Metro silap ejaan lagi!

Haishhh... Hari2 ade silap newpaper ni..

 

 Renung²kan dan selamat beramal.. hikhik

Mee Kuah Ketam!

Location: Tmn Melati, Setapak. (Depan pintu TAR college)

Harga: Biasa- rm3.50
           Special - rm4.50

Rating: 4 0f 5

Ini special punya.

Summary: Bagi aku sedap la sebab mee camni susah nak jumpa kat kedai2 sekitar ampang ni.. aku biasa pergi malam.. siang tak tau la ade ke tidak.. so, HAPPY EATING!

Microsoft Remote DOS Vulnerability Resolved!

Microsoft Security Bulletin MS10-085 - Important

Vulnerability in SChannel Could Allow Denial of Service (2207566)

Published: October 12, 2010 | Updated: October 18, 2010

Source: Security Focus 

Original Advisory : http://www.microsoft.com/technet/security/Bulletin/MS10-085.mspx

Bugtraq ID:	43780
Class:	Unknown
CVE:	CVE-2010-3229
Remote:	Yes
Local:	No
Published:	Oct 12 2010 12:00AM
Updated:	Oct 19 2010 11:49AM
Credit:	The Mu Test Suite Team
Vulnerable:	Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Vista x64 Edition SP1 Microsoft Windows Vista Ultimate 64-bit edition SP2 Microsoft Windows Vista Ultimate 64-bit edition SP1 Microsoft Windows Vista Home Premium 64-bit edition SP2 Microsoft Windows Vista Home Premium 64-bit edition SP1 Microsoft Windows Vista Home Basic 64-bit edition SP2 Microsoft Windows Vista Home Basic 64-bit edition SP1 Microsoft Windows Vista Enterprise 64-bit edition SP2 Microsoft Windows Vista Enterprise 64-bit edition SP1 Microsoft Windows Vista Business 64-bit edition SP2 Microsoft Windows Vista Business 64-bit edition SP1 Microsoft Windows Vista Ultimate SP2 Microsoft Windows Vista Ultimate SP1 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows Vista Home Premium SP2 Microsoft Windows Vista Home Premium SP1 Microsoft Windows Vista Home Basic SP2 Microsoft Windows Vista Home Basic SP1 Microsoft Windows Vista Enterprise SP2 Microsoft Windows Vista Enterprise SP1 Microsoft Windows Vista Business SP2 Microsoft Windows Vista Business SP1 Microsoft Windows Server 2008 Standard Edition X64 Microsoft Windows Server 2008 Standard Edition SP2 Microsoft Windows Server 2008 Standard Edition Itanium Microsoft Windows Server 2008 Standard Edition 0 Microsoft Windows Server 2008 Standard Edition - Sp2 Web Microsoft Windows Server 2008 Standard Edition - Sp2 Storage Microsoft Windows Server 2008 Standard Edition - Sp2 Hpc Microsoft Windows Server 2008 Standard Edition - Gold Web Microsoft Windows Server 2008 Standard Edition - Gold Storage Microsoft Windows Server 2008 Standard Edition - Gold Standard Microsoft Windows Server 2008 Standard Edition - Gold Itanium Microsoft Windows Server 2008 Standard Edition - Gold Hpc Microsoft Windows Server 2008 Standard Edition - Gold Enterprise Microsoft Windows Server 2008 Standard Edition - Gold Datacenter Microsoft Windows Server 2008 Standard Edition - Gold Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems 0 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for Itanium-based Systems 0 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems 0 Microsoft Windows Server 2008 Enterprise Edition SP2 Microsoft Windows Server 2008 Enterprise Edition 0 Microsoft Windows Server 2008 Datacenter Edition SP2 Microsoft Windows Server 2008 Datacenter Edition 0 Microsoft Windows Server 2008 SP2 Beta Microsoft Windows 7 XP Mode 0 Microsoft Windows 7 Ultimate 0 Microsoft Windows 7 Starter 0 Microsoft Windows 7 Professional 0 Microsoft Windows 7 Home Premium 0 Microsoft Windows 7 for x64-based Systems 0 Microsoft Windows 7 for 32-bit Systems 0 Avaya Aura Conferencing Standard Avaya Aura Conferencing 6.0 Standard

Microsoft Released October 2010 Black Tuesday Summary

On 12th of Oct, Microsoft had released 49 patches to address issues on it Windows platforms including ranging from Microsoft office, Internet Explorer, .NET framework, and including two that fixes the bugs a targeted by the Stuxnet worms. Internet Explorer recorded the most patches which is up to 10 patches followed by Microsoft Word and Excel. Please be noted that eight of the bugs were publicly disclosed before. Microsoft also had released Malicious Software Removal Tool (MSRT) (http://www.microsoft.com/security/malwareremove/default.aspx) to hunt and remove the infamous widely spreading botnet, the Zeus or Zbot (http://blogs.technet.com/b/mmpc/archive/2010/10/12/msrt-on-zbot-the-botnet-in-a-box.aspx).

All the patches can be carried out if auto-update is enabled for your Microsoft Windows. As usual, you may want to follow your patching procedures before deploying it to the production environment. Four (4) of the vulnerabilities are rated as Critical, Ten(10) are rated as important affecting the OS and Microsoft Office and Two (2) are rated as moderate affecting the OS :

MS10-071 - Cumulative Security Update for Internet Explorer (2360131)
MS10-075 - Vulnerability in Media Player Network Sharing Service Could Allow Remote
                     Code Execution (2281679)
MS10-076 - Vulnerability in the Embedded OpenType Font Engine Could Allow Remote
                     Code Execution (982132)
MS10-077 - Vulnerability in .NET Framework Could Allow Remote Code Execution
                     (2160841)
MS10-072 - Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
MS10-073 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of
                     Privilege (981957)
MS10-078 - Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow
                     Elevation of Privilege (2279986)
MS10-079 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution
                     (2293194)
MS10-080 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
                     (2293211)
MS10-081 - Vulnerability in Windows Common Control Library Could Allow Remote Code
                     Execution (2296011)
MS10-082 - Vulnerability in Windows Media Player Could Allow Remote Code Execution
                     (2378111)
MS10-083 - Vulnerability in COM Validation in Windows Shell and WordPad Could Allow
                     Remote Code Execution (2405882)
MS10-084 - Vulnerability in Windows Local Procedure Call Could Cause Elevation of
                     Privilege (2360937)
MS10-085 - Vulnerability in SChannel Could Allow Denial of Service (2207566)
MS10-074 - Vulnerability in Microsoft Foundation Classes Could Allow Remote Code
                     Execution (2387149)
MS10-086 - Vulnerability in Windows Shared Cluster Disks Could Allow Tampering
                     (2294255)


For more information on these security updates, please refer to the link below:

https://www.microsoft.com/technet/security/bulletin/ms10-oct.mspx

Oracle released critical update!

Oracle today had released a critical update to its widely-installed Java software, fixing at least 29 security vulnerabilities in the program.

If you have some version of Java installed, kindly verify the version from the following link;

http://java.com/en/download/installed.jsp


To install the latest version which is Java 6 Update 22:

1. Go the Windows Control Panel
2. Click on the Java icon
3. Seelect the “Update Now” button on the “Update” tab

For Oracle’s patches, updates are available for Windows, Solaris and Linux. Apple has its own version of Java for their OS X systems. They will issue fixes for after several months of the official release. Kindly, refer to this link:

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

Java’s updater may also include additional add-on such as the Yahoo! Toolbar to bundle with the software update. If you don't need it, un-select the appropriate check box during installation.

Sagan.. Snort's twin released!

Sagan release version 0.1.0
http://sagan.softwink.com
Written by Champ Clark (AKA 'Da Beave') and the Softwink, Inc team
Date: 06/24/2010

Obligatory screen shot of Sagan version 0.1.0 running running in FIFO mode.

Softwink announces the release of Sagan, a real time log monitoring
system.

Sagan is a multi-threaded, real time system- and event-log monitoring system,
but with a twist. Sagan uses a "Snort" like rule set for detecting "bad
things" happening on your network and/or computer systems. If Sagan detects
a "bad thing" happening, that event can be stored to a Snort database
(MySQL/PostgreSQL) and Sagan will correlate the event with your
Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system. Sagan
is meant to be used in a 'centralized' logging environment, but will
work fine as part of a standalone Host IDS system for workstations.

Sagan is fast: Sagan is written in C and is a multi-threaded application.
Sagan is threaded to prevent blocking Input/Output (I/O). For example,
data processing doesn't stop when an SQL query is needed. It is also meant
to be as efficient as possible in terms of memory and CPU usage.

Sagan uses a "Snort" like rule set: If you're a user of "Snort" and
understand Snort rule sets, then you already understand Sagan rule sets.
Essentially, Sagan is compatible with Snort rule management utilities, like
"oinkmaster" for example.

Sagan can log to Snort databases: Sagan will operate as a separate "sensor"
ID to a Snort database. This means that your IDS/IPS events from Snort will
remain separate from your Sagan (syslog/event log) events. Since Sagan can utilize
Snort databases, using Snort front-ends like BASE and Snorby will not only
work with your IDS/IPS event, but also with your syslog events as well!

Sagan output formats: You don't have to be a Snort user to use Sagan. Sagan
supports multiple output formats, such as a standard output file log format
(similar to Snort), e-mailing of alerts (via libesmtp), Logzilla support and
externally based programs that you can develop using the language you prefer
(Perl/Python/C/etc).

Sagan is actively developed: Softwink, Inc. actively develops and maintains
the Sagan source code and rule sets. Softwink, Inc. uses Sagan to monitor
security related log events on a 24/7 basis.

Other Features:

- Sagan is meant to be easy to install. The traditional,
"./configure && make && make install" works for many installations,
depending on the functionality needed and configuration.
- Thresholding of alerts. Uses the same format as Snort in the
Sagan rule set.
- Attempts to pull TCP/IP addresses, port information, and protocol
of rule set that was triggered. This leads to better correlation.
- Can be used to monitor just about any type of device or system
(Routers, firewalls, managed switches, IDS/IPS systems,
Unix/Linux systems, Windows event logs, wireless access points,
much more).
- Works 'out of the box' with Snort front ends like BASE, Snorby,
proprietary consoles, various Snort based reporting systems.
- Sagan is 'open source' and released under the GNU/GPL version 2
license.

For more information about Sagan, please see:

Sagan web site: http://sagan.softwink.com


Screenshots:

 

Mozilla Foundation Security Advisory 2010-58

Title: Crash on Mac using fuzzed font in data: URL

Impact: Critical

Announced: September 7, 2010

Reporter: Marc Schoenefeld

Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.6.9
Firefox 3.5.12
Thunderbird 3.1.3
Thunderbird 3.0.7
SeaMonkey 2.0.7
Description

Security researcher Marc Schoenefeld reported that a specially crafted font could be applied to a document and cause a crash on Mac systems. The crash showed signs of memory corruption and presumably could be used by an attacker to execute arbitrary code on a victim's computer.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=583520
* CVE-2010-2770

Fretsweb Multiple SQL Injection Vulnerabilities

Released on 08-10-2010 Source page: SecurityFocus 

==========================================================
FretsWeb 1.2 Multiple Local File Inclusion Vulnerabilities
==========================================================


----------------------------------------------------------------------------------------------
|                MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES               |
|--------------------------------------------------------------------------------------------|
|                                    |      FretsWeb 1.2      |                    |
|  CMS INFORMATION:                 ------------------------                              |
|                       |
|-->WEB: http://sourceforge.net/projects/fretsweb/                 |
|-->DOWNLOAD: http://sourceforge.net/projects/fretsweb/                               |
|-->DEMO: N/A               |
|-->CATEGORY: CMS / Games/Entertainment            |
|-->DESCRIPTION: Fretsweb is a Contest or Chart Server for Frets on Fire. It...              |
|  is an improved version of FoFCS.It is meant for...                 |
|-->RELEASED: 2009-05-30             |
|                |
|  CMS VULNERABILITY:              |
|                |
|-->TESTED ON: firefox 3                           |
|-->DORK: N/A                      |
|-->CATEGORY: LOCAL FILE INCLUSION (LFI) / INSECURE COOKIE HANDLING (LFI)              |
|-->AFFECT VERSION: CURRENT (MAYBE <= ?)            |
|-->Discovered Bug date: 2009-06-02            |
|-->Reported Bug date: 2009-06-02            |
|-->Fixed bug date: 2009-06-14             |
|-->Info patch: http://sourceforge.net/projects/fretsweb/         |
|-->Author: YEnH4ckEr              |
|-->WEB/BLOG: N/A              |
|-->COMMENT: A mi novia Marijose...hermano,cunyada, padres (y amigos xD) por su apoyo.       |
|-->EXTRA-COMMENT: Gracias por aguantarme a todos! (Te kiero xikitiya!)        |
----------------------------------------------------------------------------------------------



Note: Of course use null byte () when you want to include a file with different extension to "php"



###########################
///////////////////////////

LOCAL FILE INCLUSION (LFI):

///////////////////////////
###########################



<<<<---------++++++++++++++ Condition: Nothing +++++++++++++++++--------->>>>



[++] GET var --> 'language'



~~~> http://[HOST]/[PATH]/charts.php?language=[LFI]



###############################
///////////////////////////////

INSECURE COOKIE HANDLING (LFI):

///////////////////////////////
###############################



[++] Cookie --> 'fretsweb_language'



~~~> fretsweb_language=[LFI]

Article menarik untuk bacaan umum

Hari ini aku dah khatamkan 2 article yg menarik sebagai peringatan utk kita persiapkan diri menhadapi Kiamat!

Ni link kepada article tersebut

1. Vaticans
2. Hitlers

Selamat membaca..  Gunalah ilmu utk mendekatkan diri kepada Pencipta Alam yang Mutlak. Wallahu'alam

Ujian HIV sekitar Kuala Lumpur

SENARAI KLINIK KESIHATAN YANG MENJALANKAN UJIAN HIV WPKL

MASA : 2.00 pagi - 4 .30 petang ( HARI : ISNIN – JUMAAT)
MASA : 2.45 petang – 4.30 petang ( HARI : JUMAAT)

Jabatan Kesihatan DBKL – 03 92845166 * (Hari Rabu Sahaja)
KM 4, Jln. Cheras, Kuala Lumpur

Klinik Kesihatan Kuala Lumpur – 03 26155752
Hospital Kuala Lumpur

Klinik Kesihatan Putrajaya – 03 88883057
No. 1, Jln. Presint 9E, Putrajaya

Poliklinik Komuniti Tanglin – 03 26983311
Jalan Cenderasari, Kuala Lumpur

Klinik Kesihatan Cheras – 03 91304583
Batu 4 ½, Jln. Cheras, Kuala Lumpur

Klinik Kesihatan Cheras Baru – 03 42946114
Jln. 16, Kg. Cheras Baru, Off Jln. Ku ari

Klinik Kesihatan Batu – 03 62573355
Batu 4 ½, Jln. Ipoh, Kuala Lumpur

Klinik Kesihatan Petaling Bahagia – 03 77829355
Batu 6, Jln. Puchong, Kuala Lumpu r

Klinik Kesihatan Dato’ Keramat – 03 42573333
Jln. Jelatek, Dato’ Keramat, Ku ala Lumpur

Klinik Kesihatan Kampung Panda n – 03 92810272
Jln. Kg. Pandan, Kuala Lumpur

Klinik Kesihatan Pantai, B angsar – 03 22881071
Blok C, Wisma Ghoshen, Plaza Pantai, Off Jln. Pantai Baru, KL

Klinik Kesihatan Jinjang – 03 62583355
No 2, Jln. 4/16, Jinjang Utara Tamb ahan, kl

Klinik Kesihatan Setapak – 03 41425429
No. 26/28, Jln. 9/23A, Medan Makmur, Setapak, KL

Klinik Kesihatan Sentul – 03 40427557
189 , Jln Perhentian, Off Jln. Hj. Salleh, Sentul, KL

Klinik Kesiha tan Sungai Besi – 03 90585464
Jalan Besar, Sungai Besi, KL

Klinik Kesihatan Bandar Tun Razak – 03 91713333
No. 16&18 Jln. Jujur 3 , Bdr. Tun Razak, KL


*sila buat appointment seawal mungkin.. sbb queue nye sgt ramai.. biasalah sumer org mau kawin maa..

20 Linux Server Hardening Security Tips

This summary is not available. Please click here to view the post.

10 Free Ways To Increase Blog Traffic

1. Join Trafficswarm.com and get a Free Lifetime Membership today. Surf your TrafficSwarm Page and view only the sites that interest you.Start increasing blog traffic today. It just couldn’t be any easier!

2. Submit your blog to as many blog and rss directories as you can. Here is a good place to start http://www.earnbonus.com/feed-directories/

3. Signup at technorati.com and add your blog then ping it when you update.

4. Get a free account at mybloglog.com and add your blog then join the communities and make friends. There is even a cool widget you can add to your blog like what you see on the right here.This is a great way to increase blog traffic.

5. Signup at Stumbleupon.com and make friends in your niche. You can then stumble your post and get your friends to also.Its a good way for increasing blog traffic.

6. Go to Socialposter.com and fill in the exact url to your blog post then title,general summary text then your tags. Now submit to as many social sites as you can. If this is your first time to use these sites then you will need to signup.

7. Leave comments on blogs in your related niche. This is a great way to increase links back to your site and get free blog traffic. Here is a great free tool to monitor popular blogs in your niche so you can be notified and make one of the first good quality comments. Check it out at Commentsniper.com

8. Make sure and add your blog url to your forum signature on any forums you are a member. This can be a powerful way to attract visitors especially if you have quality forum posts.

9. Find one of the top bloggers in your niche then write a good review post of them. Let them know and they will probably link back to you.

10. Join Squidoo.com and make a lens then add a link to your blog.

Enjoy trying!

Air Batu Capor

Air batu campur ataupun lebih terkenal sebagai ABC (juga dikenali sebagai Ais Kacang di Pulau Pinang dan Singapura) merupakan sejenis minuman yang diperbuat daripada ais yang dimesin dan dicampur dengan bahan-bahan seperti kacang, buah kabung, cendol, cincau, jagung, pemanis, seperti sirap dan sarsi serta air nisan.

Ia menjadi pilihan utama bagi penggemar mahupun cuaca sejuk atau panas.

Takaful Ikhlas bayar pampasan kepada ibu tunggal

Berkat simpanan, isteri dapat pampasan

Jan 29th, 2010 by Takaful

Sumber: Sinar Harian, 29hb Januari 2010

Seorang ibu tunggal melahirkan rasa gembira, terharu dan bersyukur apabila menerima bayaran ganjaran polisi perlindungan Ikhlas Savings Takaful dari Takaful Ikhlas Sdn Bhd yang dimiliki arwah suaminya.

Penerima berkenaan, Norazilah Shaari, 26, berkata, suaminya, Jamali Jalani meninggal dunia pada 3 Oktober tahun lalu kerana demam.

Menurutnya, suaminya itu hanya bekerja sebagai seorang petani sementara dia hanya sebagai suri rumah sepenuh masa.

“Suami saya memang seorang yang berpandangan jauh serta mahu hidup keluarga terjamin dan berjimat dengan hasil pendapatan sebagai seorang petani.

“Selain berjimat, suami saya juga mengambil polisi perlindungan Ikhlas Savings Takaful daripada Takaful Ikhlas Sdn Bhd, dengan membayar secara berkala enam bulan sekali, iaitu setiap lepas menuai padi dengan bayaran sebanyak RM2,196 sekali bayar dengan jumlah jaminan RM135,000 “, katanya.

Norazilah berkata, suaminya juga mengambil polisi Ikhlas Education Takaful untuk anak sulungnya, Ahmad Hafizuddin, 5, dengan bayaran berkala enam bulan sekali, juga selepas menuai padi dengan bayaran RM450, bagi enam bulan.

Dia berterima kasih kepada Takaful Ikhlas Sdn Bhd kerana membayar ganjaran perlindungan polisi ini dalam masa yang singkat.

“Wang ini akan disimpan sebaik mungkin untuk perbelanjaan harian, perbelanjaan persekolahan tiga anak saya hingga ke peringkat tertinggi.

“Sebahagian wangnya akan disimpan dalam amanah saham bagi memastikan wang tersebut tidak habis begitu sahaja”, katanya.

Sementara itu, cek bayaran pampasan berjumlah RM137,512 disampaikan Pengurus El Sham Agensi dari Kamunting, Samsudin Man.

Samsudin Man, 54, berkata, Takaful Ikhlas Sdn Bhd membayar sejumlah RM5,000 sebaik Jamali meninggal dunia untuk urusan pengkebumian dan pembayaran kemudiannya melalui cek sebanyak RM95,000 menjadikan jumlahnya RM100,000.

Menurutnya, baki RM37,512 akan dibayar setelah Norazilah menyediakan surat pecah kuasa yang diperoleh daripada pihak Pentadbiran Harta Pusaka Daerah Kerian.

“Sebaik Jamali meninggal dunia maka bayaran polisi Ikhlas Education Takaful anaknya Ahmad Hafizuddin sebanyak RM450 untuk setiap enam bulan dikecualikan dan polisi kekal sehingga 20 tahun dengan yang dinyatakan akan diberi.

“Kaedah pembayaran ganjaran polisi terhadap polisi milik Jemali adalah berasaskan Akta Takaful 1984 dan Peraturan Takaful 2009 malah kami sentiasa berusaha menjelaskan bayaran ganjaran pemegang polisi dengan cepat setelah segala dokumen diperlukan disediakan,” katanya.

Islamic Ways to Live a Happy Married Life

How to live a happy married life is a question asked by many couples. We take consultation and hire others services to help us with our marriage but we never refer to the religion which has almost all answers. Below are some of the ways to live a happy married life as per Islam:

• The last Prophet (PBUH) stated wife as fragile and sensitive hence gave instructions to take good care of her.
• While giving advice to your wife make sure that no one else is listening, do not expose and make it public.
• Give your wife a feeling of generosity; this will bring her closer to you.
• Don't reject your wife's suggestion altogether and don't stop her when she starts discussing any issue instead be a good listener and avoid being rigid in conversations with her.
• The Prophet Muhammad (PBUH) said, always call your wife with good name and if possible with the name she loves to hear from your mouth.
• Give your wife surprise gifts and give her proper attentions.
• Prophet (PBUH) said, we all have shortcomings, so ignore her shortcomings and the Allah will strengthen your marriage.
• Never stop her to meet her parents and friends, encourage and appreciate her to keep good relationships with others and have a social circle. Always praise her while you are sitting with her relatives and friends, this will increase her love for you.
• Islam emphasizes that individuals should think good about others especially your spouses.
• Remember she is the one who is playing an active role in bringing up your children so respect her and don't shout on her in front of your kids. Her strength as well as her success is yours because you both are just like one soul in two bodies.
• Remember never put someone else above your wife, because no one can get her place.
• The Holy Prophet Muhammad (PBUH) used to help his (PBUH) wives at home by stitching his own clothes etc and he (PBUH) always acts as a helping hand, so it is good to help your wife at domestic works whenever possible.
• Always remember in your prayers your wife and your whole family, God will protect your family in troubles.
• Feel your wife is the best wife of the world, forget the past and look for the better future, this is the only for a happy life.
• Shaitaan (Devil) is the enemy of man and he loves to make divorces, so whenever a fight begins while talking to your wife, this is the shaitaan (the devil) work, so ignore the fight and ask God to strengthen your relationship and protect it from the devil.
• Islam emphasizes that the man should give as much love as he can by doing small actions like put a spoon of food to her mouth with your hands so that she can feel your love with the taste of the food (Prophet Muhammad (PBUH) practiced the same).
• Protect her every time because she is dependent on you, no matter how advanced your wife is she always needs you so your shoulder must be there when she really need it. Help her to take care of the children because it's a heavy duty she cannot handle it alone. Spend time with her and make sure you and she eat meals together.
• Don't ever share your privacy with others like your friends and other family members, whatever is there it must be between you and your wife. When you do not care for such things this means you are putting your marriage at risk.
• Celebrate the traditional and spiritual ceremonies together with your family members.
• Don't pay heed to those who are jealous of your relationship and have trust in each other. Don't just go behind what others say about your spouse. Ask and confirm if you have any doubts.

Share the great moments with her, don't leave her alone when she need your support, and give her equal opportunity to support you in all matters. Respect her because she is one of the strong pillars of your life; don't let this pillar get weak at any stage. May, Allah Almighty fills your heart with love for each other. Ameen! 

Article Source: http://www.writearticles.org/ 

3 Sebab Kenapa Skim Takaful Penting Kepada Anda

Skim Takaful bukan seperti mana yang anda fikirkan, bukan sekadar seorang agent mengetuk pintu rumah anda untuk menjual polisi bagi melindungi anda daripada sebab kemalangan sahaja.

Skim Takaful adalah lebih daripada itu, ianya memberi jaminan perlindungan apabila kita meninggal dunia dengan manfaat Khairat dibayar pada waris kita.

Tetapi berapa ramaikah diantara kita sudah mendapatkan perlindungan ini? Rata-rata yang kita lihat, masih ramai lagi diantara kita yang tiada perlindungan Takaful. Apakah sebabnya?

1) Tiada pengetahuan langsung.. apa itu Takaful.. Dan

2) Mereka rasakan Takaful itu tidak perlu .. dan melihat ianya sebagai bebanan bayaran tambahan yang perlu dikeluarkan..selain dari bil-bil yang telah sedia ada..

Adakah mereka tahu bahawa jika mereka bermula lebih awal… semasa muda.. mereka mendapat lebih manfaat perlindungan berbanding semasa mereka sudah tua kelak..

Berikut adalah alasan kenapa kita memerlukan Takaful;

Alasan 1

Adakah kita mempunyai berbagai-bagai bil atau bayaran hutang yang perlu di lunaskan pada setiap bulan?? Ini adalah alasan besar kenapa kita memerlukan Takaful supaya segala bayaran bil dan hutang tadi terbayar andainya kita telah tiada.. dan waris kita tidak dibebani lagi oleh hutang kita.

Alasan 2

Anda muda, gagah dan sihat sekarang? Tiada berpenyakit? Jadi inilah masa yang terbaik untuk mendapatkan Takaful. Bayaran sumbangan anda adalah kecil bermula dari sekarang hingga anda berumur 65 tahun.. dan ianya adalah sebagai simpanan persaraan anda nanti.. lagi awal anda bermula takaful adalah lebih bagus… kerana anda tidak perlu risau lagi jika anda mendapat penyakit yang serious akan datang .., kerana anda telah dilindungi Takaful… Orang yang sudah berpenyakit memang tiada sebarang syarikat insuran atau takaful yang akan menerimanya. Kata orang.. ambillah pelan Takaful sekarang… semasa ia menerima kita, jangan sampai semua syarikat takaful dan insuran sudah tidak menerima kita apabila kita telah menghidap penyakit.. ketika itu kita akan menyesal kelak….

Alasan 3

Adakah anda berkahwin? Adakah anda sayang isteri anda? Jadi.. perlukah anda tinggalkan isteri dan anak-anak anda dengan kesusahan setelah ketiadaan anda? Bayangkan jika kita tiada perlindungan Takaful, ditakdirkan kita mengidap kanser 6 bulan akan datang… dan meninggal selepas 18 bulan kemudian. Kita terpaksa tinggalkan isteri dan 2 orang anak kita meneruskan hidup mereka dengan ketiadaan sumber kewangan… bagaimanakah mereka hendak menyara hidup mereka? Membayar bil-bil dan hutang peninggalan kita… Inikah yang patut kita tinggalkan untuk mereka? Cuba fakir-fikirkan….

Banyak lagi alasan-alasan lain kenapa kita perlukan Perlindungan Takaful…

Di bawah ini dinyatakan secara ringkas mengenai manfaat dari Pelan Takaful Ikhlas:-

IKHLAS SAVINGS TAKAFUL

Dengan mencarum RM100* Sebulan, Anda akan mendapat Manfaat-Manfaat berikut:

MANFAAT PERLINDUNGAN KEWANGAN KELUARGA
Akibat Kematian & hilang upaya kekal menyeluruh - RM 50,000

PENGGANTIAN PENDAPATAN
Akibat Hilang Upaya Kekal Menyeluruh kerana kemalangan - RM 71,000

DANA PENYAKIT KRITIKAL TAMBAHAN
40 Jenis Penyakit Kritikal - RM 30,000

PAMPASAN KEMALANGAN
Keilatan Separa Kekal berdasarkan % - RM 21,000

KHAIRAT KEMATIAN
Dana Pengurusan Jenazah - RM 1,000

MANFAAT HARIAN HOSPITAL
Elaun Mengikut Jumlah Hari - RM 100 sehari

TABUNGAN / SIMPANAN
Serahan / Tempoh Matang - RM 52,839

PENGECUALIAN SUMBANGAN
Akibat Lumpuh Kekal/ditimpa 40 jenis Penyakit Kritikal

PELEPASAN CUKAI/BERAMAL JARIAH
Pelepasan Cukai Maksimum - RM 6,000
Konsep Tabarru' (derma) dalam Dana At-Ta'awuni

*illustrasi di atas adalah berdasarkan kiraan simpanan untuk peserta berumur 25 tahun, lelaki dan matang pada umur 55 tahun dengan kadar keuntungan 6% setahun.

Untuk maklumat lanjut dan penyertaan sila hubungi:

Luqman Nawawi
Tel/SMS : 017-9616771
Email : luqmanawawi@yahoo.co.uk
ym: luqmanawawi

Insurans Takaful vs Insurans Konvensional

Sabda Rasulullah s.a.w  yang bermaksud: “Tinggalkan anak dan isteri kamu dengan kesenangan adalah lebih baik daripada meninggalkan mereka dalam keadaan meminta-minta”. (Riwayat: Bukhari)

Persiapan untuk mengharungi sebarang ketidakpastian atau ujian-ujian dari Allah s.w.t. itu, contohnya seperti kematian, hilang-upaya kekal, penyakit kritikal, kemalangan dan sebagainya, bukanlah satu usaha yang ingin melawan takdir Allah s.w.t. yang diperkatakan oleh segelintir ahli masyarakat. Ini merupakan satu pandangan yang dangkal dari orang-orang yang jahil tentang agama Islam. Dalil yang mewajibkan seseorang itu mesti berusaha terlebih dahulu sebelum bertawakkal kepada Allah semata-mata adalah sepertimana sabda Rasulullah s.a.w. terhadap seorang arab badui yang meninggalkan untanya tanpa diikat tali terlebih dahulu dan lalu berserah kepada Allah s.w.t. semata-mata, yang bermaksud: "Ikatlah tali unta kamu dahulu dan kemudian barulah berserah kepada Allah s.w.t." (Riwayat: At-Turmuzi) 

Secara amnya perlindungan Takaful adalah skim perlindungan kewangan secara Islam iaitu merupakan satu kaedah persiapan atau ikhtiar/usaha untuk menghadapi atau melindungi sebarang ketidakpastian yang mungkin berlaku keatas diri sendiri, ahli keluarga atau harta benda daripada sebarang musibah atau malapetaka di masa-masa akan datang. Selagi umat manusia terdedah terhadap ketidakpastian dan risiko selagi itulah perlindungan kewangan Takaful itu amat diperlukan sebagai satu ikhtiar/usaha terlebih dahulu sebelum seseorang itu terus bertawakkal kepada Allah s.w.t. semata-mata. 

Justeru, apekah perbezaan diantara insurans takaful dengan insurans konvensional:

Bil.	Takaful	Insurans Konvensional
1.	Konsep saling bekerja-sama, bertanggung-jawab dan lindung-melindungi.	Konsep perniagaan yang berteraskan keuntungan semata-mata.
2.	Kontrak Tabarru' (menderma sebahagian dari sumbangan) dan Kontrak Al-Wakalah (membenar pihak Takaful Ikhlas menguruskan dana sumbangan peserta).	Kontrak jual-beli dimana pihak syarikat insurans akan menaggung segala liability terhadap pemegang polisi- penanggung insurans berlesen.
3.	Terhindar dari unsur-unsur gharar, maisir dan riba.	Wujud unsur-unsur gharar, maisir dan riba.
4.	Operasi dikawal selia oleh Majlis Pengawasan Syariah	Tiada Majlis Pengawasan Syariah.
5.	Keuntungan pelaburan diagih berdasarkan konsep mudharabah atau yuran prestasi.	Keuntungan diagih berdasarkan kadar faedah.
6.	Pengeluaran sebahagian dibenarkan dan tiada kadar faedah dikenakan.	Pinjaman dibenarkan dan kadar faedah dikenakan.

Fadhilat Puasa Ramadhan # 1

Membentuk manusia bertaqwa

Dalil:

يَا أَيُّهَا الَّذِينَ آمَنُواْ كُتِبَ عَلَيْكُمُ الصِّيَامُ كَمَا كُتِبَ عَلَى الَّذِينَ مِن قَبْلِكُمْ لَعَلَّكُمْ تَتَّقُونَ

[Hai orang-orang yang beriman, diwajibkan atas kamu berpuasa sebagaimana diwajibkan atas orang-orang sebelum kamu agar kamu bertakwa] - Surah al-Baqarah ayat 183.

Taqwa menurut Ibnu Mas`ud
"Ta`at kepada Allah, menjauhi maksiat, ingat Allah, tidak kufur akan Dia dan sentiasa bersyukur"

../bersambung

Sumber:

Jodol Kitab: 40 Fadhilat Puasa Ramadhan
Pengarang: Drs Hj Hanafi Muhammad MA
Penerbit: al-Hidayah, 2006

Penyusun: Tuan Hassan Tuan Lah, al-fikrah.net

Antismoke Packs

Daily people are dying throughout the world of diseasescaused by smoking. This package concept shows how close this problem isto us. As every day each smoker carries this problem in his/her pocket.They carry death.

http://www.behance.net/gallery/Antismoke-pack/351592 

Congratulations!

Hi there.. just wanna take a chance to greet my dear one nabilah zafirah congratulations! on starting a new job this week. Alhamdulillah dapat jugak keje kat Kuala Lumpur ni kan. Senang cket nak settlekan perkara2 penting utk kite berdua kan.. schweeeett! :)

P/S: Gud luck on your test tomorrow dear! Ganbatte Kudasai.

Demilitarized zone (DMZ)

Figure A : DMZ Sample Topology

A DMZ is the most common and secure firewall topology. It is often referred to as a screened subnet. A DMZ creates a secure space between your Internet and your network, as shown in Figure A.

A DMZ will typically contain the following:

• Web server
• Mail server
• Application gateway
• E-commerce systems (It should contain only your front-end systems. Your back-end systems should be on your internal network.)

Why DMZ?

• considered very secure because it supports network- and application-level security in addition to providing a secure place to host your public servers. A bastion host (proxy), modem pools, and all public servers are placed in the DMZ.

• Furthermore, the outside firewall protects against external attacks and manages all Internet access to the DMZ. The inside firewall manages DMZ access to the internal network and provides a second line of defense if the external firewall is compromised. In addition, LAN traffic to the Internet is managed by the inside firewall and the bastion host on the DMZ. With this type of configuration, a hacker must compromise three separate areas (external firewall, internal firewall, and the bastion host) to fully obtain access to your LAN.

Many companies take it one step further by also adding an intrusion detection system (IDS) to their DMZ. By adding an IDS, you can quickly monitor problems before they escalate into major problems.

Best Practice For Web Server Deployment

Network filtering:

Place your web server(s) in a DMZ. Set your firewall

to drop connections to your web server

on all ports but http (port 80) or https (port 443).

Host based security:

Remove all unneeded services from your web server, keeping FTP (but only if you need it) and a secure login capability such as secure shell. An unneeded service can become an avenue of attack.

Limit the number of persons having administrator or root level access.

Apply relevant security patches as soon as they are announced and tested on a pre-production system.
Disallow all remote administration unless it is done using a one-time password or an encrypted link.
If the machine must be administered remotely, require that a secure capability such as secure shell is used to make a secure connection. Do not allow telnet or non-anonymous ftp (those requiring a username and password) connections to this machine from any untrusted site. It would also be good to limit these connections only to a minimum number of secure machines and have those machines reside within your Intranet.

Configuring the Web service/application:

If you must use a GUI interface at the console, remove the commands that automatically start the window manager from the .RC startup directories and then create a startup command for the window manager. You can then use the window manager when you need to work on the system, but shut it down when you are done. Do not leave the window manager running for any extended length of time.

Run the web server in a chroot-ed part of the directory tree so it cannot access the real system files.

Run the anonymous FTP server (if you need it) in a chroot-ed part of the directory tree that is different from the web server's tree.

Remove ALL unnecessary files such as phf from the scripts directory /cgi-bin.

Remove the "default" document trees that are shipped with Web servers such as IIS and ExAir.

Apply relevant security patches as soon as they are announced and tested on a pre-production system.

Auditing/logging:

Log all user activity and maintain those logs either in an encrypted form on the web server or store them on a separate machine on your Intranet, or write to "write-once" media.

Monitor system logs regularly for any suspicious activity.

Install some trap macros to watch for attacks on the server (such as the PHF attack).

Create macros that run every hour or so that would check the integrity of passwd and other critical files.
When the macros detect a change, they should send an e-mail to the system manager, write a message to logs, set off a pager, etc..

Content management:

Do all updates from your Intranet. Maintain your web page originals on a server on your Intranet and make all changes and updates here; then "push" these updates to the public server through an SSH or SSL connection. If you do this on a hourly basis, you can avoid having a corrupted server exposed for a long period of time.
Write a script to download HTML pages and check against a template, if changes are noted, upload the correct version.

Intrusion Detection:

Scan your web server periodically with tools like ISS, Nmap, Nessus or Satan to look for vulnerabilities.
Have intrusion detection software monitor the connections to the server. Set the detector to alarm on known exploits and suspicious activities and to capture these sessions for review. This information can help you recover from an intrusion and strengthen your defenses.

Read more: http://www.articlesbase.com/security-articles/best-practice-document-for-web-server-deployment-1843572.html#ixzz0rpjLaGc7
Under Creative Commons License: Attribution