Setelah terampungkan script php yang telah kita buat ada kalanya bug-bug yang tidak diinginkan bercokol di sela-sela script yang telah siap dionlinekan. Dan tentunya bug ini bisa berakibat fatal sehingga dapat dimanfaatkan oleh para intruder-intruder yang berusaha untuk mengekploitasi system.
Lalu, bagaimana mencegah sang hacker mengekploitasi, bahkan merusak website anda, bagaimana mencegah secara pasti dan mengetahui script yang telah dibuat memiliki bug yang fatal, bagaimana menangani itu semua ?
Sebelum kita beralih maju ke langkah selanjutnya ada baiknya untuk mengenali bug popular yang paling sering diexploitasi.
Penulis akan mencoba untuk memberikan sedikit penjelasan, bug yang sering dijumpai dalam aplikasi berbasis web khususnya Content Management system maupun yang lainnya. Di antaranya :
- XSS ( Cross Site Scripting )
- SQL Injection
- RFI ( Remote File Inclusion )
-Cross Site Scriping -
Lebih dikenal dengan sebutan XSS. Kesalahan ini terjadi karena tidak adanya filtering pada html maupun java script.
Tetapi pada dasarnya defacing ( perubahan kontent ) hanya terjadi disisi client saja. Yang paling fatal dari bug ini adalah anda dapat mencuri cookie kemudian menggunakannya untuk berbuat sesuatu yang .
Contohnya :
Cencored [ bayar dulu ]
-SQL Injection-
SQL Injection sebenarnya terjadi karena seorang attacker yang mencoba melakukan inject query sql melalui form ataupun via address bar pada browser internet. Sebagai contohnya ketika mencoba login sebagai admin pada situs pemerintah Sumatra Selatan ( http://www.sumsel.go.id ). Dengan menggunakan query ' or 1=1-- bisa berhasil login. Pada dasarnya ' atau single quote dan or 1=1-- itu berfungsi untuk membingungkan si server sql, sehingga yang dilakukan oleh server sql adalah menjalankan query " select * ". Yang terjadi adalah kita diloloskan untuk login sebagai admin. Tapi udah di patch lo..
-RFI ( Remote File Inclusion )-
Sebelumnya silahkan membaca artikel fungsi require, require_once, include, dan include_one RFI sendiri terjadi karena kesalahan programmer ketika melakukan coding, yakni menggunakan variable dalam fungsi-fungsi tersebut. Apabila user memasukkan url evil script miliknya pada variable yang digunakan dalam fungsi require ataupun include, yang terjadi adalah evil script tersebut dapat dieksekusi secara remote, dengan kata lain, attacker dapat menjalan command di server milik anda untuk merubah konten situs atau bahkan merusaknya.
Untuk contohnya silahkan anda cari di www.milw0rm.com.
Keywordnya Remote File Inclusion.
-Pengecekan BUG-
Pengecekan bug sendiri bisa dilakukan secara manual. Hmmm ... tentunya ini akan memakan banyak waktu. Terbentuklah tools yang dapat secara cepat dan otomatis menemukan bug-bug yang terselip di php script secara tidak sengaja maupun sengaja.
Pada dasarnya untuk mengecek bug dapat dilakukan secara online maupun offline. Penulis sarankan pengecekan bug ini dilakukan di localhost anda ( offline ) saja.
-Cek Bug XSS-
Tools untuk mengecek XSS pada script php milik anda adalah sebuah addons mozilla firefox yang disediakan secara gratis. Penginstallannya pun tergolong mudah, berikut juga cara penggunaannya.
Tools tersebut dapat anda download disini :
http://www.securitycompass.com/exploit_me/xssme/xssme-0.2.1.xpi
-Cek Bug SQL Injection-
Untuk periode saat ini defacing dengan SQL Injection digolongkan paling favorit dan tentunya paling banyak digunakan, mungkin karena penyerangan yang dilakukan cukup mudah, cukup memiliki dasar pengetahuan syntax sql. Lagi-lagi sebuah addons mozilla firefox yang cukup ampuh dan mudah digunakan telah disediakan untuk melakukan cek bug sql injection. :D
Anda dapat mendownloadnya disini :
http://www.securitycompass.com/exploit_me/sqlime/sqlime-0.2.xpi
Penggunaanya pun tidak terlalu sulit.
Cek BUG Remote File Inclusion
Sebelumya anda download terlebih dahulu scriptnya disini http://www.newhack.org/dl_jump.php?id
Setelah itu silahkan download active perl, compiler interpreter ini nantinya digunakan untuk menjalankan script inclusionscanner.pl.
Dan kemudian copykan inclusionscanner.pl tersebut ke direktori c:\perl\bin
Langkah selanjutnya :
1. Masukkan script yang akan anda scan kedalam sebuah direktori di c:\perl php.
ex : c:\perl\wordpress.
2. Masuk ke command prompt, start | run | cmd | enter
3. Setelah itu masuk ke direktory c:\perl\bin, cd c:\perl\bin
4. Jalankan scriptnya,
C:\Perl\bin>perl.exe inclusionscanner.pl
#Will check a directory for all includes and unsets
#Coded by Ironfist (ironsecurity.nl)
#Usage: create a folder in your perlfolder and put the files to be scanned in it
, next type the folder name below (eg myfolder)
#GIVES ERRORS WHEN CHECKING SUBFOLDERS: IGNORE THEM
Directory to read? c:\perl\wp
kemudian lihat hasilnya di c:\perl\bin\result.html
berikut hasil scan ketika penulis mencoba untuk melakukan cek inclusion pada wordpress-2.3.3 :
FOUND: require_once($locale_file);
in c:\perl\wp/wp-settings.php FOUND: require_once($import_root . '/' . $file);
in c:\perl\wp/wp-admin/import.php FOUND: include_once($this->PluginDir . "class-smtp.php");
in c:\perl\wp/wp-includes/class-phpmailer.php FOUND: include($lang_path.'phpmailer.lang-'.$lang_type.'.php');
in c:\perl\wp/wp-includes/class-phpmailer.php FOUND: include($lang_path.'phpmailer.lang-en.php');
in c:\perl\wp/wp-includes/class-phpmailer.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: include($template);
in c:\perl\wp/wp-includes/template-loader.php FOUND: require_once($_template_file);
in c:\perl\wp/wp-includes/theme.php
woww !!! silahkan di exploitasi he2x…
-Apaan sih XSS ?-
Apaan sih XSS ?
Mungkin bagi anda yang udah akrab dengan dunia internet pernah mendengar istilah SQL Injection, XSS (Cross Site Scripting). 2 kelemahan atau vulnerability pada sebuah website yang kerap kali dimanfaatkan oleh para cracker untuk menjalankan aksinya, dan percayalah hampir seluruh hacker ketika melakukan serangan mencoba dua tekhnik ini terlebih dahulu. XSS pun bisa digunakan untuk mencuri cookies, sehingga seorang cracker bisa menggunakan identitas orang lain dengan menggunakan cookies hasil curian. XSS biasanya digunakan oleh newbie hacker yang tidak memiliki explo untuk menjalankan aksi ilegalnya.
Metode XSS dan SQL Injection sering digunakan untuk melakukan deface pada sebuah website. Istilah familiarnya "nge-hack website" walaupun pada kenyataannya deface itu tidak sama dengan hacking. Deface sendiri memiliki arti, merusak sebagian atau keseluruhan dari isi website.
Untuk melakukan XSS caranya nggak susah-susah amat, anda hanya perlu menggunakan browser anda untuk memanfaatkan kelemahan2 yang ada. Contoh situs yang masih bisa di XSS adalah :
http://www.malesbanget.com/kamus/definisi.php?kata=
untuk mengetes apakah situsnya masih bisa di XSS anda bisa menambahkan setelah
kata=
<script>alert('Tes,XSS-nya masih bisa')</script>
Jadinya:
http://www.malesbanget.com/kamus/definisi.php?kata=<script>alert('Tes,
XSS-nya masih bisa')</script>
kemudian tekan enter ...
kemudian akan muncul popup baru berisi 'Tes, XSS-nya masih bisa'
Bukan hanya itu, masih banyak tag html yang bisa kita gunakan, tanya deh om Google.
contoh lainnya adalah :
http://www.malesbanget.com/kamus/definisi.php?kata=<h1>Hacked by
Me</h1><h7>
Yah… sekian dulu entar di lanjut lagi.
Kalo lagi inget……
Mungkin bagi anda yang udah akrab dengan dunia internet pernah mendengar istilah SQL Injection, XSS (Cross Site Scripting). 2 kelemahan atau vulnerability pada sebuah website yang kerap kali dimanfaatkan oleh para cracker untuk menjalankan aksinya, dan percayalah hampir seluruh hacker ketika melakukan serangan mencoba dua tekhnik ini terlebih dahulu. XSS pun bisa digunakan untuk mencuri cookies, sehingga seorang cracker bisa menggunakan identitas orang lain dengan menggunakan cookies hasil curian. XSS biasanya digunakan oleh newbie hacker yang tidak memiliki explo untuk menjalankan aksi ilegalnya.
Metode XSS dan SQL Injection sering digunakan untuk melakukan deface pada sebuah website. Istilah familiarnya "nge-hack website" walaupun pada kenyataannya deface itu tidak sama dengan hacking. Deface sendiri memiliki arti, merusak sebagian atau keseluruhan dari isi website.
Untuk melakukan XSS caranya nggak susah-susah amat, anda hanya perlu menggunakan browser anda untuk memanfaatkan kelemahan2 yang ada. Contoh situs yang masih bisa di XSS adalah :
http://www.malesbanget.com/kamus/definisi.php?kata=
untuk mengetes apakah situsnya masih bisa di XSS anda bisa menambahkan setelah
kata=
<script>alert('Tes,XSS-nya masih bisa')</script>
Jadinya:
http://www.malesbanget.com/kamus/definisi.php?kata=<script>alert('Tes,
XSS-nya masih bisa')</script>
kemudian tekan enter ...
kemudian akan muncul popup baru berisi 'Tes, XSS-nya masih bisa'
Bukan hanya itu, masih banyak tag html yang bisa kita gunakan, tanya deh om Google.
contoh lainnya adalah :
http://www.malesbanget.com/kamus/definisi.php?kata=<h1>Hacked by
Me</h1><h7>
Yah… sekian dulu entar di lanjut lagi.
Kalo lagi inget……
-Videos Hacking Download-
Kadang ada saatnya seseorang yang sedang mempelajari network security mengalami kelelahan dalam membaca apa yang dia pelajari, karena untuk masuk dalam tingkat dasar saja kita harus membaca puluhan artikel dan beberapa buah buku yang tebal. Pada dasarnya membaca membutuhkan perhatian fokus yang tertuju, walaupun sambil mendengar musik (apa lagi musik rock) stress bisa sangat mudah terjadi.
Untuk itu ada kalanya kita harus mempelajarinya dengan cara lain, seperti menggunakan video yang jelas jauh lebih mudah dimengerti ketimbang harus membacanya, walaupun terdapat banyak kelemahan kekurangan. Seorang yang melihat video teknik hacking tentunya harus mengerti dulu konsep dari teknik hacking tersebut sebelumnya.
Maka hal inilah yang mendorong saya untuk membagi link untuk mendownload video hacking. Selain memperlihatkan teknik hacking, bagi anda yang ingin mempelajari bagaimana mengcrack suatu software untuk mendapatkan cd key, license, ataupun serial number disajikan video dengan lengkap.
Download aja di :
http://rapidshare.com/files/174700524/Cr4k.h4ck.Tut.part1.rar
http://rapidshare.com/files/174700648/Cr4k.h4ck.Tut.part2.rar
http://rapidshare.com/files/174700526/Cr4k.h4ck.Tut.part3.rar
http://rapidshare.com/files/174700610/Cr4k.h4ck.Tut.part4.rar
http://rapidshare.com/files/174700440/Cr4k.h4ck.Tut.part5.rar
http://rapidshare.com/files/174700301/Cr4k.h4ck.Tut.part6.rar
-Pengertian Logistik-
Logistik berasal dari bahasa Yunani "Logos" yang berarti rangsum, kata, kalkulasi, alasan, cara berbicara, dan orasi. Dalam sejarah Yunani dan Romawi kuno, istilah logistik digunakan sebagai pasokan senjata dan rangsum bagi para prajurit yang bertempur, yang berpindah dari satu tempat ke tempat lainnya. Pasukan Romawi kuno dalam berperang selalu berpindah dari satu daerah ke daerah lain untuk menuntaskan ambisi Julius Caesar dalam menguasai dunia. Untuk itulah diperlukan tenaga logistik yang handal, atau yang dahulu disebut sebagai "Logistikas". Tim logistikas bertugas untuk memberikan pasokan atau supply kepada prajurit yang bertempur. Istilah ini kemudian digunakan oleh militer modern dalam melakukan supply untuk keadaan perang, mulai dari informasi, transportasi, senjata, bahan makan, dan masih banyak lagi.
Secara harafiah, logistik diartikan sebagai management aliran atau flow management dari suatu tempat ke tempat lain. Apa saja yang termasuk di dalamnya? Garis besar flow management meliputi aliran sumber daya dan informasi. Keduanya memiliki sub bagian yang terpisah. Sebagai contoh, aliran sumber daya meliputi energi dan manusia. Beberapa sub bidang logistik antara lain adalah:
1. Informasi
2. Transportasi
3. Inventory
4. Warehousing
5. Material-handling
6. Packaging
Logistik merupakan suatu bagian dari supply chain management yang berfokus pada perpindahan barang dari tempat asal ke tempat tujuan, untuk mencapai kepuasan pelanggan. Tujuan utama dari logistik adalah mengatur siklus sehingga memberikan hasil yang bermanfaat bagi perusahaan, terutama pada efisiensi. 2 hal yang menjadi fokus utama dalam dunia logistik adalah internal logistik dan external logistik. Keduanya mengatur aliran dan penyimpanan material dari satu titik ke titik lain dengan fungsi utama meliputi inventory management, purchasing, transportasi dan distribusi, serta warehousing.
Inventory Management
Inventory management merupakan sistem pengaturan inventory dalam suatu perusahaan. Percaya atau tidak, sistem inventori yang dianut oleh suatu perusahaan dapat mencerminkan kinerja dari perusahaan tersebut. Banyak perusahaan menjadi bangkrut hanya karena perusahaan tersebut tidak dapat mengatur sistem inventori-nya. Peningkatan jumlah inventori perusahaan rentan menyebabkan munculnya dead stock. Contoh nyata, siapa tidak mengenal sepeda Federal. Pada era tahun 90an, jika orang menyebut sepeda gunung, yang terlintas dibenak mereka hanya 1 nama yaitu Federal. Bahkan jika orang pergi ke toko sepeda, ingin membeli sepeda gunung merk lain, mereka tetap menyebut, "Pak mau beli sepeda Federal merk anu". Namun, perusahaan ini akhirnya menjadi collapse dan harus menjual aset mereka kepada salah satu kompetitor nya pada waktu itu yang masih dalam taraf berkembang, yaitu Polygon. Konon, kejatuhan pabrik sepeda terbesar di Indonesia ini dikarenakan mereka mempunyai dead stock yang terlalu banyak akibat inventory management yang kurang bagus.
Purchasing
Purchasing juga merupakan salah satu bagian dari dunia logistik. Supply barang erat kaitannya dengan kinerja pemasok, yang tercover melalui sebuah purchasing department. Kejelian seorang purchaser dalam memilih vendor, akan memberikan dampak kepada sistem logistik suatu perusahaan. Bayangkan jika vendor yang anda miliki punya sistem kerja yang amburadul. Produk yang dikirim banyak yang cacat, lead time delivery juga lama, bahkan sering terlambat. Secara otomatis, sistem logistik anda akan menjadi kacau balau. dampaknya, customer order tidak dapat terpenuhi, sehingga profit menurun.
Transportasi dan distribusi
Salah satu inti dari logistik adalah transportasi dan distribusi. Kecepatan dan ketepatan menjadi tolak ukur utama di bagian ini. Bagaimana supply bisa sampai ke tempat tujuan sesuai dengan permintaan, sehingga proses berikutnya tidak terhambat. Banyak hal yang berpengaruh dalam hal ini, mulai dari kualitas armada transportasi, kejelian dalam menentukan rute, dan juga efisiensi biaya transportasi dan distribusi. Semuanya itu akan memberikan impact terhadap kinerja logistik anda.
Warehousing
Warehousing atau pergudangan merupakan bagian kecil dari logistik. Termasuk di dalamnya adalah sistem penyimpanan, material handling, FIFO sistem, cross-docking dan packaging. Banyak orang menganggap sepele masalah yang satu ini, namun warehouse merupakan salah satu bagian dalam perusahaan yang menentukan kinerja dari perusahaan tersebut.
Untuk lebih lengkapnya masing-masing sub bagian tersebut, dapat anda baca pada artikel khusus tentangnya.
Secara harafiah, logistik diartikan sebagai management aliran atau flow management dari suatu tempat ke tempat lain. Apa saja yang termasuk di dalamnya? Garis besar flow management meliputi aliran sumber daya dan informasi. Keduanya memiliki sub bagian yang terpisah. Sebagai contoh, aliran sumber daya meliputi energi dan manusia. Beberapa sub bidang logistik antara lain adalah:
1. Informasi
2. Transportasi
3. Inventory
4. Warehousing
5. Material-handling
6. Packaging
Logistik merupakan suatu bagian dari supply chain management yang berfokus pada perpindahan barang dari tempat asal ke tempat tujuan, untuk mencapai kepuasan pelanggan. Tujuan utama dari logistik adalah mengatur siklus sehingga memberikan hasil yang bermanfaat bagi perusahaan, terutama pada efisiensi. 2 hal yang menjadi fokus utama dalam dunia logistik adalah internal logistik dan external logistik. Keduanya mengatur aliran dan penyimpanan material dari satu titik ke titik lain dengan fungsi utama meliputi inventory management, purchasing, transportasi dan distribusi, serta warehousing.
Inventory Management
Inventory management merupakan sistem pengaturan inventory dalam suatu perusahaan. Percaya atau tidak, sistem inventori yang dianut oleh suatu perusahaan dapat mencerminkan kinerja dari perusahaan tersebut. Banyak perusahaan menjadi bangkrut hanya karena perusahaan tersebut tidak dapat mengatur sistem inventori-nya. Peningkatan jumlah inventori perusahaan rentan menyebabkan munculnya dead stock. Contoh nyata, siapa tidak mengenal sepeda Federal. Pada era tahun 90an, jika orang menyebut sepeda gunung, yang terlintas dibenak mereka hanya 1 nama yaitu Federal. Bahkan jika orang pergi ke toko sepeda, ingin membeli sepeda gunung merk lain, mereka tetap menyebut, "Pak mau beli sepeda Federal merk anu". Namun, perusahaan ini akhirnya menjadi collapse dan harus menjual aset mereka kepada salah satu kompetitor nya pada waktu itu yang masih dalam taraf berkembang, yaitu Polygon. Konon, kejatuhan pabrik sepeda terbesar di Indonesia ini dikarenakan mereka mempunyai dead stock yang terlalu banyak akibat inventory management yang kurang bagus.
Purchasing
Purchasing juga merupakan salah satu bagian dari dunia logistik. Supply barang erat kaitannya dengan kinerja pemasok, yang tercover melalui sebuah purchasing department. Kejelian seorang purchaser dalam memilih vendor, akan memberikan dampak kepada sistem logistik suatu perusahaan. Bayangkan jika vendor yang anda miliki punya sistem kerja yang amburadul. Produk yang dikirim banyak yang cacat, lead time delivery juga lama, bahkan sering terlambat. Secara otomatis, sistem logistik anda akan menjadi kacau balau. dampaknya, customer order tidak dapat terpenuhi, sehingga profit menurun.
Transportasi dan distribusi
Salah satu inti dari logistik adalah transportasi dan distribusi. Kecepatan dan ketepatan menjadi tolak ukur utama di bagian ini. Bagaimana supply bisa sampai ke tempat tujuan sesuai dengan permintaan, sehingga proses berikutnya tidak terhambat. Banyak hal yang berpengaruh dalam hal ini, mulai dari kualitas armada transportasi, kejelian dalam menentukan rute, dan juga efisiensi biaya transportasi dan distribusi. Semuanya itu akan memberikan impact terhadap kinerja logistik anda.
Warehousing
Warehousing atau pergudangan merupakan bagian kecil dari logistik. Termasuk di dalamnya adalah sistem penyimpanan, material handling, FIFO sistem, cross-docking dan packaging. Banyak orang menganggap sepele masalah yang satu ini, namun warehouse merupakan salah satu bagian dalam perusahaan yang menentukan kinerja dari perusahaan tersebut.
Untuk lebih lengkapnya masing-masing sub bagian tersebut, dapat anda baca pada artikel khusus tentangnya.
-Dasar Bahasa Pascal-
1. SEJARAH SINGKAT
Nama PASCAL diambil dari nama seorang ahli matematika bangsa Perancis, yaitu BLAISE PASCAL yang telah berjasa menemukan alat hitung mekanis pertama didunia pada abad ke-17, alat hitung inilah yang menjadi nenek moyang computer walaupun masih diperdebatkan. Bahasa PASCAL pertama kali dikembangkan pada awal tahun 70-an oleh NICLAUS WIRTH di Technical University, Zurich – Swiss. Bahasa pemrograman ini termasuk kategori “High Level Language” artinnya instruksi yang digunakan dalam pemrograman ini menyerpai bahasa manusia (dalam bahasa Inggris).
Pascal mendapatkan proses per-standar-an ISO pada tahun 1993, dari Pascal Standards Committee yang kemudian mempublikasikan ekstensi objek ke dalam bahasa pascal standard. Hal inilah yang membuat bahasa pascal sangat cocok diajarkan dalam kalangan akademisi, selain karena bahasa pascal sangat terstruktur.
Saat ini banyak sekali software yang memabantu dalam penulisan bahasa ini, dan dari bermacam-macam perusahaan. Tetapi, saya akan menjelaskan dalam makalah ini menggunakan Turbo Pascal, karena merupakan versi yang paling populer.
2. STRUKTUR, KOMPONEN DAN ATURAN DASAR
1. Struktur program :
Nama Program Program Nama_program;
Daftar Unit Uses;
Bagian deklarasi :
deklarasi label Label nama_label;
deklarasi konstanta Const;
deklarasi tipe Tipe;
deklarasi variabel Var;
deklarasi prosedur Procedure nama_prosedur;
……………………………….;
deklarasi fungsi Function nama_fungsi;
………………………….;
Program Utama Begin
(statement)
…………;
end.
Judul program bisa ditulis ataupun juga tidak ditulis. Setiap bagian struktur program harus diakhiri dengan tanda titik koma ‘ ; ‘. Hal ini sering sekali menimbulkan masalah ketika decompile, sehingga kita harus hati-hati dan teliti ketika menulis program.
Identifier merupakan sebuah kata yang digunakan sebagai nama atau sebutan terhadap sesuatu didalam program. Pemakai dapat mendefinisikan sendiri suatu nama sebagai identifier. Bagian deklarasi digunakan untuk pengenal (identifier). Identifier dapat berupa label, konstanta, tipe, variabel, prosedur dan fungsi. Tidak seperti program bahasa lain, pascal menuntut supaya identifier diperkenalkan terlebih dahulu sebelum digunakan, dengan dideklarasikan terlebih dahulu pada bagian ini. Identifier (sebutan/pengenal)
Identifier ini terdiri atas :
1. Identifier Standar, yaitu identifier yang telah didefinisikan oleh bahasa pascal.
Contoh dari Identifier standar ini antara lain:
ABS LN
ARCTAN ODB
BOOLEAN PRED
CHAR ROUND
CHR READ
COS READLN
EOF SQR
EOLN SQRT
EXP SUCC
Dan masih banyak lagi.
2. Identifier Non Standar; yaitu identifier yang didefinisikan oleh pemakai bahasa pascal; misalnya;
Nama suatu program
Nama suatu konstanta yaitu suatu identifier non-standar yang nilainya telah ditetapkan dalam suatu program dan dideklarasikan pada bagian deklarasi. Konstanta nilainya tidak dapat diubah-ubah.
Nama suatu variable yaitu suatu identifier non-standar yang nilainya tidak tetap atau nilainya merupakan hasil dari suatu proses.
Nama suatu procedure
Identifier ini bebas, tetapi dengan ketentuan-ketentuan sebagai berikut :
a) terdiri dari gabungan huruf dan angka dengan karakter pertama harus berupa huruf. Huruf besar dan huruf kecil dianggap sama.
b) Tidak boleh mengandung blank.
c) Tidak boleh mengandung simbol-simbol khusus, kecuali garis bawah.
d) Panjangnya bebas, tetapi hanya 63 karakter pertama yang dianggap signifikan.
2. Komponen Dasar
Pola susun bahasa Pascal dibentuk dengan menggunakan komponen bahasa pemrograman yang umum, yaitu :
• Simbol Dasar.
Simbol dasar terdiri atas :
a. Simbol huruf, yaitu huruf A sampai dengan Z atau a sampai dengan z.
b. (huruf besar dan kecil).
c. Simbol angka atau digit yaitu : 0,1,2,3,4,5,6,7,8,9.
d. Simbol khusus, yaitu : + - * / ; := , ‘ = < > <= >= <> : { } ( ) [ ]
• Reserved Word
Reserved Word adalah suatu kata yang secara mutlak tidak boleh diartikan lain dan harus digunakan sebagaimana yang telah didefinisikan atau ditentukan kegunaanya oleh bahasa Pascal. Reserved word ini tidak boleh didefinisikan ulang oleh pemakai, sehingga tidak dapat dipergunakan sebagai pengenal (identifier)
Reserved Word ini jumlahnya berbeda untuk masing-masing bahasa Pascal. Contoh beberapa reserved word yang telah didefinisikan oleh turbo pascal antara lain :
AND ELSE LABEL SET
ARRAY END OF TYPE
BEGIN FUNCTION OR UNTIL
CASE FOR PROCEDURE VAR WHILE
CONST GOTO PROGRAM WITH
DO IF RECORD Dan lainya.
DOWNTO IN REPEAT
3. Aturan Bahasa Pascal :
Hal-hal yang harus diperhatikan dalam penulisan program, antara lain:
Akhir dari program Pascal harus ditandai dengan tanda baca titik (.) setelah END yang paling akhir.
Tanda titik koma (;) merupakan pemisah antar instruksi satu dengan lainnya.
Beberapa statement boleh ditulis menjadi satu baris dipisahkan dengan tanda baca titk koma (;).
Baris komentar diletakkan diantara tanda (* *) atau diantara tanda { }, bisa juga dengan tanda //.
3. TIPE DATA
Type data yang dikenal dalam bahasa pascal antara lain yaitu:
1) Tipe data yang standar, yaitu :
a. Integer
Jenis data ini merepresentasikan nilai bilangan bulat. Pada TURBO PASCAL jenis data ini dibagi atas beberapa bagian, yaitu :
Tipe Ukuran memori
(dalam byte) Jangkauan nilai
BYTE 1 0..255
SHORTINT 1 -128..127
INTEGER 2 -32768..32767
WORD 2 0..65535
LONGINT 4 -2147483648..2147483647
Cara penulisannya:
….
Var
A:integer;
….
b. Real
Tipe data ini representasi dari bilangan decimal (floating point). Pada turbo pasacal, jenis data ini dibedakan atas :
Tipe Ukuran memori
(dalam byte) Jangkauan nilai Digit signifikan
SINGLE 4 1.5x10E-45 .. 3.4x10E38 7-8
DOUBLE 8 5.0x10E-324 .. 1.7x10E308 15-16
EXTENDED 10 1.9x10E-4951 .. 1.1x10E4932 19-20
COMP 8 -2E+63+1 .. 2E+63-1 19-20
Cara penulisannya:
….
Var
A:Real;
….
c. Character
Yang dimaksud dengan tipe data ini adalah nilai-nilai yang bersifat karakter tunggal yang ditulis diantara tanda petik tunggal, seperti misalnya ‘A’,’a’,’1’,’2’, dan lain-lain.
Cara penulisannya:
….
Var
A:char
….
d. String
Nilai data string merupakan kumpulan karakter yang terangkai menjadi satu. Nilai data string akan menempati memori sebesar banyaknya karakter stringnya ditambah dengan 1 byte. Bila panjang dari suatu string di dalam deklarasi variabel tidak disebutkan, maka dianggap panjangnya adalah 255 karakter.
Cara penulisannya:
….
Var
A:String;
B:String[10] //Mengalokasikan ruang untuk 10 karakter
….
e. Boolean
Jenis data ini mempunyai nilai TRUE atau FALSE.
Operator untuk jenis data ini adalah :
1. Logical Operator, yaitu : NOT, AND dan OR
2. Relational Operator, yaitu : >, <, >=, <=, <> dan =
2) Tipe Data Non-Standard
a. Enumerasi
Jenis data ini terdiri atas barisan identifier yang terurut dimana setiap identifier tersebut dianggap sebagai suatu individual data item (elemen data yang berdiri sendiri). Pada saat mendeklarasikan jenis data ini kita harus menuliskan semua elemen-elemennya. Bentuk umum deklarasinya adalah :
TYPE nama = (data_item_1, data_item_2, ……., data_item_n);
b. Sub-Range.
Jenis data ini berupa range dari suatu kumpulan data yang mempunyai urutan. Bentuk umum deklarasinya adalah :
TYPE nama = data_item_pertama .. data_item_terakhir;
4. TANDA OPERASI
Tanda operasi (operator) di dalam bahasa Pascal dikelompokkan ke dalam kategori-kategori, yaitu :
1) Assignment operator
Assignment operator (operator pengerjaan) menggunakan simbol titik dua diikuti oleh tanda sama dengan (:=).
Contoh :
A:=B;
2) Binary operator
Digunakan untuk mengoperasikan dua buah operand. Operand dapat berbentuk konstanta ataupun variabel. Operator ini digunakan untuk operasi aritmatika yang berhubungan dengan nilai tipe data integer dan real.
Operator Operasi Tipe operand Tipe hasil
* Perkalian real,real
integer,integer
real,integer real
integer
real
DIV Pembagian bulat integer,integer integer
/ Pembagian real real,real
integer,integer
real,integer real
real
real
MOD Sisa pembagian integer,integer integer
+ Pertambahan real,real
integer,integer
real,integer real
integer
real
- pengurangan real,real
integer,integer
real,real real
integer
real
Contoh :
15*5 hasilnya 75
20/3 hasilnya 6.6666666667E+00
20 div 3 hasilnya 6
20 mod 3 hasilnya 2
3) Unary operator
Operator ini hanya menggunakan sebuah operand saja. Dapat berupa unary minus dan unary plus. Unary minus digunakan untuk menunjukkan nilai negatif, baik pada operang numerik real maupun integer. Unaru plus adalah operator untuk memberai tanda plus.
Contoh :
-5 +7
4) Bitwise operator
Digunakan untuk operasi bit per bit pada nilai integer. Terdiri dari operator NOT, AND, OR, XOR, Shl, Shr.
5) Relational operator
Relational operator digunakan untuk membandingkan hubungan antara dua buah operand dan akan didapatkan hasil tipe boolean, yaitu True atau False. Terdiri dari operator : =, <, >, <=, >=, <>
6) Logical operator
Terdapat 4 buah logical operator yaitu : NOT, AND, OR dan XOR. Operator ini bekerja dengan nilai-nilai logika, yaitu True dan False.
7) Set operator
Digunakan untuk operasi himpunan.
8) String operator
Digunakan untuk operasi string. Hanya ada sebuah operator string saja, yaitu operator + yang digunakan untuk menggabungkan dua buah nilai string.
Contoh :
Nama1 := ‘Arief ‘;
Nama2 := ‘Kurniawan’;
Nama3 := Nama1 + Nama2;
5. STATEMENT
Statement/pernyataan adalah instruksi atau set gabungan instruksi, yang menyebabkan komputer melakukan aksi. Type statement dalam Pascal terdiri atas :
6. Sederhana :
- menandai sebuah item data ke sebuah variabel (assigment statement)
contoh : X := Y * 4.135
- pemanggilan procedure dan goto statement
6. Terstruktur:
- Compound Statement
contoh : Begin
read (x) ;
y := x + 5;
write (y)
End.
- Repetitive Statement
contoh : For I := 1 to 100 do
write (count);
- Conditional Statement
contoh : If x > 100 then write (s)
else write (p) ;
6. INPUT DAN OUTPUT
Dalam bahasa Pascal untuk keperluan input (membaca input) digunakan identifier standar READ atau READLN. Identifier standar ReadLn sedikit berbeda dengan Read. ReadLn digunakan untuk memasukkan data perbaris, artinya setelah tombol Enter ditekan, maka akan ganti baris, sedangkan Read tidak ganti baris, masih dalam baris yang sama.
Sedangkan untuk keperluan output (mencetak output) digunakan identifier standar WRITE atau WRITLN.
Perbedaan Write dengan WriteLn adalah bahwa Write menampilkan hasil tanpa ganti baris dan tampilan berikutnya akan disambung dalam baris yang sama. Sedang WriteLn digunakan untuk menampilkan tampilan perbaris, akan ganti baris untuk tampilan berikutnya.
Bentuk umum penulisannya :
1. READ (variabel input) ;
Atau
READLN (variabel output);
2. WRITE (variabel output);
Atau
WRITELN (variabel output);
Nama PASCAL diambil dari nama seorang ahli matematika bangsa Perancis, yaitu BLAISE PASCAL yang telah berjasa menemukan alat hitung mekanis pertama didunia pada abad ke-17, alat hitung inilah yang menjadi nenek moyang computer walaupun masih diperdebatkan. Bahasa PASCAL pertama kali dikembangkan pada awal tahun 70-an oleh NICLAUS WIRTH di Technical University, Zurich – Swiss. Bahasa pemrograman ini termasuk kategori “High Level Language” artinnya instruksi yang digunakan dalam pemrograman ini menyerpai bahasa manusia (dalam bahasa Inggris).
Pascal mendapatkan proses per-standar-an ISO pada tahun 1993, dari Pascal Standards Committee yang kemudian mempublikasikan ekstensi objek ke dalam bahasa pascal standard. Hal inilah yang membuat bahasa pascal sangat cocok diajarkan dalam kalangan akademisi, selain karena bahasa pascal sangat terstruktur.
Saat ini banyak sekali software yang memabantu dalam penulisan bahasa ini, dan dari bermacam-macam perusahaan. Tetapi, saya akan menjelaskan dalam makalah ini menggunakan Turbo Pascal, karena merupakan versi yang paling populer.
2. STRUKTUR, KOMPONEN DAN ATURAN DASAR
1. Struktur program :
Nama Program Program Nama_program;
Daftar Unit Uses;
Bagian deklarasi :
deklarasi label Label nama_label;
deklarasi konstanta Const;
deklarasi tipe Tipe;
deklarasi variabel Var;
deklarasi prosedur Procedure nama_prosedur;
……………………………….;
deklarasi fungsi Function nama_fungsi;
………………………….;
Program Utama Begin
(statement)
…………;
end.
Judul program bisa ditulis ataupun juga tidak ditulis. Setiap bagian struktur program harus diakhiri dengan tanda titik koma ‘ ; ‘. Hal ini sering sekali menimbulkan masalah ketika decompile, sehingga kita harus hati-hati dan teliti ketika menulis program.
Identifier merupakan sebuah kata yang digunakan sebagai nama atau sebutan terhadap sesuatu didalam program. Pemakai dapat mendefinisikan sendiri suatu nama sebagai identifier. Bagian deklarasi digunakan untuk pengenal (identifier). Identifier dapat berupa label, konstanta, tipe, variabel, prosedur dan fungsi. Tidak seperti program bahasa lain, pascal menuntut supaya identifier diperkenalkan terlebih dahulu sebelum digunakan, dengan dideklarasikan terlebih dahulu pada bagian ini. Identifier (sebutan/pengenal)
Identifier ini terdiri atas :
1. Identifier Standar, yaitu identifier yang telah didefinisikan oleh bahasa pascal.
Contoh dari Identifier standar ini antara lain:
ABS LN
ARCTAN ODB
BOOLEAN PRED
CHAR ROUND
CHR READ
COS READLN
EOF SQR
EOLN SQRT
EXP SUCC
Dan masih banyak lagi.
2. Identifier Non Standar; yaitu identifier yang didefinisikan oleh pemakai bahasa pascal; misalnya;
Nama suatu program
Nama suatu konstanta yaitu suatu identifier non-standar yang nilainya telah ditetapkan dalam suatu program dan dideklarasikan pada bagian deklarasi. Konstanta nilainya tidak dapat diubah-ubah.
Nama suatu variable yaitu suatu identifier non-standar yang nilainya tidak tetap atau nilainya merupakan hasil dari suatu proses.
Nama suatu procedure
Identifier ini bebas, tetapi dengan ketentuan-ketentuan sebagai berikut :
a) terdiri dari gabungan huruf dan angka dengan karakter pertama harus berupa huruf. Huruf besar dan huruf kecil dianggap sama.
b) Tidak boleh mengandung blank.
c) Tidak boleh mengandung simbol-simbol khusus, kecuali garis bawah.
d) Panjangnya bebas, tetapi hanya 63 karakter pertama yang dianggap signifikan.
2. Komponen Dasar
Pola susun bahasa Pascal dibentuk dengan menggunakan komponen bahasa pemrograman yang umum, yaitu :
• Simbol Dasar.
Simbol dasar terdiri atas :
a. Simbol huruf, yaitu huruf A sampai dengan Z atau a sampai dengan z.
b. (huruf besar dan kecil).
c. Simbol angka atau digit yaitu : 0,1,2,3,4,5,6,7,8,9.
d. Simbol khusus, yaitu : + - * / ; := , ‘ = < > <= >= <> : { } ( ) [ ]
• Reserved Word
Reserved Word adalah suatu kata yang secara mutlak tidak boleh diartikan lain dan harus digunakan sebagaimana yang telah didefinisikan atau ditentukan kegunaanya oleh bahasa Pascal. Reserved word ini tidak boleh didefinisikan ulang oleh pemakai, sehingga tidak dapat dipergunakan sebagai pengenal (identifier)
Reserved Word ini jumlahnya berbeda untuk masing-masing bahasa Pascal. Contoh beberapa reserved word yang telah didefinisikan oleh turbo pascal antara lain :
AND ELSE LABEL SET
ARRAY END OF TYPE
BEGIN FUNCTION OR UNTIL
CASE FOR PROCEDURE VAR WHILE
CONST GOTO PROGRAM WITH
DO IF RECORD Dan lainya.
DOWNTO IN REPEAT
3. Aturan Bahasa Pascal :
Hal-hal yang harus diperhatikan dalam penulisan program, antara lain:
Akhir dari program Pascal harus ditandai dengan tanda baca titik (.) setelah END yang paling akhir.
Tanda titik koma (;) merupakan pemisah antar instruksi satu dengan lainnya.
Beberapa statement boleh ditulis menjadi satu baris dipisahkan dengan tanda baca titk koma (;).
Baris komentar diletakkan diantara tanda (* *) atau diantara tanda { }, bisa juga dengan tanda //.
3. TIPE DATA
Type data yang dikenal dalam bahasa pascal antara lain yaitu:
1) Tipe data yang standar, yaitu :
a. Integer
Jenis data ini merepresentasikan nilai bilangan bulat. Pada TURBO PASCAL jenis data ini dibagi atas beberapa bagian, yaitu :
Tipe Ukuran memori
(dalam byte) Jangkauan nilai
BYTE 1 0..255
SHORTINT 1 -128..127
INTEGER 2 -32768..32767
WORD 2 0..65535
LONGINT 4 -2147483648..2147483647
Cara penulisannya:
….
Var
A:integer;
….
b. Real
Tipe data ini representasi dari bilangan decimal (floating point). Pada turbo pasacal, jenis data ini dibedakan atas :
Tipe Ukuran memori
(dalam byte) Jangkauan nilai Digit signifikan
SINGLE 4 1.5x10E-45 .. 3.4x10E38 7-8
DOUBLE 8 5.0x10E-324 .. 1.7x10E308 15-16
EXTENDED 10 1.9x10E-4951 .. 1.1x10E4932 19-20
COMP 8 -2E+63+1 .. 2E+63-1 19-20
Cara penulisannya:
….
Var
A:Real;
….
c. Character
Yang dimaksud dengan tipe data ini adalah nilai-nilai yang bersifat karakter tunggal yang ditulis diantara tanda petik tunggal, seperti misalnya ‘A’,’a’,’1’,’2’, dan lain-lain.
Cara penulisannya:
….
Var
A:char
….
d. String
Nilai data string merupakan kumpulan karakter yang terangkai menjadi satu. Nilai data string akan menempati memori sebesar banyaknya karakter stringnya ditambah dengan 1 byte. Bila panjang dari suatu string di dalam deklarasi variabel tidak disebutkan, maka dianggap panjangnya adalah 255 karakter.
Cara penulisannya:
….
Var
A:String;
B:String[10] //Mengalokasikan ruang untuk 10 karakter
….
e. Boolean
Jenis data ini mempunyai nilai TRUE atau FALSE.
Operator untuk jenis data ini adalah :
1. Logical Operator, yaitu : NOT, AND dan OR
2. Relational Operator, yaitu : >, <, >=, <=, <> dan =
2) Tipe Data Non-Standard
a. Enumerasi
Jenis data ini terdiri atas barisan identifier yang terurut dimana setiap identifier tersebut dianggap sebagai suatu individual data item (elemen data yang berdiri sendiri). Pada saat mendeklarasikan jenis data ini kita harus menuliskan semua elemen-elemennya. Bentuk umum deklarasinya adalah :
TYPE nama = (data_item_1, data_item_2, ……., data_item_n);
b. Sub-Range.
Jenis data ini berupa range dari suatu kumpulan data yang mempunyai urutan. Bentuk umum deklarasinya adalah :
TYPE nama = data_item_pertama .. data_item_terakhir;
4. TANDA OPERASI
Tanda operasi (operator) di dalam bahasa Pascal dikelompokkan ke dalam kategori-kategori, yaitu :
1) Assignment operator
Assignment operator (operator pengerjaan) menggunakan simbol titik dua diikuti oleh tanda sama dengan (:=).
Contoh :
A:=B;
2) Binary operator
Digunakan untuk mengoperasikan dua buah operand. Operand dapat berbentuk konstanta ataupun variabel. Operator ini digunakan untuk operasi aritmatika yang berhubungan dengan nilai tipe data integer dan real.
Operator Operasi Tipe operand Tipe hasil
* Perkalian real,real
integer,integer
real,integer real
integer
real
DIV Pembagian bulat integer,integer integer
/ Pembagian real real,real
integer,integer
real,integer real
real
real
MOD Sisa pembagian integer,integer integer
+ Pertambahan real,real
integer,integer
real,integer real
integer
real
- pengurangan real,real
integer,integer
real,real real
integer
real
Contoh :
15*5 hasilnya 75
20/3 hasilnya 6.6666666667E+00
20 div 3 hasilnya 6
20 mod 3 hasilnya 2
3) Unary operator
Operator ini hanya menggunakan sebuah operand saja. Dapat berupa unary minus dan unary plus. Unary minus digunakan untuk menunjukkan nilai negatif, baik pada operang numerik real maupun integer. Unaru plus adalah operator untuk memberai tanda plus.
Contoh :
-5 +7
4) Bitwise operator
Digunakan untuk operasi bit per bit pada nilai integer. Terdiri dari operator NOT, AND, OR, XOR, Shl, Shr.
5) Relational operator
Relational operator digunakan untuk membandingkan hubungan antara dua buah operand dan akan didapatkan hasil tipe boolean, yaitu True atau False. Terdiri dari operator : =, <, >, <=, >=, <>
6) Logical operator
Terdapat 4 buah logical operator yaitu : NOT, AND, OR dan XOR. Operator ini bekerja dengan nilai-nilai logika, yaitu True dan False.
7) Set operator
Digunakan untuk operasi himpunan.
8) String operator
Digunakan untuk operasi string. Hanya ada sebuah operator string saja, yaitu operator + yang digunakan untuk menggabungkan dua buah nilai string.
Contoh :
Nama1 := ‘Arief ‘;
Nama2 := ‘Kurniawan’;
Nama3 := Nama1 + Nama2;
5. STATEMENT
Statement/pernyataan adalah instruksi atau set gabungan instruksi, yang menyebabkan komputer melakukan aksi. Type statement dalam Pascal terdiri atas :
6. Sederhana :
- menandai sebuah item data ke sebuah variabel (assigment statement)
contoh : X := Y * 4.135
- pemanggilan procedure dan goto statement
6. Terstruktur:
- Compound Statement
contoh : Begin
read (x) ;
y := x + 5;
write (y)
End.
- Repetitive Statement
contoh : For I := 1 to 100 do
write (count);
- Conditional Statement
contoh : If x > 100 then write (s)
else write (p) ;
6. INPUT DAN OUTPUT
Dalam bahasa Pascal untuk keperluan input (membaca input) digunakan identifier standar READ atau READLN. Identifier standar ReadLn sedikit berbeda dengan Read. ReadLn digunakan untuk memasukkan data perbaris, artinya setelah tombol Enter ditekan, maka akan ganti baris, sedangkan Read tidak ganti baris, masih dalam baris yang sama.
Sedangkan untuk keperluan output (mencetak output) digunakan identifier standar WRITE atau WRITLN.
Perbedaan Write dengan WriteLn adalah bahwa Write menampilkan hasil tanpa ganti baris dan tampilan berikutnya akan disambung dalam baris yang sama. Sedang WriteLn digunakan untuk menampilkan tampilan perbaris, akan ganti baris untuk tampilan berikutnya.
Bentuk umum penulisannya :
1. READ (variabel input) ;
Atau
READLN (variabel output);
2. WRITE (variabel output);
Atau
WRITELN (variabel output);
-Age_Calculator PHP-
2009-09-22
Nah Ini neh script tutorial PHP untuk buat penghitung umur yang udah di requset.
tulis ulang script dibawah ini:
(supaya ngak bisa copy paste...he2x)
save dengan nama "agecalc.php"....
Tampilan previewnya akan seperti:
jadi, kalo ngak bisa jalan dengan baik tolong cek script anda... soalnya di saya 100% bisa. Dijamin!!!
tulis ulang script dibawah ini:
(supaya ngak bisa copy paste...he2x)
save dengan nama "agecalc.php"....
Tampilan previewnya akan seperti:
jadi, kalo ngak bisa jalan dengan baik tolong cek script anda... soalnya di saya 100% bisa. Dijamin!!!
-Download Menggunakan IDM-
Wahai saudaraku yang suka barang gratisan, yang sering download file data maupun download file musik dan film gratis, yang tidak menghargai karya orang lain, saya cuma mau bilang hal itu ngak boleh...
Tapi, kalo kepaksa boleh seh... he2x.
Kalian mungkin kadang mengalami berbagai hambatan pas lagi mau download file-nya, seperti saja koneksi yang lambat. Apalagi kalau pas mau komplit tiba-tiba putus terus harus ngulang dari awal, pasti kesel. Tapi jangan dikau cemas ataupun risau, ada cara supaya kita tetap bisa melajutkan mendownload file yang kita inginkan.
Menurut pengalaman yang bertapa di gunung rinjani ada beberapa faktor yang menyebabkan download dari internet menjadi lambat, diantara sebagai berikut
1. Koneksi internet atau Jenis Paket
Kecepatan koneksi dial-up dan wireless tentu berbeda, apalagi dibandingkan koneksi pake HP..., bukan itu saja, paket yang dipilih dari layanan ISP (Internet Service Provider) keceptannya jelas berbeda tergantung bayarannya.
2. Jenis Browser
Kalau menggunakan Mozilla agak lebih cepat dibanding dengan IE, tapi kalau menggunakan Opera malah lebih cepat lagi, tapi sayangnya opera tidak sedinamis Mozzila. Kalau anda ingin mneyembunyikan IP anda bisa pake OpeRator yang dua kali lebih lambat dari mozzila versi terbaru.
Tapi, kalau anda sudah mempunyai koneksi yang bagus dan browser yang bagus tetapi masih saja lambat dalam mendownload file-nya, anda bisa menggunakan alternatif lain yaitu menggunakan software tertentu untuk mengunduh file tersebut khususnya bagi yang suka download musik maupun film, karena file jenis ini mempunyai kapasitas yagn besar.
Menurut pengalaman saya untuk OS Windows yang paling bagus menggunakan software IDM (Internet Download Manager). IDM bisa membuat proses download akan menjadi lebih cepat karean IDM menggunakn sisitem download yang membuat fila akan dipotong per bagian kemudian, dan jika telah selesai file akan digabung kembali.
Untuk download pake IDM Jelas saja cari softwarenya, yang asli, disini. Setelah diinstal lalu kita aktifkan, maka registrasi softawrenya dengan mengklik 'Registration' pada menu bar lalu isikan sesuai data yang diberikan tentunya setelah 'membayar'.
Kalau ngak mau bayar, anda bisa coba versi trialnya (bajakannya banyak kok!!!). kalo udah kembali kehalaman utama.
Setelah rampung semua persiapan, kita coba mendownload sebuah file. Cari file yang anda inginkan, kemudian pada bagian Add URL, silahkan klik dan masukkan UR\alamat file tersebut, klik 'OK'
akan muncul tampilan:
klik 'start download', tunggu sejenak kemudian selesai sudah.
Jika anda ingin download file berbentuk video di Youtube misalnya, gampang caranya... yaitu:
1. buka youtube cai video yang diinginkan.
2. buka videonya, pastikan videonya bisa jalan.
3. kilik kanan dluar video yang tertampil.
4. pilih 'download FLV video with IDM' -> Download last requested FLV video
5. kemudian akan muncul layar baru, kilik aja start download seperti cara sebelumnya...
thanks mau baca...
Tapi, kalo kepaksa boleh seh... he2x.
Kalian mungkin kadang mengalami berbagai hambatan pas lagi mau download file-nya, seperti saja koneksi yang lambat. Apalagi kalau pas mau komplit tiba-tiba putus terus harus ngulang dari awal, pasti kesel. Tapi jangan dikau cemas ataupun risau, ada cara supaya kita tetap bisa melajutkan mendownload file yang kita inginkan.
Menurut pengalaman yang bertapa di gunung rinjani ada beberapa faktor yang menyebabkan download dari internet menjadi lambat, diantara sebagai berikut
1. Koneksi internet atau Jenis Paket
Kecepatan koneksi dial-up dan wireless tentu berbeda, apalagi dibandingkan koneksi pake HP..., bukan itu saja, paket yang dipilih dari layanan ISP (Internet Service Provider) keceptannya jelas berbeda tergantung bayarannya.
2. Jenis Browser
Kalau menggunakan Mozilla agak lebih cepat dibanding dengan IE, tapi kalau menggunakan Opera malah lebih cepat lagi, tapi sayangnya opera tidak sedinamis Mozzila. Kalau anda ingin mneyembunyikan IP anda bisa pake OpeRator yang dua kali lebih lambat dari mozzila versi terbaru.
Tapi, kalau anda sudah mempunyai koneksi yang bagus dan browser yang bagus tetapi masih saja lambat dalam mendownload file-nya, anda bisa menggunakan alternatif lain yaitu menggunakan software tertentu untuk mengunduh file tersebut khususnya bagi yang suka download musik maupun film, karena file jenis ini mempunyai kapasitas yagn besar.
Menurut pengalaman saya untuk OS Windows yang paling bagus menggunakan software IDM (Internet Download Manager). IDM bisa membuat proses download akan menjadi lebih cepat karean IDM menggunakn sisitem download yang membuat fila akan dipotong per bagian kemudian, dan jika telah selesai file akan digabung kembali.
Untuk download pake IDM Jelas saja cari softwarenya, yang asli, disini. Setelah diinstal lalu kita aktifkan, maka registrasi softawrenya dengan mengklik 'Registration' pada menu bar lalu isikan sesuai data yang diberikan tentunya setelah 'membayar'.
Kalau ngak mau bayar, anda bisa coba versi trialnya (bajakannya banyak kok!!!). kalo udah kembali kehalaman utama.
Setelah rampung semua persiapan, kita coba mendownload sebuah file. Cari file yang anda inginkan, kemudian pada bagian Add URL, silahkan klik dan masukkan UR\alamat file tersebut, klik 'OK'
akan muncul tampilan:
klik 'start download', tunggu sejenak kemudian selesai sudah.
Jika anda ingin download file berbentuk video di Youtube misalnya, gampang caranya... yaitu:
1. buka youtube cai video yang diinginkan.
2. buka videonya, pastikan videonya bisa jalan.
3. kilik kanan dluar video yang tertampil.
4. pilih 'download FLV video with IDM' -> Download last requested FLV video
5. kemudian akan muncul layar baru, kilik aja start download seperti cara sebelumnya...
thanks mau baca...
-Top 10 Antivirus Di Dunia-
Bagi para surfer dunia maya, anti virus adalah suatu hal yang wajib, apalagi kalo browsing lewat komputer sendiri.
Jadi, ne ada saya tuliskan Top 10 Antivirus Terbaik 2009 Menurut http://anti-virus-software-review.toptenreviews.com/, dilihat berdasarkan hasil review para pengguna produk antivirus dan dari kemampuan serta fitur dari masing-masing antivirus tersebut, seperti kecepatan untuk melakukan scan, capat dalam mengidentifikasi virus dan worms, kemudahan penggunaan, efektivitas, update databases, fitur, kemudahan installasi, help dan support.)
1. Bitdefender Antivirus (www.bitdefender.com)
2. Kaspersky Antivirus (www.kaspersky.com)
3. Webroot Antivirus(www.webroot.com)
4. ESET Nod32 (www.eset.com)
5. F-Secure Antivirus (www.f-secure.com)
6. AVG Antivirus (www.avg.com)
7. McAfee VirusScan (www.mcafee.com)
8. G Data Antivirus (www.gdatasoftware.com)
9. Norton Antivirus (www.symantec.com)
10. Trend Micro (www.trendmicro.com)
Kalau mau lebih tahu secara detailnya, bisa coba search di google atau langsung aja ke web-nya masing-masing antivirus tersebut. Semoga bermanfaat.
Jadi, ne ada saya tuliskan Top 10 Antivirus Terbaik 2009 Menurut http://anti-virus-software-review.toptenreviews.com/, dilihat berdasarkan hasil review para pengguna produk antivirus dan dari kemampuan serta fitur dari masing-masing antivirus tersebut, seperti kecepatan untuk melakukan scan, capat dalam mengidentifikasi virus dan worms, kemudahan penggunaan, efektivitas, update databases, fitur, kemudahan installasi, help dan support.)
1. Bitdefender Antivirus (www.bitdefender.com)
2. Kaspersky Antivirus (www.kaspersky.com)
3. Webroot Antivirus(www.webroot.com)
4. ESET Nod32 (www.eset.com)
5. F-Secure Antivirus (www.f-secure.com)
6. AVG Antivirus (www.avg.com)
7. McAfee VirusScan (www.mcafee.com)
8. G Data Antivirus (www.gdatasoftware.com)
9. Norton Antivirus (www.symantec.com)
10. Trend Micro (www.trendmicro.com)
Kalau mau lebih tahu secara detailnya, bisa coba search di google atau langsung aja ke web-nya masing-masing antivirus tersebut. Semoga bermanfaat.
-Ngintip Password Sebelah-
2009-09-16
Wah… lagi diwarnet, atau lagi di ngenet pake hotspot yang dipake rame-rame?
Tau ngak kalo ngenet ditempat begituan sangat-sangat tidak aman. Walaupun lo udah pake firewall, ma antivirus yang paling top, data-data yang ada masih sangat mudah diliat ma orang lain. Ngak percaya, buktiin sendiri dengan mengikuti langkah-langkah yang saya berikan dibawah ini.
Untuk melakukannya anda tinggal membaca paket-paket yang lewat dijaringan LAN anda lalu tinggal di decrypt atau decoding aja, gampang kan. Kalo anda jenius, ngak ada kerjaan, dan lagi ngak waras anda bisa membaca secara manual paket-paket yang lewat atau bikin program sendiri yang bisa ngebaca secara otomatis. Tetapi, karena saya lagi banyak kerjaan walaupun cukup jenuis dan lagi ngak waras, saya memutuskan untuk menggunakan sebuah program yang memiliki cinta sejati sehidup semati yaitu ‘Cain & Abel’.
Toolsnya gratis kok, tinggal download di:
http://www.softpedia.com/get/Security/Decrypting-Decoding/Cain-and-Abel.shtml
Untuk proses installnya silahakan cari guru privat sendiri.
Perlu diperhatian, ini hanya bisa dilakukan dalam satu jaringan yang sama, jadi kalo kamu ke warnet, ada cewek cantik yang login FS, FB, dan lainnya bisa kamu curi user name ma passwordnya… he2x.
Dan asiknya hal ini juga berlaku di hot spot seperti yang ada di kampus saya tuh…
Setelah selesai install langsung aja buka cain + abel-nya…
Klik start /stop sniffer seperti pada gambar:
Stelah itu klik tanda “+” besar yang berwarna biru untuk melakukan scan mac address
Pada mac address scan langsung klik OK saja
Setelah loading maka didapatkan IP address dalam 1 jaringan dan mac addressnya juga nongol tuh.
Setelah sampai disini kamu bisa klik APR di tab bagian bawah, dan tampilan akan seperti
Setelah itu klik tanda “+” besar yang berwarna biru lagi untuk menambahkan IP address yang ingin di poisoning.
Di bagian kiri kamu pilih IP routernya. Ngak tau?
Untuk melihat IP routernya masuk ke cmd dan ketikan ipconfig /all maka akan diketahui segenap informasi. Nah liat aja sendiri mana routernya ya.
Yang dibagian kanan adalah IPaddress yang ingin kamu poisoning, kalau mau semuanya tinggal blok semua aja.
Nah abis itu klik ok.
Abis langkah itu maka tampilannya seperti ini
Nah statusnya idle kan? itu tandanya belum di poisoning. Klik start / stop arp dan statusnya akan berubah menjadi poisoning
Adanya daftar dibawah menandakan bahwa ada proses yang sedang dikerjakan
langsung saja masuk ke dalam password dengan klik tab password di bagian bawah
Nah klik dibagian kiri HTTP, dan lihat hasilnya
Itu ada 1 yang gak tertutup, seperti itulah tampilannya kalo udah berhasil.
Kerenkan...
Kalau anda bertanya kok bisa ya hal seperti ini terjadi?
Sebenarnya hal ini terjadi bukan salah tekhnisi yang salah mengkonfigurasi, tetapi karena kekurangan dari Protokol yang dipakai.
Untuk lebih jelasnya, ntar deh saya kasih tau....
NB: gambar previewnya bukan gambar yang saya print screen sendiri tapi dari gambar yang saya dapet di om google.
Tau ngak kalo ngenet ditempat begituan sangat-sangat tidak aman. Walaupun lo udah pake firewall, ma antivirus yang paling top, data-data yang ada masih sangat mudah diliat ma orang lain. Ngak percaya, buktiin sendiri dengan mengikuti langkah-langkah yang saya berikan dibawah ini.
Untuk melakukannya anda tinggal membaca paket-paket yang lewat dijaringan LAN anda lalu tinggal di decrypt atau decoding aja, gampang kan. Kalo anda jenius, ngak ada kerjaan, dan lagi ngak waras anda bisa membaca secara manual paket-paket yang lewat atau bikin program sendiri yang bisa ngebaca secara otomatis. Tetapi, karena saya lagi banyak kerjaan walaupun cukup jenuis dan lagi ngak waras, saya memutuskan untuk menggunakan sebuah program yang memiliki cinta sejati sehidup semati yaitu ‘Cain & Abel’.
Toolsnya gratis kok, tinggal download di:
http://www.softpedia.com/get/Security/Decrypting-Decoding/Cain-and-Abel.shtml
Untuk proses installnya silahakan cari guru privat sendiri.
Perlu diperhatian, ini hanya bisa dilakukan dalam satu jaringan yang sama, jadi kalo kamu ke warnet, ada cewek cantik yang login FS, FB, dan lainnya bisa kamu curi user name ma passwordnya… he2x.
Dan asiknya hal ini juga berlaku di hot spot seperti yang ada di kampus saya tuh…
Setelah selesai install langsung aja buka cain + abel-nya…
Klik start /stop sniffer seperti pada gambar:
Stelah itu klik tanda “+” besar yang berwarna biru untuk melakukan scan mac address
Pada mac address scan langsung klik OK saja
Setelah loading maka didapatkan IP address dalam 1 jaringan dan mac addressnya juga nongol tuh.
Setelah sampai disini kamu bisa klik APR di tab bagian bawah, dan tampilan akan seperti
Setelah itu klik tanda “+” besar yang berwarna biru lagi untuk menambahkan IP address yang ingin di poisoning.
Di bagian kiri kamu pilih IP routernya. Ngak tau?
Untuk melihat IP routernya masuk ke cmd dan ketikan ipconfig /all maka akan diketahui segenap informasi. Nah liat aja sendiri mana routernya ya.
Yang dibagian kanan adalah IPaddress yang ingin kamu poisoning, kalau mau semuanya tinggal blok semua aja.
Nah abis itu klik ok.
Abis langkah itu maka tampilannya seperti ini
Nah statusnya idle kan? itu tandanya belum di poisoning. Klik start / stop arp dan statusnya akan berubah menjadi poisoning
Adanya daftar dibawah menandakan bahwa ada proses yang sedang dikerjakan
langsung saja masuk ke dalam password dengan klik tab password di bagian bawah
Nah klik dibagian kiri HTTP, dan lihat hasilnya
Itu ada 1 yang gak tertutup, seperti itulah tampilannya kalo udah berhasil.
Kerenkan...
Kalau anda bertanya kok bisa ya hal seperti ini terjadi?
Sebenarnya hal ini terjadi bukan salah tekhnisi yang salah mengkonfigurasi, tetapi karena kekurangan dari Protokol yang dipakai.
Untuk lebih jelasnya, ntar deh saya kasih tau....
NB: gambar previewnya bukan gambar yang saya print screen sendiri tapi dari gambar yang saya dapet di om google.
-Sembunyikan IP Firefox-
2009-09-15
Well,.. IP address sama aja kayak no telpon kita di dalam dunia persilatan internet, tiap kali kita menghubungi suatu server pastinya server akan mencatat alamat IP anda dalam log filenya. Terkadang juga ada IP teman-teman kita yang diblok oleh server karena mungkin telah melakukan kesalahan atau daerahnya tidak boleh untuk mengakses server.
Repot juga kan, makanya jangan suka macem-macem…
Tapi, kita tentu saja bisa mengakali hal yang demikian itu. Kita bisa menyembunyikan IP kita diblakang sebuah alamat lain. Inilah salah satu kegunaan proxy.
Kita bisa menggunakan banyak sekali tools yang tersebar di sejumlah took kaki lima (ini serius lho, di Indonesia software yang harga puluhan juta-pun bisa kita beli di emperan, hebat kan Indonesia!?).
Menurut saya tools yang paling bagus untuk menyembunyikan IP, adalah Hide My Ip 2009, dan Hide My Ass. Tapi, jelas anda harus membayar dengan uang yang cukup mahal jika dibandingkan dengan kantung para mahasiswa. Walaupun bajakannya udah banyak tuh.
Untuk itu kita bisa gunakan free proxy. Disamping gratis dengan menggunakan proxy kita bisa juga browsing anonymously. Tapi, salah satu kekurangan dari penggunaan free proxy ini adalah akses yang semakin lambat, dan harus mencari free proxy setiap kali ingin browsing.
PhProxy-InBasic, bisa digunakan sebagai suatu solusinya. Add on firefox ini bisa dengan mudah digunakan karena tinggal klik kanan link dan pilih open by PhProxy in new tab. Kita tidak perlu mencari dan mengunjungi situs web proxy terlebih dahulu.
Cara Install PhProxy:
1. Download PhProxy.
2. Install PhProxy.
3. Restart firefox.
Instalasi berhasil jika ada ico PhProxy pada firefox status bar seperti gambar di bawah
Untuk membuka suatu link baru, cukup klik kanan dan pilih menu Open by PhProxy in new tab, atau bisa juga browsing URL dari clipboard dengan klik kanan icon PhProxy, pilih secure paste and open.
Setiap situs yang berhasil di buka dengan Phproxy akan menampilkan tanda PH di depan HTTP. (PH:: http://www.frezzice.co.cc).
Untuk mengganti server PhProxy, klik kanan icon Phproxy > Option > Other available server > pilih server > save new server.
Repot juga kan, makanya jangan suka macem-macem…
Tapi, kita tentu saja bisa mengakali hal yang demikian itu. Kita bisa menyembunyikan IP kita diblakang sebuah alamat lain. Inilah salah satu kegunaan proxy.
Kita bisa menggunakan banyak sekali tools yang tersebar di sejumlah took kaki lima (ini serius lho, di Indonesia software yang harga puluhan juta-pun bisa kita beli di emperan, hebat kan Indonesia!?).
Menurut saya tools yang paling bagus untuk menyembunyikan IP, adalah Hide My Ip 2009, dan Hide My Ass. Tapi, jelas anda harus membayar dengan uang yang cukup mahal jika dibandingkan dengan kantung para mahasiswa. Walaupun bajakannya udah banyak tuh.
Untuk itu kita bisa gunakan free proxy. Disamping gratis dengan menggunakan proxy kita bisa juga browsing anonymously. Tapi, salah satu kekurangan dari penggunaan free proxy ini adalah akses yang semakin lambat, dan harus mencari free proxy setiap kali ingin browsing.
PhProxy-InBasic, bisa digunakan sebagai suatu solusinya. Add on firefox ini bisa dengan mudah digunakan karena tinggal klik kanan link dan pilih open by PhProxy in new tab. Kita tidak perlu mencari dan mengunjungi situs web proxy terlebih dahulu.
Cara Install PhProxy:
1. Download PhProxy.
2. Install PhProxy.
3. Restart firefox.
Instalasi berhasil jika ada ico PhProxy pada firefox status bar seperti gambar di bawah
Untuk membuka suatu link baru, cukup klik kanan dan pilih menu Open by PhProxy in new tab, atau bisa juga browsing URL dari clipboard dengan klik kanan icon PhProxy, pilih secure paste and open.
Setiap situs yang berhasil di buka dengan Phproxy akan menampilkan tanda PH di depan HTTP. (PH:: http://www.frezzice.co.cc).
Untuk mengganti server PhProxy, klik kanan icon Phproxy > Option > Other available server > pilih server > save new server.
-DDos Stmik Bumigora-
2009-09-13
Perahatian :Artikel ini hanya untuk kepentingan pendidikan semata jangan disalah artikan.
Wah lima menit yang mendebarkan. Saya tadi bikin hang website stmik bumigora, pake tekhnik DDos.
Ngak tau maksudnya? Baca buku makanya…. He he….
Kemarin seh sempat pake cara brute forcing, pas abis ngomong ma temen saya Zoro, saya rencananya mau nyebarin tuh hasil brute forcing saya, tapi dia bilang ‘awas di DO lho….’ Siapa yang ngak ngeri tuh…
Akhirnya saya cari cara lain, yang lebih aman dan ngak bikin masalah. Nah si zoro tuh yang ngasih ide, kalo mau marah ma dia aja yang nyaranin pake DDos.
Hasil pake brute forcing setelah nunggu 1 jam setengah, akhirnya blognya ketemu juga user ma passwordnya…. Mau tau???
Usernya : Admin
Passwordnya : ******
He-he… maaf ngak bisa bilang, ntar saya beneran di DO lagi… wah kan mahal SPP-nya…
Ngak percaya? Pake aja user admin, nah trus brute force sendiri dah, kalo udah ketemu pasti senyum sendiri…
Oke kembali ke topic utama.
Karena ngak mau pusing, saya pake program yang keren abis yaitu ‘GOOD BYE v.3.0’. yang langsung aja masukin nama targetnya.
Yaitu ‘stmikbumigora.ac.id’ tanpa www atau http. Pilih index.php sebagai target pagenya, soalnya ini lokasi homenya. Trus klick start deh. Biarkan alam berbicara, dan jangan lupa ‘Berdoa’….
Setelah mencapai angka 63 request, nah websitnya jadi lambat tuh….
Dan setelah mencapai angka 300 (biar mampus sekalian) websitenya ngehang, saya tunggu selama dua menit kagak nongol-nongol wah…
dan tunggu lagi bentar, wah requestnya time out...
Berhasil, berhasil, hore….
Maf pak kalo marah, saya ngak ada niat jelek cuma penasaran aj.
Ipnya saya biarin di log, supaya menunjukan niat baik saya. Terima kasih.
Frezz
&
Zoro
Wah lima menit yang mendebarkan. Saya tadi bikin hang website stmik bumigora, pake tekhnik DDos.
Ngak tau maksudnya? Baca buku makanya…. He he….
Kemarin seh sempat pake cara brute forcing, pas abis ngomong ma temen saya Zoro, saya rencananya mau nyebarin tuh hasil brute forcing saya, tapi dia bilang ‘awas di DO lho….’ Siapa yang ngak ngeri tuh…
Akhirnya saya cari cara lain, yang lebih aman dan ngak bikin masalah. Nah si zoro tuh yang ngasih ide, kalo mau marah ma dia aja yang nyaranin pake DDos.
Hasil pake brute forcing setelah nunggu 1 jam setengah, akhirnya blognya ketemu juga user ma passwordnya…. Mau tau???
Usernya : Admin
Passwordnya : ******
He-he… maaf ngak bisa bilang, ntar saya beneran di DO lagi… wah kan mahal SPP-nya…
Ngak percaya? Pake aja user admin, nah trus brute force sendiri dah, kalo udah ketemu pasti senyum sendiri…
Oke kembali ke topic utama.
Karena ngak mau pusing, saya pake program yang keren abis yaitu ‘GOOD BYE v.3.0’. yang langsung aja masukin nama targetnya.
Yaitu ‘stmikbumigora.ac.id’ tanpa www atau http. Pilih index.php sebagai target pagenya, soalnya ini lokasi homenya. Trus klick start deh. Biarkan alam berbicara, dan jangan lupa ‘Berdoa’….
Setelah mencapai angka 63 request, nah websitnya jadi lambat tuh….
Dan setelah mencapai angka 300 (biar mampus sekalian) websitenya ngehang, saya tunggu selama dua menit kagak nongol-nongol wah…
dan tunggu lagi bentar, wah requestnya time out...
Berhasil, berhasil, hore….
Maf pak kalo marah, saya ngak ada niat jelek cuma penasaran aj.
Ipnya saya biarin di log, supaya menunjukan niat baik saya. Terima kasih.
Frezz
&
Zoro
Preventing an ARP Spoof
2009-09-07
It is not particularly satisfying to simply detect ARP spoofing, which only identifies a problem
after it has already occurred. Although it may not be possible to prevent ARP spoofing entirely,
one simple precaution can be taken where it may count the most. The devious thing about an
ARP spoof is that the attack is really directed at the machine being deceived, not the machine
whose IP address is being taken over. Presumably, the machine or machines being deceived
contain data that the ARP spoofer wants to get or modify.
The deception is useful to the ARP spoofer because the legitimate holder of the IP address is
trusted in some way by the machine being deceived. Perhaps the trusted machine is allowed to
NFS mount filesystems, use rlogin, or start a remote shell without being prompted for a
password (particularly troublesome for privileged user accounts). Ideally, machines extending
such trust should simply not use ARP to identify the hardware addresses of the machines they
trust.
-Stop Using ARP-
Machines extending trust to other machines on the local network based on an IP address
should not use ARP to obtain the hardware address of the trusted machines. Instead, the
hardware address of the trusted machines should be loaded as permanent entries into the ARP
cache of the trusting machine. Unlike normal ARP cache entries, permanent entries do not
expire after a few minutes. Sending a datagram to an IP address associated with a permanent
ARP cache entry will never result in an ARP request. With no ARP request being sent, an
attacker does not have the opportunity to send an ARP reply. It seems unlikely that any
operating system would overwrite a permanent ARP cache entry with an unsolicited ARP
reply.
With permanent ARP cache entries for trusted machines, the trusting host will not use ARP to
determine the correct hardware address and will not be fooled into sending IP data to an ARP
spoofer. Of course, it will also send IP data to the machine even if the machine has been down
for some time. Another downside to permanent ARP entries is that the cache entries will need
revising if the hardware address changes for a legitimate reason. Finally, ARP caches may be of
limited size, limiting the number of permanent entries or further limiting the time a dynamic
entry spends in the cache.
-Displaying ARP Cache Entries-
On Unix and Windows 95/NT machines, you use the arp command to manipulate and
inspect the ARP cache. This command has several options.
arp -a
The -a option displays all ARP cache entries for all interfaces of the host. The following output
is an example of what you would see on a Windows 95 machine:
Interface: 147.226.112.167
Internet Address Physical Address Type
147.226.112.1 aa-00-04-00-bc-06 static
147.226.112.88 08-00-20-0b-f0-8d dynamic
147.226.112.101 08-00-2b-18-93-68 static
147.226.112.102 08-00-2b-1b-d7-fd static
147.226.112.103 00-00-c0-63-33-2d dynamic
147.226.112.104 00-00-c0-d5-da-47 dynamic
147.226.112.105 08-00-20-0b-7b-df dynamic
147.226.112.106 08-00-20-0e-86-ef dynamic
147.226.112.124 08-00-2b-1c-08-68 dynamic
147.226.112.169 08-00-09-2a-3c-08 dynamic
-Deleting an ARP Cache Entry-
At some point you may want to delete a permanent ARP cache entry that is no longer valid or
delete a dynamic entry that you suspect of being spoofed. The -d option deletes the entry with
the given IP address from the ARP cache.
arp -d 147.226.112.101
-Inserting a Permanent ARP Cache Entry-
The -s option inserts a permanent (static) ARP cache entry for the given IP address. Typically,
the Ethernet address would be obtained by displaying the entire ARP cache as shown previously.
arp -s 147.226.112.101 08-00-2b-18-93-68
To ensure that the address is in the ARP cache you can first use the ping command to send an
ICMP/IP echo request to the IP address in question. A somewhat more secure, but tedious,
method is to use an operating system dependent method for querying the machine in question
for its own hardware address from its console. You can place a series of such commands into
the startup script for the machine that will be extending trust to others.
-Inserting Many Permanent ARP Cache Entries-
The -f option loads permanent entries into the ARP cache from a file containing an IP address
to hardware address database.
arp -f arptab
In this example, the file is named “arptab,” but the name of the file is up to the system
administrator using the command. The -f option to the arp command is not available on all
systems. In particular, it is missing from the current versions of Windows 95 and Windows
NT. However, it is really just a substitute for a series of arp commands with the -s option.
after it has already occurred. Although it may not be possible to prevent ARP spoofing entirely,
one simple precaution can be taken where it may count the most. The devious thing about an
ARP spoof is that the attack is really directed at the machine being deceived, not the machine
whose IP address is being taken over. Presumably, the machine or machines being deceived
contain data that the ARP spoofer wants to get or modify.
The deception is useful to the ARP spoofer because the legitimate holder of the IP address is
trusted in some way by the machine being deceived. Perhaps the trusted machine is allowed to
NFS mount filesystems, use rlogin, or start a remote shell without being prompted for a
password (particularly troublesome for privileged user accounts). Ideally, machines extending
such trust should simply not use ARP to identify the hardware addresses of the machines they
trust.
-Stop Using ARP-
Machines extending trust to other machines on the local network based on an IP address
should not use ARP to obtain the hardware address of the trusted machines. Instead, the
hardware address of the trusted machines should be loaded as permanent entries into the ARP
cache of the trusting machine. Unlike normal ARP cache entries, permanent entries do not
expire after a few minutes. Sending a datagram to an IP address associated with a permanent
ARP cache entry will never result in an ARP request. With no ARP request being sent, an
attacker does not have the opportunity to send an ARP reply. It seems unlikely that any
operating system would overwrite a permanent ARP cache entry with an unsolicited ARP
reply.
With permanent ARP cache entries for trusted machines, the trusting host will not use ARP to
determine the correct hardware address and will not be fooled into sending IP data to an ARP
spoofer. Of course, it will also send IP data to the machine even if the machine has been down
for some time. Another downside to permanent ARP entries is that the cache entries will need
revising if the hardware address changes for a legitimate reason. Finally, ARP caches may be of
limited size, limiting the number of permanent entries or further limiting the time a dynamic
entry spends in the cache.
-Displaying ARP Cache Entries-
On Unix and Windows 95/NT machines, you use the arp command to manipulate and
inspect the ARP cache. This command has several options.
arp -a
The -a option displays all ARP cache entries for all interfaces of the host. The following output
is an example of what you would see on a Windows 95 machine:
Interface: 147.226.112.167
Internet Address Physical Address Type
147.226.112.1 aa-00-04-00-bc-06 static
147.226.112.88 08-00-20-0b-f0-8d dynamic
147.226.112.101 08-00-2b-18-93-68 static
147.226.112.102 08-00-2b-1b-d7-fd static
147.226.112.103 00-00-c0-63-33-2d dynamic
147.226.112.104 00-00-c0-d5-da-47 dynamic
147.226.112.105 08-00-20-0b-7b-df dynamic
147.226.112.106 08-00-20-0e-86-ef dynamic
147.226.112.124 08-00-2b-1c-08-68 dynamic
147.226.112.169 08-00-09-2a-3c-08 dynamic
-Deleting an ARP Cache Entry-
At some point you may want to delete a permanent ARP cache entry that is no longer valid or
delete a dynamic entry that you suspect of being spoofed. The -d option deletes the entry with
the given IP address from the ARP cache.
arp -d 147.226.112.101
-Inserting a Permanent ARP Cache Entry-
The -s option inserts a permanent (static) ARP cache entry for the given IP address. Typically,
the Ethernet address would be obtained by displaying the entire ARP cache as shown previously.
arp -s 147.226.112.101 08-00-2b-18-93-68
To ensure that the address is in the ARP cache you can first use the ping command to send an
ICMP/IP echo request to the IP address in question. A somewhat more secure, but tedious,
method is to use an operating system dependent method for querying the machine in question
for its own hardware address from its console. You can place a series of such commands into
the startup script for the machine that will be extending trust to others.
-Inserting Many Permanent ARP Cache Entries-
The -f option loads permanent entries into the ARP cache from a file containing an IP address
to hardware address database.
arp -f arptab
In this example, the file is named “arptab,” but the name of the file is up to the system
administrator using the command. The -f option to the arp command is not available on all
systems. In particular, it is missing from the current versions of Windows 95 and Windows
NT. However, it is really just a substitute for a series of arp commands with the -s option.
Spoofing
Spoofing can occur at all layers of the IP system. The hardware layer, the data link layer, the IP
layer, the transport layer, and the application layer are susceptible. All application layer
protocols are at risk if the lower layers have been compromised. In this chapter, only the
application layer protocols intimately linked to the IP protocol are discussed. This includes
routing protocols and the DNS naming protocol. Other application layer protocols depend on
these two protocols to provide basic services to almost all applications using the Internet.
-Hardware Address Spoofing
At the hardware layer, any network interface for a shared-media network will have a hardware
interface address. As you read earlier in the discussion on sniffing, most network interfaces can
be put into promiscuous mode and receive frames with any destination address. A much more
serious problem occurs if the network interface can alter the source address and send data that
appears to come from various source addresses. In the IEEE 802 standards for networking (of
which Ethernet is a variant), each network interface has a 48-bit hardware address. It uses this
hardware address to match the variety of destination addresses of the frames it sees. The
interface copies frames with matching destination addresses into its internal buffer and notifies
the operating system that they are available for further processing. Packets coming from the
operating system to the interface do not typically specify a source address; the interface always
puts its hardware address in the source field.
Most software does not typically control the source field of frames leaving an Ethernet
interface. When another host examines a packet containing a hardware source address associated
with an interface of a particular machine, it assumes that the packet originated on that
machine and accepts it as authentic. An IEEE standards committee assigns each network
interface manufacturer a unique 24-bit prefix for the 48-bit hardware address; the manufacturer
assigns a unique 24-bit suffix to each interface it makes. Regardless, many interface cards
are configurable and allow host software to specify a source address other than the one assigned
by the manufacturer. This configurability makes it possible to use them to spoof the source
address.
DECNet, for example, uses 16-bit identifiers and requires that the leading 32 bits of the
hardware address be set to a fixed value to indicate that the packet is a DECNet packet. Any
network interface that is compatible with DECNet can have its hardware source address
altered in some way, either by software or switches on the interface board.
To see how common it is for a network interface to be able to spoof the source address,
however, recall how a bridge works. A bridge not only puts its interfaces into promiscuous
mode, but it also sets the hardware source address of packets sent out on its interfaces to match
the hardware source address of the originating interface. A PC with two software configurable
interfaces can be configured to be used as a bridge. Clearly, such software configurability has a
variety of malicious uses. The drawbridge software mentioned in the previous section on
hardware barriers to prevent sniffing is compatible with most Ethernet boards which means
most Ethernet boards will permit source address spoofing.
As you can see, it is not entirely safe to base the authenticity of a packet on the hardware
source address. Unfortunately, there is very little you can do to protect yourself against such
deviousness. One solution is to use digital signatures at the application layer. Unfortunately,
currently there are no protections in the IP network layer that will prevent a hardware address
spoofer from disguising one machine as another. If the victim machine is trusted (for example,
is allowed to NFS mount filesystems from another machine), the spoofer will be able to take
advantage of that trust and violate security without being detected. Fortunately, hardware
address spoofing is difficult (relative to many other spoofing methods) and requires penetration
of physical security.
Countering hardware level spoofing is difficult because it is virtually undetectable without
tracing the physical wiring. You need to trace the wiring to be certain no one has connected an
unauthorized machine and you also need to check to see if the authorized machines are using
the hardware address they should. The latter can be checked using sufficiently “intelligent”
hubs in secure locations.
All machines not in physically secure locations can be connected to hubs in secure locations.
Some “intelligent” hubs can be configured to accept or send packets or both to or from specific
hardware addresses on each port they service. Thus, you can configure the hub to accept only
packets with hardware addresses matching the manufacturer-assigned hardware address of the
interface on the authorized machine. This interface should be connected to the wall plate on
the far side of the wires connected to that port. Clearly, you are still relying on physical
security to be sure that the hub, wires, and authorized machine remain as they should.
Note Devices that perform hardware address verifications cannot be categorized as
“hubs” in the traditional sense and are probably actually specialized switches or
bridges. However, they are marketed as “active hubs” or “filtering hubs.” Such hubs
are available from 3Com, HP, and IBM.
-ARP Spoofing
A more common form of spoofing that is accidental is ARP spoofing. ARP (Address Resolution
Protocol) is part of Ethernet and some other similar protocols (such as token-ring) that
associate hardware addresses with IP addresses. ARP is not part of IP but part of these
Ethernet-like protocols; ARP supports IP and arbitrary network-layer protocols. When an IP
datagram is ready to go out on such a network, the host needs to know the hardware destination
address to associate with the given IP destination address. For local IP destinations, the
hardware address to use will be the hardware address of the destination interface. For non-local
destinations, the hardware address to use will be the hardware address of one of the routers on
the local network.
-How ARP and ARP Spoofing Work
To find the hardware address, the host sends out an ARP request using the hardware broadcast
address. A frame with the hardware broadcast address reaches every network interface on the
local network, and each host on the local network has its operating system interrupted by the
network interface. The ARP request is essentially asking the question, “What is the hardware
address corresponding to the IP address I have here?” Typically, only the host with the
matching IP address sends an ARP reply and the remaining hosts ignore the ARP request. The
ARP request contains the IP address of the sender of the request and reaches all hosts via a
broadcast.
Other hosts could potentially store the association between hardware address and IP address of
the sender of the request for future reference. The target of the request certainly would store
the association. It will almost certainly send an IP datagram in reply to the IP datagram it is
about to receive. The reply will require knowing the association between the IP address and
the hardware address of the sender of the ARP broadcast.
The association between the hardware address and the IP address of other machines on a
network is stored in an ARP cache on each host. When an IP datagram is about to leave a host,
the host consults the ARP cache to find the destination hardware address. If the host finds an
entry for the IP destination address, it need not make an ARP request. The entries in an ARP
cache expire after a few minutes.
Thus, when the ARP cache entry for a machine expires, an ARP request goes out to refresh the
entry. No reply comes back if the target machine goes down. The entries for its interface’s
hardware will disappear from the ARP caches in the other machines on the network. The other
machines will be unable to send out IP datagrams to the downed system after the ARP cache
entries expire. Before that point in time, IP datagrams are sent out but are not received. When
the machine comes back up, it will again be able to reply to ARP requests. If someone replaces
its interface, the now up and running machine will have a new hardware address and will use
that new hardware address in ARP replies. ARP caches throughout the network will reflect the
change, and IP datagrams go out using the new hardware address.
Because you expect the IP address to hardware address association will change over time, the
potential exists that the change may be legitimate. Sometimes it is purely accidental. Someone
may inadvertently assign a machine the same IP address held by another machine. On personal
computers or special purpose devices such as network printers or X Window System terminals,
the end user typically has access to a dialog box, command, or text file that sets the IP address.
On multiuser systems, the system administrator is typically the only one who can set the IP
addresses of the network interface(s). This arrangement is changing, however, as more inexperienced
IP-based end users with PCs set addresses. In addition, bureaucracies often separate
system administrators and network administrators that use the same network. Under such
circumstances it is common for two machines to end up with the same IP address. Duplication
can occur either by copying the network configuration from one personal computer to another
without the end user knowing the need for IP addresses to be unique. Duplication can also
occur if system administrators on a network do not work together when configuring system
addressing.
When two machines end up with the same IP address, both of them will naturally reply to an
ARP request for that address. Two replies to the request come back to the host that originated
the request. These replies will arrive in rapid succession, typically separated by at most a few
milliseconds. Some operating systems will not realize anything is wrong and simply file each
reply in the ARP cache with the slowest response remaining in the ARP cache until the entry
for that IP address expires. Other operating systems will discard ARP replies that correspond to
IP addresses already in the cache. These may or may not bother to check if the second reply
was a harmless duplicate or an indication an ARP spoof may be underway.
Thus, depending on the mechanism used to process duplicate ARP replies, if a spoofer wants
to be the target of the IP datagrams being sent to a particular IP address from a particular host,
it needs to make sure it is either the first or the last to reply to ARP requests made by that
particular host. An easy way to be first or last is to have the only machine that replies to the
ARP requests. An attacker can simply use a machine assigned, via the normal operating system
configuration mechanisms, the same IP address as a machine that is currently not working. An
attacker attempting to masquerade his or her machine can simply turn the legitimate machine
off. The attacker does not need to have direct access to the power switch on the machine. The
machine can be turned off either by unplugging it or flipping the appropriate circuit breaker.
An alternative to disconnecting its power is to disconnect it from the network at some point in
the network wiring scheme. Third, the attacker can change the legitimate machine’s IP address
and leave it turned on if he or she can reconfigure the machine. Doing so is less likely to draw
attention or result in confusion from the machine’s user or administrator.
layer, the transport layer, and the application layer are susceptible. All application layer
protocols are at risk if the lower layers have been compromised. In this chapter, only the
application layer protocols intimately linked to the IP protocol are discussed. This includes
routing protocols and the DNS naming protocol. Other application layer protocols depend on
these two protocols to provide basic services to almost all applications using the Internet.
-Hardware Address Spoofing
At the hardware layer, any network interface for a shared-media network will have a hardware
interface address. As you read earlier in the discussion on sniffing, most network interfaces can
be put into promiscuous mode and receive frames with any destination address. A much more
serious problem occurs if the network interface can alter the source address and send data that
appears to come from various source addresses. In the IEEE 802 standards for networking (of
which Ethernet is a variant), each network interface has a 48-bit hardware address. It uses this
hardware address to match the variety of destination addresses of the frames it sees. The
interface copies frames with matching destination addresses into its internal buffer and notifies
the operating system that they are available for further processing. Packets coming from the
operating system to the interface do not typically specify a source address; the interface always
puts its hardware address in the source field.
Most software does not typically control the source field of frames leaving an Ethernet
interface. When another host examines a packet containing a hardware source address associated
with an interface of a particular machine, it assumes that the packet originated on that
machine and accepts it as authentic. An IEEE standards committee assigns each network
interface manufacturer a unique 24-bit prefix for the 48-bit hardware address; the manufacturer
assigns a unique 24-bit suffix to each interface it makes. Regardless, many interface cards
are configurable and allow host software to specify a source address other than the one assigned
by the manufacturer. This configurability makes it possible to use them to spoof the source
address.
DECNet, for example, uses 16-bit identifiers and requires that the leading 32 bits of the
hardware address be set to a fixed value to indicate that the packet is a DECNet packet. Any
network interface that is compatible with DECNet can have its hardware source address
altered in some way, either by software or switches on the interface board.
To see how common it is for a network interface to be able to spoof the source address,
however, recall how a bridge works. A bridge not only puts its interfaces into promiscuous
mode, but it also sets the hardware source address of packets sent out on its interfaces to match
the hardware source address of the originating interface. A PC with two software configurable
interfaces can be configured to be used as a bridge. Clearly, such software configurability has a
variety of malicious uses. The drawbridge software mentioned in the previous section on
hardware barriers to prevent sniffing is compatible with most Ethernet boards which means
most Ethernet boards will permit source address spoofing.
As you can see, it is not entirely safe to base the authenticity of a packet on the hardware
source address. Unfortunately, there is very little you can do to protect yourself against such
deviousness. One solution is to use digital signatures at the application layer. Unfortunately,
currently there are no protections in the IP network layer that will prevent a hardware address
spoofer from disguising one machine as another. If the victim machine is trusted (for example,
is allowed to NFS mount filesystems from another machine), the spoofer will be able to take
advantage of that trust and violate security without being detected. Fortunately, hardware
address spoofing is difficult (relative to many other spoofing methods) and requires penetration
of physical security.
Countering hardware level spoofing is difficult because it is virtually undetectable without
tracing the physical wiring. You need to trace the wiring to be certain no one has connected an
unauthorized machine and you also need to check to see if the authorized machines are using
the hardware address they should. The latter can be checked using sufficiently “intelligent”
hubs in secure locations.
All machines not in physically secure locations can be connected to hubs in secure locations.
Some “intelligent” hubs can be configured to accept or send packets or both to or from specific
hardware addresses on each port they service. Thus, you can configure the hub to accept only
packets with hardware addresses matching the manufacturer-assigned hardware address of the
interface on the authorized machine. This interface should be connected to the wall plate on
the far side of the wires connected to that port. Clearly, you are still relying on physical
security to be sure that the hub, wires, and authorized machine remain as they should.
Note Devices that perform hardware address verifications cannot be categorized as
“hubs” in the traditional sense and are probably actually specialized switches or
bridges. However, they are marketed as “active hubs” or “filtering hubs.” Such hubs
are available from 3Com, HP, and IBM.
-ARP Spoofing
A more common form of spoofing that is accidental is ARP spoofing. ARP (Address Resolution
Protocol) is part of Ethernet and some other similar protocols (such as token-ring) that
associate hardware addresses with IP addresses. ARP is not part of IP but part of these
Ethernet-like protocols; ARP supports IP and arbitrary network-layer protocols. When an IP
datagram is ready to go out on such a network, the host needs to know the hardware destination
address to associate with the given IP destination address. For local IP destinations, the
hardware address to use will be the hardware address of the destination interface. For non-local
destinations, the hardware address to use will be the hardware address of one of the routers on
the local network.
-How ARP and ARP Spoofing Work
To find the hardware address, the host sends out an ARP request using the hardware broadcast
address. A frame with the hardware broadcast address reaches every network interface on the
local network, and each host on the local network has its operating system interrupted by the
network interface. The ARP request is essentially asking the question, “What is the hardware
address corresponding to the IP address I have here?” Typically, only the host with the
matching IP address sends an ARP reply and the remaining hosts ignore the ARP request. The
ARP request contains the IP address of the sender of the request and reaches all hosts via a
broadcast.
Other hosts could potentially store the association between hardware address and IP address of
the sender of the request for future reference. The target of the request certainly would store
the association. It will almost certainly send an IP datagram in reply to the IP datagram it is
about to receive. The reply will require knowing the association between the IP address and
the hardware address of the sender of the ARP broadcast.
The association between the hardware address and the IP address of other machines on a
network is stored in an ARP cache on each host. When an IP datagram is about to leave a host,
the host consults the ARP cache to find the destination hardware address. If the host finds an
entry for the IP destination address, it need not make an ARP request. The entries in an ARP
cache expire after a few minutes.
Thus, when the ARP cache entry for a machine expires, an ARP request goes out to refresh the
entry. No reply comes back if the target machine goes down. The entries for its interface’s
hardware will disappear from the ARP caches in the other machines on the network. The other
machines will be unable to send out IP datagrams to the downed system after the ARP cache
entries expire. Before that point in time, IP datagrams are sent out but are not received. When
the machine comes back up, it will again be able to reply to ARP requests. If someone replaces
its interface, the now up and running machine will have a new hardware address and will use
that new hardware address in ARP replies. ARP caches throughout the network will reflect the
change, and IP datagrams go out using the new hardware address.
Because you expect the IP address to hardware address association will change over time, the
potential exists that the change may be legitimate. Sometimes it is purely accidental. Someone
may inadvertently assign a machine the same IP address held by another machine. On personal
computers or special purpose devices such as network printers or X Window System terminals,
the end user typically has access to a dialog box, command, or text file that sets the IP address.
On multiuser systems, the system administrator is typically the only one who can set the IP
addresses of the network interface(s). This arrangement is changing, however, as more inexperienced
IP-based end users with PCs set addresses. In addition, bureaucracies often separate
system administrators and network administrators that use the same network. Under such
circumstances it is common for two machines to end up with the same IP address. Duplication
can occur either by copying the network configuration from one personal computer to another
without the end user knowing the need for IP addresses to be unique. Duplication can also
occur if system administrators on a network do not work together when configuring system
addressing.
When two machines end up with the same IP address, both of them will naturally reply to an
ARP request for that address. Two replies to the request come back to the host that originated
the request. These replies will arrive in rapid succession, typically separated by at most a few
milliseconds. Some operating systems will not realize anything is wrong and simply file each
reply in the ARP cache with the slowest response remaining in the ARP cache until the entry
for that IP address expires. Other operating systems will discard ARP replies that correspond to
IP addresses already in the cache. These may or may not bother to check if the second reply
was a harmless duplicate or an indication an ARP spoof may be underway.
Thus, depending on the mechanism used to process duplicate ARP replies, if a spoofer wants
to be the target of the IP datagrams being sent to a particular IP address from a particular host,
it needs to make sure it is either the first or the last to reply to ARP requests made by that
particular host. An easy way to be first or last is to have the only machine that replies to the
ARP requests. An attacker can simply use a machine assigned, via the normal operating system
configuration mechanisms, the same IP address as a machine that is currently not working. An
attacker attempting to masquerade his or her machine can simply turn the legitimate machine
off. The attacker does not need to have direct access to the power switch on the machine. The
machine can be turned off either by unplugging it or flipping the appropriate circuit breaker.
An alternative to disconnecting its power is to disconnect it from the network at some point in
the network wiring scheme. Third, the attacker can change the legitimate machine’s IP address
and leave it turned on if he or she can reconfigure the machine. Doing so is less likely to draw
attention or result in confusion from the machine’s user or administrator.
Sniffing: How to Prevent It
To be able to prevent a sniffing attack, you first need to understand the network segments and
trust between computer systems.
Network Segmentation
A network segment consists of a set of machines that share low-level devices and wiring and see
the same set of data on their network interfaces. The wires on both sides of a repeater are
clearly in the same network segment because a repeater simply copies bits from one wire to the
other wire. An ordinary hub is essentially a multiport repeater; all the wires attached to it are
part of the same segment.
In higher-level devices, such as bridges, something different happens. The wires on opposite
sides of a bridge are not part of the same segment because the bridge filters out some of the
packets flowing through it. The same data is not flowing on both sides of the bridge. Some
packets flow through the bridge, but not all. The two segments are still part of the same
physical network. Any device on one side of the bridge can still send packets to any device on
the other side of the bridge. However, the exact same sets of data packets do not exist on both
sides of the bridge. Just as bridges can be used to set up boundaries between segments, so can
switches. Switches are essentially multiport bridges. Because they limit the flow of all data, a
careful introduction of bridges and switches can be used to limit the flow of sensitive information
and prevent sniffing on untrustworthy machines.
The introduction of switches and bridges into a network is traditionally motivated by factors
other than security. They enhance performance by reducing the collision rate of segments,
which is much higher without these components. Switches and bridges overcome the time
delay problems that occur when wires are too long or when simple repeaters or hubs introduce
additional time delay. As one is planning the network infrastructure one should keep these
other factors in mind as well. One can use these factors to sell the introduction of additional
hardware to parties less concerned with security.
266 Part II: Gaining Access and Securing the Gateway
A segment is a subset of machines on the same subnet. Routers are used to partition networks
into subnets. Hence, they also form borders between segments in a network. Unlike bridges
and switches, which do not interact with software on other devices, routers interact with
network layer software on the devices in the network. Machines on different subnets are always
part of different segments. Segments are divisions within subnets, although many subnets
consist of a single segment in many networks. Dividing a network into subnets with routers is
a more radical solution to the sniffing problem than dividing subnets into segments. However,
as you will see in a later section, it may help with some spoofing problems.
Segmentation of a network is the primary tool one has in fighting sniffing. Ideally, each
machine would be on its own segment and its interface would not have access to network data
for which it is not the destination. This ideal can be accomplished by using switches instead of
hubs to connect to individual machines in a 10BASE-T network. As a matter of practicality
and economics, however, one must often find a less ideal solution. Such solutions all involve
the notion of trust between machines. Machines that can trust each other can be on the same
segment without worry of one machine sniffing at the other’s data.
Understanding Trust
Typically, one thinks of trust at the application layer between file servers and clients. Clearly,
the file server trusts its clients to authenticate users. However, this notion of trust extends to
lower-level network devices as well. For example, at the network layer, routers are trusted to
deliver datagrams and correct routing tables to the hosts on their networks. Hosts are trusting
of routers and routers are trusted machines. If you extend the concept of trust down to the
data link layer one gets to sniffing. A machine sending data considered private on a particular
network segment must trust all machines on that network segment. To be worthy of that trust,
the machines on the segment and the wiring between them must have sufficient physical
security (locks on doors, armed guards, and such) to ensure that an attacker cannot install a
sniffer on that segment.
The threat of sniffing comes from someone installing sniffing software on a machine normally
on the network, someone taking a sniffer into a room and jacking it into the network connections
available there, or even installing an unauthorized network connection to sniff. To
counter these options, you must rely on the security of the operating system itself to prevent
the execution of unauthorized sniffing, the personal trustworthiness of the people who have
access to the rooms in which network components are located, and physical security to prevent
untrustworthy people from gaining access to these rooms.
Hardware Barriers
To create trustworthy segments, you must set up barriers between secure segments and
insecure segments. All of the machines on a segment must mutually trust each other with the
data traveling on the segment. An example of such a segment would be a segment that does
not extend outside the machine room of a computing facility. All machines are under the
control of a cooperating and mutually trusting systems staff. The personal trust between staff
members is mirrored by the mutual trust between the systems for which they are responsible.
The opposite of this is the belief and understanding that some segments simply must be
considered insecure. Insecure segments need not be trusted if those segments carry only public
or non-critical data. An example of such a segment is a university laboratory used only by
students. No guarantee of absolute security is made for the information stored. Possibly the
students realize that for this network drive only reasonable precautions will be taken to
maintain privacy by enforcement of password protections, file system access lists, and regular
backups.
It is less clear where to draw the line in a more professional business setting. The only basis for
trust between machines is for trust between the people who control the machines. Even if a
person can be trusted personally in an ethical sense, he or she may not be trustworthy technically
to administer a machine in such a way that an attacker could not abuse the machine
under his or her control.
trust between computer systems.
Network Segmentation
A network segment consists of a set of machines that share low-level devices and wiring and see
the same set of data on their network interfaces. The wires on both sides of a repeater are
clearly in the same network segment because a repeater simply copies bits from one wire to the
other wire. An ordinary hub is essentially a multiport repeater; all the wires attached to it are
part of the same segment.
In higher-level devices, such as bridges, something different happens. The wires on opposite
sides of a bridge are not part of the same segment because the bridge filters out some of the
packets flowing through it. The same data is not flowing on both sides of the bridge. Some
packets flow through the bridge, but not all. The two segments are still part of the same
physical network. Any device on one side of the bridge can still send packets to any device on
the other side of the bridge. However, the exact same sets of data packets do not exist on both
sides of the bridge. Just as bridges can be used to set up boundaries between segments, so can
switches. Switches are essentially multiport bridges. Because they limit the flow of all data, a
careful introduction of bridges and switches can be used to limit the flow of sensitive information
and prevent sniffing on untrustworthy machines.
The introduction of switches and bridges into a network is traditionally motivated by factors
other than security. They enhance performance by reducing the collision rate of segments,
which is much higher without these components. Switches and bridges overcome the time
delay problems that occur when wires are too long or when simple repeaters or hubs introduce
additional time delay. As one is planning the network infrastructure one should keep these
other factors in mind as well. One can use these factors to sell the introduction of additional
hardware to parties less concerned with security.
266 Part II: Gaining Access and Securing the Gateway
A segment is a subset of machines on the same subnet. Routers are used to partition networks
into subnets. Hence, they also form borders between segments in a network. Unlike bridges
and switches, which do not interact with software on other devices, routers interact with
network layer software on the devices in the network. Machines on different subnets are always
part of different segments. Segments are divisions within subnets, although many subnets
consist of a single segment in many networks. Dividing a network into subnets with routers is
a more radical solution to the sniffing problem than dividing subnets into segments. However,
as you will see in a later section, it may help with some spoofing problems.
Segmentation of a network is the primary tool one has in fighting sniffing. Ideally, each
machine would be on its own segment and its interface would not have access to network data
for which it is not the destination. This ideal can be accomplished by using switches instead of
hubs to connect to individual machines in a 10BASE-T network. As a matter of practicality
and economics, however, one must often find a less ideal solution. Such solutions all involve
the notion of trust between machines. Machines that can trust each other can be on the same
segment without worry of one machine sniffing at the other’s data.
Understanding Trust
Typically, one thinks of trust at the application layer between file servers and clients. Clearly,
the file server trusts its clients to authenticate users. However, this notion of trust extends to
lower-level network devices as well. For example, at the network layer, routers are trusted to
deliver datagrams and correct routing tables to the hosts on their networks. Hosts are trusting
of routers and routers are trusted machines. If you extend the concept of trust down to the
data link layer one gets to sniffing. A machine sending data considered private on a particular
network segment must trust all machines on that network segment. To be worthy of that trust,
the machines on the segment and the wiring between them must have sufficient physical
security (locks on doors, armed guards, and such) to ensure that an attacker cannot install a
sniffer on that segment.
The threat of sniffing comes from someone installing sniffing software on a machine normally
on the network, someone taking a sniffer into a room and jacking it into the network connections
available there, or even installing an unauthorized network connection to sniff. To
counter these options, you must rely on the security of the operating system itself to prevent
the execution of unauthorized sniffing, the personal trustworthiness of the people who have
access to the rooms in which network components are located, and physical security to prevent
untrustworthy people from gaining access to these rooms.
Hardware Barriers
To create trustworthy segments, you must set up barriers between secure segments and
insecure segments. All of the machines on a segment must mutually trust each other with the
data traveling on the segment. An example of such a segment would be a segment that does
not extend outside the machine room of a computing facility. All machines are under the
control of a cooperating and mutually trusting systems staff. The personal trust between staff
members is mirrored by the mutual trust between the systems for which they are responsible.
The opposite of this is the belief and understanding that some segments simply must be
considered insecure. Insecure segments need not be trusted if those segments carry only public
or non-critical data. An example of such a segment is a university laboratory used only by
students. No guarantee of absolute security is made for the information stored. Possibly the
students realize that for this network drive only reasonable precautions will be taken to
maintain privacy by enforcement of password protections, file system access lists, and regular
backups.
It is less clear where to draw the line in a more professional business setting. The only basis for
trust between machines is for trust between the people who control the machines. Even if a
person can be trusted personally in an ethical sense, he or she may not be trustworthy technically
to administer a machine in such a way that an attacker could not abuse the machine
under his or her control.
Sniffing
Sniffing is the use of a network interface to receive data not intended for the machine in which the interface resides. A variety of types of machines need to have this capability. A token-ring bridge, for example, typically has two network interfaces that normally receive all packets traveling on the media on one interface and retransmit some, but not all, of these packets on the other interface. Another example of a device that incorporates sniffing is one typically marketed as a “network analyzer.” A network analyzer helps network administrators diagnose a
variety of obscure problems that may not be visible on any one particular host. These problems can involve unusual interactions between more than just one or two machines and sometimes involve a variety of protocols interacting in strange ways.
Devices that incorporate sniffing are useful and necessary. However, their very existence implies that a malicious person could use such a device or modify an existing machine to snoop on network traffic. Sniffing programs could be used to gather passwords, read inter-machine
e-mail, and examine client-server database records in transit. Besides these high-level data, lowlevel information might be used to mount an active attack on data in another computer
system.
Sniffing: How It Is Done
In a shared media network, such as Ethernet, all network interfaces on a network segment have access to all of the data that travels on the media. Each network interface has a hardware-layer address that should differ from all hardware-layer addresses of all other network interfaces on the network. Each network also has at least one broadcast address that corresponds not to an individual network interface, but to the set of all network interfaces. Normally, a network interface will only respond to a data frame carrying either its own hardware-layer address in the frame’s destination field or the “broadcast address” in the destination field. It responds to these frames by generating a hardware interrupt to the CPU. This interrupt gets the attention of the operating system, and passes the data in the frame to the operating system for further processing.
Note The term “broadcast address” is somewhat misleading. When the sender wants to
get the attention of the operating systems of all hosts on the network, he or she uses the “broadcast address.” Most network interfaces are capable of being put into a
“promiscuous mode.” In promiscuous mode, network interfaces generate a hardware
interrupt to the CPU for every frame they encounter, not just the ones with
their own address or the “broadcast address.” The term “shared media” indicates to
the reader that such networks broadcast all frames—the frames travel on all the
physical media that make up the network.
At times, you may hear network administrators talk about their networking trouble spots— when they observe failures in a localized area. They will say a particular area of the Ethernet is
busier than other areas of the Ethernet where there are no problems. All of the packets travel through all parts of the Ethernet segment. Interconnection devices that do not pass all the frames from one side of the device to the other form the boundaries of a segment. Bridges,switches, and routers divide segments from each other, but low-level devices that operate on one bit at a time, such as repeaters and hubs, do not divide segments from each other. If only low-level devices separate two parts of the network, both are part of a single segment. All frames traveling in one part of the segment also travel in the other part.
The broadcast nature of shared media networks affects network performance and reliability so
greatly that networking professionals use a network analyzer, or sniffer, to troubleshoot problems. A sniffer puts a network interface in promiscuous mode so that the sniffer can monitor each data packet on the network segment. In the hands of an experienced system administrator, a sniffer is an invaluable aid in determining why a network is behaving (or misbehaving) the way it is. With an analyzer, you can determine how much of the traffic is due to which network protocols, which hosts are the source of most of the traffic, and which hosts
are the destination of most of the traffic. You can also examine data traveling between a particular pair of hosts and categorize it by protocol and store it for later analysis offline. With a sufficiently powerful CPU, you can also do the analysis in real time.Most commercial network sniffers are rather expensive, costing thousands of dollars. When you examine these closely, you notice that they are nothing more than a portable computer with an Ethernet card and some special software. The only item that differentiates a sniffer from an ordinary computer is software. It is also easy to download shareware and freeware sniffing software from the Internet or various bulletin board systems.
The ease of access to sniffing software is great for network administrators because this type of software helps them become better network troubleshooters. However, the availability of this software also means that malicious computer users with access to a network can capture all the data flowing through the network. The sniffer can capture all the data for a short period of time or selected portions of the data for a fairly long period of time. Eventually, the malicious user will run out of space to store the data—the network I use often has 1000 packets per second flowing on it. Just capturing the first 64 bytes of data from each packet fills up my
system’s local disk space within the hour.
Note Esniff.c is a simple 300-line C language program that works on SunOS 4.x. When
run by the root user on a Sun workstation, Esniff captures the first 300 bytes of each TCP/IP connection on the local network. It is quite effective at capturing all
usernames and passwords entered by users for telnet, rlogin, and FTP.TCPDump 3.0.2 is a common, more sophisticated, and more portable Unix sniffing program written by Van Jacobson, a famous developer of high-quality TCP/IP
software. It uses the libpcap library for portably interfacing with promiscuous mode
network interfaces. The most recent version is available via anonymous FTP to ftp.ee.lbl.gov.
NetMan contains a more sophisticated, portable Unix sniffer in several programs in
its network management suite. The latest version of NetMan is available via anonymous FTP to ftp.cs.curtin.edu.au in the directory /pub/netman.
EthDump is a sniffer that runs under DOS and can be obtained via anonymous FTP
from ftp.eu.germany.net in the directory /pub/networking/inet/ethernet/.
On some Unix systems, TCPDump comes bundled with the vendor OS. When
run by an ordinary, unprivileged user, it does not put the network interface into
promiscuous mode. With this command available, a user can only see data being
sent to the Unix host, but is not limited to seeing data sent to processes owned by
the user. Systems administrators concerned about sniffing should remove user
execution privileges from this program.
Sniffing: How It Threatens Security
Sniffing data from the network leads to loss of privacy of several kinds of information that
should be private for a computer network to be secure. These kinds of information include the
following:
n Passwords
n Financial account numbers
n Private data
n Low-level protocol information
The following subsections are intended to provide examples of these kinds.
Warning
Sniffing Passwords
Perhaps the most common loss of computer privacy is the loss of passwords. Typical users type
a password at least once a day. Data is often thought of as secure because access to it requires a
password. Users usually are very careful about guarding their password by not sharing it with
anyone and not writing it down anywhere.
Passwords are used not only to authenticate users for access to the files they keep in their
private accounts but other passwords are often employed within multilevel secure database
systems. When the user types any of these passwords, the system does not echo them to the
computer screen to ensure that no one will see them. After jealously guarding these passwords
and having the computer system reinforce the notion that they are private, a setup that sends
each character in a password across the network is extremely easy for any Ethernet sniffer to
see. End users do not realize just how easily these passwords can be found by someone using a
simple and common piece of software.
Sniffing Financial Account Numbers
Most users are uneasy about sending financial account numbers, such as credit card numbers
and checking account numbers, over the Internet. This apprehension may be partly because of
the carelessness most retailers display when tearing up or returning carbons of credit card
receipts. The privacy of each user’s credit card numbers is important. Although the Internet is
by no means bulletproof, the most likely location for the loss of privacy to occur is at the
endpoints of the transmission. Presumably, businesses making electronic transactions are as
fastidious about security as those that make paper transactions, so the highest risk probably
comes from the same local network in which the users are typing passwords.
However, much larger potential losses exist for businesses that conduct electronic funds
transfer or electronic document interchange over a computer network. These transactions
involve the transmission of account numbers that a sniffer could pick up; the thief could then
transfer funds into his or her own account or order goods paid for by a corporate account.
Most credit card fraud of this kind involves only a few thousand dollars per incident.
Sniffing Private Data
Loss of privacy is also common in e-mail transactions. Many e-mail messages have been
publicized without the permission of the sender or receiver. Remember the Iran-Contra affair
in which President Reagan’s secretary of defense, Caspar Weinberger, was convicted. A crucial
piece of evidence was backup tapes of PROFS e-mail on a National Security Agency computer.
The e-mail was not intercepted in transit, but in a typical networked system, it could have
been. It is not at all uncommon for e-mail to contain confidential business information or
personal information. Even routine memos can be embarrassing when they fall into the wrong
hands.
Sniffing Low-Level Protocol Information
Information network protocols send between computers includes hardware addresses of local
network interfaces, the IP addresses of remote network interfaces, IP routing information, and
sequence numbers assigned to bytes on a TCP connection. Knowledge of any of this information
can be misused by someone interested in attacking the security of machines on the
network. See the second part of this chapter for more information on how these data can pose
risks for the security of a network. A sniffer can obtain any of these data. After an attacker has
this kind of information, he or she is in a position to turn a passive attack into an active attack
with even greater potential for damage.
variety of obscure problems that may not be visible on any one particular host. These problems can involve unusual interactions between more than just one or two machines and sometimes involve a variety of protocols interacting in strange ways.
Devices that incorporate sniffing are useful and necessary. However, their very existence implies that a malicious person could use such a device or modify an existing machine to snoop on network traffic. Sniffing programs could be used to gather passwords, read inter-machine
e-mail, and examine client-server database records in transit. Besides these high-level data, lowlevel information might be used to mount an active attack on data in another computer
system.
Sniffing: How It Is Done
In a shared media network, such as Ethernet, all network interfaces on a network segment have access to all of the data that travels on the media. Each network interface has a hardware-layer address that should differ from all hardware-layer addresses of all other network interfaces on the network. Each network also has at least one broadcast address that corresponds not to an individual network interface, but to the set of all network interfaces. Normally, a network interface will only respond to a data frame carrying either its own hardware-layer address in the frame’s destination field or the “broadcast address” in the destination field. It responds to these frames by generating a hardware interrupt to the CPU. This interrupt gets the attention of the operating system, and passes the data in the frame to the operating system for further processing.
Note The term “broadcast address” is somewhat misleading. When the sender wants to
get the attention of the operating systems of all hosts on the network, he or she uses the “broadcast address.” Most network interfaces are capable of being put into a
“promiscuous mode.” In promiscuous mode, network interfaces generate a hardware
interrupt to the CPU for every frame they encounter, not just the ones with
their own address or the “broadcast address.” The term “shared media” indicates to
the reader that such networks broadcast all frames—the frames travel on all the
physical media that make up the network.
At times, you may hear network administrators talk about their networking trouble spots— when they observe failures in a localized area. They will say a particular area of the Ethernet is
busier than other areas of the Ethernet where there are no problems. All of the packets travel through all parts of the Ethernet segment. Interconnection devices that do not pass all the frames from one side of the device to the other form the boundaries of a segment. Bridges,switches, and routers divide segments from each other, but low-level devices that operate on one bit at a time, such as repeaters and hubs, do not divide segments from each other. If only low-level devices separate two parts of the network, both are part of a single segment. All frames traveling in one part of the segment also travel in the other part.
The broadcast nature of shared media networks affects network performance and reliability so
greatly that networking professionals use a network analyzer, or sniffer, to troubleshoot problems. A sniffer puts a network interface in promiscuous mode so that the sniffer can monitor each data packet on the network segment. In the hands of an experienced system administrator, a sniffer is an invaluable aid in determining why a network is behaving (or misbehaving) the way it is. With an analyzer, you can determine how much of the traffic is due to which network protocols, which hosts are the source of most of the traffic, and which hosts
are the destination of most of the traffic. You can also examine data traveling between a particular pair of hosts and categorize it by protocol and store it for later analysis offline. With a sufficiently powerful CPU, you can also do the analysis in real time.Most commercial network sniffers are rather expensive, costing thousands of dollars. When you examine these closely, you notice that they are nothing more than a portable computer with an Ethernet card and some special software. The only item that differentiates a sniffer from an ordinary computer is software. It is also easy to download shareware and freeware sniffing software from the Internet or various bulletin board systems.
The ease of access to sniffing software is great for network administrators because this type of software helps them become better network troubleshooters. However, the availability of this software also means that malicious computer users with access to a network can capture all the data flowing through the network. The sniffer can capture all the data for a short period of time or selected portions of the data for a fairly long period of time. Eventually, the malicious user will run out of space to store the data—the network I use often has 1000 packets per second flowing on it. Just capturing the first 64 bytes of data from each packet fills up my
system’s local disk space within the hour.
Note Esniff.c is a simple 300-line C language program that works on SunOS 4.x. When
run by the root user on a Sun workstation, Esniff captures the first 300 bytes of each TCP/IP connection on the local network. It is quite effective at capturing all
usernames and passwords entered by users for telnet, rlogin, and FTP.TCPDump 3.0.2 is a common, more sophisticated, and more portable Unix sniffing program written by Van Jacobson, a famous developer of high-quality TCP/IP
software. It uses the libpcap library for portably interfacing with promiscuous mode
network interfaces. The most recent version is available via anonymous FTP to ftp.ee.lbl.gov.
NetMan contains a more sophisticated, portable Unix sniffer in several programs in
its network management suite. The latest version of NetMan is available via anonymous FTP to ftp.cs.curtin.edu.au in the directory /pub/netman.
EthDump is a sniffer that runs under DOS and can be obtained via anonymous FTP
from ftp.eu.germany.net in the directory /pub/networking/inet/ethernet/.
On some Unix systems, TCPDump comes bundled with the vendor OS. When
run by an ordinary, unprivileged user, it does not put the network interface into
promiscuous mode. With this command available, a user can only see data being
sent to the Unix host, but is not limited to seeing data sent to processes owned by
the user. Systems administrators concerned about sniffing should remove user
execution privileges from this program.
Sniffing: How It Threatens Security
Sniffing data from the network leads to loss of privacy of several kinds of information that
should be private for a computer network to be secure. These kinds of information include the
following:
n Passwords
n Financial account numbers
n Private data
n Low-level protocol information
The following subsections are intended to provide examples of these kinds.
Warning
Sniffing Passwords
Perhaps the most common loss of computer privacy is the loss of passwords. Typical users type
a password at least once a day. Data is often thought of as secure because access to it requires a
password. Users usually are very careful about guarding their password by not sharing it with
anyone and not writing it down anywhere.
Passwords are used not only to authenticate users for access to the files they keep in their
private accounts but other passwords are often employed within multilevel secure database
systems. When the user types any of these passwords, the system does not echo them to the
computer screen to ensure that no one will see them. After jealously guarding these passwords
and having the computer system reinforce the notion that they are private, a setup that sends
each character in a password across the network is extremely easy for any Ethernet sniffer to
see. End users do not realize just how easily these passwords can be found by someone using a
simple and common piece of software.
Sniffing Financial Account Numbers
Most users are uneasy about sending financial account numbers, such as credit card numbers
and checking account numbers, over the Internet. This apprehension may be partly because of
the carelessness most retailers display when tearing up or returning carbons of credit card
receipts. The privacy of each user’s credit card numbers is important. Although the Internet is
by no means bulletproof, the most likely location for the loss of privacy to occur is at the
endpoints of the transmission. Presumably, businesses making electronic transactions are as
fastidious about security as those that make paper transactions, so the highest risk probably
comes from the same local network in which the users are typing passwords.
However, much larger potential losses exist for businesses that conduct electronic funds
transfer or electronic document interchange over a computer network. These transactions
involve the transmission of account numbers that a sniffer could pick up; the thief could then
transfer funds into his or her own account or order goods paid for by a corporate account.
Most credit card fraud of this kind involves only a few thousand dollars per incident.
Sniffing Private Data
Loss of privacy is also common in e-mail transactions. Many e-mail messages have been
publicized without the permission of the sender or receiver. Remember the Iran-Contra affair
in which President Reagan’s secretary of defense, Caspar Weinberger, was convicted. A crucial
piece of evidence was backup tapes of PROFS e-mail on a National Security Agency computer.
The e-mail was not intercepted in transit, but in a typical networked system, it could have
been. It is not at all uncommon for e-mail to contain confidential business information or
personal information. Even routine memos can be embarrassing when they fall into the wrong
hands.
Sniffing Low-Level Protocol Information
Information network protocols send between computers includes hardware addresses of local
network interfaces, the IP addresses of remote network interfaces, IP routing information, and
sequence numbers assigned to bytes on a TCP connection. Knowledge of any of this information
can be misused by someone interested in attacking the security of machines on the
network. See the second part of this chapter for more information on how these data can pose
risks for the security of a network. A sniffer can obtain any of these data. After an attacker has
this kind of information, he or she is in a position to turn a passive attack into an active attack
with even greater potential for damage.
-Buat Game FPS Sendiri Bagian 1-
Sekarang ini banyak sekali game yang beredar di pasaran, mulai dari game yang classic banget sampai game 3D bertekhnologi tinggi. Tapi, pernah tidak kamu berfikir untuk membuat game sendiri? Mungkin kamu semua pernah berfikir seperti itu, membuat game sendiri. Tapi, terbentur oleh kemampuan programingmu yang belum matang atau belum bisa sama sekali dalam hal programing, sehingga kamu mengurungkan niatmu untuk membuat game.
Tapi faktanya, buat game itu ngak harus bisa programming dan ngak sulit-sulit amat kok. Kamu bisa buat game kamu sendiri, tapi dengan satu syarat….. “Mau belajar”….
Ngak percaya bisa buat game sendiri?
Saya ajarin deh biar percaya…
Game pertama yang akan kita buat adalah game dengan genre FPS atau first person shooter dengan tampilan full 3D.
Pasti dalam benak anda pasti sulit banget buat FPS 3D. Belum bikin design karakter, bikin AI script, dan lainnya……
Jawabanya : SALAH BESAR
Untuk membuat game 3D anda hanya butuh sebuah game engine khusus. Seperti Quake, atau Farcry. Tetapi yang jadi masalah kedua tipe game engine ini sangat sulit digunakan oleh pemula, dan harganya mahal walaupun di Indonesia hal ini tidak masalah (ada bajakannya kok). Untuk itu, kita akan menggunakan sebuah game engine khusus FPS yaitu, FPS creator. Selain karena lebih murah, engine ini mudah digunakan dan sangat bagus. Anda bisa membelinya di www.fpscreator.com. Disana anda juga bias membaca dengan lengkap mengenai FPS creator. Anda juga bisa mengupdate dan membeli model packs untuk FPS creator disana. (Kalau ngak punya duit…, silahkan email saya. ^.^)
Jika anda sudah mempunyai programnya, kemuadian Install FPS creator. Lalu lanjutkan dengan menjalankan FPS Creator yang telah terinstall. Akan muncul tampilan pertama layer utama seperti berikut ini:
Bulat hitam yang ditengah adalah render shroud, gunanya untuk melihat itmes dengan tampilan 3D. Selain yang didalam render shroud tersebut, items nya tidak akan ditampilkan dalam bentuk 3D. Ini berguna untuk menghemat memory.
Lihat disamping kiri ada tool box… bertuliskan prefabs, segment, entities, dan markers….
Nah…, saya menjelaskan sampai disini dulu. Lanjutannya udah ada kok, tunggu aj…..
Tapi faktanya, buat game itu ngak harus bisa programming dan ngak sulit-sulit amat kok. Kamu bisa buat game kamu sendiri, tapi dengan satu syarat….. “Mau belajar”….
Ngak percaya bisa buat game sendiri?
Saya ajarin deh biar percaya…
Game pertama yang akan kita buat adalah game dengan genre FPS atau first person shooter dengan tampilan full 3D.
Pasti dalam benak anda pasti sulit banget buat FPS 3D. Belum bikin design karakter, bikin AI script, dan lainnya……
Jawabanya : SALAH BESAR
Untuk membuat game 3D anda hanya butuh sebuah game engine khusus. Seperti Quake, atau Farcry. Tetapi yang jadi masalah kedua tipe game engine ini sangat sulit digunakan oleh pemula, dan harganya mahal walaupun di Indonesia hal ini tidak masalah (ada bajakannya kok). Untuk itu, kita akan menggunakan sebuah game engine khusus FPS yaitu, FPS creator. Selain karena lebih murah, engine ini mudah digunakan dan sangat bagus. Anda bisa membelinya di www.fpscreator.com. Disana anda juga bias membaca dengan lengkap mengenai FPS creator. Anda juga bisa mengupdate dan membeli model packs untuk FPS creator disana. (Kalau ngak punya duit…, silahkan email saya. ^.^)
Jika anda sudah mempunyai programnya, kemuadian Install FPS creator. Lalu lanjutkan dengan menjalankan FPS Creator yang telah terinstall. Akan muncul tampilan pertama layer utama seperti berikut ini:
Bulat hitam yang ditengah adalah render shroud, gunanya untuk melihat itmes dengan tampilan 3D. Selain yang didalam render shroud tersebut, items nya tidak akan ditampilkan dalam bentuk 3D. Ini berguna untuk menghemat memory.
Lihat disamping kiri ada tool box… bertuliskan prefabs, segment, entities, dan markers….
Nah…, saya menjelaskan sampai disini dulu. Lanjutannya udah ada kok, tunggu aj…..
Subscribe to:
Posts (Atom)
