Infografik 3 komponen utama Model perpustakaan digital UiTM.
The repository is a platform that contains sources of reference materials for learning and research purposes. The UiTM Library provides three repositories that provide a collection of digital materials through the repository of university institutions, Open Access and Local Content Hub.
MyKM Portal provide the complete information search, categorization and personalization services that allow UiTM Library users to harness the collected enterprise knowledge assets from a single, logical point of access.
UiTM IR is a centre of digital collections, act as an open-access repository that collects, preserve and disseminates scholarly output by university members at Universiti Teknologi MARA.
With the mobile app, you can access information wherever you are and whenever you want to get the latest information on our library, access e-resources and many more.
22 UiTM Digital Services
Asia-Pacific Conference on Library & Information Education and Practice (A-LIEP)
Workshop 1: RSS Feeds and Web 2.0 for Current Awareness Services and Professional Self-Development
21 June 2011, Pre-conference A-LIEP 2011
Venue: IT Centre, PTAR 1, Shah Alam
http://perpustakaanuitm.blogspot.com/2011/06/pre-conference-liep-2011-workshop-1-rss.html
[[posterous-content:pid___1]]
PETALING JAYA: Polis telah memiliki maklumat penggodam-penggodam yang menyerang laman web rasmi kerajaan www.malaysia.gov.my pada Rabu lalu.
Bagaimanapun Ketua Pegawai Eksekutif CyberSecurity Malaysia, Leftenan Kolonel Datuk Husin Jazri berkata, maklumat lanjut mengenai serangan tersebut hanya dapat didedahkan setelah serangan penggodam berhenti sepenuhnya dan penyiasatan serta post-mortem dilakukan.
[[posterous-content:pid___0]]
------------------------------------------------------------------------------------------------------------------------------------
Polis telah mengesan pengodam a.k.a Anonymous laman web Malaysia
Polis mendapat petunjuk baru mengenai pihak yang menggodam laman web rasmi kerajaan dan swasta sehingga mengakibatkan sekurang-kurangnya 41 laman web agensi kerajaan mengalami gangguan sejak semalam.
Timbalan Ketua Polis Negara, Datuk Seri Khalid Abu Bakar ketika mengesahkan perkara itu, bagaimanapun enggan mendedahkan petunjuk tersebut kerana bimbang menganggu siasatan.
“Masih awal lagi untuk kita dedahkan siapa yang terlibat kerana siasatan sedang berjalan. Kita sedang membantu Suruhanjaya Komunikasi dan Multimedia Malaysia (SKMM) untuk menangani isu tersebut,” katanya pada sidang akhbar di sini hari ini.
Menurut SKMM, sebanyak 51 laman web tempatan telah digodam sehingga awal pagi ini menyebabkan 41 daripadanya mengalami gangguan pada tahap yang berbeza.
Serangan itu berlaku ekoran kenyataan sebuah kumpulan dikenali Anonymous untuk menggodam laman web rasmi kerajaan www.malaysia.gov.my semalam dengan alasan kononnya kerajaan mengenakan sekatan Internet.
------------------------------------------------------------------------------------------------------------------------------------------------------------------
Cops tracing source of hacker video message
The Star (15 June 2010)
PETALING JAYA: The Malaysian police have started investigations into who posted the YouTube video message allegedly from the Anonymous hacker group.
Asst Comm Mohd Kamaruddin Md Din, head of the CyberSecurity and Multimedia Investigation Di-vision, at the Commercial Division of the Royal Malaysian Police, said they would be liaising with the telecommunications industry watchdog.
The Malaysian Communications and Multimedia Commission (MCMC) is the industry regulator.
"We have advised the relevant agencies involved to be alert following the threat," Kamaruddin said.
The video message posted yesterday said the hacker group was going to attack the www.malaysia.gov.my portal because the MCMC had banned several file-sharing websites, as well as for several other reasons. A similar message was also posted on another website.
CyberSecurity Malaysia, which is responsible for safeguarding the nation's borders in cyberspace, said it takes all cyberthreats seriously.
"We are aware of the hacker threat and we believe that the threat is real. We have alerted the relevant parties and government agencies," said Lt Col (Rtd) Datuk Husin Jazri, chief executive officer of CyberSecurity Malaysia.
It was learnt that a high-level emergency meeting took place yesterday between the relevant authorities, including the National Security Council and CyberSecurity Malaysia, over the threat.
http://www.cybersecurity.my/en/knowledge_bank/news/2011/main/detail/2051/index.html
--------------------------------------------------------------------------------------------------------------------------------------------------
Attack on govt website will be prevented, says Rais (Updated)
The Star (15 June 2011)
KUALA LUMPUR: The country's cyber security authorities are working towards preventing a planned attack on Malaysian government website www.malaysia.gov.my, said Information, Communication and Culture Minister Datuk Seri Dr Rais Yatim.
However, he declined to elaborate on the preventive actions, saying that they were confidential.
A hacker group, calling itself Anonymous has threatened to launch the attack on the government's official website at about 3.30am Thursday.
The group said in a Youtube posting that it was acting against the various forms of censorship by the Malaysian government and the recent move to block 10 file-sharing websites.
Dr Rais added that the hacker group had misunderstood the government's intention in blocking the 10 filesharing websites.
"We do not have censorship, except when crimes are committed through cyberspace," he said, adding that the ministry was taking the threats very seriously.
Meanwhile, Deputy Inspector-General of Police Datuk Seri Khalid Abu Bakar said the police was aware of the hack threat and was working with the Malaysian Communications and Multimedia Commission (MCMC)to investigate the issue.
He added that there was a rise in cyber crimes including the misuse of the Internet for criminal activities.
---------------------------------------------------------------------------------------------------------------------------------------------------------
Setelah MCMC mengeluarkan kenyataan berkenaan halaman yang digodam semalam, kini Menteri Penerangan Komunikasi dan Kebudayaan Malaysia, iaitu Rais Yatim telah pun mengeluarkan kenyataan daripada pihak mereka, mengatakan sebanyak 198 laman web rasmi kerajaan telah digodam sehingga kini.
Menariknya berkenaan perkara ini adalah dimana lebih 90% daripada penggodamnya adalah dari dalam negara, iaitu dari Malaysia sendiri, dan bukannya pihak luar. Walaupun, kami di Amanz melihatnya ianya sebagai salah satu tanda protes keatas tindakan SKMM menghalang akses ke lebih 10 laman perkongsian tempatan, menurut pihak Rais Yatim, mereka percaya ianya bermotifkan politik serta pada masa yang sama bertujuan cuba melakukan sabotaj ke atas kerajaan Malaysia.
Pada masa yang sama, ianya juga dikatakan yang mana kerajaan telah meminta Jabatan Peguam Negara, Polis Diraja Malaysia, SKMM, MAMPU, dan agensi kerajaan yang lain mengumpulkan data-data yang berkaitan dengan perkara ini.
Sebelum ini, pada awal minggu ini, kumpulan pengodam yang dipanggil Anonymous telah menghantar mesej cabaran kepada kerajaan Malaysia dalam bentuk video dan juga sebuah imej, sebagai tanda lawan kerana penghalangan akses ke beberapa laman luar.
Bagaimanapun Ketua Pegawai Eksekutif CyberSecurity Malaysia, Leftenan Kolonel Datuk Husin Jazri berkata, maklumat lanjut mengenai serangan tersebut hanya dapat didedahkan setelah serangan penggodam berhenti sepenuhnya dan penyiasatan serta post-mortem dilakukan.
------------------------------------------------------------------------------------------------------------------------------------
Polis telah mengesan pengodam a.k.a Anonymous laman web Malaysia
Polis mendapat petunjuk baru mengenai pihak yang menggodam laman web rasmi kerajaan dan swasta sehingga mengakibatkan sekurang-kurangnya 41 laman web agensi kerajaan mengalami gangguan sejak semalam.
Timbalan Ketua Polis Negara, Datuk Seri Khalid Abu Bakar ketika mengesahkan perkara itu, bagaimanapun enggan mendedahkan petunjuk tersebut kerana bimbang menganggu siasatan.
“Masih awal lagi untuk kita dedahkan siapa yang terlibat kerana siasatan sedang berjalan. Kita sedang membantu Suruhanjaya Komunikasi dan Multimedia Malaysia (SKMM) untuk menangani isu tersebut,” katanya pada sidang akhbar di sini hari ini.
Menurut SKMM, sebanyak 51 laman web tempatan telah digodam sehingga awal pagi ini menyebabkan 41 daripadanya mengalami gangguan pada tahap yang berbeza.
Serangan itu berlaku ekoran kenyataan sebuah kumpulan dikenali Anonymous untuk menggodam laman web rasmi kerajaan www.malaysia.gov.my semalam dengan alasan kononnya kerajaan mengenakan sekatan Internet.
------------------------------------------------------------------------------------------------------------------------------------------------------------------
Cops tracing source of hacker video message
The Star (15 June 2010)
PETALING JAYA: The Malaysian police have started investigations into who posted the YouTube video message allegedly from the Anonymous hacker group.
Asst Comm Mohd Kamaruddin Md Din, head of the CyberSecurity and Multimedia Investigation Di-vision, at the Commercial Division of the Royal Malaysian Police, said they would be liaising with the telecommunications industry watchdog.
The Malaysian Communications and Multimedia Commission (MCMC) is the industry regulator.
"We have advised the relevant agencies involved to be alert following the threat," Kamaruddin said.
The video message posted yesterday said the hacker group was going to attack the www.malaysia.gov.my portal because the MCMC had banned several file-sharing websites, as well as for several other reasons. A similar message was also posted on another website.
CyberSecurity Malaysia, which is responsible for safeguarding the nation's borders in cyberspace, said it takes all cyberthreats seriously.
"We are aware of the hacker threat and we believe that the threat is real. We have alerted the relevant parties and government agencies," said Lt Col (Rtd) Datuk Husin Jazri, chief executive officer of CyberSecurity Malaysia.
It was learnt that a high-level emergency meeting took place yesterday between the relevant authorities, including the National Security Council and CyberSecurity Malaysia, over the threat.
http://www.cybersecurity.my/en/knowledge_bank/news/2011/main/detail/2051/index.html
--------------------------------------------------------------------------------------------------------------------------------------------------
Attack on govt website will be prevented, says Rais (Updated)
The Star (15 June 2011)
KUALA LUMPUR: The country's cyber security authorities are working towards preventing a planned attack on Malaysian government website www.malaysia.gov.my, said Information, Communication and Culture Minister Datuk Seri Dr Rais Yatim.
However, he declined to elaborate on the preventive actions, saying that they were confidential.
A hacker group, calling itself Anonymous has threatened to launch the attack on the government's official website at about 3.30am Thursday.
The group said in a Youtube posting that it was acting against the various forms of censorship by the Malaysian government and the recent move to block 10 file-sharing websites.
Dr Rais added that the hacker group had misunderstood the government's intention in blocking the 10 filesharing websites.
"We do not have censorship, except when crimes are committed through cyberspace," he said, adding that the ministry was taking the threats very seriously.
Meanwhile, Deputy Inspector-General of Police Datuk Seri Khalid Abu Bakar said the police was aware of the hack threat and was working with the Malaysian Communications and Multimedia Commission (MCMC)to investigate the issue.
He added that there was a rise in cyber crimes including the misuse of the Internet for criminal activities.
---------------------------------------------------------------------------------------------------------------------------------------------------------
Setelah MCMC mengeluarkan kenyataan berkenaan halaman yang digodam semalam, kini Menteri Penerangan Komunikasi dan Kebudayaan Malaysia, iaitu Rais Yatim telah pun mengeluarkan kenyataan daripada pihak mereka, mengatakan sebanyak 198 laman web rasmi kerajaan telah digodam sehingga kini.
Menariknya berkenaan perkara ini adalah dimana lebih 90% daripada penggodamnya adalah dari dalam negara, iaitu dari Malaysia sendiri, dan bukannya pihak luar. Walaupun, kami di Amanz melihatnya ianya sebagai salah satu tanda protes keatas tindakan SKMM menghalang akses ke lebih 10 laman perkongsian tempatan, menurut pihak Rais Yatim, mereka percaya ianya bermotifkan politik serta pada masa yang sama bertujuan cuba melakukan sabotaj ke atas kerajaan Malaysia.
Pada masa yang sama, ianya juga dikatakan yang mana kerajaan telah meminta Jabatan Peguam Negara, Polis Diraja Malaysia, SKMM, MAMPU, dan agensi kerajaan yang lain mengumpulkan data-data yang berkaitan dengan perkara ini.
Sebelum ini, pada awal minggu ini, kumpulan pengodam yang dipanggil Anonymous telah menghantar mesej cabaran kepada kerajaan Malaysia dalam bentuk video dan juga sebuah imej, sebagai tanda lawan kerana penghalangan akses ke beberapa laman luar.
As most of us already aware, a local newspaper has reported that a foreign group, which calls itself Anonymous, launch a cyber attack at 3.30am Thursday 16 June 2011 (Malaysian time) and has named it “Operation Malaysia.” [http://thestar.com.my/news/story.asp?file=/2011/6/15/nation/8902375&sec=nation]. Their target will be website www.malaysia.gov.my. In wake of this event, TM Data Centre team would like to inform you that we will be monitoring closely all security equipment that we have on our data centres and stay on high alert for any sign of security breach attempt to our data centre network. Our team is putting more effort to ensure our security equipment are working at optimum level to protect data centre network and our valued customers.
We would also like to advise you to take a few precautions on protecting your websites and applications. We need to stress again that our security equipment are generally work at network level and traffic signature based only. This means they are not designed to protect website contents/coding and web applications. Unfortunately most successful attacks nowadays are web application attacks and probably including the one which will take place tomorrow morning. This kind of attacks are at the application level such as the notorious SQL Injection and XSS vulnerability attack. In order to protect your web application, listed below are some actions that you need to take which are (modified) tips provided on this link [http://www.eukhost.com/forums/f15/how-prevent-website-being-hacked-6024/]: Avoid using older versions of software as they are insecure. Use the latest release which includes few security fixes and functionality as well.
2. 3rd Party Scripts and Code Plug-in, widgets or any other code you usually install are written by other people under unknown circumstances. Make sure you research any code you wish to use but you haven't written yourself.
3. Using exploited PC One of the biggest reasons of Identity theft and an easy way for someone to fetch confidential details to your site(s). Your personal computer could well turn out to be a weak link in this. It could be anything, from an infected PowerPoint file or someone phishing your account details, the vulnerabilities are too many to consider. No matter how secure your actual website is, if the machine you use to access, log in and edit your web pages is infected you stand a grave risk of being compromised and its outcome may be more than just the effect on your site. Use antivirus scans, clear logs, secure your passwords and be aware of general security issues. Public wifi spots are also a security risk.
4. Secure Passwords for your website and database A secure password goes a long way in making it difficult for a potential infiltrator to intrude into. Your passwords should always be a combination of letters, numbers and special characters. The longer the password, the better. You can also generate a random password which is even more secure.
5. Checking Your Website Logs Regularly If you spot any unusual traffic spike in your website stats (ranking for gambling, pharmaceuticals and sex terms is a common one) try working out where it is coming from and going to. From there if you can make sure whether it is a hack.
6. Backups:- Taking the backups regularly alone won't protect your website from being hacked. In case of hack you will need to take care of the following:-
* Records of IP's accessing your website
* Pre hack backup of your website including the latest updates.
We hope that your websites and web applications will not be affected in any way by the alleged attack. As mentioned earlier, our security equipment can only work effectively on network layer but in any event that you unsure or believe that your website or web application is showing any symptom of being attacked, please feel free to contact us so that we can advise or suggest to you some mitigation measures for your website or web application.
Kepada pengguna server web Apache boleh kemaskinikan Mod_Security
Mod_Security adalah merupakan open source firewall bagi aplikasi web yang digunakan bersama-sama dengan server web Apache bagi menangani serangan DDoS HTTP. Mod_Security boleh digunakan pada server web Apache 1.3.x dan 2.0.x
PEMASANGAN MOD_SECURITY PADA WINDOWS APACHE 2
1. Muat turun versi terkini mod_security untuk Ms Windows di URL http://www.apachelounge.com/download/mods/mod_security-2.6.0-win32.zip
2. Cipta folder ‘/modules/mod_security2’ pada Apache dan salin fail-fail‘pcre.dll’, ‘libxml2.dll’ dan ‘mod_security2.so’ ke folder tersebut.
3. Muat turun fail ‘http://www.modsecurity.org/download/modsecurity-core-rules_2.5-1.6.1.tar.gz’ dan ekstrak fail berkenaan ke folder ‘/conf/modsecurity’ pada Apache.
4. Memasang aplikasi ‘Visual C++ 2008 Redistributable Package’.
KONFIGURASI MOD_SECURITY
5. Edit fail ‘httpd.conf’ bagi memasang modul Mod_Security pada Apache
# Memasang Mod_Security
LoadModule security2_module modules/mod_security2/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
<IfModule mod_security.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off
SecDefaultAction log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace
SecAuditEngine RelevantOnly
SecAuditLogType Serial
SecAuditLog logs/mod_security2.log
# Handling of file uploads
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off
# Debug log
SecDebugLog logs/modsec_debug.log
SecDebugLogLevel 0
# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072
# Store up to 128 KB in memory
SecRequestBodyInMemoryLimit 131072
# Buffer response bodies of up to
# 512 KB in length
SecResponseBodyLimit 524288
## General rules
SecRule ARGS "c:/" t:normalisePathWin
SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access'"
SecRule ARGS "d:/" t:normalisePathWin
</IfModule>
Include conf/modsecurity/*.conf
MENGAKTIFKAN MOD_SECURITY
6. Restart Apache untuk mengaktifkan Mod_Security
American ISPs have convinced us that Internet access is expensive—getting speeds of 100Mbps will set most people back by more than $100 a month, assuming the service is even available. Where I live in Chicago, Comcast's 105Mbps service goes for a whopping $199.95 ("premium installation" and cable modem not included). Which is why it was so refreshing to see the scrappy California ISP Sonic.net this week roll out its new 1Gbps, fiber-to-the-home service… for $69.99 a month.
Sonic.net has been around since 1994, selling DSL service in California, but it has recently expanded into fiber; the company has even secured the contract to manage Google's own 1Gbps fiber network that will connect 800+ faculty homes at Stanford University.
Sonic.net's new approach to broadband involves stringing its own fiber lines to homes and offering bargain-basement pricing; indeed, the new 1Gbps offering is the same price as the company's earlier bonded 40Mbps DSL offering (in which two phones lines each provide 20Mbps of bandwidth to a home). The price even includes home phone service.
Is this really a sustainable model? After all, Comcast offers 1.5Mbps service for a list price of $40; Sonic.net's new offering is more than 600x faster at only twice the price.
Dane Jasper, Sonic.net's CEO, tells me that the new fiber-to-the-home deployment is a trial and will reach about 700 homes when complete. "Honestly, only as those wrap up will we have a complete picture of the economic model," he says. "But I believe that fast service for a low cost is possible."
If the pilot in Sebastopol, California goes well, Sonic.net hopes to expand the service across the region.
Jasper doesn't think like a typical US Internet exec; in an interview last year, he made clear that his company tries to avoid artificial limits as a way to make more money. "The natural model when you have a simple duopoly capturing the majority of the market is segmentation: maximize ARPU [average revenue per user] by artificially limiting service in order to drive additional monthly spending. But fundamentally this is the wrong model for a service provider like us, and we have looked to Europe for inspiration… I believe that removing the artificial limits on speed, and including home phone with the product are both very exciting."
Though the current trial is small-scale, Sonic.net's pricing reminds us just how much room there is in the US Internet market for truly disruptive pricing of the kind that Google has been promising—but on a much larger scale—with its 1Gbps fiber builds in Kansas City, Missouri and Kansas City, Kansas.
.png)
