Wednesday, March 08, 2006

Today's Hall of Shame

Today's Hall of Shame:
219.93.36.225 & 218.111.180.168

[irwan@kuli ~]$ whois 219.93.36.225 && whois 218.111.180.168
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 219.93.36.192 - 219.93.36.255
netname: XXX
country: MY
descr: XXX SDN BHD
descr: JRC
admin-c: NNBN1-AP
tech-c: NNBN1-AP
status: ASSIGNED NON-PORTABLE
changed: XXX 20050601
mnt-by: TM-NET-AP
source: APNIC

person: XXX
nic-hdl: NNBN1-AP
e-mail: XXX
address: XXX
phone: XXX
fax-no: XXX
country: MY
changed: XXX 20050601
mnt-by: TM-NET-AP
source: APNIC


[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 218.111.0.0 - 218.111.255.255
netname: XXX
descr: XXXd
descr: XXX
descr: XXX
descr: XXX
descr: XXX
descr: XXX
country: XXX
admin-c: DA5-AP
tech-c: NA16-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: XXX
changed: XXX 20031112
source: APNIC

person: XXX
nic-hdl: DA5-AP
e-mail: XXX
address: XXX
address: XXX
address: XXX
address: XXX
address: XXX
address: XXX
phone: XXX
fax-no: XXX
country: MY
mnt-by: XXX
changed: XXX 20031112
source: APNIC

person: XXX
nic-hdl: NA16-AP
e-mail: XXX
address: XXX
address: XXX
address: XXX
address: XXX
address: XXX
address: XXX
phone: XXX
fax-no: XXX
country: MY
mnt-by: XXX
changed: XXX 20031112
source: APNIC

Jika anda merasakan IP Address di atas adalah kepunyaan anda; apa yg perlu anda buat adalah potong/buang kemaluan anda kerana anda baru sahaja dinobatkan sebagai PENGECUT/BACUL :)

IP Address di atas telah dikesan melakukan penyalahgunaan di sebuah laman web berdasarkan wiki (wiki-based website). w00t! Salah satu IP Address tu kepunyaan salah sebuah syarikat IT yg tersohor di seantero Malaysia - kita namakan sebagai Syarikat X. Macam nie rupanya perangai pekerja Syarikat X :D Selain daripada kerja meng"defaced" & menyalahgunakan kemudahan wiki, dah takde kerja lain agaknya. Patutlah Syarikat X nie makin hilang kehormatan - shame on you dude! Sudahlah buat kerja bodoh/bangang yg tak berfaedah, pengecut pulak tu. Kalau anda rasa diri anda terlalu 1337, jangan setakat pandai mengutuk & condemn aje, sebaliknya beri kritikan & komen yg membina - jadilah masyarakat yg bertanggungjawab. Hmmm, macam nie lah perangai orang kita.....

-----
Atas permintaan ramai, mari kita saksikan cekupan skrin yang begitu menyayat hati ini.....
















Mungkin URL ini dapat menarik ramai pihak:
http://kde-ms.sourceforge.net/pix/codefest/
http://projects.asiaosc.org/index.php?title=Malay_LiveCD&diff=next&oldid=1542

-----
OK, terima kasih kepada pihak pengurusan SCAN Associates yg memberi kerjasama penuh kepada si mangsa (dalam kes ini, bukan aku yg menjadi mangsa) serta kawan-kawan si mangsa. Terima kasih atas sikap yg prefessional mereka :) Ingat, yg bersalah bukan keseluruhan syarikat tetapi salah seorang staff mereka. Ingatlah pepatah Melayu; kerana nila setitik, rosak susu sebelanga.

Atas persetujuan, blog ini akan tidak lagi menerima komen. Beberapa ayat & fakta yg dirasakan sensitif juga telah disunting. Kepada pemberi-pemberi komen, terima kasih atas segala penulisan anda :) Sayang sekali, ada yg menyamar dengan menggunakan nick orang lain untuk menulis komen. Ewl ~

30 Comments:

Blogger Mohd Jeffry said...

adakah ini bekenaan codefest wiki yang nie MalayLive CD

Wednesday, March 08, 2006 11:55:00 PM  
Anonymous Anonymous said...

Such a lame act! After spending millions RM of people's money, the best best thing this so called X company can do is defacing a wiki?

Thursday, March 09, 2006 6:19:00 AM  
Anonymous Anonymous said...

Yalah, sesiapa yg buat keja macam tu memang tidak berhati perut. Kita rakyat Malaysia kaya dengan nilai-nilai murni tetapi sorang ni tidak. Kalau nak tunjuk "terror" pun janganla edit wiki aje, hack la pc-pc yg powerful macam NASA ker...

Thursday, March 09, 2006 9:04:00 AM  
Blogger SysAdmin said...

Mohd Jeffry aka linuxlah,
Yups, tepat sekali :)

Thursday, March 09, 2006 9:32:00 AM  
Blogger Joey aka Rizal said...

Exactly, think Najmi and his geng did a tremendously good job. Aku jealous gak, cause their work have gain popularity among local government yang sibuk tanya pasal progress dorang. But, envy is just envy lah kan, proud non-theless but still envy. The thing is, ader pulak yang jealous and hijack the wiki. Aperlah perangai macam nie, there are other projects that he can show to tunjuk tere. For example, gnome punya project skrg nie kurang active as for Malay localization is concern. And kalau rasa localisation tak ckp hebat, why not try some kernel hacking....tapi setakat hijacking wiki's tu...hmmm, do you call yourself a coder? a hacker or even an OSS user? spit on the culprit dude....spit on him...

Thursday, March 09, 2006 10:58:00 AM  
Blogger mnajem said...

Actually deep in my heart I was about to refuse to join in CodeFest,since saya tahu dari day 1,l10n not much doing codes. Just neep Sysadmin skill on setup local CVS,do simple Bash script to ease up managing PO files. Thinks like that. Jadi untuk masuk CodeFest tu pun ingatkan cukup syarat saja,masuk tu pun syed yang jemput. Memang takde passion nak masuk since our job is what they call as "wimp" ....

Anyway, if they think they're the best, come to next CodeFest,and show your skills instead. Enough said. We want to learn from you,if you dare to show your face instead of hiding behind those dumb terminals.

wassalam

Thursday, March 09, 2006 11:20:00 AM  
Anonymous adli said...

If only these self-proclaimed l337 come and learn an thing or two about respecting others and sharing knowledge from mr. niibe.

Teori Konspirasi
Then again, takkan someone from 'world-class' company like Scan buat kot. Ni musti ada staff company cap-ayam (Scam-Associates or Spam-Associate) yang spoof IP scan-associates sebab dengki la kan (perangai orang malaysia) lepas tu gi modify wiki. Lepas tu tak perasan lak wiki tu ada diff punya feature.

w00t! :-)

Thursday, March 09, 2006 11:20:00 AM  
Blogger mnajem said...

then,it's Scan's job to find out who the person was.

Barulah pro. Takkan Scan's IP kena spoof tak boleh tau sapa buat....

:-)

Thursday, March 09, 2006 11:26:00 AM  
Anonymous wanvadder said...

I think jgn come to the conclusion dulu... kata beradab... kang tersalah menghukum plak... anything bawak berbincang... kalau boleh gimme the log.. and i'll find the one yang responsible... or not :-)

Thursday, March 09, 2006 4:03:00 PM  
Anonymous Flyguy said...

Well... First and foremost, I do not think that posting the Domain Name information together with the accusation of such is appropriate. Accusition must come together with proof. You shouldn't have done what you have did if you don't have proof that it is really someone from SCAN who did it.

How can you tell if somebody else is spoofing the IP? Thorough investigation must be conducted. For a system administrator of a well known company that belongs to my friend such as Magnifix, I would say that your snide remarks are uncalled for.

Thursday, March 09, 2006 4:43:00 PM  
Anonymous kambing seksi said...

waaaa tak baik tau nak potong2 "anu" orang.. mak aku marah... apa la korang ni.. kata ber"adab" :D

Thursday, March 09, 2006 5:02:00 PM  
Anonymous DarkKnight said...

Well, let me put it this way. Your accusation is ONLY valid IF AND ONLY IF you can proof somebody from SCAN really hack into your system and edit the text in it. If you found that IP from your httpd logs, let me say this: anybody can visit your webpage, thus your server will log the IP. Logs from your httpd logs only says who visited your webpage.

Please substantiate your statement. Please forward the evidence of someone from SCAN edited the page. Please show maturity in your claims. Only with proof, can SCAN do appropriate investigation. Without proof, please retract and apologize or SCAN may take action on you for defamation.

Thursday, March 09, 2006 5:11:00 PM  
Anonymous Anonymous said...

Dude,

U should learn the principle of how wiki works & watch more CSI series.

BTW,

Do have a lawyer that can withstand ur accusation towards SCAN?

I definitely know that SCAN have one.

You are exposing you rear end dude!
Watch out!

Thursday, March 09, 2006 5:26:00 PM  
Anonymous DarkKnight said...

One more thing.. If we built a car, which is designed to be driven by someone, can we make a fuss if someone really drive it?

Let's look at WIKI. Oh yeah, I visited the wikipedia ipvsadm posted. This is the excerpt from http://en.wikipedia.org/wiki/Wiki.

"Some wikis will allow completely unrestricted access so that people are able to contribute to the site without necessarily having to undergo a process of 'registration', as had usually been required by various other types of interactive websites such as Internet forums or chat sites."

Now, the wiki site you mentioned, is editing permission given? Look at the "edit" link. Putting aside (but not forget) the evidence part in my previous post, if editing is allowed, can you make a fuss if someone edit it? Oh well..

I have a dream. My dream is to build a swing in the park near my house. It is a public park, so anyone by right can use the park and use the swing I want to build. I will give permission to anybody to use the swing. Then, if someone use the swing I built, I will scold them, I will shout to them, I will curse them for using the swing I built on a public park for the public to use! Fair? Is my intended action justifiable? If you ask ipvsadm, he would probably say yes. He probably say that my intended action is justifiable and reasonable. Oh well..

-DarkKnight-

Thursday, March 09, 2006 5:43:00 PM  
Anonymous al-kahfi said...

well, if editing on public domain will let anyone to put anything... then let yourself to be real anonymous.

in this case,it seems much like a chicken. he try to put out his enviness,or whatever it is(say to let everybody knows that l10n is such a lame) without having his original identity being shown.

if you want to tell the truth,then we got all those email(the team) to sent mail to...

it's easy. just don't be rude,people!

Thursday, March 09, 2006 6:12:00 PM  
Anonymous DarkKnight said...

I agree with Kahfi. I do not condone such action myself. It is ethically wrong. I also think that it is also ethically wrong to publicly post an accusation in a public domain webpage. I really think this incident should be handled professionally. Proper communication channels should be established, not posting in blog and say nasty thing such as "Jika anda merasakan IP Address di atas adalah kepunyaan anda; apa yg perlu anda buat adalah potong/buang kemaluan anda kerana anda baru sahaja dinobatkan sebagai PENGECUT/BACUL :)"

Just my thought..

-DarkKnight-

Thursday, March 09, 2006 6:25:00 PM  
Anonymous Anonymous said...

Aik, terbalik kot pulak ceritanya. sampai nak pakai loyer lagi.

The issue was someone edited the wiki to show off their l337n3ss. Ramai pulak terasa ehem. hek ala. I'm sure joey can give you the logs.

keke. Keep the flames burnin' y'all. Lain kali nak edit wiki pun pikir la dulu, kan dah payah nak justify hehe.

Thursday, March 09, 2006 7:10:00 PM  
Blogger Sharuzzaman Ahmat Raslan said...

Saya memang menanti outcome dari investigation ni.. IP Streamyx tu pun menarik jugak untuk diketahui siapa tuan punya akaun tu.. MIMOS harapnya boleh request kat TMNET untuk dapatkan username yang dapat IP Streamyx tu..

Thursday, March 09, 2006 7:33:00 PM  
Anonymous Anonymous said...

Apa yang dikatakan oleh Darknight tu mmg ada betulnya jugak.

Tapi siap edit wiki tu buh benda yang boleh menjatuhkan maruah orang dgn komen tak bertanggungjawab tu buat apa?

Banyak lagi wiki yang amalkan anonymous edit, tapi time kat malaysia buat, ada la org yang berhati busuk dengki sesama fellow malaysian.

ip SCAN ni mmg banyak duk deface website, byk bebudak nak test skill la katatan, biar wiki pun takpe la asal puas hati

Thursday, March 09, 2006 8:53:00 PM  
Anonymous Anonymous said...

duno ler. i tot h4cking/d3facement is a bit more complicated that clicking "Edit" and type-your-msg.

i duno ler. but if i discover some IP doing funny things with my b0x, i contact their admin to nail the bastard down.

blogging about it is a standard practice now? can it solve problem?

but let's blame it to SCAN anyway.

- lame_h4xor

Thursday, March 09, 2006 9:52:00 PM  
Anonymous Anonymous said...

oleh kerana orang orang kat sini suka refer wikipedia untuk term-term, jadi saya rasa saya pun nak guna wikipedia gak la untuk nak betulkan sysadmin sysadmin yg dah bertahun berkecimpung dalam dunia IT yg penuh pancaroba ini,


EDIT = http://en.wikipedia.org/wiki/Editing

DEFACEMENT (vandalism) = http://en.wikipedia.org/wiki/Defacement_%28vandalism%29

HACKING = http://en.wikipedia.org/wiki/Hack_%28technology_slang%29

jadi kesimpulan yg dapat kita buat, hacking/defacement takda kena mengena dalam hal ini, dan wiki itu sendiri adalah "public" .. orang boleh suka suka nak edit, jadi siapa yg harus kita salahkan ?

orang yg mengedit, atau orang yg guna wiki tapi melompat bila wiki dia kena edit ?


lagi satu, why do you guys just blame scan? ada apa apa ka ni ? atau mmg korang ada masalah dengan orang-orang dalam tu?

why tak blame orang yg edit/post benda yg lagi banyak dari IP scan tu .. macam ada something yg korang mmg tak puas ati dengan scan ja.. :)

isu kecik dah jadi besar macam t3t3k pompuan 34DD..

dan yg paling bestnya, blog ini "catatan kehidupan seorang SYSADMIN" pun dah salah term antara "EDIT" dengan "HACK/DEFACE", adakah encik irwan rasa encik irwan layak menggunakan TITLE SYSADMIN ?? cuma duduk kat tepi penjuru dinding .. kemudian fikir dengan seinsaf-insafnya...

Thursday, March 09, 2006 10:50:00 PM  
Anonymous Anonymous said...

Satu sahaja saya pesan: Kamu kata kamu pengguna (boleh saya kata pejuang?) opensource, tapi kamu terlupa yang kamu pun mesti memahirkan diri menggunakan opensource. Bukan setakat guna sahaja. Kamu sepatutnya sedia maklum yang penggunaan WIKI dan terlebih-lebih lagi tanpa ditetapkan taraf keselamatan dan had penggunaan, adalah tertakluk kepada INTERNET. Kejadian yang berlaku ini (pada saya), BUKAN salah si pesalah tersebut. INI ADALAH SALAH MEREKA YANG SEPATUTNYA MENJAGA WIKI TERSEBUT! Kalau kamu tak bersedia berhadapan dengan keperluan keselamatan INTERNET yang semakin mendesak masa kini, saya syorkan kamu TUTUP terus halaman WIKI tersebut. Tolong jangan malukan kami (system network admin) dengan memberi contoh buruk sekumpulan admin yang tidak mampu menjaga server/WIKI sendiri. Tolong jangan malukan kami (pengguna-pengguna perisian opensource) dengan tindakan melatah kamu yang sungguh tidak kena pada tempatnya. Perlu saya syorkan kamu semua supaya tidak lagi menggunakan perisian WIKI tersebut?

Kalau takut takut dilambung ombak, jangan berumah ditepi pantai.

KALAU TAKUT SERVER KENA BELASAH KAT INTERNET, JANGAN CONNECT SERVER KE INTERNET!

Nama pun WIKI. Sila rujuk wikipedia.

Sekian
Network Sysadmin (tulen, bukan wannabe)

Thursday, March 09, 2006 11:04:00 PM  
Blogger SysAdmin said...

Well, hangat pulak jadinya :) Ada yg setuju, ada yg blame balik, ada yg terasa etc. Ramai pulak anonymous ya :) Tak berani reveal/dedahkan siapa diri anda yg sebenar ke? hehe.

Ingat, isu utama adalah morality di sebalik wiki page yg disunting. Di mana letak moral orang Malaysia (bangsa apa tak tau la) dengan menjatuhkan maruah orang lain secara terang-terangan? Memang tujuan diadakan wiki tu supaya semua org boleh edit wiki tu tak kira di pelusuk mana anda berada. Nak edit pun, ada batas-batasnya. Kalau mesej yg diedit berbentuk sokongan/kritikan_membina, memang bagus. Ini apa yg ditulis adalah totally crap. Penulisan yg tak sepatutnya menjurus kepada perbuatan vandalisme & that's why aku tulis dia sebagai "defaced" - ya, ampun pak kalo term tersebut tidak sesuai. So, apa term yg sesuai? Daripada blame tak tentu hala, mari beri cadangan. Will ya'?

Bukannya nak menyalahkan syarikat/kompeni yg berkenaan. Dah kebetulan, IP Address tuh yg keluar dekat wiki diff tu, nak wat camner kan, hehe. Kalau IP Address Magnifix yg keluar, boleh jugak kita blame Magnifix pulak :D

Jika anda merasakan IP Address di atas adalah kepunyaan anda; apa yg perlu anda buat adalah potong/buang kemaluan anda kerana anda baru sahaja dinobatkan sebagai PENGECUT/BACUL :)
---Ayat tersebut hanyalah sekadar gurauan. Jikalau pihak yg terasa nak buat seperti yg aku tulis tu, terpulanglah :D Ewl! Ada yg amik serius ke? Man, get a life...

wanvadder,
Berbanyak terima kasih atas kerjasama dari pihak anda :) Syabas Inspektor Sahab! Syabbbbbaz!

Thursday, March 09, 2006 11:06:00 PM  
Anonymous Anonymous said...

Now for the millon dollar question!

What should a "SysAdmin" do when he discovered an IP hacked-into / trying-to-hack / DOS / deface-wiki his server?

a) Contact and work with law enforcement to catch the "hacker".
b) Contact SysAdmin of the attacking IP to report an abuse and find the responsible person.
c) Post the Whois record of the attacking IP in blog and put that company and their SysAdmin in shame.

According to this "SysAdmin", the answer is (c)!

I learn a lot from this blog, I can be a better SysAdmin in the future!

Thanks!

l33t_SysAdmin

Thursday, March 09, 2006 11:16:00 PM  
Anonymous Anonymous said...

Ups.. one more thing before I forgot:

"system administrator n. a system administrator is one who, as a primary job function, manages computer and network systems on behalf of another, such as an employer or client."

I guess, the WIKI admin failed :-) . Who's next?

I won't employ such careless admin anyway.. Shame...

Thursday, March 09, 2006 11:30:00 PM  
Anonymous Anonymous said...

yeah, but still, editing is not deface/hacking. end of story, period.

morality ? there is no such thing as morality in INTERNET. As you can see, morality is used on real life.. like the other Anon said "kalau takut dilambung ombak, jangan berumah di tepi pantai".

please use some of your neuron to translate what exactly did he want to told you, since you guys are the "translator".

Thursday, March 09, 2006 11:54:00 PM  
Blogger Joey aka Rizal said...

I guess it's a flame war now. I didn't know the translator team can pull together so much attention. Anyway, as for the wiki, memang lah its meant to be change. However, its meant to be a progressive one. One thing with wikis is anybody can change it, and there are no real security involve. It's meant to be something that evolve, and not de-volve per say...(if there is such a word). Though I support the translation team, I think it was wrong to blame people about what happened. Therefore, I understand the angry people about blaming SCAN. Dorang pun ader maruah gak. But trying to blame someone is not progress. I think we should all take it as a grain of salt, and go ahead doing something progressive. It's literally a waste of time. But I would rewrite this blog, and make it more legally safe. Who knows, some people takes things too personally. For example, you can say that you suspect on SCAN, but making direct accusations would be too strong. Anyway, one does not need to be rude, while being on the Internet.

p/s: "please use some of your neuron to translate exactly what he wanted to tell you, since you guys are the "translators"." (that would be more correct, just to help out the translator team out on translation part, who knows, they might get influenced by some people with wrong usage of english here in the blog, and that would be bad)

Friday, March 10, 2006 1:04:00 AM  
Anonymous Anonymous said...

Saya sedikit sebanyak bersetuju dengan saudara joey.

Saya rasa tindakan yang paling tepat: Pihak MIMOS, atau pihak yang mengendalikan WIKI tersebut, SILA KENAKAN HAD YANG MUNASABAH / PRIVILEGE LIMITATION TERHADAP MEREKA YANG BOLEH MENJALANKAN FUNGSI EDIT. JANGAN SALAHKAN SESIAPA SEKIRANYA KEMUDAHAN TERSEBUT DISALAH GUNA KERANA PUNCA SEBENAR IA BOLEH DISALAH GUNA ADALAH KERANA KELEMAHAN AKIBAT KESILAPAN PENGENDALIAN DAN PENGURUSAN WIKI (dari apa yang saya lihat, masih boleh diedit!). Atau penyelesaian paling tepat. JANGAN GUNA WIKI TERUS! Real coder use STATIC HTML ;-P

Apa akan jadi kalau ada pengguna internet dari Brazil atau Argentina (yang bukan dari Malaysia) menjahanamkan WIKI tersebut. Adakah kita nak memburu mereka sampai ke lubang cacing? Adakah kita nak post segala ip/whois network mereka? Adakah kita nak mintak tolong PM kita jumpa presiden negara diorang dan kejar makhluk yang buat benda tu? Tapi kenapa kalau benda tu dibuat oleh rakyat malaysia sendiri, benda ni nak dibesar-besarkan, nak dikejar sampai masuk lubang cacing? KENAPA WUJUDNYA "DOUBLE STANDARD" dalam isu keselamatan "WIKI" ini? Saya tak pernah dengar kisah ada sesiapa yang pernah didakwa akibat menyalahguna "Edit" di http://wikipedia.org/ . Tak sangka, hanya kerana kesilapan admin WIKI di Malaysia ini, kita akan menyaksikannya! Saya tak nampak apa nilai positif yang ada hasil daripada operasi "memburu" pesalah tersebut selain daripada memecahkan tembelang diri sendiri (terutamanya admin WIKI tersebut). Berani buat, beranilah tanggung. Daripada buang masa mencarik orang yang belum tentu sahih atau tak, apa kata anda semua buat kerja yang lebih berfaedah (termasuk translate WIKI tu ke bahasa melayu, tingkatkan tahap keselamatan WIKI tersebut).

Anggap ini sebagai satu pengajaran. Manusia belajar melalui kesilapan. Tak boleh nak salahkan pengguna Internet. Progress pun, mestilah kena pada tempatnya. Nak dipanjang-panjangkan pun tak berguna. Malu kita kepada orang asing yang lebih "sporting" dalam menangani hal sebegini kerana mereka terlebih dahulu mengkaji selok-belok / kelemahan software yang mereka guna. Atau seeloknya, kita implement Internet2006 kepunyaan Malaysia tersendiri, letak undang-undang tersendiri, pastikan semua orang "login" terlebih dahulu, dan yang berkaitan ;-P . Sila matangkan diri dalam selok-belok penggunaan teknologi atau JANGAN GUNA LANGSUNG! Dalam istilah teknologi tulen, tidak ada "Gaya Malaysia" (kalau tak, takkanlah WIKI tu guna English, kan?)

Lagi satu, "melayu"kan WIKI tu boleh tak?

Tempat paling selamat nak host WIKI:
http://127.0.0.1/Wiki/ ;-P

Friday, March 10, 2006 1:37:00 AM  
Blogger mnajem said...

i think you guys better calm down. wait for SCAN's people do their further investigation.

i was the guy who the ppl want make fool of. But I rather wait for sk/wanvadder/shaharil analysis rather make things worse.

on the net,anything can be done. but if in anyway you people got personal problem with me,just contact me directly,either by blog,mobile phone or email.

chaiyo!

Friday, March 10, 2006 8:13:00 AM  
Anonymous Anonymous said...

nak jadik sesapa punya IP boleh bang... try pakai curl... kalau tak pernah pakai mmg tatau :-).. u better watch out...

Friday, March 10, 2006 4:54:00 PM  

<< Home