Thunderbird in Malaysia, really feel the thunder in my chest!

USAF Thunderbirds - Pics from<br />
Picture grabbed from Zagispirit, taken at Townsville ADF Airshow

Tomorrow (3rd Oct) there will be an aerobatic demonstration by USAF Thunderbirds and Malaysia Royal Air Force (RMAF) in RMAF Subang Air Base. This
joint event will highlights Thunderbird F-16 and C-17 Globemaster by USAF and also RMAF Sukhoi team.

The event will start at 1030 am, with C-17 demonstration, followed by RMAF Sukhoi airshow. USAF thunderbird airshow will start at 11.30am followed by
autograph signing by Thunderbirds Crew. This event will be open for public for free, and will be expecting huge crowds.

I wish I have my own camera to take the shots. Just enjoying the show la 🙂 You guys dont miss it!

Press release

DashBlog :: Add-ons for Firefox


Found this cool firefox addon, for blogging purpose. I always have the same problem from the very beginning, to capture the screenshot, crop it, and upload it to my blog. This add-on seems a good one to speed things up in sharing knowledge through our sites.

This post might serve as my first test, to post using DashBlog.

You can get it here.

md5 decode script – PHP

Last few weeks I found a malicious script installed on my hosting server. This is due to unupdated WordPress, that allow remote attacker to upload some malicious code into the server. The server have been clean up, no more problem. 🙂

The malicious file found is a PHP script, with alot of hacking tools embedded. One interesting part is, it have a md5 decoder. I’m not really good in data structure, I cannot construct my own bruteforce code. So, I took those bruteforce code to a single file, just to decode a md5 hash string.

This is just a prove of concept that, a strong password should be long, and have some extra character, other than normal alphabets. This give a higher probability of character to choose in bruteforce attack.

MD5 Decode in action

Download the code here, md5decode.txt. Please rename it to *.php.
You have to put in what character options to test against the hash string, and also the hash string you want to decode.

This code might not applicable in real life nowadays, as there are other ways users password been exploited, for example, using default password, and common password. Thats why most bruteforce attacked were dictionary based. So, make sure your password is strong enough. One other method, is Rainbow Table. I’m still reading it 🙂

Rainbow Table (Wikipedia) –
Md5decode.txt –

Network monitoring with cacti – snmpd.conf

Network monitoring plays an important aspect in a system admin life. You will be managing some servers, and you might have problem taking care of their respective ‘health’, making sure its serving fine and performing best of it. There are some monitoring tool, for example, mrtg, nagios, cacti.

For our setup, we are utilizing cacti, a web-based host monitoring tool, that can monitor hosts through snmp. Its a php tool, and customizable. Its powerful enough to give you what you want, just the matter of configuration. The first thing, you have to make sure every host you want to monitor is snmp enabled.

Cacti login page

SNMP stands for “Simple Network Management Protocol”, can be harmful if not configured properly. It can reveal you private information of the host. I will just put a simple snmpd.conf configuration file, that will have enough privilege control on host and community string.

com2sec local localhost YOUR_COMMUNITY_STRING
com2sec mynetwork YOUR_COMMUNITY_STRING

group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork

view all included .1 80

access MyROGroup “” any noauth exact all all none
access MyRWGroup “” any noauth exact all all none

syslocation YOUR_LOCATION
syscontact YOUR_EMAIL
sysname SYSNAME

You can verify that your snmpd daemon is responding to snmp request using snmpwalk. For snmp version 1, you can use,
snmpwalk -v 1 -c YOUR_COMMUNITY_STRING
For snmp version 2,
snmpwalk -v 2c -c YOUR_COMMUNITY_STRING

This configuration is for the end host you want to monitor. In Cacti, you will need to add the community string, and the IP of the host you want to monitor. Then, cacti will start polling information from these hosts through SNMP with the credential given.

Cacti Graph

Cacti –
Nagios –

Mysql Database backup script.

I have found this one mysql backup script, that just suite my need to backup all database in their respective file. It will be easy for recovery, if I need the sql for that particular database. This is script have been modified from mysql database backup script in HowToForge. This script will also FTP to other location, but I have remove this functionality, as I dont need to move it to another FTP server.

# System + MySQL backup script
# Copyright (c) 2008 Marchost
# This script is licensed under GNU GPL version 2.0 or above
# Modified by Farhan Faisal @
# ---------------------------------------------------------------------

######TO BE MODIFIED#####

### System Setup ###

### MySQL Setup ###

### FTP server Setup ###


### Binaries ###
TAR=”$(which tar)”
GZIP=”$(which gzip)”
FTP=”$(which ftp)”
MYSQL=”$(which mysql)”
MYSQLDUMP=”$(which mysqldump)”

### Today + hour in 24h format ###
NOW=”$(date +”%Y-%m-%d”)”

### Create hourly dir ###

mkdir $BACKUP/$NOW

### Get all databases name ###
DBS=”$($MYSQL -u $MUSER -h $MHOST -p$MPASS -Bse ‘show databases’)”
for db in $DBS

### Create dir for each databases, backup databases in this folder. ###
$MYSQLDUMP -a -u $MUSER -h $MHOST -p$MPASS $db | $GZIP -9 > $FILE

### Compress all tables in one nice file ###



rm -rf $ARCHIVED

Last weekend waterfall hunting.

Last weekend was a great weekend, as I did one new thing, waterfall hunting. I have marked 2 waterfall to search for, both of them found in a website, Its Tanglir Waterfall, and Sungai Dua waterfall. Both of them just within the same path on Karak Highway. Anyway, It start will a warm up trip to Chilling Waterfall with my rock climbing friends.

Chilling waterfall
Chilling waterfall located in Kuala Kubu Bharu. After reaching there, we park our car, and start tracking to the base site, where there were the management office, campsite, toilets and place to pray. The place is well maintained, as it is a fish sanctuary area. Thats why, fishing is strictly not allowed in Chilling Waterfall. You can see the signboard throughout the path.

After 40 minutes walk, just following the path upriver and 5 river crossing, we reached the fall at around 3.30 pm. The waterfall is just fantastic. I remember last time i went there, we did canyoneering near the fall. We spend around 1 1/2 hours there, and start departing back to campsite. There were some strict rules, like you cannot camping there beyond the hanging bridge, and you have to get back before 5 o’clock. You also cannot swim there if its raining. There have been a few accident there, that involves death.

GPS navigator

Continue reading

Bukit Tabur, Taman Melawati

Bukit Tabur, Sunrise

Picture by Alexander Krasnikov

Within last few weeks, I’ve been to Bukit Tabur. Could not find more time for long trip, other than usual rock climbing during weekends, and Bukit Tabur trip. It start with my colleague, who would like to try out some adventures during weekends.

On 20th December, we start hiking the hill at 6.30, just 4 of us, because 5 others were late. We dont waste the opportunity to see the sunrise. Within 25 minutes, we arrive there. Its still dark, and we still have to use our headlights to walk. Then I returned back, and wait for the other 5 of us to arrive. We managed to reach the others around 7.30. Its not so hot yet, and we can still enjoy the sunrise that time.

The trip was planned for only to enjoy the sunrise, but we could not hold ourself seeing other trackers moving with the passion to the top. I never reach the peak, the real peak, and neither all of us. We just follow some other trackers that time.

Ima, at Bukit Tabur
Following few weeks, there comes another trip, for my other friends. They missed the 1st trip, because of health condition. Well, I keep my promise to bring them there 🙂 Its not as early as the previous trip, but we enjoy the trip, enjoy the sunrise, and enjoy the view from there. For last few trip to Bukit Tabur, I really want to just enjoy the view, and the cold winds. Its just feels like at the top of mountains, just with 20-30 minutes walk.
Continue reading

Use Google Apps on your own domain.

As google have introduced to their google apps to all users for free, I think a simple guide on how to utilize the free service to our optimum use.. This should be a reference for me myself, and other who would see this useful.

For me, I would just want to use google mail, as inside google apps package. Google mail really a good thing we have in the internet world nowadays, as the email interface, emailing experience is different, and really useful. Just a few cons like no folder management. But you can still use labelling to categorize your email.

There are 2 ways you can use google mail on your own domain. Either registering for google apps at or using your current gmail email account.

Using google apps.

Go to, and register for google apps account with your domain name. With google apps, you can have google docs, google chat, google site, calendar and a few more. But this example, google site will be ignored, as I’m using my current hosting account for site, I’m just using Google Mail in my google apps.

Register for your domain name
After the registration process, you will have to verify domain ownership. You can choose either 1 of 2 method, either configuring your MX record, your html verification. I think HTML verification will be easier, as you can simply create the file, with specific filename and content provided by Google, on your hosting account, and Google with check the file later.

After your google apps have been created, you need to modify your DNS record of your domain, specifically your MX record to tell where emails of your domain to be sent to. Please check it here, You can just refer below, the list of MX record to be changed.

MX Server address Priority

Google also suggest you to add this additional SPF Continue reading

Change process priority with renice

Today I discovered a very slow loading of a few website of mine. For apache, I have reading through and made some tweaks and optimization to make it perform better. On database, not much that I’ve done. I use mytop, a mysql health monitor just like top in linux system. Its shows a few queries hanging and queued.

Apache and mysql need a higher priority to serve the web faster, as fast as it could. I found a tutorial on renice, where we can change the process priority of process, and also for any process that belong to any particular user. The value varies from -20 until 19. The negative value only can be assigned by a superuser. The lower the value, higher the priority. For example, process with value -19, have a higher priority than a process with nice value -18.

to change the nice value, it could be as simple as :

nice -5 httpd
* this will change process httpd priority to 5.

You can also change the priority by user.

renice -5 -u mysql
* This will change the priority of all process that belong to user mysql to -5

renice -5 -u mysql -p 8918
* This will change the priority of all process that belong to user mysql and with PID 8918 to -5.
Renice – Linux man page

Monowall on Vmware

Yesterday I spent some time to play around with Monowall. Monowall is an embedded firewall package, thats built from bare-bone version of FreeBSD. The whole package is really small, smaller than 12MB, it can fit into your CF card for your embedded project. I start to have a look into Monowall when my boss bring this machine into our office, an embedded box, Axiomtek NA-0042B. I couldn’t find any technical spec in detail of the product, even from the official Axiomtek website.

So, in my case, I’m using a generic-pc image, from one of the monowall mirrors. I load the image into another vmware virtual machine, load the image into a secondary image of the machine.

The disk is available for download here Monowall Disk for VMware. I’ve also prepared a complete vmware machine with monowall. Please download it here, Monowall VMware Image.. This machine have been configured with IP Username & password are the same as default, admin and mono respectively.

I’ll have a look into IpCop and pfSense later. Never get my hands tired with them yet. Maybe some other Monowall derivative as well 🙂

[download(Monowall Disk for VMware)] (5.4MB), [downloadcounter(Monowall Disk for VMware)] downloads.
[download(Monowall VMware Image.)] (5.4MB), [downloadcounter(Monowall VMware Image.)] downloads.