "osk" without the quotes. "osk" stands for On-Screen Keyboard.
Click OK button and the On-Screen Keyboard will appear.
So... Apa gunanya ne?... I will ask you, how many times do you enter your password in a day? *especially those yang buka email tiap hari and facebook-ing time waktu kraja* and arah komputer mana biskita taip the password? Komputer diri? Komputer adi beradi? Komputer UPIS? Do you think so far you are the only person who knows all your personal password? Think again...
Here, I would like to share one of the "password-stealing" techniques that is frequently used by Anak-anak IT with bad intentions. In hacking methodologies, there is one technique named Human-Based Social Engineering. It is a PHYSICAL contact made by the attacker to the victim and in this case, it is the victim's machine.
Have you ever heard of key logger? You may visit this website to understand what the HARDWARE does. I actually own it myself but I will post it later with pictures under Gadget/Tool section. Try to understand how does it work and why it is NEARLY UNDETECTABLE since no one would ever check on the back of their computers right before using the machine, would you? *kan apa ku jua unless ada suara dang siti blakang atue barutah ku liat bwauhuawahahwa*
So, basically what it does is RECORDING EVERY KEY STROKED THROUGH THE PHYSICAL KEYBOARD INCLUDING YOUR USERNAME AND PASSWORD. Scary? Even more scary when your parents put the device at your computer and reading any of your conversations with bf/gf HAHAHA *well it is good for the parents so that they easily can monitor their children's cyber activities. I have another extra of this hardware device and those parents yang tepakai, give highest bid. Echewah~ hahaha*
Next, in order to prevent this thing to be happened, this is the time when the virtual keyboard comes in handy *or jadi hero la tue nya*. The solid tip is NEVER USE YOUR KEYBOARD TO ENTER YOUR PASSWORD. Just click the character on the virtual keyboard using your MOUSE. Tapinya mun pakai on-screen keyboard untuk msn bari lalah jua tue ah... kang kana komplem "napa lambat reply?" tau tah anak time ani senitip hahahaha
Another good thing is that, for those yang makai Kaspersky INTERNET SECURITY (i'm not sure arah Kaspersky Anti-Virus) ada menawarkan perkhidmatan Virtual Keyboard attached to internet browser
For those yang makai Kaspersky Internet Security, you will realise that there are Kaspersky icons appear somewhere on the toolbar. One of the icon titled "Open Virtual Keyboard" the one yang warnanya itam putih... Try to click on it and see what happen...
Tadaaaaa~ it is just the same like Windows's On-Screen Keyboard
You may try another virtual keyboard which is available on the internet but I DO NOT really recommend to use them. This is due to untrusted software creation. As example, if I am the one who create the virtual keyboard (bear in mind that it is STILL a software created with coding) I might put a code where it records your password and DELIVER it to me STEALTHILY or tanpa pengetahuan biskita. So, be careful.
I think that is it for today and until next time, Wabillahi Taufiq Walhidayah. Sekian.

Friday, 22 January 2010

Is there such a thing as "Good Design"?

Salam Anak IT.
Good design... Who can tell me what is a good design?... Nice colour?... "Nyaman mata meliat"?... Well the right answer is "UP TO YOU"...
The simplest example would be, just look at this page's layout and design... The one who designed the layout will say that it is "techy" based on his analysis with other users before the layout has been implemented... But some of your eyes might be different... There is a possibility that some of us might say "I prefer it to be PINKY" or even "lawa lagi kanak-kanak kindergarden punya lukisan" and so on... But do you think majority of people will think the same way as you think?... Again... It's a NO... That is when at least you need to understand certain points.
In designing, there will be no word as "I, Me, We, Us, My BF/GF" but it is all about "Him/Her, Them, They, You" (credits for Hj Idham ITB). What I mean is that we need to make sure who are our TARGET AUDIENCES. From there, we will start jotting down other points such as the purpose of the requested design, colour, theme, style, structure etc. THEN we will decide on what technologies required to complete the designing process.
Talking about colours, different people with different opinion on colours. As example, which one of the three colours below do you prefer?
Some people might choose 1st, some 2nd, some 3rd and probably MOST of us will say "my FAVOURITE COLOUR is not listed so I don't bother...". Remember, in designing there is no "I, Me, We, Us, My BF/GF". I've been facing with clients that choose colours based on their FAVOURITE ONE. I'd like to share something that might be useful for you and it has been my strongest attitude or I should say "PENDIRIAN". A word "professional" does not and will never embedded with "personal"; and so does "professional designing". I would like to elaborate and share more on the word "professional" based on my own opinion but hehe we are not in the right category.
So back to square one nya c boboi KristalFM, it is really tough for people to determine a really good design since we have different ways of thinking on certain things. InsyaAllah in the near future, I will elaborate more on designing techniques such as step by step procedures, sketching, interface, colour theory dan yang sewaktu dengannya. Sekian.
P/S: In most cases, pictures can be part of the design as well ;) I will give examples in the next post regarding Design.

Programming Error?


Realise anything?
"Back to the future"
P/S: How many of you are using BIBD's Internet Banking? Ever wonder why it only works on Microsoft's Internet Explorer browser? I think I need to prepare for an interview with officer in-charge regarding the matter.

Wednesday, 20 January 2010

Database? Apa Tue?



Salam Anak IT.
First of all, sapa yang tau what is database angkat tangan. *manarupung dari ujung pisuk ke pisuk cari tangan*
Database atau lebih dikenali dengan "Pangkalan Data" adalah suatu tempat untuk menyimpan data yang berupa structured mahupun unstructured. Structured is any data that is visible or dapan-dapan mata nya urg kitani which has value or even meaning as example 19/Jan/2010 or as simple as "Cucur Pisang", while unstructured is usually bukan alphanumeric or printed data but more into something that we "interact" with our hearing, looking, smelling? as example sound wave, video, image, map etc. Most of the time it is related with multimedia.
Back to database, the simplest example of database is contact information in our handphone, or even contacts in instant messanging or even contacts in social application such as friendster, imeem, hi5, BRUNEI.FM! and many others. (facebook na kana mention kah? hahaha). Contacts on our phone for instance, it stores individual's information such as Name, Phone Number, Email dan yang sewaktu dengannya. That is the BASE where we put DATA and so it is called DATABASE.
"Tapinya... Data ani apa? Inda sama dengan information kah?" Yes INDA SAMA... Data is raw facts while information is processed data.
Example, if I give you 110110, do you really understand what I was giving?... "Na sure... Can be a binary?" hehe yes it is a binary but what if I put it as 11-01-10, how is it now? "That's a date! hahaha" exactly... So information is when you know what the data represents while data itself can be general value... Then... Who can tell me a single word "Brunei" is either a data or an information since everyone knows its a country? "adui practical lesson kah ne?"
Next, SOME operations that can be done with database:
  • Capture/Get (ambil)
  • Store (simpan)
  • Retrieve (mengeluarkan data yang besimpan sudah)
  • Delete (membuang)
  • Classify (menyusun)
  • Compare (membuat perbezaan)
  • Calculate (mengira)
  • Replicate (salinan)
  • Sorting (menyusun A-Z or Z-A)
  • Summarise (ringkasan especially for report)
  • Validate (checking if data yang kana masukkan lurus or inda)
  • Communicate (can be interact with any front-end) depends on database apa yang kana pakai
As I said, database is where you keep the data. But it does not "process" the data itself. "Tapinya MS Access atue process the data yang kana simpan dalam file atue jua..." That is what you learn at school as Introduction to Database (even MS Excel can be categorised as database) but you have a good point there. This is because you only see your database been processed on a place (window) where you process the data which is known as FORM. I believe that you have learnt on how to do report as well and know how query works. The actual scenario is that you have database (where you keep your data) and front-end application seperately. Front-end is an application with graphical user interface to process the data INSIDE the database. If rajin, do a research on "back-end" application as well.
So hopefully by now you understand what does it mean by database and how it affects our everyday life. Imagine you need to call your uncle or any important person for emergency case but your phone DOESN'T have contacts database feature? *unless if you memorise all your contacts' numbers*. For a secondary student like you (and this goes to other secondary students out there as well) I recommend you to learn basics of PHP with mySQL. Click here for a start and learn things that is not included in your syllabus. Be an "advanced" student with advanced knowledge ;) As your big brother/sister *echewah* we want you to realise how important the database is and the value it has. Who knows one day you will be an Information System Specialist or even System Analysist. Sekian.