Setelah sukses dengan DVD PAKET KOMPILASI BELAJAR CCNA DAN CCNP
bukusisa.com mengeluarkan paket baruuuu huhuyyyy :beer: mantappp

New DVD Releases

1. Career Academy Tutorial : : Certified Ethical Hacking V.5.

Video training ini memberikan pelajaran bagaimana cara scan, test, dan HACK dan juga mengamankan sistem kita. Tidak hanya teori, tapi juga demonstrasinya ditunjukin lhooo heheuhe.. , dan jangan khawatir, juga penjelasannya dari mulai konsep dasar hingga yg cukup lemayan bikin pusing huehue..
juga ada quiz2 serta printable module dari tiap chapternya..



Daftar modul lengkap dan isinya adalah terdiri dari :

Module 1: Introduction to Ethical Hacking
Module 2: Footprinting
Module 3: Scanning
Module 4: Enumeration
Module 5: System Hacking
Module 6: Trojans & Backdoors
Module 7: Sniffers
Module 8: Denial of Services
Module 9: Hacking & Defending Windows Systems
Module 10: Social Engineering
Module 11: Session Hijacking
Module 12: Hacking Web Server
Module 13: Web Application Vulnerabilities
Module 14: Web Password krackign
Module 15: SQL Injection
Module 16: Hacking Wireless Network
Module 17: IDS, Firewalll & Honeypots
Module 18: Linux Hacking
Module 19: Buffer Overflow
Module 20: Cryptography

2. CEH v5 Instructor Slides
Disamping itu juga disertakan slide resmi dari program CEH ;)

wahh mantap boss !! lengkap nih belajarnya.. lah trus.. prakteknya gimana ??
sabar sabar.. . untuk supaya lebih mantap belajarnya... disediakan alat2nya nihh huehuehe, silakannn gannn :

3-a. CEH v5 Tools

- TOOLS


astaga.. banyak banget boss.. itu isinya program2 hacking ?? ya iyalah.. masa isinya tempe. hehehe.. becanda , juga banyak file2 dokumen ttg security

nah.. karena isinya banyak banget.. silakan download listnya disini aja deh :
daftar program program jahanam tersebut

TAPI saat jalanin beberapa program ini, ANTIVIRUS dan SEJENISNYA DINONAKTIFKAN YA.. krn beberapa program akan dianggap sebagai virus .. huhuhuhu.. ati2

Toolsnya sih kayaknya keren2, tapi cara makenya gimana ? ...
ku tahuuu yang kauu mauu heuheuhe.... di sini ada video yg nunjukin cara make beberapa program2 jahanam tersebut heuhuhe.. (cuma yg ini gak ada suaranya, tapi cukup bisa dimengerti)

3-b. CEH v5 Videos



Lhoo bos.. banyak banget ?? installnya gimana di pc saya..
beresss... kalo gak mo repot2.. ini udah ada Operating System yg udah terisi dengan aplikasi2 tadi.. cukup boot via CD aja, atau bikin virtualisasi menggunakan VMWARE :

6. Backtrack 3.0 + ISOs

BONUS :

4. HACKING Game !!! : Hacker Evolution Untold
aslinya : http://www.exosyphenstudios.com/page_hacke...ion-untold.html



ini game keren untuk melatih daya pikir 'hacker' juragan dijamin pasti kecanduan..

5. 150+ Hacking Videos
Berisi seratus lebih video video tutorial hacking

listnya dapat didownload disini !!!

6. Ebooks
- 1000 hacking tutorial, Hacking exposed Linux, Hacking exposed Windows, Hacking for dummies.. dll

dagangan saya yg lain.. silakan liat disini :
DVD PAKET KOMPILASI BELAJAR CCNA DAN CCNP

untuk testimonial .. silakan liat disini :
KUMPULAN TESTIMONIAL

silahkan,,,yang mo jadi Hacker, ni ada barang bagus

selamat pagi

selamat pagih,,,,,

nampak sepih huehuehe

silahkan,,,silahkan,,,,

QUESTION 2:

What does the term "Ethical Hacking" mean?
A. Someone who is hacking for ethical reasons.
B. Someone who is using his/her skills for ethical reasons.
C. Someone who is using his/her skills for defensive purposes.
D. Someone who is using his/her skills for offensive purposes.

Answer: C

QUESTION 3:
Who is an Ethical Hacker?
A. A person whohacksfor ethical reasons
B. A person whohacksfor an ethical cause
C. A person whohacksfor defensive purposes
D. A person whohacksfor offensive purposes

Answer: C

QUESTION 4:

What is "Hacktivism"?
A. Hacking for a cause
B. Hacking ruthlessly
C. An association which groups activists
D. None of the above

Answer: A

selamat malam

QUESTION 19:

Which of the following tools are used for footprinting?(Choose four.
A. Sam Spade
B. NSLookup
C. Traceroute
D. Neotrace
E. Cheops

Answer: A, B, C, D

QUESTION 21:

NSLookup is a good tool to use to gain additional information about a target
network. What does the following command accomplish?
nslookup
> server <ipaddress>
> set type =any
> ls -d <target.com>
A. Enables DNS spoofing
B. Loads bogus entries into the DNS table
C. Verifies zone security
D. Performs a zone transfer
E. Resets the DNS cache

Answer: D

QUESTION 8:

User which Federal Statutes does FBI investigate for computer crimes involving
e-mail scams and mail fraud?
A. 18 U.S.C 1029 Possession of Access Devices
B. 18 U.S.C 1030 Fraud and related activity in connection with computers
C. 18 U.S.C 1343 Fraud by wire, radio or television
D. 18 U.S.C 1361 Injury to Government Property
E. 18 U.S.C 1362 Government communication systems
F. 18 U.S.C 1831 Economic Espionage Act
G. 18 U.S.C 1832 Trade Secrets Act

Answer: B

QUESTION 9:

Which of the following activities will NOT be considered as passive footprinting?
A. Go through the rubbish to find out any information that might have been discarded.
B. Search on financial site such as Yahoo Financial to identify assets.
C. Scan the range of IP address found in the target DNS database.
D. Perform multiples queries using a search engine.

Answer: C

QUESTION 28:

Bob has been hired to perform a penetration test on Certkiller .com. He begins by
looking at IP address ranges owned by the company and details of domain name
registration. He then goes to News Groups and financial web sites to see if they are
leaking any sensitive information of have any technical details online.
Within the context of penetration testing methodology, what phase is Bob involved
with?
A. Passive information gathering
EC0-350
Actualtests.com - The Power of Knowing
B. Active information gathering
C. Attack phase
D. Vulnerability Mapping

Answer: A

selamat pagih sodarah sodarah,,,,

QUESTION 29:

Which of the following would be the best reason for sending a single SMTP message
to an address that does not exist within the target company?
A. To create a denial of service attack.
B. To verify information about the mail administrator and his address.
C. To gather information about internal hosts used in email treatment.
D. To gather information about procedures that are in place to deal with such messages.

Answer: C

QUESTION 31:

Ann would like to perform a reliable scan against a remote target. She is not
concerned about being stealth at this point.
Which of the following type of scans would be the most accurate and reliable
option?
A. A half-scan
B. A UDP scan
C. A TCP Connect scan
D. A FIN scan

Answer: C

QUESTION 34:

An attacker is attempting to telnet into a corporation's system in the DMZ. The
attacker doesn't want to get caught and is spoofing his IP address. After numerous
tries he remains unsuccessful in connecting to the system. The attacker rechecks
that the target system is actually listening on Port 23 and he verifies it with both
nmap and hping2. He is still unable to connect to the target system.
What is the most probable reason?
A. The firewall is blocking port 23 to that system.
B. He cannot spoof his IP and successfully use TCP.
C. He needs to use an automated tool to telnet in.
D. He is attacking an operating system that does not reply to telnet even when open.

Answer: B

met hari Idil Adha,,,maafin semuanya..

QUESTION 35:

You are scanning into the target network for the first time. You find very few
conventional ports open. When you attempt to perform traditional service
identification by connecting to the open ports, it yields either unreliable or no
results. You are unsure of which protocols are being used. You need to discover as
many different protocols as possible.
Which kind of scan would you use to achieve this? (Choose the best answer)
A. Nessus scan with TCP based pings.
B. Nmap scan with the -sP (Ping scan) switch.
C. Netcat scan with the -u -e switches.
D. Nmap with the -sO (Raw IP packets) switch.

Answer: D

QUESTION 36:

What are twp types of ICMP code used when using the ping command?
A. It uses types 0 and 8.
B. It uses types 13 and 14.
C. It uses types 15 and 17.
D. The ping command does not use ICMP but uses UDP.

Answer: A

selamat sore,,,

QUESTION 37:

You are having problems while retrieving results after performing port scanning
during internal testing. You verify that there are no security devices between you
and the target system. When both stealth and connect scanning do not work, you
decide to perform a NULL scan with NMAP. The first few systems scanned shows
all ports open.
Which one of the following statements is probably true?
A. The systems have all ports open.
B. The systems are running a host based IDS.
C. The systems are web servers.
D. The systems are running Windows.

Answer: D

selamat pagi

selamat pagi

QUESTION 38:

John has scanned the web server with NMAP. However, he could not gather enough
information to help him identify the operating system running on the remote host
accurately.
What would you suggest to John to help identify the OS that is being used on the
remote web server?
A. Connect to the web server with a browser and look at the web page.
B. Connect to the web server with an FTP client.
C. Telnet to port 8080 on the web server and look at the default page code.
D. Telnet to an open port and grab the banner.

Answer: D

QUESTION 39:

An Nmap scan shows the following open ports, and nmap also reports that the OS
guessing results to match too many signatures hence it cannot reliably beidentified:
21 ftp
23 telnet
80 http
443https
What does this suggest ?
A. This is a Windows Domain Controller
B. The host is not firewalled
C. The host is not a Linux or Solaris system
D. Thehost is not properly patched

Answer: D

ada yg mo pesen sybex 640-802 6th edition ? silakann.. PM

QUESTION 40:

What port scanning method involves sending spoofed packets to a target system and
then looking for adjustments to the IPID on a zombie system?
A. Blind Port Scanning
B. Idle Scanning
C. Bounce Scanning
D. Stealth Scanning
E. UDP Scanning

Answer: B

selamat malam

QUESTION 42:
What does an ICMP (Code 13) message normally indicates?
A. It indicates that the destination host is unreachable
B. It indicates to the host that the datagram which triggered the source quench message
will need to be re-sent
C. It indicates that the packet has been administratively dropped in transit
D. It is a request to the host to cut back the rate at which it is sending traffic to the
Internet destination

Answer: C

ada yg mo pesen sybex 640-802 6th edition ? silakann.. PM

QUESTION 43:

Because UDP is a connectionless protocol: (Select 2)
A. UDP recvfrom() and write() scanning will yield reliable results
B. It can only be used for Connect scans
C. It can only be used for SYN scans
D. There is no guarantee that the UDP packets will arrive at their destination
E. ICMP port unreachable messages may not bereturned successfully

Answer: D, E

QUESTION 44:

You are scanning into the target network for the first time. You find very few
conventional ports open. When you attempt to perform traditional service
identification by connecting to the open ports, it yields either unreliable or no
results. You are unsure of what protocols are being used. You need to discover as
many different protocols as possible. Which kind of scan would you use to do this?
A. Nmap with the -sO (Raw IP packets) switch
B. Nessus scan with TCP based pings
C. Nmap scan with the -sP (Ping scan) switch
D. Netcat scan with the -u -e switches

Answer: A

QUESTION 45:

What ICMP message types are used by the ping command?
A. Timestamp request (13) and timestamp reply (14)
B. Echo request (8) and Echo reply (0)
C. Echo request (0) and Echo reply (1)
D. Ping request (1) and Ping reply (2)

Answer: B

QUESTION 46:

Which of the following systems would not respond correctly to an nmap XMAS
scan?
A. Windows 2000 Server running IIS 5
B. Any Solaris version running SAMBA Server
C. Any version of IRIX
D. RedHat Linux 8.0 running Apache Web Server

Answer: A

QUESTION 50:

_______ is one of the programs used to wardial.
A. DialIT
B. Netstumbler
C. TooPac
D. Kismet
E. ToneLoc

Answer: E

QUESTION 53:

What is the proper response for a FIN scan if the port is closed?
A. SYN
B. ACK
C. FIN
D. PSH
E. RST

Answer: E

tutorial carder ada...?

QUESTION 3:

Who is an Ethical Hacker?

A. A person whohacksfor ethical reasons
B. A person whohacksfor an ethical cause
C. A person whohacksfor defensive purposes
D. A person whohacksfor offensive purposes

Answer: C

QUESTION 288:

You want to carry out session hijacking on a remote server. The server and the
client are communicating via TCP after a successful TCP three way handshake. The
server has just received packet #120 from the client. The client has a receive window
of 200 and the server has a receive window of 250.
Within what range of sequence numbers should a packet, sent by the client fall in
order to be accepted by the server?

A. 200-250
B. 121-371
C. 120-321
D. 121-231
E. 120-370

Answer: B

QUESTION 7:

You are footprinting Acme.com to gather competitive intelligence. You visit the
acme.com websire for contact information and telephone number numbers but do
not find it listed there. You know that they had the entire staff directory listed on
their website 12 months ago but now it is not there. How would it be possible for you
to retrieve information from the website that is outdated?

A. Visit google search engine and view the cached copy.
B. Visit Archive.org site to retrieve the Internet archive of the acme website.
C. Crawl the entire website and store them into your computer.
D. Visit the company's partners and customers website for this information.

Answer: B

QUESTION 9:

Which of the following activities will NOT be considered as passive footprinting?
A. Go through the rubbish to find out any information that might have been discarded.
B. Search on financial site such as Yahoo Financial to identify assets.
C. Scan the range of IP address found in the target DNS database.
D. Perform multiples queries using a search engine.

Answer: C

QUESTION 9:

Which of the following activities will NOT be considered as passive footprinting?

A. Go through the rubbish to find out any information that might have been discarded.
B. Search on financial site such as Yahoo Financial to identify assets.
C. Scan the range of IP address found in the target DNS database.
D. Perform multiples queries using a search engine.

Answer: C
Edit/Delete Message

QUESTION 328:

A file integrity program such as Tripwire protects against Trojan horse attacks by:
A. Automatically deleting Trojan horse programs
B. Rejecting packets generated by Trojan horse programs
C. Using programming hooks to inform the kernel of Trojan horse behavior
D. Helping you catch unexpected changes to a system utility file that might indicate
it had been replaced by a Trojan horse

Answer: D

QUESTION 259:

To scan a host downstream from a security gateway, Firewalking:

A. Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets
B. Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway
C. Sends an ICMP ''administratively prohibited'' packet to determine if the gateway will
drop the packet without comment.
D. Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway

Answer: B
Edit/Delete Message

QUESTION 12:

A Certkiller security System Administrator is reviewing the network system log files.
He notes the following:
- Network log files are at 5 MB at 12:00 noon.
- At 14:00 hours, the log files at 3 MB.
What should he assume has happened and what should he do about the situation?

A. He should contact the attacker's ISP as soon as possible and have the connection
disconnected.
B. He should log the event as suspicious activity, continue to investigate, and take further
steps according to site security policy.
C. He should log the file size, and archive the information, because the router crashed.
D. He should run a file system check, because the Syslog server has a self correcting file
system problem.
E. He should disconnect from the Internet discontinue any further unauthorized use,
because an attack has taken place.

Answer: B

QUESTION 301:

On wireless networks, SSID is used to identify the network. Why are SSID not
considered to be a good security mechanism to protect a wireless networks?

A. The SSID is only 32 bits in length.
B. The SSID is transmitted in clear text.
C. The SSID is the same as the MAC address for all vendors.
D. The SSID is to identify a station, not a network.

Answer: B

QUESTION 226:

You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data.
What kind of program can you use to track changes to files on the server?

A. Network Based IDS (NIDS)
B. Personal Firewall
C. System Integrity Verifier (SIV)
D. Linux IP Chains

Answer: C