Ndas Mu

pada saat saya mencoba mencari konfigurasi yang tepat untuk kebutuhan saya akan radius server, saya menemukan chillispot. sebuah project untuk memanage hotspot yang bersifat opensource. chillispot ini merupakan software captive portal yang dapat memudahkan seorang admin jaringan memantau dan memanage jaringan hotspot. namun sayangnya sudah discontinued sehingga saya mengalihkan perhatian ke coova project yang lebih baru.

sambil iseng ngerjain RPP dan silabus di SHU. saya coba memodifikasi firefox dengan add-ons yang menarik. saya temukan fox tabs yang luar biasa dan dipadukan dengan colour tabs.

segera modifikasi firefox kamu dengan mengunduh add-ons nya di https://addons.mozilla.org

Hari ini, 4 Juni 2009. Saya selaku penulis dan penanggungjawab situs ini, ingin mengklarifikasi bahwa berita di awal posting yang menyangkut nama SMK BBS tidak benar adanya. Untuk segala kesalahan dan kerugian yang diakibatkan tulisan dan posting saya saya mohon maaf yang sebesar - besarnya.

Bahwa benar adanya, saya tidak ingin mencemarkan nama baik dan meninggalkan kesan yang tidak baik kepada SMK BBS dan Yayasan Surya Timur. Klarifikasi yang saya tulis ini juga bertujuan untuk permohonan maaf dan niat baik saya untuk menyelesaikan masalah ini dengan cara kekeluargaan dan musyawarah.

Demikian klarifikasi ini saya buat, sebelumnya saya ucapkan terima kasih

Salam,

Penulis

Now we install Apache:
apt-get install apache2 apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert
Next we install PHP5:
apt-get install libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-json php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl
You will be asked the following question:
Continue installing libc-client without Maildir support? <– Yes
Next we edit /etc/apache2/mods-available/dir.conf:
vi /etc/apache2/mods-available/dir.conf
and change the DirectoryIndex line: <IfModule mod_dir.c>
DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml
</IfModule>
Edit /etc/apache2/ports.conf and add Listen 443:
vi /etc/apache2/ports.conf
Listen 80
Listen 443
Now we have to enable some Apache modules (SSL, rewrite, suexec, and include):
a2enmod ssl
a2enmod rewrite
a2enmod suexec
a2enmod include

Reload the Apache configuration:
/etc/init.d/apache2 force-reload
Disable PHP Globally

(If you do not plan to install ISPConfig on this server, please skip this section!)
In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website can run PHP scripts and which one cannot. This can only work if PHP is disabled globally because otherwise all websites would be able to run PHP scripts, no matter what you specify in ISPConfig.

To disable PHP globally, we edit /etc/mime.types and comment out the application/x-httpd-php lines:

vi /etc/mime.types[...]
#application/x-httpd-php phtml pht php
#application/x-httpd-php-source phps
#application/x-httpd-php3 php3
#application/x-httpd-php3-preprocessed php3p
#application/x-httpd-php4 php4
[...]

Edit /etc/apache2/mods-enabled/php5.conf and comment out the following lines:

vi /etc/apache2/mods-enabled/php5.conf<IfModule mod_php5.c>
# AddType application/x-httpd-php .php .phtml .php3
# AddType application/x-httpd-php-source .phps
</IfModule>
Then restart Apache:
/etc/init.d/apache2 restart

1. POSTFIX no relay
In order to install Postfix with SMTP-AUTH and TLS do the following steps:
apt-get install postfix libsasl2 sasl2-bin libsasl2-modules libdb3-util procmail
You will be asked two questions. Answer as follows:
General type of configuration? <– Internet Site
Mail name? <– server1.example.com
Then run
dpkg-reconfigure postfix
Again, you’ll be asked some questions:
• General type of configuration? <– Internet Site
• Where should mail for root go <– [blank]
• Mail name? <– server1.example.com
• Other destinations to accept mail for? (blank for none) <– server1.example.com, localhost.example.com, localhost.localdomain, localhost
• Force synchronous updates on mail queue? <– No
• Local networks? <– 127.0.0.0/8
• Use procmail for local delivery? <– Yes
• Mailbox size limit <– 0
• Local address extension character? <– +
• Internet protocols to use? <– all
Next, do this:
postconf -e ’smtpd_sasl_local_domain =’
postconf -e ’smtpd_sasl_auth_enable = yes’
postconf -e ’smtpd_sasl_security_options = noanonymous’
postconf -e ‘broken_sasl_auth_clients = yes’
postconf -e ’smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination’
postconf -e ‘inet_interfaces = all’
echo ‘pwcheck_method: saslauthd’ >> /etc/postfix/sasl/smtpd.conf
echo ‘mech_list: plain login’ >> /etc/postfix/sasl/smtpd.conf

Afterwards we create the certificates for TLS:
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Next we configure Postfix for TLS:
postconf -e ’smtpd_tls_auth_only = no’
postconf -e ’smtp_use_tls = yes’
postconf -e ’smtpd_use_tls = yes’
postconf -e ’smtp_tls_note_starttls_offer = yes’
postconf -e ’smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key’
postconf -e ’smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt’
postconf -e ’smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem’
postconf -e ’smtpd_tls_loglevel = 1′
postconf -e ’smtpd_tls_received_header = yes’
postconf -e ’smtpd_tls_session_cache_timeout = 3600s’
postconf -e ‘tls_random_source = dev:/dev/urandom’
postconf -e ‘myhostname = server1.example.com’

The file /etc/postfix/main.cf should now look like this:
cat /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA’s job.
append_dot_mydomain = no
# Uncomment the next line to generate “delayed mail” warnings
#delay_warning_time = 4h
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = server1.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server1.example.com, localhost.example.com, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a “$EXTENSION”
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Restart Postfix:
/etc/init.d/postfix restart
Authentication will be done by saslauthd. We have to change a few things to make it work properly. Because Postfix runs chrooted in /var/spool/postfix we have to do the following:
mkdir -p /var/spool/postfix/var/run/saslauthd
Now we have to edit /etc/default/saslauthd in order to activate saslauthd. Set START to yes and change the line OPTIONS=”-c” to OPTIONS=”-c -m /var/spool/postfix/var/run/saslauthd -r”:
vi /etc/default/saslauthd#
# Settings for saslauthd daemon
#
# Should saslauthd run automatically on startup? (default: no)
START=yes
# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent — use the getpwent() library function
# kerberos5 — use Kerberos 5
# pam — use PAM
# rimap — use a remote IMAP server
# shadow — use the local shadow password file
# sasldb — use the local sasldb database file
# ldap — use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS=”pam”
MECHANISMS=”pam”
# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=”"
# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5
# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: “-c -m /var/spool/postfix/var/run/saslauthd”
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS=”-c -m /var/spool/postfix/var/run/saslauthd -r”

Now start saslauthd:
/etc/init.d/saslauthd start

To see if SMTP-AUTH and TLS work properly now run the following command:
telnet localhost 25
After you have established the connection to your Postfix mail server type
ehlo localhost
If you see the lines
250-STARTTLS
and

250-AUTH PLAIN LOGIN
everything is fine.
The output on my system looks like this:
server1:/etc/postfix/ssl# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain.
Escape character is ‘^]’.
220 server1.example.com ESMTP Postfix (Debian/GNU)
ehlo localhost
250-server1.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.

Read the rest of this entry »

we have passed the LKS Kepri. yes, we do it again. in this season, we won over 10 other challenger. SMK MHS, SMK PH, SMK N 1 batam, SMK Muhammadiah, SMK Kartini, SMK N1 Tanjung Pinang, SMK N Bintan, SMK N Karimun, SMK Teladan Batam, SMK HU. Adli as represent for SMK BBS get perfect score, 100. 3 points win over 2nd position which grabbed by Nitti Surachman from SMK N1 Batam, as our rival. we still dominate in TKJ whole Kepri area.

at 19 May, we take off to jakarta. we represent kepri to beat all of contestant and bring home the trophy. we have only a week to prepare ourselves and get fight with full power at jakarta. but in a week i still sure that we will win and rock LKS Nasional 2009 at jakarta.

so, all of people in kepri, please wish our team to beat other contestant and get maximum points at web design contest and networking contest in LKS 2009.

sayonara…..

1 Preliminary Note

This is the current situation:

I’m using the network 192.168.0.0, subnetmask 255.255.255.0, broadcast address 192.168.0.255.

My gateway to the internet is 192.168.0.1; on the gateway there’s no DHCP server..

My ISP told me the DNS servers I can use are 145.253.2.75 and 193.174.32.18.

I have a pool of 30 IP addresses (192.168.0.200 - 192.168.0.229) that can be dynamically assigned to client PCs and that are not already in use.

I have an unused Debian Sarge server with the hostname server1.example.com on the IP address 192.168.0.100 which will act as my DHCP server.

2 Installing The DHCP Server

Now let’s install our DHCP server on our Debian Sarge system:

apt-get install dhcp3-server

You will be asked a few questions:

On what network interfaces should the DHCP server listen? <– eth0

Please configure the DHCP server as soon as the installation finishes. <– Ok

The version 3 DHCP server is now non-authoritative by default <– Ok

At the end of the installation you will see errors like these:

Generating /etc/default/dhcp3-server…

Starting DHCP server: dhcpd3 failed to start - check syslog for diagnostics.

invoke-rc.d: initscript dhcp3-server, action “start” failed.

That’s ok because we did not have the chance yet to configure our DHCP server.

Read the rest of this entry »

Edit /etc/apt/sources.list. Comment out the CD. It should look like this:

vi /etc/apt/sources.list

#

# deb cdrom:[Debian GNU/Linux 4.0 r0 _Etch_ - Official i386 NETINST Binary-1 20070407-11:29]/ etch contrib main

#deb cdrom:[Debian GNU/Linux 4.0 r0 _Etch_ - Official i386 NETINST Binary-1 20070407-11:29]/ etch contrib main

deb http://ftp2.de.debian.org/debian/ etch main

deb-src http://ftp2.de.debian.org/debian/ etch main

deb http://security.debian.org/ etch/updates main contrib

deb-src http://security.debian.org/ etch/updates main contrib

Then run

apt-get update

to update the apt package database and

apt-get upgrade

to install the latest updates (if there are any).

Because the Debian Etch installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100) (please note that I replace allow-hotplug eth0 with auto eth0; otherwise restarting the network doesn’t work, and we’d have to reboot the whole system):

vi /etc/network/interfaces

# This file describes the network interfaces available on your system

# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo

iface lo inet loopback

# The primary network interface

#allow-hotplug eth0

#iface eth0 inet dhcp

auto eth0

iface eth0 inet static

address 192.168.0.100

netmask 255.255.255.0

network 192.168.0.0

broadcast 192.168.0.255

gateway 192.168.0.1

Then restart your network:

/etc/init.d/networking restart

Then edit /etc/hosts. Make it look like this:

vi /etc/hosts

127.0.0.1 localhost.localdomain localhost

192.168.0.100 server1.example.com server1

# The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback

fe00::0 ip6-localnet

ff00::0 ip6-mcastprefix

ff02::1 ip6-allnodes

ff02::2 ip6-allrouters

ff02::3 ip6-allhosts

Now run

echo server1.example.com > /etc/hostname

and reboot the system:

shutdown -r now

Afterwards, run

hostname

hostname –f

Suatu saat, saya bercengkrama dengan salah satu murid SMK BBS. Saya bertanya, kemana tujuan dia setelah lulus dari SMK ini. Dia menjawab bahwa dia ingin kuliah di Jawa, atau ke Singapura bahkan ke Malaysia jika perlu, dan yang paling keras dia katakan, “yang penting tidak di Batam, pak”, begitulah jawaban anak ini.

Memang, sebagian besar anak SMA/SMK bercita-cita ingin berkuliah di luar pulau Batam, terutama ke Jawa sana. Padahal menurut saya, sekolah tinggi dan universitas di Batam ini sudah cukup banyak dan maju. Bagi beberapa orang tua, kuliah di Batam tidak punya nilai prestisius yang sebanding dengan kuliah di Jawa. Siapa yang tidak mau kuliah di UI, Trisakti, UGM, Brawijaya, Binus dan sederet nama univeritas dan sekolah tinggi terbaik di Indonesia ini, berada di pulau Jawa. Citra buruk untuk kampus di Batam ini ternyata dibentuk dari opini masyarakat saja, yang secara tidak langsung mendeskreditkan mutu pendidikan secara umum di Batam. Padahal tidak demikian, pertumbuhan pendidikan di Batam sudah cukup signifikan.

Bicara data, menurut dikti dan situs evaluasi perguruan tinggi , sedikitnya sudah ada 17 perguruan tinggi yang terdaftar dan mempunyai ijin di Batam, yaitu :
1. 104-117 Akademi Akuntansi Permata Harapan Batam
2. 104-113 Akademi Analis Kesehatan Putra Jaya Batam
3. 104-116 Akademi Bahasa Asing Permata Harapan
4. 104-127 Akademi Kebidanan Putra Jaya Mandiri Batam
5. 104-060 Akademi Keperawatan Mitra Bunda Persada
6. 104-115 Akademi Manajemen Informatika Dan Komputer Gici
7. 103-050 Sekolah Tinggi Ilmu Ekonomi Bentara Persada
8. 103-101 Sekolah Tinggi Ilmu Ekonomi Cakrawala Batam
9. 103-028 Sekolah Tinggi Ilmu Ekonomi Ibnusina Batam
10. 103-095 Sekolah Tinggi Ilmu Kesehatan Ibnu Sina Batam
11. 103-051 Sekolah Tinggi Teknik Bentara Persada Batam
12. 103-055 Sekolah Tinggi Teknik Ibnu Sina Batam
13. 103-059 STMIK Putera Batam
14. 101-010 Universitas Batam
15. 101-011 Universitas Internasional Batam
16. 101-019 Universitas Putera Batam
17. 101-014 Universitas Riau Kepulauan

Mungkin di 17 perguruan tinggi di atas belum ada yang sebanding dengan UGM yang masuk jajaran perguruan tinggi terbaik se-Asia (http://www.webometrics.info/top100_continent.asp?cont=asia), namun berkuliah di Batam, bisa jadi pilihan yang patut diperhitungkan.

Citra buruk ini juga menimpa lulusan perguruan tinggi di Batam dengan pernyataan beberapa HRD di Batam yang agak “alergi” dengan lulusan Batam. Jelas, pandangan picik ini tidak bisa dibiarkan begitu saja. Karena jelas, pandangan tersebut sangat menyudutkan dan tidak berdasar, sarkas dan sangat subyektif. Banyak juga lulusan perguruan tinggi Batam yang punya prestasi baik di tempat mereka bekerja.

Kesimpulannya,keinginan untuk kuliah di luar Batam lebih kepada alasan yang tidak penting, alasan pergaulan, komunitas, teman dan sebagainya, dan ini diperparah dengan statement yang tidak penting juga, statement yang mengerdilkan arti perkembangan pendidikan di Batam dan dampaknya meluas hingga ke alumnus perguruan tinggi Batam. Sekarang kuliah di Batam bisa jadi pilihan yang baik, mengingat SDM pengajar juga sudah membaik, didukung fasilitas yang memadai. Meskipun perlu adanya perbaikan disana-sini, namun perkembangan kampus-kampus di Batam ini sangat baik, bahkan didukung penuh oleh Dikti dan Kopertis.