No, I’m not saying these to you guys but more on addressing these phrase to our top leaders.. I’ve came across this article (it’s written in Bahasa Malaysia and if anybody can translate it, that will be nice. I dun have much time to do that, so I’m so sorry) at Perlis’s Mufti Dr Maza. He wrote many articles in Bahasa Malaysia and in English. I recommend you to read those articles as it really represent the true Islam like this article regarding the Race Base Politics compared to Islam’s Principles and Teachings.

However the article that I’ve read regarding “changing the lifestyle” can be found here.

Here are some of the excerpt taken from the article.

“Telah berlaku tahun kesusahan dan kelaparan yang amat sangat di Semenanjung Arab pada zaman Amirul Mukminin ‘Umar bin al-Khattab. Dikenali dengan ‘Am al-Ramadah kerana seakan bagaikan warna ramad atau abu disebabkan kekurangan hujan, warna tanah dan warna kulit manusia yang bertukar disebabkan kekeringan. Ini berlaku pada antara tahun 17H dan 18H selama sembilan bulan”

“Ibn Jarir al-Tabari meriwayatkan bahawa ‘Umar bin al-Khattab tidak memakan pada tahun berkenaan lemak haiwan, susu dan daging sehingga orang ramai dapat memakannya. Barangan makanan berkurangan di pasar.”

“Pada suatu hari pekerjanya dapat membeli untuknya lemak dan susu namun dengan harga yang agak tinggi. ‘Umar enggan makan bahkan berkata: “Engkau telah menyebabkan lemak dan susu menjadi mahal, sedekahkan keduanya, aku bencikan pembaziran. Bagaimana aku dapat memahami keadaan rakyat jika tidak mengenaiku apa yang mengenai mereka?”. (Al-Tabari, 2/358, Beirut: Dar al-Fikr).”

“Juga diriwayatkan bahawa suatu hari pada tahun berkenaan disembelih unta lalu dimasak dan dibahagikan kepada orang ramai. Lalu diceduk masakan itu untuk dihidangkan juga buat ‘Umar. Tiba-tiba yang diceduk itu bahagian belakang unta dan hatinya. Lalu ‘Umar bertanya: “Dari mana diperolehi ini?”. Daripada unta yang kita sembelih hari ini. Kata ‘Umar: “Oh! Alangkah buruknya aku ini sebagai pemimpin, jika aku memakan bahagiannya yang baik lalu aku berikan rakyat makan yang sisa” (Ibn Sa’d, al-Tabaqat al-Kubra, 3/312, Beirut: Dar Sadir).”

That’s my friend, a wonderful example of a True Leader, who has his people as his main priority and concern. If the great man Saiyidina Umar Al-Khattab r.a himself (a man who has been promised a place in Heaven by God) insists on enduring the same hardships that his people had to face, then I guess our leader who is nobody compared to this great man should do more than just uttering some words or “advice” on facing the current situation. Lead by Example.

Description:

The term Backdoor describes a specific group of Trojan Horses. As Trojans, they are not able to spread itself to other computers. Backdoors allow attackers full control over the victim’s PC. Mostly they are split into 3 parts:

1. Server
   The part which is put on the victim’s PC and takes control over the PC.
2. Client
   A little program used by the attacker to connect to the server and control the computer.
3. Editor
   An additional tool to create the server program. It allows the attacker to create an unique server and allows him to set all options and rules for the server.

Ok, I didn’t create this and I think this is an old stuff. Just found it when googling for something else

Yeah, I have to acknowledge that the current situation is not that good compared to the previous years either in sense of economic or politics. Most of us have to bear the brunt of high petrol and diesel price, sudden hike of the rice price, shortage of food and many others even me myself not spared from having this grudge towards our current government. It is normal thing, unless you have some capital gain from this situation then perhaps you do not feel anything. And also it is a normal thing for all of us to voice out our disappointment, frustration, anger on this matter.

But whatever/whoever advocates this kind of activities like stated in this forum is not what I meant on voicing out. Why not for a change we start giving any constructive opinions and views instead of destructive ones? Defacing web sites prove nothing besides that you lack of ethics and like what I said before any many times in my last posts, web defacers are more publicity seekers and contributes nothing towards security industry.

Well if you really want to show your so called hacking skills, we have plenty of competitions like HITB Capture the Flags competition, UiTM’s i-Hack hacking competition and many more. Or you want to be like my friends geek00l and mel as security researcher, then get involve in the security industry and then choose which discipline you want to be either to be the assessor or simply defender. Btw I’m looking for competent members for my unit.

The main issue here is my friend is not about your hacking skills (I know that you have ‘em) but it is a question of ethics.

p/s: If you dun like our government then next time dun vote them lah.. As simple as that.

As declared by tour embattled PM, the new price for petrol is RM 2.70 per litre, increased by 78 cents from RM 1.92 per litre. For Diesel the price will be RM 2.58 per litre, increased by RM 1 from RM 1.58 per litre.

Read here for the news.

p/s: Hopefully they won’t increase the LRT monthly pass as well.

One of my colleagues from the technical support department asked me on the best emplacement of the internal sensor (IDS) if one network has IPS implemented as well. So I just give him a simple diagram to show him the usual emplacement of internal sensor when we have IPS implemented as well.

The reason why I would place my internal sensor (in this case DMZ sensor) behind IPS because:

a). I always believe that all the preventive measures will be defeated sooner or later. And if the DMZ sensor emplace in front of IPS, then what kind of indication we can have if the attack bypassed the IPS?

b). IF the sensor emplaced in front of the IPS, how do we know that one particular attack has been blocked or not by IPS?

Usually for this kind of emplacement, a good correlation between the alerts coming from the external IDS and internal IDS will help or assist analyst on determining whether the attack bypassed the preventive measures in form of firewalls and IPS. To enhance the identification process, both of the alerts will be compared against the logs retrieved from the targeted server.

As example let say the external sensor produce one alert stating that there is one remote file inclusion attempt on the web server. IF the internal sensor also produce the same alert, it means that this attempt successfully bypass the firewall (of cause) and the IPS as well. Only then the alert will be produced to the analyst console and IF only external sensor produce the alert, then it can be discarded or not presented to the analyst console. It may be used for statistical purpose perhaps.

Also another step will be if the external and internal sensor produce the same alert, then it will be compared against the web log obtained from the targeted web server. And if the response code for that attempt is 200 then these alerts will be produced to the analyst console, else those will be discarded.

BUT then my colleague said

“That’s what I’ve explained to them but their question is Why internal sensor generate too few alerts compared to the external sensor?”

I told him, “That means that their IPS has done a good job la !”

“Yeah, that’s what I thought so and I told them that but they still asking the same question.”

I’m out of words…

Yeah, today marks the 4th year of my marriage with wifey. We’ve been through ups and downs, difficulties, learning new things day by day, arguments, collecting shillings to buy groceries (yeah,  we’ve been through that as well) and many others.  Why do I mention about the hardship that me and wifey faced all these years  and not a bit about the happiness? It’s not because our marriage is in limbo or cracked or something similar but in my opinion, without wifey by my side during these hardship, there is no way I can face it alone and I dun think I can get through all those. From these kind of experiences make me feel so grateful, blessed and so lucky to have this special woman as my wife, my soul mate and my close friend.

So, like what I’ve told wifey yesterday, after all these years and after all these hardships, I just want to say …

Looks like we made it
Look how far we’ve come my baby
We might’ve took the long way
We knew we’d get there someday

Ain’t nothin’ better
We beat the odds together
I’m glad we didn’t listen
Look at what we would be missin’

They said, “I’ll bet they’ll never make it”
But just look at us holdin’ on
We’re still together still going strong

You’re still the one I run to
The one that I belong to
You’re still the one I want for life
You’re still the one that I love
The only one I dream of
You’re still the one I kiss good night
You’re still the one

Happy Anniversary my dear…

p/s: For those who still wonder why I have a 7 years old daughter but my marriage only enter its 4th year, just read this post here. Hopefully that will clarify few things

I have to admit, sometimes or most of the times, it is easier to criticize. I am one of the vocal complainers about the performance of our SAs either in term of their knowledge or their skills. Since the moment I joined my current company, I realized that the main thing that these people lack off is attitude. There are either non existence or lack of passion or interest in executing their job even at the acceptable level. I think most of you realized how do I feel actually based on few posts regarding on this issue.

For that, my Boss appoint me to lead one unit to rectify or perhaps can change the current scenario for my department. From the moment he present the suggested new unit to cater this during our retreat, I’ve started to feel lil bit uncomfortable as this will indicates that I will assume a very big responsibility in order to keep the house in order. It doesn’t mean that I will shirk at this opportunity of proving myself that I have the capability to plan, organize, co-ordinate, control and communicate for this new unit (I’ve been appointed as a head of Technology division at Precision Portal before – long long time ago) but to assume this position, I need to be the role model which will show exemplary characteristics, attitude and behavior for others to follow. Also instead of only complaining and criticizing, now I need to take all the necessary actions to make things right.

For a start, I need to device my unit strategic plan as the high level guidelines for my future unit members to know the current unit short term and long term plan, goals, vision and objectives and also the implementation and action plans for them to know on how to achieve these (and yes, now I do feel grateful on my ICSA days especially on Management Principles and Organization and Human Behavior subjects ).

I have thousands of ideas in my mind and the only thing is to express it in paperwork for others to know and understand. Fail to plan is plan to fail eh?

Yeah, now definitely I need to Walk The Talk… Wish me luck.

I have plenty of things need to be done right now that consume a large portion of my time (including my blogging time). In that sense I just upload some pictures about my twin. Both of them, Adam and Ariff now trully live up to the naughty boys tag. They just can’t sit at one place quietly and they refused to be put into their respective walkers (Ariff has this climbing-out-of-the-walker-adventure) which sometimes I am so grateful for not having any weak heart condition. To be honest, it is so tough to take care of my two boys and I take my hat off to my maid who managed to take care of my boys and my girls.

innocent looking eh?

WE ARE CHAMPIONS

No Time for LOSERS

‘CAUSE WE ARE THE CHAMPIONS (nearly OF THE WORLD)

BRING ON NEXT SEASON…

pictures from soccernet, the sun (uk), and mediame.com

This is my official statement and official stand on “Month of Malaysian Government Website Bugs (MoMGWB)” event by security.org.my.

I do acknowledge that the main purpose of conducting this kind of event is to enhance the government security posture which should be lauded by everybody. I also do acknowledge that some or part from the content of the email sent to the related party are not appropriate and suitable. I also want to declare here that I am totally against any unethical assessment that may be performed to any organization’s assets. Before proper SPA (security posture assessment) or any type of assessment performed, authorization and consent need to be acquired from the related party.

It is a privilege for me to say that those people behind security.org.my are very talented, skillful and knowledgeable in the security field and also one of my friends. But it also doesn’t mean that I condone any unethical acts that may be performed by my friends. We share the same passion but perhaps the methods of expressing, performing our passion are different from each other. I do aware and realize that I am bound to Official Secret Act the moment I joined my current company. Definitely I will not jeopardize my government security postures by revealing or performing any unethical acts on its assets.

security.org.my is a place for local ICT security practitioner to share their views, opinions, knowledge and skills and I do really hope that it will be remain as that.

Thank you