Muhammad Zulfikar — Blog Docs

Today is boring, so, I tried to sniffing with Ettercap.

Uhuy, minggu ini adalah minggu yang menyenangkan !, why ? karena dari tanggal 2 Mei hingga 11 mei adalah Mid-Term Break, jadi saatnya relaxaxing. Kemarin baru saja saya mendownload Live operating system yang berbasis linux, it is BackTrack. Untuk lebih jelasnya saya akan jelaskan.

Dalam usaha meminimalisasi kemungkinan terserangnya server Anda dari pihak yang tidak bertanggung jawab, ada baiknya melakukan Penestration testing terlebih dahulu Untuk melakukan hal ini, coba gunakan distro yang 1 ini.

BackTrack adalah distro LiveCD yang berisikan sejumlah aplikasi untuk kebutuhan penestration testing, Distro ini sangat cocok digunakan oleh para profesional di bidang security, maupun siapa saja yang tertarik lebih dalam mempelajari security. Dalam distro ini, Anda dapat menemukan sejumlah security tool yang sudah tersusun rapi di submenu BackTrack. Beberapa kategori tool yang terdapat di submenu BackTrack,, diantaranya, information gathering, network mapping, vulnerability identification, penetration privilege escalation, maintaining access, covering tracks, radio network, analysis voip and telephony analysis, digital forensics, reverse engineering, dan miscellaneous

Dalam masing-masing submenu tersebut, terbagi lagi ke dalam beberapa sub menu yang lebih spesifik. Sebagai contoh, tool aircrack dapat kita temukan pada menu 80211 -> Cracking -> Aircrack dan 80211 -> All, dalam submenu Radio Network Analysis. Hal ini mempermudah pengenalan ratusan security tool yang telah disertakan pada distro ini.

Selain berfungsi sebagai Live CD, BackTrack juga dapat diintalasi ke media USB Flash Drive maupun HDD. Dengan ini maka loading bisa dipercepat

The folks at Symnantec are concerned about Trojan.Silentbaker, and I can’t blame them. This Trojan horse program performs “man-in-the-middle” attacks between users and more than 400 banks. Running on the user’s computer, the Trojan monitors the use of Web sites, looking for banks it can manipulate. It reads data coming from the bank and instructions sent by the user, and modifies fields in user instruction such as destination of transfers.

Symnantec notes that Trojan.Silentbanker can even attack sites that require two-factor authentication (generally in the form of one-time password tokens). Really, this isn’t surprising or even all that impressive. Once a Trojan is in the position to intercept and modify form fields, it follows that it could do so with the one-time password, which is just another form field.

This level of compromise requires a malware infection on your PC. Conventional phishing sites, which do not incorporate malware, can attempt to fool you, but they attack only one bank at a time. This particular Trojan has weaknesses, such as looking at specific addresses for updates, that will help to limit it. Your best defense (say it with me, folks) it to keep antivirus software up to date and not to run executable you get form strangers.

Ever since its debut, Firefox has garnered a reputation for being an enormously customizable program, both through its add-on architecture and its internal settings. In fact, many of Firefox’s settings aren’t exposed through the Tools > Options menu; the only way to change them is to edit them manually. In this article, we’ll explore some of the most useful Firefox settings that you can change on your own and that aren’t normally available through the program’s graphical interface. The closest analogy to how Firefox manages its internal settings is the Windows Registry. Each setting, or preference, is given a name and stored as a string (text), integer (number) or Boolean (true/false) value. However, Firefox doesn’t keep its settings in the registry, but in a file called prefs.js. You can edit prefs.js directly, but it’s often easier to change the settings through the browser window.

Type about:config in the address bar and press Enter, and you’ll see all the settings currently enumerated in prefs.js, listed in alphabetical order. To narrow down the hundreds of configuration preferences to just the few you need, type a search term into the Filter: bar. (Click the Show All button or just clear the Filter: bar to get the full list back again.)

To edit a preference, double-click on the name and you’ll be prompted for the new value. If you double-click on an entry that has a Boolean value

Before you begin but it’s often easier to change the settings through the browser window. Here are a few caveats to keep in mind as you explore and tweak:

Not everyone will get the same benefits by enabling these tweaks. This is especially true for changing the network settings. If you habitually visit sites that don’t allow a large number of connections per client, for instance, you won’t see much benefit from raising the number of connections per server. Some hacks may have a limited shelf life. With each successive release of Firefox, the need for tweaking any of the performance-related config settings (like the network settings) may dwindle as Firefox becomes more self-tuning based on feedback from real-world usage scenarios. In short, what works now may not always work in the future — and that might not be a bad thing. Keep a log of everything you change, or make backups. If you tweak something now and notice bizarre activity in a week, you’ll want to be able to track back to what was altered and undo it. Firefox does show which about:config changes have been set manually, but this isn’t always the most accurate way to find out what you changed.

To make a backup of your preferences in Firefox, just make a copy of the file prefs.js, which is kept in your Firefox profile folder. If you mess something up, you can always copy this file back in. (Be sure to shut down Firefox before making a copy of prefs.js or moving a copy back into the profile folder!)

In Windows XP, the profile folder is
\DocumentsandSettings\\Application Data\Mozilla\Firefox\Profiles\.default\

In Windows Vista, this folder is
\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\.default\

Note that Application Data and AppData are hidden folders by default, so they may not show up unless you force Explorer to show hidden objects. (Open the Control Panel, double-click Folder Options, select the View tab, select “Show hidden files and folders” and click OK.)

In Mac OS X, the profile folder is
/Library/Application Support/Firefox/Profiles/.default/

and in Linux it’s
~/.mozilla/firefox/.default/

but on those platforms it’s usually quicker simply to search for prefs.js.

Alternatively, you can use the handy Firefox Extension Backup Extension (FEBE). It backs up not only the prefs.js file but just about every other thing in Firefox — extensions, themes, cookies, form history and so on.