Halaman

Sabtu, 23 Oktober 2010

Programs close very frequent for Data Execution Prevention

Data Execution Prevention (DEP) is a security feature that helps prevent damage from viruses and other security threats by monitoring your programs to make sure they use system memory safely.Harmful programs can try to attack Windows by attempting to run (also known as execute) code from system memory locations reserved for Windows and other authorized programs. These types of attacks can harm your programs and files.

DEP can help protect your computer by monitoring your programs to make sure that they use system memory safely. If DEP notices a program on your computer using memory incorrectly, it closes the program and notifies you.

This happened to me very frequent. For example, when using IE, FF and Opera, the web browser suddenly terminate, and closed. The same cases also appear, while working with Adobe, MSOffice, OpenOffice.

I open Task Manager and found strange program "in my opinion", DOIMEK.EXE.
The file reside in User's home directory. I watch another file exist with same size to ALG.EXE, with SHR attributes, and dated 2010-10-21.

I run msconfig, in Startup tab, unchecked Doimek.exe and one other name that I forgot, to not load at start.
After rebooting, still...CPU Usage is too high for long time, specially for doimek.exe


No relevant results while Googling doimek.exe and alg.exe, at time of writing this post, probably I am wrong with those file, but I have remove them from my machine, and CPU Usage is decrease.

Pinging General Failure after uninstalling Norton

My machine has Vista installed and Norton as anti virus and for internet security.
I just remove Norton by using Uninstall in Vista's Control Panel and could not found
any uninstallation program that come with it.
The anti virus has gone, but two Live Update still reside as Service and one service named like Symantec Application ... ( I forgot the complete name). They could not be uninstalled. I leave them as is, than try to work with my local web with results:

- My local web could not be reach.
- Try with three kinds of different software databases to test local connection, no success.
- Try a ping command to domain name, even localhost or 127.0.0.1, come with General Failure reply.
- As administrator try to reset winsock and IPv4:
C:\Windows\System32>netsh winsock reset catalog
C:\Windows\System32>netsh int ipv4 reset reset.log
C:\Windows\System32>netsh int ipv6 reset reset.log
restart the machine, still General Failure.

Then I arrived here and use it to completely remove Norton software.
It works again.

Minggu, 17 Oktober 2010

SQL math

What the result of these SQL Statements:

SELECT 1/2, 2 - (2 * (1/2));

SELECT 1 * 1.52, 1.0 * 1.52, 1.0 * 1.520, 1.00 * 1.520;

Please try with any kind of database software!

Sabtu, 09 Oktober 2010

Using PHP Radius Extension


The FreeRADIUS server software package includes several tools to assist in testing and using the server, some pf them is Radclient and Radtest. To work with applications such as Web inventory Systems, the system has to connect with Radius server using Radius Client. Today I use PHP Radius Extension as Radius client.

PHP Radius client library
This package is PECL extension for Radius (Remote Authentication Dial In User Service). This extension is based on the libradius of FreeBSD. It allows clients to perform authentication and accounting by means of network requests to remote servers.


Auth_RADIUS
This package is a php wrapper around the php radius extension. There are different Classes for the different authentication methods available through RADIUS. If we are using CHAP-MD5 or MS-CHAP authentication, we will also need the Crypt_CHAP package. In addition, if using MS-CHAP authentication, we will need to enable the mhash and mcrypt extension in php.ini. Documentation of the radius extension is available through the PHP manual at http://www.php.net/radius

In previous install link, my sistem has these modules installed
# php -m
[PHP Modules]
Core
date
ereg
gd
libxml
mysql
mysqlnd
pcre
Reflection
session
SPL
standard

I started the installation with the following sequence:

1. Install Auth_Radius a PEAR wrapper classes for the RADIUS PECL.
#/usr/ports/net/pear-Auth_RADIUS
#make
===> Registering installation for pear-1.9.1
===> Returning to build of pear-Auth_RADIUS-1.0.6
===> Configuring for pear-Auth_RADIUS-1.0.6
===> Registering installation for pecl-radius-1.2.5
#make install
----------------------------------------------------------------------
Libraries have been installed in:
/usr/ports/net/pecl-radius/work/radius-1.2.5/modules
****************************************************************************
The following line has been added to your /usr/local/etc/php/extensions.ini
configuration file to automatically load the installed extension:
extension=radius.so
****************************************************************************
===> Returning to build of pear-Auth_RADIUS-1.0.6
===> Generating packing list
===> Generating temporary packing list
===> Checking if net/pear-Auth_RADIUS already installed
===> Installing examples in /usr/local/share/examples/pear/Auth_RADIUS.
install ok: channel://pear.php.net/Auth_RADIUS-1.0.6
===> Registering installation for pear-Auth_RADIUS-1.0.6

# make clean
===> Cleaning for pear-1.9.1 ###PEAR framework for PHP
===> Cleaning for php5-5.3.3_2
===> Cleaning for pecl-radius-1.2.5 ###Radius client library for PHP
===> Cleaning for php5-xml-5.3.3_2
===> Cleaning for pear-Auth_RADIUS-1.0.6 ###PEAR wrapper classes for the RADIUS PECL


2. Install additional package
#/usr/ports/security/pear-Crypt_CHAP
extension=mcrypt.so
extension=hash.so

3. List modules installed
# php -m
[PHP Modules]
Core
date
ereg
gd
hash
libxml
mcrypt
mhash
mysql
mysqlnd
pcre
radius
Reflection
session
SPL
standard
xml

# pear list
Installed packages, channel pear.php.net:
=========================================
Package Version State
Archive_Tar 1.3.7 stable
Auth_RADIUS 1.0.6 stable
Console_Getopt 1.2.3 stable
Crypt_CHAP 1.0.2 stable ### here version 1.0.2
PEAR 1.9.1 stable
Structures_Graph 1.0.3 stable


4.I have to upgrade Crypt_CHAP (replace mhash function to hash function, because I'm on php5.3)
# pear upgrade
downloading Crypt_CHAP-1.5.0.tar ...
Starting to download Crypt_CHAP-1.5.0.tar (Unknown size)
........done: 22,528 bytes
upgrade ok: channel://pear.php.net/Crypt_CHAP-1.5.0
Installed packages, channel pear.php.net:
=========================================
Package Version State
Archive_Tar 1.3.7 stable
Auth_RADIUS 1.0.6 stable
Console_Getopt 1.2.3 stable
Crypt_CHAP 1.5.0 stable
PEAR 1.9.1 stable
Structures_Graph 1.0.3 stable

5. Restart Apache service
#apachectl graceful

6. Start Radius in debug mode



7. Test authentication



8. Use sample number 2 from here and modify arguments as needed, and test it. It works.




Jumat, 08 Oktober 2010

Installation of Mondes' LAB1

Steps to install Mondes' LAB1. This was done remotely via telnet, from 11.50pm to 02.30am.

1. Install Apache web server with prefork MPM (apache-2.0.63_16)
#cd /usr/ports/www/apache20 (released 2008-01-19)
#make install clean
(current Apache is v2.2.16, released 2010-07-25)


2. Install current version of PHP5 (php5-5.3.3_2, released 2010-07-22)
#cd /usr/ports/lang/php5
#make install clean
***************************************************************
Make sure index.php is part of your DirectoryIndex.
You should add the following to your Apache configuration file:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
***************************************************************
This port has installed the following files which may act as network servers and may therefore pose a remote security risk to the system.
/usr/local/libexec/apache2/libphp5.so
/usr/local/bin/php
/usr/local/bin/php-cgi

AddType application/x-httpd-php .php <<.html>>
AddType application/x-httpd-php-source .phps


3. Install mysql shared extension for php (php5-mysql-5.3.3_2)
#cd /usr/ports/databases/php5-mysql
#make install clean
***************************************************************
The following line has been added to your /usr/local/etc/php/extensions.ini configuration file to automatically load the installed extension:
extension=mysql.so
***************************************************************


4. Install session shared extension for php (php5-session-5.3.3_2)
#cd /usr/ports/www/php5-session
#make install clean
***************************************************************
The following line has been added to your /usr/local/etc/php/extensions.ini
configuration file to automatically load the installed extension:
extension=session.so
***************************************************************


5. Install gd shared extension for php (php5-session-5.3.3_2)
#cd /usr/ports/graphics/php5-gd
#make install clean
****************************************************************************
The following line has been added to your /usr/local/etc/php/extensions.ini
configuration file to automatically load the installed extension:
extension=gd.so
****************************************************************************

6. Install text-based web browser
#cd /usr/local/www/lynx
#make install clean
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/bin/lynx


7. Make FreeBSD reread the files in the path so it knows what's there
#rehash


8. Adding PHP5 module to Apache
#cd /usr/local/etc/apache2/
===>modify httpd.conf


9. Create test page
# echo ""  >> /usr/local/www/data/tester.php


10.Test the installation
#apachectl start
#lynx localhost/tester.php

ready for web management (RADIUS and Monitoring).