Friday, January 25, 2008

Microsoft Windows 7

Microsoft Windows 7


Microsoft Windows 7. Real or Fake??? you be the judge of that!!! if this is real, will it be an early end for Windows Vista?? just like what happened to Windows ME.

See all screenshots at

Tuesday, January 22, 2008

Lucky Me Jjamppong

Lucky Me Jjamppong


Rachel introduced me to Lucky Me Jjamppong. It is a cup noodle with an extra spicy flavor which is good for those need-to-work-sleepless-nights snack.

Monday, January 21, 2008

My PayPal Experience


Paypal Error

This is my first time to use Paypal and it was not good at all. Paypal keeps on rejecting my payment eventhough i still have enough credit limit left in my Credit Card. To think of it, it accepts 50%  initial payment to my merchant. Now i need to settle the remaining 50% which again gives me the "This payment cannot be funded with a credit card at this time." error message.

Friday, January 18, 2008

Philippines Google Adsense Referral

Philippines Google Adsense Referral

Bad news for the Filipino bloggers. Starting January, Google Adsense will no longer support referrals from the Philippines. Hopefully it will not be a start of banning the Philippines in Adsense.

Wednesday, January 16, 2008

Installing Nessus Vulnerability Scanner in CentOS Enterprise Linux 5

Nessus is a free, up to date and easy to use vulnerability scanner. You can find the official documentation of how to install Nessus here.

Download and install Nessus rpm package from the Nessus download page

[root@nessus chris]# rpm -ivh Nessus-3.0.6-es5.i386.rpm
Preparing... ########################################### [100%]
1:Nessus ########################################### [100%]
nessusd (Nessus) 3.0.6. for Linux
(C) 1998 - 2007 Tenable Network Security, Inc.
Processing the Nessus plugins...
All plugins loaded
- Please run /opt/nessus//sbin/nessus-add-first-user to add an admin user
- Register your Nessus scanner at to obtain
all the newest plugins
- You can start nessusd by typing /sbin/service nessusd start

[root@nessus chris]#

Add the first Nessus user, it will be the admin account

[root@nessus chris]# /opt/nessus/sbin/nessus-add-first-user
Using /var/tmp as a temporary file holder
Add a new nessusd user

Login : admin
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :

User rules


nessusd has a rules system which allows you to restrict the hosts
that admin has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser(8) man page for the rules syntax
Enter the rules for this user, and hit ctrl-D once you are done :

(the user can have an empty rules set)

Login : admin
Password : ***********
DN :
Rules :
Is that ok ? (y/n) [y] y
user added.

Thank you. You can now start Nessus by typing :

/opt/nessus//sbin/nessusd -D

Start Nessus service daemon

[root@nessus chris]# /opt/nessus/sbin/nessusd -D &
[2] 1454
[root@nessus chris]# nessusd (Nessus) 3.0.6. for Linux
(C) 1998 - 2007 Tenable Network Security, Inc.

Processing the Nessus plugins...
All plugins loaded
[2]- Done /opt/nessus/sbin/nessusd -D

[root@nessus chris]#

Obtain your Nessus registration code in the Nessus website and register your nessus installation.

[root@nessus chris]# /opt/nessus/bin/nessus-fetch --register putyourregcodehere
Your activation code has been registered properly - thank you.
Now fetching the newest plugin set from
Your Nessus installation is now up-to-date.
If auto_update is set to 'yes' in nessusd.conf, Nessus will
update the plugins by itself.

[root@nessus chris]#

If you want a Windows-based Nessus admin console. Download and install Nessconnect

NessConnect Nessus Vulnerability Scanner

Monday, January 14, 2008

Globalknowledge Associates Singapore IT Security Seminar

Singapore  IT Security Seminar
Training Fee: P 59,500.00 (+VAT)
Holiday Inn Hotel, Singapore
March 13-14, 2008 | Thur-Fri  |  9am-5pm


Fee includes: Airfare (Roundtrip), Hotel accommodation (sharing) for 2 days and 1 night, food, 6 training manuals and 6 Global Knowledge certificates.




System Forensics, Investigation & Response

- Mr. Ariel Ilumin, enCase Certified, CIDG Philippines


Do you know what to do if your organization's security is compromised? Threats of computer crime against an organization's infrastructure have grown substantially, but there are steps you can take. In this course, you apply the latest Windows-based computer forensic techniques to uncover illicit activity and recover lost data. Every crime leaves behind clues. With the right tools, you can effectively respond to and counteract security threats.


Network Penetration Testing & Ethical Hacking

- Mr. Ariel Ilumin, enCase Certified, CIDG Philippines


Find Security Flaws Before the Bad Guys Do

Security vulnerabilities such as weak configurations, unpatched systems, and botched architectures continue to plague organizations. Enterprises need people who can find these flaws in a professional manner to help eradicate them from our infrastructures. Lots of people claim to have penetration testing, ethical hacking, and security assessment skills, but precious few can apply these skills in a methodical regimen of professional testing to help make an organization more secure. This class covers the ingredients for successful network penetration testing to help attendees improve their enterprise's security stance.


Assessing and Security Wireless Networks

- Mr. Eric Macatunggal, CCNA, Wireless Technology expert


As organizations provide greater mobility to their users, the risk of threats to security grows and the need for secure wireless networks becomes of paramount concern. In this course, you gain the skills to defend against attacks and maintain security within your wireless network. You learn to detect weakness in your existing network and design and configure a cost-effective security solution.


Securing Windows

- Mr. Wilbert Ontoy, MCSE, MCSA, Oracle Certified, Certified Ethical Hacker


The Securing Windows course is a comprehensive curriculum for securing Windows networks. This program brings the confusing complexity of Windows security into clear focus by starting with foundational security services, such as Active Directory and Group Policy, and advancing in a logical progression to particular products or features which rely on these foundations, such as IIS and IPSec.



Securing Oracle

- Mr. Wilbert Ontoy, MCSE, MCSA, Oracle Certified, Certified Ethical Hacker


Experts agree that Oracle is one of the most complex software packages available today. Unfortunately, complexity often introduces an increased risk for vulnerabilities. These vulnerabilities are being increasingly targeted by attackers.


Throughout the course the student will be exposed to the database as seen through the eyes of an attacker, including public and unreleased techniques that are used to compromise the integrity of the database or escalate a user's privileges. In this fashion, the student gains a better understanding of how an attacker sees a database as a target, and how we can configure the database to be resistant to known and unknown attacks.


Securing Unix / Linux

- Mr. Mike Liguit, Linux expert, Network Security specialist


The courses designed to teach individuals about securing Linux and Unix. Content is obviously dictated by course duration, but a good course will instruct the student about the various threats to the *nix platform and the countermeasures that can be brought to bear to defend against them. In most cases the student would be expected to have a reasonable understanding of *nix and be able to navigate around it.


Experience in-depth coverage of Unix security issues. Examine how to mitigate or eliminate general problems that apply to all Unix-like operating systems including vulnerabilities in the password authentication system, file system, virtual memory system, and in common network protocols such as NFS, NIS, and the Unix RPC mechanism. Learn the exact steps necessary to secure the two most common Unix flavors-- Solaris and Linux-- and get specific advice for securing some of the most common Internet services on the Unix platform, including Apache, WU-FTPD, Sendmail, and BIND


Terms: Schedules are subject to reconfirmation.


Register Now!


Global Knowledge Associates, Inc.

2502B West Tower, PSE Bldg. Exchange Road, Ortigas Center, Pasig City, Philippines

Tel. Nos. (632) 683-0969  |  637-3657

Mobile: (0921) 532-8150; (0918) 314-0542



Saturday, January 12, 2008

Bypassing Internet Browsing Security

One way of bypassing internet perimeter is using Internet Proxies, but there is another way of surfing anonymously by means of TOR networks. Xerobank incorporated TOR networks and Firefox in its XBank browser. It also offers services of high speed browsing from 200kbps, 1,500Kbps and 40Mbps bandwidth. You can also install XeroBank browser in your USB stick and have your privacy any where you go.

One disadvantage of this technology is empowering users to bypass corporate Internet Security which is a major threat. There are many ways of how to out-smart your IT guys, but it will be an endless cat-and-mouse chase :)

TOR anonymous surfing

oh my!!! my google was redirected to Nederland by XeroBank browser



Friday, January 11, 2008

Crisis Core Final Fantasy VII

Crisis Core Final Fantasy VII scheduled for its USA release on March 25, 2008. Characters present are Zack Fair, JeCrisis Core Final Fantasy VIInova, Professor Hojo, Sephiroth, Aerith Gainsborough, Tifa Lockhart, Yuffie Kisaragi, Cait Sith, and many more.

I once played final fantasy VIII on Playstation One because of its famous soundtrack " Eyes on Me" and as always, a FF game sure is a smash hit for gamers.

Thursday, January 10, 2008

Free Network Monitoring Software

Introducing the free Spiceworks IT Desktop. Designed, tested and used by 200,000 IFree Network Monitoring SoftwareT pros in 194 countries. Spiceworks has the everyday IT features you need:

Journey's discovery of Arnel Pineda

Arnel Pineda in CNN

Goodluck Arnel Pineda!!! Goodluck Journey on your new album!!!

Wednesday, January 9, 2008

Backup using rsync in Linux

Backup your Server's files to a remote host using rsync

Setup SSH RSA Authentication

#ssh-keygen -t rsa
#scp .ssh/ user@remote-host:/user/
#ssh user@remote-host
#cat >> .ssh/authorized_keys

Make sure that .ssh/authorized_keys has the following permission

-rw-r--r-- 1 user user 393 Jan 9 09:45 authorized_keys

Backup your folder to a remote host using rsync

rsync -avhe ssh --delete /folder-to-backup user@remote-host:/backup-folder


For an automated backup, use cron. For other rsync command switches, refer to the documentation or issue the command "man rsync"



Tuesday, January 8, 2008

American Pie: Beta House

American Pie Beta HouseAnother not-so-good American Pie Movie. I will not consider Beta House as a legacy of the famous cult-favorite American Pie Series(American Pie, American Pie 2 and American Wedding). Beta House is all about the Stifler's with their Beta Delta Xi House Fraternity , the Geeks Fraternity, boobs, strippers and more Sex.

Rating: Not Good

Monday, January 7, 2008

Surf Anonymously using Proxies

Want to surf the net anonymously??? use list of available proxies in the internet. Or, you can use proxybeat's list in your URL filter's/black lists

Penoi's Bday Celebration

I celebrated my bday with Rachel last Friday in SM Mall of Asia(MOA). After Don hen, we spend our time in Big apple whole body massage. Now that was a relief after days of stressful work.

Penoi at Don Henricos

Penoi in Don Henricos



Penoi Before
Penoi Before


Penoi After

Penoi After

Thursday, January 3, 2008

Sigvi Vulnerability Management

SIGVI Vulnerability ManagementI need a tool that can list all of my server's vulnerabilities. Sigvi does it all. Although the process is not yet automatic. It will compare the vulnerabilities that it has received from Common Vulnerabilities and Exposures (CVE) with the softwares that we installed on our servers.

"SIGVI is an Open Source application, under GPL license.

Basically, SIGVI is an application to detect vulnerabilities on our network.

It is not magic (still ...), simply compares the vulnerabilities that it has received from the sources with the software that we have installed on our servers. Those vulnerabilities are stored into the database creating a vulnerability repository.

When finds a software version that is vulnerable, it creates an alert and send notifications to all the administrators of this server.

The SIGVI has been (and is being) developed at UPCnet, from Politechnical University of Catalonia (UPC), Spain."

Wednesday, January 2, 2008


Tired of using Google in searching hard to find documents(doc,pdf,ppt, etc)??? try using Scribd!!!Scribd

" Scribd is a Silicon Valley startup creating technology that makes it easy to share documents online. You can think of Scribd as a big online library where everyone can publish original content, including you!

Part of the idea behind Scribd is that everyone has a lot of documents sitting around on their computers that only they can read. With Scribd we hope to unlock this information by putting it on the web."

Tuesday, January 1, 2008

Charice Pempengco on Ellen DeGeneres Show

Proud to be Pinoy!!! Been watching this clip the whole day in Youtube. What a great singer!!!! Another reason to be proud of being a Filipino.