Category Archives: Etc

Your WordPress Website is Slow? – perhaps you have WP-Statistics plugin installed?

A few days ago a client contacted me and said that their website is down. I checked the server, and indeed the server is very overloaded. In total it got 36 cores – and they’re all 100% utilized.

As usual I checked the whole stack, but today it’s something different – the MySQL / database server was the culprit. It was performing very slowly, and in turn caused the webserver to slow down as well.

In the slow query log, some queries kept showing up with crazy query times, in tens of seconds.
For comparison – all of the other queries finishes in less than a second.

MySQL’s slow query log is your friend – it enable you to find problematic queries very quickly.

And all those slow queries are in these tables:

wp_statistics_useronline
wp_statistics_visitor

I checked the currently running queries with “mysqladmin processlist“, and almost all (hundreds of them) queued queries are those involving those tables, looking for specific content in the field “ip”. They’re all looked like these:

SELECT location FROM wp_statistics_visitor WHERE ip = '88.88.88.88'
SELECT * FROM wp_statistics_useronline WHERE ip = '99.99.99.99'

On a hunch, I checked the structure of those tables. And right enough, there’s no index for “ip”

An index can increase a query’s performance by a, very, significant amount.

When the size of those tables are big enough, and you have a higher traffic than usual (they just published a very important information that’s of interest to a lot of people) – then suddenly these seemingly innocent queries were able to bring down a 36-core server to its knees.

Anyway, now we know the culprit, the solution is easy enough:

alter table wp_statistics_useronline add index (ip);
alter table wp_statistics_visitor add index (ip);

And voilà – in an instant, the website was up again, and the CPU utilization dropped to nearly zero.

Everyone’s happy, and I have also notified the developers about the issue as well.

Manajemen Finansial

For English (and other) speakers: this is a post about general financial management. Click on the “Translate” button on the right to have this article translated into your language.

Tidak sengaja saya membaca artikel tentang FI/RE (Financial Independence/Retiring Early). Di dunia yang ideal, semua orang punya akses ke UBI (Universal Basic Income) – yaitu dimana Pemerintah menjamin bahwa setiap bulan Anda akan selalu mendapatkan sejumlah uang.

Namun ketika ini belum ada, maka kita perlu melakukan berbagai usaha lainnya agar kondisi finansial keluarga kita selalu aman. Artikel ini adalah catatan pribadi saya tentang berbagai informasi terkait hal ini.

Disclaimer: artikel ini hanya catatan pribadi saya. Keuntungan/kerugian finansial yang terjadi karena membaca isi artikel ini bukan tanggung jawab saya. Dengan mengakses artikel ini, maka Anda telah setuju dengan disclaimer ini.

Mayoritas orang hidup dari gajian ke gajian. Jumlah tabungan minim. Atau kalaupun ada tabungan/investasi, kurang dikelola – sehingga kalah cepat dari besaran inflasi
= jumlah uang Anda malah berkurang setiap tahunnya ……

INFLASI – Target untuk dikalahkan

Selama 2010 s/d 2020, rata-rata inflasi per tahun adalah 4.48%

Artinya : nilai uang Anda berkurang sebesar 4.48% setiap tahun.

Maka, strategi investasi / tabungan Anda harus memberikan hasil yang lebih besar dari ini.
(setelah dipotong pajak, zakat, komisi, dst).

Mari kita lihat beberapa strategi investasi / tabungan yang ada:

1. EMAS

Dengan rata-rata peningkatan nilai investasi sebesar 21,67% setiap tahun, emas jelas bisa mengalahkan gerogot inflasi pada harta Anda.

RESIKO KERUGIAN INVESTASI : rendah

Tantangan

  1. Penyimpanan : Safe deposit bank : bukan jaminan aman, di luar negeri sudah sering terjadi kasus safe deposit box yang lenyap.
  2. Penyimpanan : Rumah : ukuran emas memang kecil sehingga mudah disembunyikan, namun jangan sampai lupa tempatnya. Keberadaan emas di rumah juga bisa membahayakan penghuni jika sampai diketahui oleh penjahat.

PROS

  1. Ukuran kecil, mudah disimpan.
  2. Cukup likuid / mudah dijual kembali, beda dengan misalnya perak.

CONS

  1. Resiko menyimpan benda berharga yang berbentuk fisik.
  2. Harganya cenderung agak mahal.
  3. Musti paham emas seperti apa yang harganya stabil – beberapa bentuk emas, seperti dinar dll, harganya bisa jatuh cukup banyak ketika dijual kembali.

x

TANAH / RUMAH / PROPERTI

RESIKO KERUGIAN INVESTASI : Agak tinggi

PROS

  1. Jika tepat memilih lokasi, ROI (return on investment) bisa cukup tinggi.

CONS

  1. Sangat tergantung pada lokasi : jika salah pilih lokasi, malah bisa turun harga dan/atau sulit dijual kembali.
  2. Cenderung tidak likuid : susah dijual dalam waktu cepat, kecuali jika harganya diturunkan jauh di bawah harga pasar.
  3. Potensi resiko : mafia tanah : bukan sekali dua kali kejadian mendadak tanah sudah dikuasai oleh pihak lainnya, lengkap dengan sertifikat tanah asli.
  4. Modal tinggi : membutuhkan dana dalam jumlah besar untuk melakukan investasi jenis ini.

.

LAIN-LAIN

Tentu saja masih ada banyak sekali skema-skema tabungan & investasi lainnya. Misalnya di luar negeri ada berbagai institusi Fund Management yang bisa membantu mengelola dana Anda. Anda bisa turut bergabung dengan dana yang tidak besar dan cenderung aman.

Silakan jika ada saran / masukan, bisa disampaikan via Telegram atau Facebook di bawah ini.

.

Penutup

Artikel ini masih belum selesai, karena saya masih terus mendalami soal ini.
Artikel ini akan terus diperbaharui setiap kali saya mendapatkan informasi baru.

Berbagai data & chart di artikel ini bisa dilihat di Google Sheet ini :

Performa Berbagai Investasi versus Inflasi Indonesia” = https://docs.google.com/spreadsheets/d/1pRF3W8BuAYGyG5RVHtvN-DeZXuz2CEKCkzl5lm4XGKo/

Jika ada data yang ingin Anda sumbangkan, silakan kontak saya via Telegram di “sufehmi” (respons cepat), atau via Facebook https://www.facebook.com/sufehmi (jarang saya cek).
Sumbangan data silakan dikirim dengan format CSV, dan lalu akan saya gabungkan ke dokumen di atas.

Jika ada kekeliruan / koreksi / masukan, jangan segan kontak saya via Telegram / Facebook di atas.

Demikian artikel ini, semoga bermanfaat bagi Anda.

Referensi / Bacaan tambahan

  1. https://brianlovin.com/writing/investing-for-designers-and-developers
  2. https://i.imgur.com/Vlt0DOR.png

Cloud and DRC



In my years of experience as IT architect, it’s quite shocking to see how many institutions are slacking about their backup system once they moved to the cloud. Especially with their DRC (disaster recovery center). They thought that once they go “up” to the cloud, then it’s all right. No need to worry anymore with troublesome stuff such as backup.

As harsh as it may sound, my friend said that “cloud is other people’s computer”, and it’s a fact. And computer will fail. It’s just a matter of when, not if. And cloud did indeed fail from time to time.

When your organization does not have a solid backup system, then when the cloud fail – you are in for a very unpleasant experience.

“There’s no such thing as too much backup” – this is another principle that’s true. I have been in various data loss incidents, one of them were saved by the fifth (5th) backup mechanism. All other four failed.

But of course the implementation of the backup system will need to balance between levels of data safety and actual available resources.


A DRC can be of various shapes and sizes, customized to fit one’s system recovery needs versus available resources/budget. There are 8 levels of Disaster Preparedness, and we can choose the one that fits our needs & available resources.
But it simply has to exist. Any institution with data & systems considered important, need to have a working DRC facility.

And a DRC does not always have to be complex or expensive. There are ways to make a fully working DRC with minimum resources. And along time, it can be tweaked even further.

Moving to the cloud is not an excuse to avoid having a good backup strategy. We don’t need to be caught with our pants down.

Linux and Logitech MX Anywhere 3

This mouse feels good to touch. It just feels nice. The scroll wheel, called Magspeed Wheel, feels really good to use with its tactile feeling. However try pressing the black button in the middle – then it changed from Ratchet mode to Freespin mode , basically it flies. You can spin it really, really fast. Awesome.

However, Logitech does not provide its configuration software on Linux. But no worries, we can use LogiOps for that.

Copy-paste these lines to set it up ; these are for Ubuntu 20.04, if you’re using different Linux distro, you might need to change some of it.

sudo apt-get install -y install cmake libevdev-dev libudev-dev libconfig++-dev

cd /tmp ; wget https://github.com/PixlOne/logiops/archive/refs/heads/master.zip ; mkdir tmp ; cd tmp ; unzip ../master.zip ; cd logiops-master ; mkdir build ; cd build

cmake .. ; make ; sudo make install 

sudo nano /etc/logid.cfg

sudo systemctl enable --now logid

You may notice that we’re creating a configuration file name logid.cfg , there’s a [ guide to create it ], however some may find it confusing.

Therefore please find a sample logid.cfg for MX Anywhere 3 below. It will enable a reasonably nice usage of the device, and also enable you to change the mouse’s DPI by pressing the side buttons.

Enjoy.

// Logiops (Linux driver) configuration for Logitech MX Master 3.
// Includes gestures, smartshift, DPI.
// Tested on logid v0.2.2-35-g1c209ed.

// File location: /etc/logid.cfg

devices: ({
  name: "MX Anywhere 3";

  smartshift: {
    on: true;
    threshold: 15;
  };

  hiresscroll: {
    hires: true;
    invert: false;
    target: true;
       up: {
            mode: "Axis";
            axis: "REL_WHEEL_HI_RES";
            axis_multiplier: 1;
        },
        down: {
            mode: "Axis";
            axis: "REL_WHEEL_HI_RES";
            axis_multiplier: -1;
        },
  };

  dpi: 1600; // max=4000


    buttons: (
        {
            cid: 0x52;
            action =
            {
                type: "Gestures";
                gestures: (
                    {
                        direction: "Left";
                        mode: "OnInterval";
			interval: 10;
                        action =
                        {
                            type: "Keypress";
                            keys: ["KEY_VOLUMEDOWN"];
                        };
                    },
                    {
                        direction: "Right";
                        mode: "OnInterval";
			interval: 10;
                        action =
                        {
                            type: "Keypress";
                            keys: ["KEY_VOLUMEUP"];
                        };
                    },
                    {
                        direction: "None"
                        mode: "OnRelease";
                        action =
                        {
			    type: "Keypress";
			    keys: ["BTN_MIDDLE"];
                        }
                    }
                );
            };
        },
        {
            cid: 0x53;
            action =
            {
//                type: "Keypress";
//                keys: ["KEY_BACK"];
		type: "ChangeDPI";
              	inc: -1000;            
            };
	},
        {
            cid: 0x56;
            action =
            {
//                type: "Keypress";
//                keys: ["KEY_FORWARD"];
		type: "ChangeDPI";
              	inc: 1000;            
            };
	}
    );
}
);

How to play Roblox on Linux

I used to play Roblox with my kids from my Linux-based (Ubuntu) laptop – by having a virtual machine set up (on VirtualBox) with Windows, and play there. Of course it’s slow, but I still CAN play.

However one day Roblox decided to disable playing from Virtual Machine. And there goes my little bit of happiness with my children.

One day I found this article about using Steam Link to enable remote access to a Windows desktop, and it got me an idea – can I use this trick to play Roblox again from my laptop?

So I setup Google Chrome to be streamable from my gaming computer on my house’s second floor – and voila, it showed up in my Steam account indeed !

By invoking Google Chrome on my Steam app on Linux – then I can browse to Roblox.com, and then play all the games there.

Mission accomplished !


Use Steam to Stream Your Desktop Instead of Your Games : https://lifehacker.com/use-steam-to-stream-your-desktop-instead-of-your-games-1818722875

OBS (Open Broadcasting Software) As Video source (for Zoom, Google Meet, Skype, etc) in Ubuntu 20.04

I used to use my Android smartphone as webcam for Zoom / Skype / Google Meet / etc because my laptop’s webcam is so bad. This is possible thanks to the Droidcam app.

But sometimes there are problems, like the wifi got interference so the video would slow down or freeze for a while. And for long conference / meeting, it got my phone pretty hot because sometimes I have to charge it. And of course I can’t use my phone while it’s being used as webcam.

So I bought Logitech C920 Pro webcam, and started using it instead. In Linux it’s recognized and can bs used straight away.
But you may need to tweak its image quality a bit using guvcview before being used for work.

The picture quality is not as good as my smartphone’s , because my smartphone is heavily processing the images, so it came out even with HDR quality, in real-time. But as a daily work webcam, this Logitech webcam is good enough.

Then I need to start using Green screen as well with this webcam. There’s one problem – my Green screen is not wide enough to cover the webcam’s wide angle.

With Droidcam, this is not a problem, there’s a “Zoom” feature. So I just Zoom-in, until the green screen fills the view.
But since Logitech does not provide any kind of software for this webcam on Linux, I use OBS instead.

Using OBS, I can set up green screen in it, so we don’t need to use Zoom’s green screen / Virtual Background feature. And also that means all other software (Google Meet, Skype, etc) will automatically got the already green screened video from OBS.

To zoom-in in OBS, I just enlarge the webcam’s image box, until the green screen fill the view.
To activate green screen, I use the Chroma key filter.

choose Tools – V4L2 Video Output to enable OBS as Video Source for other software
Make sure to tick the “Auto Start” option
(no green screen tho when I took this screenshot)

To make OBS become a video source, we’ll need to install obs-v4l2sink : https://github.com/CatxFish/obs-v4l2sink

Turned out there are a few problems installing it in Ubuntu 20.04 , we’ll discuss here the workaround for those:

# Another possible solution is using Snap's version of OBS, 
# which already include v4l2loopback kernel module 
# & obs-v4l2sink plugin
# sudo snap install obs-studio.
# sudo modprobe v4l2loopback video_nr=10 card_label=”OBS Video Source” exclusive_caps=1

# If by any reason you can't use this Snap-based solution, 
# then continue : 


# download needed software for compilation
sudo apt-get update ; sudo apt-get install -y install obs-studio git cmake build-essential libobs-dev ffmpeg qtbase5-dev

cd /tmp ; mkdir myobscode ; cd myobscode

# get OBS' source code
git clone --recursive https://github.com/obsproject/obs-studio.git

# get plugin's source code
git clone https://github.com/CatxFish/obs-v4l2sink

# compile the OBS plugin
cd ~/obs-v4l2sink
mkdir build && cd build
cmake -DLIBOBS_INCLUDE_DIR="../../obs-studio/libobs" -DCMAKE_INSTALL_PREFIX=/usr ..

make -j4
sudo make install
sudo cp v4l2sink.so /usr/lib/obs-plugins/
sudo cp /usr/lib/obs-plugins/v4l2sink.so /usr/lib/x86_64-linux-gnu/obs-plugins/

# Turned out we need to compile and build v4l2loopback by ourselves - this is because the Ubuntu's version is too old
# Thanks to user jplandrain : 
# https://github.com/CatxFish/obs-v4l2sink/issues/54#issuecomment-722966599
cd ..
sudo apt-get remove v4l2loopback-dkms
git clone --branch v0.12.5 https://github.com/umlaeute/v4l2loopback.git
cd v4l2loopback
make && sudo make install

# make v4l2loopback automatically loaded by kernel after reboot
echo "v4l2loopback" >> /etc/modules-load.d/modules.conf
echo 'options v4l2loopback video_nr=2' >> /etc/modprobe.d/v4l2loopback.conf

echo 'options v4l2loopback card_label="VirtualCam"' >> /etc/modprobe.d/v4l2loopback.conf

echo 'options v4l2loopback exclusive_caps=1' >> /etc/modprobe.d/v4l2loopback.conf

# load the loopback module into kernel now
sudo modprobe v4l2loopback video_nr=10 card_label="OBS Video Source" exclusive_caps=1

# start OBS - now there should be a new menu : 
#     Tools - V4L2 Video Output
# also you'll need to tick "Autostart" option after choosing that menu
obs &

How to run Proxmox with only a single public IP address

IPv4 address is becoming rarer by each day. In some cases, it can be pretty hard to get multiple IPv4 address for your Proxmox server.

Thankfully, Proxmox is basically a Debian Linux OS with Proxmox layer on top of that. So that gives us quite a lot of flexibility.

This tutorial will help you to create a fully functional Proxmox server running multiple containers & virtual machines, using only a single IPv4 address.

These are the main steps :

  1. Create port forwarding rules
  2. Make sure it’s executed automatically everytime the server is restarted
  3. Setup a reverse-proxy server : to forward HTTP/S requests to the correct container / virtual machine
  4. Setup HTTPS

For CT (container) / VM (virtual machine) that contains webserver, point 3 is important – because there’s only one public IP address, so there’s only one port 80 and 443 that’s facing the Internet.

By forwarding port 80 and 443 to a reverse-proxy in a CT, then we’ll be able to forward incoming visitors, by hostname / domain name, to the correct CT/VM.

1. CREATE PORT FORWARDING RULES

Modify the following to match your host’s interface name & CT/VM’s internal IP addresses, then copy-paste to terminal :

###### All HTTP/S traffic are forwarded to reverse proxy
iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 10.10.50.1:80

iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 10.10.50.1:443

###### SSH ports to each existing CT/VM
iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 22101 -j DNAT --to 10.10.50.1:22

iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 22102 -j DNAT --to 10.10.50.2:22

iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 22103 -j DNAT --to 10.10.50.3:22

iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 22104 -j DNAT --to 10.10.50.4:22

Then we save it :

iptables-save > /etc/iptables.rules

2. EXECUTE IPTABLES AT SERVER RESTART

Edit /etc/network/interfaces file, find your network interface name that’s facing the Internet (in my case, vmbr0) – then add the pre-up line as follows :

auto vmbr0
pre-up iptables-restore < /etc/iptables.rules

3. SETUP REVERSE-PROXY

In a CT, install Nginx. Then for each domain, create a configuration file like this, for example: /etc/nginx/sites-available/www.my_website.com :

server {
listen 80;
server_name www.my_website.com;

location / {
    proxy_pass http://10.10.50.2:80;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

}

To activate it (assuming you’re using Ubuntu) link it to /etc/nginx/sites-enabled/ , then restart Nginx :

ln -s /etc/nginx/sites-available/www.my_website.com /etc/nginx/sites-enabled/www.my_website.com

/etc/init.d/nginx restart

note: as noted before, all HTTP/s traffic will have to go through this reverse-proxy. You may wish to tune this Nginx installation accordingly.

4. SETUP HTTPS

It’s very easy with Let’s Encrypt once you’ve done point 3 above. Do the following on the reverse-proxy CT :

sudo apt-get update ; sudo apt-get install -y certbot python3-certbot-nginx

sudo certbot --nginx

sudo /etc/init.d/nginx restart

Reference:

https://gist.githubusercontent.com/basoro/b522864678a70b723de970c4272547c8/raw/a985657453f72683040fbe38b1db6b1989618116/proxmox-proxy

Installing HTTrack on Ubuntu from Source

Today I needed to have the latest version of HTTrack installed to make a (static) mirror of a website that I managed

After a few attempts, this is how you compile & install HTTrack from source on Ubuntu :

wget "http://download.httrack.com/cserv.php3?File=httrack.tar.gz"

mv cserv.php3\?File\=httrack.tar.gz  httrack.tar.gz

tar xzvf httrack.tar.gz

cd httrack-3.49.2/

### the following is the key to a successful install
apt-get install zlib1g-dev libssl-dev build-essential

./configure && make && make install

BCA – daftar bank korespondensi di Amerika

Suatu hari saya ditanyakan hal ini (bank korespondensi BCA di Amerika) setelah selesai seminar di Hawaii, untuk mentransfer honorarium saya.

Ternyata info ini tidak ketemu dimana-mana.

Tanya via Call center BCA di 1500888, mereka juga tidak tahu.

Akhirnya ketika istri saya kebetulan ada perlu ke BCA, dia tanyakan sekalian. Dijawab bahwa musti saya sendiri yang datang menanyakan.

Istri saya marah besar 😀 hahahaha

Apa logikanya cuma menanya “informasi bank korespondensi BCA” dengan saya musti datang sendiri ke BCA 😀 ha ha ha

Kalau karena musti nasabah BCA – istri saya juga nasabah BCA, dia juga punya rekening di BCA.

Akhirnya customer service BCA menyerah, dan memberitahu informasi tsb, hahaha. Ada-ada saja.

Saya lampirkan informasi tsb disini. Maka moga yang membutuhkannya tidak perlu mengalami kekonyolan serupa & terbuang-buang waktunya juga.

NAMA BANK : Bank of New York
ABA ROUTING NUMBER : IRVTUS3N

NAMA BANK : Bank of America
ABA ROUTING NUMBER : BOFAUS6S

NAMA BANK : Wells Fargo Bank
ABA ROUTING NUMBER : PNBPUS3NNYC

NAMA BANK : JP Morgan Chase Bank
ABA ROUTING NUMBER : CHASUS33

NAMA BANK : Citibank
ABA ROUTING NUMBER : CITIUS33

NAMA BANK : Standard Chartered Bank
ABA ROUTING NUMBER : SCBLUS33

Instalasi w3af

w3af (Web Application Attack and Audit Framework) adalah software yang bisa Anda gunakan untuk memeriksa keamanan aplikasi / website Anda.

Cara instalasi & penggunaannya sangat mudah, silakan ikuti panduan ini :


sudo apt-get update ; sudo apt-get -y install python-pip git

git clone https://github.com/andresriancho/w3af.git
cd w3af/
./w3af_console
# install semua paket yang diminta, lalu

./tmp/w3af_dependency_install.sh

Maka kini w3af & semua paket software yang dibutuhkannya telah terpasang.

Lalu buat file bernama MyScript.w3af, dengan isi sbb :

(CATATAN : jangan gunakan dulu plugin “redos” – terakhir saya gunakan, plugin redos ini berjalan selama 2 hari dan menghabiskan disk space di server saya. Hati-hati)


# -----------------------------------------------------------------------------------------------------------
# W3AF AUDIT SCRIPT FOR WEB APPLICATION
# -----------------------------------------------------------------------------------------------------------
#Configure HTTP settings
http-settings
set timeout 30
back
#Configure scanner global behaviors
http-settings
set timeout 20
set max_requests_per_second 100
back
misc-settings
set max_discovery_time 20
set fuzz_cookies True
set fuzz_form_files True
set fuzz_url_parts True
set fuzz_url_filenames True
back
plugins
#Configure entry point (CRAWLING) scanner
crawl web_spider
crawl config web_spider
set only_forward False
set ignore_regex (?i)(logout|disconnect|signout|exit)+
back
#Configure vulnerability scanners
##Specify list of AUDIT plugins type to use
audit blind_sqli, buffer_overflow, cors_origin, csrf, eval, file_upload, ldapi, lfi, os_commanding, phishing_vector, response_splitting, sqli, xpath, xss, xst
##Customize behavior of each audit plugin when needed
audit config file_upload
set extensions jsp,php,php2,php3,php4,php5,asp,aspx,pl,cfm,rb,py,sh,ksh,csh,bat,ps,exe
back
##Specify list of GREP plugins type to use (grep plugin is a type of plugin that can find also vulnerabilities or informations disclosure)
grep analyze_cookies, click_jacking, code_disclosure, cross_domain_js, csp, directory_indexing, dom_xss, error_500, error_pages,
html_comments, objects, path_disclosure, private_ip, strange_headers, strange_http_codes, strange_parameters, strange_reason, url_session, xss_protection_header
##Specify list of INFRASTRUCTURE plugins type to use (infrastructure plugin is a type of plugin that can find informations disclosure)
infrastructure server_header, server_status, domain_dot, dot_net_errors
#Configure target authentication
#Configure reporting in order to generate an HTML report
output console, html_file
output config html_file
set output_file /tmp/W3afReport.html
set verbose False
back
output config console
set verbose False
back
back
#Set target informations, do a cleanup and run the scan
target
###### GANTI DENGAN SITUS YANG INGIN ANDA TES ###############
set target https://google.com
set target_os unix
set target_framework php
back
cleanup
start

Simpan file tersebut, lalu jalankan perintah sbb :


./w3af_console ­-s MyScript.w3af

Kini tinggal Anda tunggu sampai selesai, dan setelah itu laporannya bisa dilihat di /tmp/W3afReport.html

Enjoy !

Lazada

Lazada ini adalah situs shopping yang cukup baru muncul di Indonesia. Saya pernah mencoba berbelanja disitu, dan pengalamannya cukup menyenangkan – ada kesalahan pesanan, namun dengan sigap diperbaiki oleh customer service mereka dengan sangat baik. Cukup terkesan dengan pelayanannya.

Karena itu ketika tim Lazada bertanya apakah mereka boleh menitip artikel promosi di blog ini, saya katakan “ya”. Karena saya memang bisa merekomendasikan mereka.
Note: ini bukan artikel iklan / berbayar 🙂

Terlampir artikel dari Lazada, semoga bermanfaat.


Repot kan belanja di luar rumah ? belum lagi biaya yang harus dikeluarkan untuk sampai ke pusat perbelanjaan yang terkadang jauh dari tempat tinggal kita. Kini ada situs online terbesar di asia dan telah membuka 5 cabangnya di 5 negara di Asia, yaitu: Malaysia, Thailand, Vietnam dan Filiphina dan Indonesia! Lazada indonesia hadir membuat aktifitas berbelanja online Anda menjadi lebih mudah dan aman, karena Lazada membuat Anda berbelanja seperti di mall tanpa harus bercapek-capek dan dapat dengan mudah memilih produk-produk yang Anda perlukan dengan mudah.

Lazada menyediakan beberapa metode pembayaran yang aman seperti: COD (Cash On Delivery) yaitu sistem pembayaran yang sangat aman karena Anda membayar saat produk Anda pesan tiba di tempat yang Anda mau. Lazada juga menyediakan pembayaran dengan debit dan credit card jadi Anda dapat memilih pembayaran yang cocok untuk Anda. Jika Anda berfikir harga yang ditawarkan Lazada mahal ? salah besar! Lazada memberikan harga yang kompetitif dan Lazada memberikan diskon hingga 50% dan Lazada juga memiliki produk dari merk-merk ternama yang mungkin Anda cari, dengan begitu Anda dapat dengan mudah mendapatkan produk-produk yang Anda inginkan dengan mudah dan aman.

Lazada juga mempunyai customer service yang dapat membantu Anda dalam berbelanja dan mengatasi masalah Anda saat kesulitan disaat Anda berbelanja di Lazada. Apabila disaat produk yang Anda terima mengalami cacat atau rusak ? Lazada akan menggantinya dengan yang baru loh! Jadi jangan khawatir bila berbelanja di Lazada, karena Lazada akan membuat pelanggannya merasa sangat puas dengan service yang Lazada berikan.

Happy 4th Birthday Android !

The green robot is having its birthday today 🙂 yes, its version 1.0 was first released to the world on September 23, 2008.

Thanks to Android, now we can have very powerful smartphones, without compromising our freedom or being dependent to any company. And the smartphone itself is able to unleash its full power, without being held back by any company.

In 4 short years, and look what it has become 🙂 looking forward to the next 4 years !

Happy 10th Birthday !

How time flies ! I just realized that today marked the 10th birthday of this blog – yes folks, I’ve been blogging for 10 years now. Wow !

If this blog is a kid, he’d be on 5th grade now, he he.
If it’s a car though, then it’s probably time to change to a new one, oops 😀 just kidding, I have had so much fun here, no way I’d left this blog alone.

So I’d like to say THANK YOU, my loyal visitors, for making this blog as it is today. I’ve got an amazing amount of feedback, critiques, information, and even awesome stories, from YOU. Not even money would get me that, it’s so priceless.

Thank you again, and here’s hoping for an even brighter future for all of us.
Cheers !

Pengumuman / Announcement

Informasi : Pada saat ini sedang ada sedikit masalah di blog ini — semua komentar diblokir oleh Akismet.

Pada saat ini saya sedang berusaha membetulkan ini.

Sementara itu, komentar Anda mungkin tidak akan langsung muncul di situs ini. Baru akan muncul belakangan, karena harus saya approve satu per satu secara manual.

Demikian untuk informasi. Mudah-mudahan bisa dimaklumi.
Terimakasih 🙂

GRIBS Rock Band

Dulu saya adalah penggemar beberapa lagu dari band Sepultura. Lagu-lagunya cukup menyentuh secara sosial & emosional, seperti Dead Embryonic Cells, dan lain-lainnya.

Selain itu juga ada kegunaannya yang lebih praktis. Setelah sesi coding seharian penuh, jalankan Quake 2, konek ke server online terdekat, setel lagu Sepultura — dan mulai membantai sesama di Internet 🙂
Pada zaman ketika belum ada minuman energi, ini adalah cara cepat dan aman untuk meningkatkan kadar adrenalin di badan. Setelah “sesi pembantaian” selama sekitar 15 menit, maka badan dan pikiran menjadi segar kembali, dan bisa melanjutkan coding untuk beberapa jam berikutnya. He he…

Beberapa bulan yang lalu saya diperkenalkan dengan band yang bernama GRIBS. Band ini beraliran rock, mungkin lebih tepatnya 80’s Rock. Ini persepsi saya pribadi, jadi mungkin keliru, so CMIIW. Anyway, kira-kiranya demikian.
Namun pada awalnya, saya tidak terlalu terkesan. Mungkin karena rekaman yang awal tersebut belum terlalu rapih, masih versi demo? Saudara sih saudara, tapi selera tetap tidak mau kompromi. Jadi setelah mendengar beberapa demo, saya kembali melanjutkan apa yang sedang saya kerjakan ketika itu.

Nah, beberapa hari yang lalu saya diberikan kembali rekamannya yang terbaru. Kali ini sudah berbentuk CD. Wah, sepertinya sudah siap launching album ya ?
Oke, mari kita coba.
CD saya masukkan ke laptop, dan saya mulai mendengarkan satu per satu dari 13 track yang ada di dalamnya.

Ternyata kali ini sudah jauh berbeda. Saya pribadi sangat terkesan. Lagu-lagu dari grup ini cukup unik, berbeda dengan yang sehari-hari kita dengar di sekitar kita. Salah satu lagunya, “Sinetron Indonesia”, malah membuat saya tertawa terpingkal-pingkal 🙂
Simak liriknya :

Sinetron Indonesia

Bila kau ingin lihat
Drama penuh air mata
Penuh dendam orang gila
Saling rebut harta warisan

Bila ingin kau lihat
Para wanita cantik
Seksi menarik menawan hati
Berlagak kayak nenek sihir

Bila kau ingin lihat
Cerita yang menjual mimpi
Cengeng kampungan sedikit murahan
Nyalakan layar televisi !

Selama seminggu
Disuguhi itu melulu
200 episode
Cerita tak bermutu

Tutup telingamu !
Pejamkan matamu !
Kepalkan tanganmu !
Kami tak segoblok itu !

(reff)
Sinetron-sinetron Indonesia !
Semuanya hanya ada di dalam
Sinetron Indonesia !

Apa kau ingin lihat
Sinetron Indonesia

Sungguh kau ingin lihat
Sinetron Indonesia ?

Yakin ingin lihaaaaaaaatttt ?
Tentu tidak

(reff)
Sinetron-sinetron Indonesia !
Semuanya hanya ada di dalam
Sinetron Indonesia !

Sampai jadi mules saya menikmati lagu ini 😀

Sample lagu Sinetron Indonesia bisa Anda download disini :

[ Sinetron-Indonesia.mp3 ] (3 MB)

Satu hal lagi yang menarik dari album Gribs ini adalah bahwa semua lagunya bagus.
Berbeda dengan banyak album lainnya – yang bagus mungkin hanya 1 atau 2 lagu. Sisanya cuma filler.

Bagi para penggemar genre ini, saya bisa merekomendasikan album dari Gribs ini. Enjoy.

Linus Airways !




Linus Airways !

Originally uploaded by hsufehmi

Here’s something you don’t see everyday – apparently, there’s an airline named Linus. And it’s an Indonesian company. How cool is that ?

Linus Torvalds might chuckle if he finds out about this 🙂

Sorry for the quality of the shot – I was late to realize it, and had only very little time to took the shot. If you can’t see clearly – the Linus Airways banners are the middle and bottom ones.

Linus Airways FTW !

Lost in Translation

Di sebuah acara :

Suami Ekspat menunjuk seorang wanita pada anaknya: “Ah… Ini dia tante girang yang selalu meriang…”
Istri Indonesia marah: “Hey, what d’ya mean?”
Suami Ekspat: “But honey, dia selalu gembira dan tertawa. Kata lainnya girang dan meriang, bukan?”

Dan orang bilang ngobrol di HP itu adiktif :

Dua orang ibu-ibu yang tiba-tiba berjumpa di pusat perbelanjaan.
Jeung #1: “Jeung X! Halo!”
Jeung #2: “Ya ampun, Jeung Y!”
Jeung #1: “Apa kabar?”
Jeung #2: “Kabar baik. Lagi dimana?”

**ketawa sampai mules** 😀

Lebih banyak lagi di http://ngupingjakarta.blogspot.com

(warning : jangan membacanya sambil makan/minum !!)

Enjoy.