Saturday, October 23, 2010

Counting hours...


hurmm...dah lama tak update blog ngn tulisan sendiri,
selalunya asyik forward je info yg aku rasa nak share...
ari ni sekadar update sikit jer...
setelah lebih kurang seminggu masuk ke SEM KE 2 tuk Tahun ke-2...
buat masa ni,sume subjek selamat diregister n dah belajar pun...
so far,sume ok...skrg baru belajar ape yg diapply dalam C.E.H(Certified Ethical Hacking) tu pun baru part2 mula tuk course tu..takpe atleast aku dh tau mane2 part yg kena concentrate...
btw,skrg tgh mengira masa...
esok aku ada exam lagi...
org duk tyer,"hah??!! exam ??!!"
haha...maybe pelik pasal hari jumaat ni baru kuar result sem lepas...
takkan dah ada exam kan...ramai terkezut...
bukan exam ape pun...just exam extra course yg aku amek(C.E.H)...amek sijil diMMU ni..
so,hari ni mcm2 soalan dituju,almaklum la result baru kuar...masing2 duk bertanya...
tp aku tak tgk lagi....kena tahan dulu tuk tak hilang fokus belajar tuk Exam esok...
sbb aku rasa result maybe tak bagus...takut2 nnt bila tgk,terus hilang mood nk study...
dah r CEH ni pun bukan senang...pening gak aku nk faham konsep nyer...
ape2 pun baca r soalan2 lepas...Lec ckp soalan dia keep kuar yg sama tp maybe 20% ubah sikit....80% sume dia bagi r cth2 soalan...
masalahnya soalan yg dia kasi dlm 573 soalan,tu baru 1 file,ada 3 file yg dia kasi yg lebih kurg sama byk soalannyer...huhu...yg masuk dlm exam 150 soalan...(x_X)...
pinau mata aku baca soalan2 nyer...huhu...takpe,usaha mane mampu...sini aku kongsi sikit soalan2 yg menarik perhatian aku...

While examining a log report you find out that an intrusion has been attempted by a machine
whose IP address is displayed as 3405906949. It looks to you like a decimal number. You
perform a ping 3405906949. Which of the following IP addresses will respond to the ping and
hence will likely be responsible for the the intrusion ?

>>ada cara nk tukar IP address 3405906949 kpd gak r...

John is the network administrator of XSECURITY systems. His network was
recently compromised. He analyzes the logfiles to investigate the attack.
Take a look at the following Linux logfile snippet. The hacker compromised and
"owned" a Linux machine. What is the hacker trying to accomplish here?

[root@apollo /]# rm rootkit.c
[root@apollo /]# [root@apollo /]# ps -aux | grep inetd ; ps -aux | grep portmap ;
rm/sbin/portmap ; rm /tmp/h ; rm /usr/sbin/rpc.portmap ; rm -rf .bash* ; rm -
rf/root/.bash_history ; rm - rf /usr/sbin/namedps -aux | grep inetd ; ps -aux | grep
portmap ; rm /sbin/por359 ? 00:00:00 inetd 359 ? 00:00:00 inetd
rm: cannot remove `/tmp/h': No such file or directory
rm: cannot remove `/usr/sbin/rpc.portmap': No such file or directory
[root@apollo /]# ps -aux | grep portmap
[root@apollo /]# [root@apollo /]# ps -aux | grep inetd ; ps -aux | grep portmap ; rm
/sbin/portmap ;
rm /tmp/h ; rm /usr/sbin/rpc.portmap ; rm -rf .bash* ; rm -rf /root/.bash_history ;
rm - rf /usr/sbin/namedps -aux | grep inetd ; ps -aux | grep portmap ; rm
/sbin/por359 ? 00:00:00 inetd
rm: cannot remove `/sbin/portmap': No such file or directory
rm: cannot remove `/tmp/h': No such file or directory
>rm: cannot remove `/usr/sbin/rpc.portmap': No such file or directory
[root@apollo /]# rm: cannot remove `/sbin/portmap': No such file or directory

A. The hacker is planting a rootkit
B. The hacker is trying to cover his tracks
C. The hacker is running a buffer overflow exploit to lock down the system
D. The hacker is attempting to compromise more machines on the network

>> tgk code dia...tak ke pinau mata...

Travis works primarily from home as a medical transcriptions.
He just bought a brand new Dual Core Pentium Computer with over 3 GB of RAM.
He uses voice recognition software is processor intensive, which is why he bought
the new computer. Travis frequently has to get on the Internet to do research on
what he is working on. After about two months of working on his new computer, he
notices that it is not running nearly as fast as it used to.
Travis uses antivirus software, anti-spyware software and always keeps the
computer up-to-date with Microsoft patches.
After another month of working on the computer, Travis computer is even more
noticeable slow. Every once in awhile, Travis also notices a window or two pop-up
on his screen, but they quickly disappear. He has seen these windows show up, even
when he has not been on the Internet. Travis is really worried about his computer
because he spent a lot of money on it and he depends on it to work. Travis scans his
through Windows Explorer and check out the file system, folder by folder to see if
there is anything he can find. He spends over four hours pouring over the files and
folders and can't find anything but before he gives up, he notices that his computer
only has about 10 GB of free space available. Since has drive is a 200 GB hard drive,
Travis thinks this is very odd.
Travis downloads Space Monger and adds up the sizes for all the folders and files on
his computer. According to his calculations, he should have around 150 GB of free
space. What is mostly likely the cause of Travi's problems?

A. Travis's Computer is infected with stealth kernel level rootkit
B. Travi's Computer is infected with Stealth Torjan Virus
C. Travis's Computer is infected with Self-Replication Worm that fills the hard disk
D. Logic Bomb's triggered at random times creating hidden data consuming junk files

>>ni soalan yg paling menarik perhatian penerangan bg jwpn dia :-

Explanation: A rootkit can take full control of a system. A rootkit's only purpose is
to hide files, network connections, memory addresses, or registry entries from other
programs used by system administrators to detect intended or unintended special
privilege accesses to the computer resources

ok la setakat tu je nk share...badan pun penat + sengal...3 hari berturut-turut training tuk silat olahraga....lebam sana,sakit sini....adat r tu...ape2 pun tunggu je la esok....exam +result...huhu

0 celoteh:

Related Posts Plugin for WordPress, Blogger...