17 Ways For SEO Techniques

This is the simple SEO Techniques (KISS dude), if you like to using it's.

1)    How to research your keywords with examples.
2)    How to choose keywords that will bring you massive traffic and sales.
3)    Target the wrong keywords and all your efforts will be just a waste of time.
4)    Building and Optimizing your website for Google the most effective way.
5)    Meta Tags - Yes, they are still important.
6)    Optimize your site so that Google will love it and you will prosper in the search engines.
7)    The best way to make your website relevant to search engines is to think like them
8)    What techniques to implement in order to gain high rankings in Google.
9)    The 2 Meta Tags absolutely critical to controlling Google.
10)    Learn the best way to get critical In-Bound links to your site - without reciprocal linking.
11)    How to guarantee that Google crawls your entire site - from one page.
12)    How to keep Google from indexing sensitive information on your site.
13)    Insert a simple piece of code onto your pages that will give you an edge over your competition.
14)    Access to the same resources that I use to gain high rankings.
15)    Learn how to get your site into the Open Directory Project (and potentially listed in 312 other directories from this one!)
16)    Learn how to use "Spiderbait" - i.e. get Google to come to your site and index your pages
17)    Reciprocal Linking - Why it works and how to make it work for your site.

KISS Techniques For SEO

Performing SEO its best to first implement the KISS strategy, Keep It Simple S…..
Forget about the old school keyword density equations, being completely W3C compliant, creating X amount of content, pages or acquiring X amount of links.
KISS SEO would include, but not limited to:

• Unique TITLE tag for each page that includes your page’s targetted keyword(s) plus the benefit followed by Company/Site name.
• Unique META Description tag for each page that should be used to enforce the page’s usefulness and be the marketing pitch to the visitor.
• A CSS styled H1 tag centered around the page’s main keyword(s) focus – as a side note when I spoke with Matt Cutts at SMX Advanced he said Google doesn’t weigh the H1 tag any heavier than an H2 or H4, but it shouldn’t be used more than once.
• Content that is both informative, unique, and useful by fulfilling a need of your target audience.
• URLs in a non-dynamic descriptive format.
• A flat site structure with breadcrumb links.
• Absolute internal linking.
• An html user friendly site map plus the backup parachute of a sitemap.xml file.
• Robots.txt file blocking any duplicate content (print pages, etc).
• Using 301 sever side redirects to consolidate similar pages and domain changes, including canocalization such as www vs non-www.

SEO can be boiled down to simply good organization of your site’s code and assets plus acquiring quality links natuarally via useful interesting content.


(Source : http://www.wolf-howl.com/seo/kiss-seo/)

Wordpress Plugins for SEO

More SEO Plugin for Adsense publisher or affiliate publisher, this is a little plugin for your web or blog to maximize SEO.

SEO

Meta Robots WordPress plugin – Adds meta tags automatically to posts
Aizatto’s Related Posts – Adds related post information to posts and feeds
Cross-Linker – Set up commonly used words to link to posts or redirects (also useful for affiliate links)
Sitemap Generator – Automatically builds and HTML style sitemap
Google (XML) Sitemaps – Automatically build and ping multiple sitemap services with an XML file
HeadSpace 2 – A monster plugin that lets you rewrite titles, meta data, and host of other features watch the video on the page for the full list of features
SEO Title Tag – Don’t need all the power of Headspace try SEO title tag
SEO Slugs – keeps slugs from becoming too long

Utilities

Secure Form Mailer – makes building and integrating multiple and custom forms easy
FeedBurner FeedSmith – Makes integrating with feedburner easy
Feed Footer – Adds advertising, copyright or other custom messages into feeds
Flickr Photo Album – Integrate your flickr photo’s, albums, sets, and groups into your website
flickrRSS for WordPress – add photos from any flickr RSS feed into your website
Future Posts Calendar Plugin – A calendar that shows which days you have posts scheduled to publish, very helpful for multiple authors and scheduled posts.
Full Text Feed – Lets you use the “more” tag and still publish full feeds
GoCodes Redirection Plugin – Add tiny URL style functionality into your blog
Got Banners – Makes adding advertising banners quick and easy without having to monkey with the template
Highlight Author Comments – Makes giving authors comments a different style much easier
Objection Redirection! – Makes setting 301’s (especially lots of them) easy as pie
Wordpress Organizer – Makes adding and managing uploads and images easier
Who Sees Ads – Makes ads or other elements conditionally displayed
Absolute Comments – Makes replying to comments and managing them much easier
Photo Dropper – Makes adding Creative Commons licensed photos from flickr quick and easy
Search Pages – Lets the search box search both posts and pages
Permalink Redirect – Keep urls with parameters from being indexed
WordPress Mobile Edition – Display a simple stripped down version of your site to mobile users
Wordpress Automatic Upgrade plugin – Save yourself thousands of hours of time upgrading wordpress
WordPress Database Backup – Automate backups of your blog

Social

Increase Sociability Wordpress Plugin – Display custom messages for people who came from social sites like Digg and stumbleupon
Share This – add buttons for social networks under the share this icon
Subscribe to Comments – let people subscribe and be notified when new and follow up comments are made
What Would Seth Godin Do – Display a message to a new visitor on your blog
Twitter Tools – Integrate twitter functionality into your blog

Maintenance

Close Old Posts – Closes old posts keeps them from becoming spam targets and maintenance issues
Search and Replace – Lets you easily search and replace information in your database
Simple Tags – Manage and get tag suggestions for all posts

Reports and Analytics

Blog Metrics – Gives you comments and stats on monthly and author levels
Google Analytics and Feedburner Reports – get feedburner and google analytics in your wordpress admin section
Search Meter – Find out what people are searching for on your site


(Source : http://www.wolf-howl.com/seo-plugins-wordpress/)

Secrets of Google Adsense Tips and Tricks

I’ve been reading a few forums and blogs about Google Adsense tips lately, and thought it would be helpful to consolidate as many as possible in one place without the comments. I’ve also thrown in a few tips of my own. We start out with some of the basic general stuff and move to the more specific topics later on.
Build an Empire?

When you’re deciding to become a website publisher you will fall into one of two broad categories:

* Publish 100 websites that each earn $1 a day profit
* Publish 1 website that earns $100 a day profit

The reality of it is, most people end up somewhere in between. Having 100 websites leaves you with maintenance, management and content issues. Having one website leaves you open to all sort of fluctuations (search engines algorithm’s, market trends, etc). You can adapt your plan on the way, but you’ll have an easier time if you start out going in the direction of where you want to end up.
General or Niche

You can build your website around general topics or niche ones. Generally speaking niche websites work better with adsense. First off the ad targeting is much better. Secondly as you have a narrow focus your writing naturally becomes more expert in nature. Hopefully this makes you more authority in your field.

If this is your first try at building an adsense website, make it about something you enjoy. It will make the process much easier and less painful to accomplish. You should however make sure that your topic has enough of an ad inventory and the payout is at a level you are comfortable with. You may love medieval folk dancing, but the pool of advertisers for that subject is very small (in fact it’s currently zero).

Once you’ve gotten the hang of how Adsense works on a website, you are going to want to dabble in some high paying keywords, you may even be tempted to buy a high paying keyword list. This does come with some dangers. First off the level of fraud is much higher on the big money terms. Secondly there is a distortion of the supply and demand relationship for these terms. Everyone wants ads on their website that make $35 or more a click, however the number of advertisers who are willing to pay that much is pretty limited. Additionally the competition for that traffic is going to be stiff. So, don’t try to run with the big dogs if you can’t keep up. If you have to ask if you’re a big dog, then chances are, you’re not. I have used a high dollar keywords report from cashkeywords.com and was pleased with my results (see cash keywords free offer recap).
New Sites, Files and Maintenance

When you’re building a new site don’t put adsense on it until it’s finished. In fact I’d go even farther and say don’t put adsense on it until you have built inbound links and started getting traffic. If you put up a website with “lorem ipsum” dummy or placeholder text, your adsense ads will almost certainly be off topic. This is often true for new files on existing websites, especially if the topic is new or different. It may take days or weeks for google’s media bot to come back to your page and get the ads properly targeted. TIP: If you start getting lots of traffic from a variety of IP’s you will speed this process up dramatically.

I like to build my sites using include files. I put the header, footer and navigation in common files. It makes it much easier to maintain and manage. I also like to put my adsense code in include files. If I want/need to change my adsense code, it’s only one file I have to work with. TIP: I also use programming to turn the adsense on or off. I can change one global variable to true or false and my adsense ads will appear or disappear.
Managing URL’s and channels

Adsense channels is one area where it’s really easy to go overboard with stats. You can set up URL channels to compare how one website is doing to another. You can also set up sub channels for each URL. If you wanted to you do something channels like this:

* domain1.com – 728 banner
* domain1.com – 336 block
* domain1.com – text link
* domain2.com – 728 banner
* domain2.com – image banner
* domain2.com – 336 block
* domain3.com – 300 block

While this is great for testing and knowing who clicks where and why, it makes your reporting a little wonky. Your total number will always be correct but when you look at your reports with a channel break down things will get displayed multiple times and not add up to correct total. Makes things pretty confusing, so decide if you really need/want that level of reporting detail. TIP: At the very least you want to know what URL is generating the income so be sure to enter distinct URL channels.


Using Images

One of the latest ’secrets’ to make the rounds is using images placed directly above or below an adsense leaderboard. This has been used for a while but came out in a digital point forum thread where a member talked about quadrupling their CTR. Basically you set up the adsense code in a table with four images that line up directly with the ads. Whether or not this is deceptive is fuzzy and very subjective. Obviously four blinking arrows would be ‘enticing people to click’ and be against the adsense TOS. However placing pictures of 4 laptops over laptops ads isn’t, so use your best judgment here and look at it from the advertiser or Google’s perspective. If you have a question as to your implementation being ‘over the line’ write to adsense and ask them to take a look.

As far as using the images, I’ve done it and can tell you it definitely works. You get the best results when the images ‘complete the story the ads are telling’. For example if you have ads about apple pies, use pictures of freshly baked apple pies, instead of granny smith, Macintosh, pink lady, and braeburn apples. TIP: Don’t limit yourself to using images only on that size ad unit, it works just as well with the other sizes, like the 336 rectangle.

Added:
I got a little criticizm for this and rightly so, as I wasn’t specific as I could have been. Do not use very identifiable brand name or products for your images. Use generic non-specific stock images whenever possible and appropriate.
Multiple Ad Units

Another way to increase ad revenue is to use multiple ad units. According to Google’s TOS you are allowed to post up to three ad units per page. Similar to standard search results the highest paying ad units will be served first and the lowest being served last. If there is enough of an ad inventory, place all three ad units. However you should pay attention to the payouts. Current assumption is you get 60% of the revenue (on a $0.05 click you get $0.03). So if a click from the third ad unit is only paying between 3 to 5 cents you may want to omit it from your page. This is one are where giving your ad units channels does have value. If one ad unit is getting a higher percentage of click throughs you’ll want to make sure the highest paying ads are being served there. TIP:Use CSS positioning to get your highest paying ads serving in the location with the highest CTR.
Adsense in RSS

With the growth of blogs and RSS feeds you’re starting to see adsense included in the feeds now. IMHO this doesn’t work, and here’s why:

* You only get to place one ad unit.
* You have no control over finding the ’sweet spot’ for the ad unit.
* The ads are usually poorly targeted (this is getting better).
* People develop ‘banner blindness’.

I know people like being able to read full postings in their feed reader, and there are at least a dozen other reasons for full posts from pleasing your users to mobile offline computing, all of which are completely valid. However if your website depends on generating adsense revenue to survive, then bring them to the site and show them the ads there.
Affiliate Sites

Placing Adsense on affiliate sites is tricky. Are you giving up a $10, $20, or $30 sale for a $1 click? This is something you have to test on your own to figure out. If you aren’t converting now it’s definitely worth a try. I like to use adsense on my article pages. For example let’s say you had an affiliate website where you sold shoes. You’re going to need some related articles to ‘flesh out’ the site. Things like ‘getting a shoe shine’ or ‘finding a shoe repair shop’ these are excellent spots for adsense. While you won’t get rich, they will usually provide a small steady income and cover things like hosting costs.TIP: If you find you have pages getting more than 50 clicks per month add more pages about this topic, and link the pages together. Mine you logs for the search terms used.

(Source : http://www.wolf-howl.com/22/google-adsense-tips-tricks-and-secrets/)

Matches Your AdSense For Web Blog

Google is doing a good job of finding ads that are highly relevant to the web pages.

Google says:

"We go beyond simple keyword matching to understand the context and content of web pages. Based on an algorithm that includes such factors as keyword analysis, word frequency, font size, and the overall link structure of the web, we know what a page is about, and can precisely match Google ads to each page."

Occasionally Google gets it wrong. It places great importance on the file name. So be sure to use important adsense keywords in the file name of each page, such as "contextual-advertising.html" for an article on contextual advertising.

Also, watch out for your anchor text - the words in the links on your page. We've found that sometimes if irrelevant ads are being served, you can fix the problem by rewriting anchor text.

You can check the relevance of the ads by looking at the text ads near the top-right of this page.

How Much You Will Be Earning?

Let's say you have a goal of earning $100,000 a year from AdSense. Is that possible?

Let's see ... $100,000 divided by 365 = $274 a day. So your goal is to produce either:

274 pages which earn $1 a day
OR
548 pages which earn 50 cents a day
OR
1096 pages which earn 25 cents a day

The following are hypothetical cases. To earn $1 a day per page, you need, per page...

400 visitors, 5% click-through rate (CTR) and average 5c payout.
Or 200 visitors, 10% CTR and an average 5c payout.
Or 100 visitors, 10% CTR, and an average 10c payout.
Or 100 visitors, 5% CTR, and an average 20c payout.
Or 50 visitors, 10% CTR and 20c average payout.
Or 25 visitors, 20% CTR and 20c average payout.
Or 20 visitors, 10% CTR and 50c average payout.
Or 10 visitors, 20% CTR and 50c average payout.
Or 5 visitors, 20% CTR and $1 average payout.

Let's assume you choose a goal somewhere around the middle, say aiming for 50 visitors per page and want 274 pages earning $1 a day. You'd need 274 x 50 = 13,700 pageviews a day.

Does that sound too tough? If so, you'd better look for more profitable adsense keywords and ways to improve your click-through rates.

Let's try a different scenario. You choose more profitable keywords and make your $1 on average per page from, say, 10 visitors. 274 x 10 = 2740 pageviews a day.

That's looking easier to achieve. If your average visitor sees 3 pages, you now need 913 unique visitors a day.

Is that too tough to achieve in your niche? If so, create two sites, each attracting half that number, 456 unique visitors, a day.

Can't achieve those click-through rates and payouts? Then you'll either need more pages on your sites on more niche sites.

Some affiliates have a goal of writing one article a day and building one site a month.

Need a little more help reaching that $100,000 goal? Add affiliate commissions into the equation. Add a newsletter for repeat sales.

Choose the goal which best matches your site or sites.

Then start building keyword-rich pages containing well researched, profitable keywords, and get lots of high quality links to your site.

Please note, because of the AdSense rules, these are all hypothetical cases. I'm not allowed to give real cases. Real CTR rates and payouts vary hugely.


It's fast

Google usually approves web sites in less than a day.

After your site is approved, within a few hours a special Google spider will spider your site. Then it's time to paste the code into your site and the text ads will appear.

You can choose between either horizontal or skyscraper AdSense ads.

Adsense Maximize By Experience

The payment you receive per click depends on how much advertisers are paying per click to advertise using Google's AdWords service. Advertisers can pay as little as 5 cents per click and as high as $10 or $12 in profitable niches, perhaps even more sometimes. You earn a share of that.

So your payment rates can vary enormously.

The rules forbid me from revealing my stats. However, in the tests I'm doing on five sites, the results have been startling - far better than I expected. The results are much better than I receive from many affiliate programs.

In the past, I've talked to affiliates who were happy to receive $5 or $6 CPM (per 1,000 page views). My results from AdSense leave such affiliate revenues far behind.

I've increased my use of AdSense. It's a winner!

If my results are typical, it helps enormously if you build very simple, uncluttered pages so that the ads catch the visitor's eye more than anything else.

Adsense Opportunity

Google's AdSense is a superb revenue generating opportunity for small, medium and large web sites.
Some webmasters are designing brand new sites specifically for serving AdSense text ads. (It's against the AdSense rules to design a site purely for AdSense, so you'll want to include a few affiliate links or sell your own product, too.)
AdSense allows you to serve text-based Google AdWords on your web site and receive a share of the pay-per-click payment. AdSense ads are similar to the AdWords ads you see on the right-hand side at Google when you do a search there.
AdSense is having a huge impact on the affiliate marketing industry. It's often much easier to generate revenue from AdSense than from an affiliate program.
Weak affiliate merchants will die faster than ever.
If you're a merchant running a lousy affiliate program, now's the time to improve it FAST.

AdSense's advantages
AdSense is simple to join.
It's easy to paste a bit of code into your pages.
It's free to join.
You don't have to spend time finding advertisers.
Google provides well written, highly relevant ads - chosen to closely match the content on your pages.
You don't have to waste time choosing different ads for different pages.
You don't have to mess around with different code for various affiliate programs.
You're free to concentrate on providing good content and Google does the work of finding the best ads for your pages from 100,000 AdWords advertisers.
It's suitable for beginners or marketing veterans.
AdSense provides simple, easy-to-understand stats.
If you have affiliate links on your site, you ARE allowed to add AdSense ads. However, with your affiliate links, you must not mimic the look and feel of the Google ads.
You can filter up to 200 URLs, so you can block ads for sites that don't meet your standards. You can also block strong competitors.
Inevitably, AdSense is competing strongly for space on web sites with all other revenue sharing opportunities.
If you own a small web site you can plug a bit of AdSense code into your site and almost instantly relevant text ads that are likely to appeal to your visitors will appear on your pages.
If you own several sites, you need apply only once. This makes AdSense much simpler than joining a bunch of affiliate programs.
As you can see, I'm really keen on this revenue sharing service.

Disadvantages
One problem is inappropriate ads. You don't want spammy junk advertised on your site. Google's standards probably aren't as high as yours. You can filter out 200 URLs, but in some industries that won't be enough.
The stats Google supplies are inadequate. They're easy to understand at a glance. However, they don't tell you exactly which ads people are clicking on, or which keywords are involved. That's frustrating.
Also, I'd like to be able to identify and block ads that have very low payout rates, without doing a lot of sleuthing and messing around.
The ad panels say "Ads by Google" - free advertising for Google. You don't earn anything if someone clicks on that link.
The minimum payout is $100, which is regarded as too high by sites which don't receive much traffic. That won't worry experienced webmasters.
Also, sites that want to display AdSense ads may not include "other content-targeted and/or text-based ads on the pages displaying AdWords ads." However, human beings review the sites. Rejected sites have been able to appeal successfully.
Another disadvantage is that Google doesn't allow you to share your stats with other webmasters. The AdSense Terms and Conditions say:
"Confidentiality. You agree not to disclose Google Confidential Information without Google's prior written consent. 'Google Confidential Information' includes without limitation: ... (b) click-through rates or other statistics relating to Site performance in the Program provided to you by Google..."
That's really weird. Web site owners need to be able to share such information and discuss successes and failures.
A big disadvantage of the service is that Google doesn't say how much its AdSense partners will receive. You'll just receive an unknown share of the revenue.
Only a company with the goodwill and respect Google has earned could get away with such a cheeky offer.
Google says:
"How much will I earn through this program? The AdWords ads you are able to display on your content pages are cost-per-click (CPC) ads. This means that advertisers pay only when users click on ads. You'll receive a portion of the amount paid for clicks on AdWords ads on your website. Although we don't disclose the exact revenue share, our goal is to enable publishers to make as much or more than they could with other advertising networks."
So the only way to know how much you'll earn is to try it and see. If you want to bail out, all you have to do is remove the code from your site.
Don't put all your eggs in the AdSense basket. If Google discovers fraudulent clicks on ads appearing on your pages, it can dump your site from the service, and refuse to pay you all revenue owed. Some webmasters who claim total innocence have had this happen to them.
Google has made several changes to its AdSense FAQ, clarifying varying things. For example, it IS possible to apply for separate accounts for separate web sites. I've done so, and checked with Google that it's OK in my case. Read the rules - they look ambiguous to me. If in doubt, ask first!
Some time after the launch of AdSense, Google added "channels" which improve the tracking. I strongly recommend that you experiment with these.
Sites with "excessive advertising" are being rejected.
PLEASE read the rules and FAQ. When I looked, some advice in the rules contradicted advice in the FAQ. If in any doubt, ask their support staff.

Plugins For Adsense Publisher

WhyDoWork.com Adsense is a WordPress plugin that allows you to insert Adsense ads on your blog without modifying the template. More then that, you can set it up to show different Adsense ads for articles older then X days (x is the number of days you decide).
For example, you can insert a 468×60 ad at the bottom of a new article, and once that article turns 7 days old it will have a more aggressive 336×280 ad blended with the text from the beginning of that article.
This way your regular readers will not be bothered by your ads, while visitors coming to older posts from search engines or other sources, will see a version that is monetized better.
Another feature is the ability to exclude ads wherever you like based on post id, or by using our no-adsense tag.

Download Here : Adsense Plugins

Firefox Users : Adsense Plugin For FireFox

How To Use Plugins :  Tutorial Adsense Plugins

 

Cara Mencegah IP Spoofing

Ada beberapa langkah pencegahan yang dapat kita lakuakan untuk membatasi resiko dari IP spoofing dalam jaringan, antara lain :
Memasang Filter di Router – dengan memanfaatkan ”ingress dan engress filtering” pada router merupakan langkah pertama dalam mempertahankan diri dari spoofing. Kita dapat memanfaatkan ACL(acces control list) untuk memblok alamat IP privat di dalam jaringan untuk downstream. Dilakukan dengan cara mengkonfigurasi router-router agar menahan paket-paket yang datang dengan alamat sumber paket yang tidak legal (illegitimate).
Teknik semacam ini membutuhkan router dengan sumber daya yang cukup untuk memeriksa alamat
sumber setiap paket dan memiliki knowledge yang cukup besar agar dapat membedakan antara alamat yang legal dan yang tidak.
Enkripsi dan Authentifikasi – kita juga dapat mengatasi IP spoofing dengan mengimplementasi kan authentifikasi dan enkripsi data. Kedua fitur ini sudah digunakan pada Ipv6. Selanjutnya kita harus mengeliminasi semua authentikasi berdasarkan host, yang di gunakan pada komputer dengan subnet yang sama.
Pastikan authentifikasi di lakukan pada sebuah jalur yang aman dalam hal ini jalur yang sudah di enkripsi.
1. Gunakan authentifikasi berbasis exchange key antara komputer dalam jaringan, seperti IPsec akan menurunkan resiko jaringan terserang spoofing.
2. Gunakan daftar access control untuk menolak alamat IP privat dalam downsteram interface.
3. Gunakan filter pada aliran inbound dan outbound .
4. Konfigurasi router dan switch dengan sedemikian rupa sehingga dapat menolak paket dari luar network yang mengaku sebagai paket yang berasal dari dalam network.
5. Aktifkan enkripsi session di router sehingga trusted host yang berasal dari luar jaringan anda dapat berkomunikasi dengan aman ke local host anda.

Jenis Serangan IP Spoofing

Ada beberapa variasi dalam serangan yang menggunakan IP spoofing. Walaupun beberapa teknik sudah termasuk teknik lama, beberapa teknik yang lain masih sangat perlu di perhatikan untuk keamanan jaringan saat ini.

Non-Blind Spoofing
Tipe serangan ini biasanya terjadi jika korban berada dalam satu subnet jaringan yang sama. Dengan dalam satu jaringan yang sama kita dapat melakukan sniffing nomor sequence dan acknowledgement, hal in menghilangkan kesulitan dalam menghitung nomor sequence dan acknowledgement. Ancaman terbesar dari teknik Non-Blind Spoofing ini adalah dapat terjadinya session hijacking. Hal ini dapat di lakukan dengan mengexploitasi datastream dari koneksi yang ada, kemudian membentuk kembali koneksi tersebut dengan nomor sequence dan
acknowledgement yang sesuai dengan komputer target. Dengan menggunakan teknik ini kita dapat memotong authentikasi yang dilakukan untuk membentuk koneksi ke komputer target.

Blind Spoofing
Pada Blind Spoofing serangan yang di lakukan akan lebih sulit untuk di laksanakan karena angka sequence dan acknowledgement tidak dapat di snifing karena tidak dalam satu subnet. Untuk memperoleh angka sequence dan acknowledgement beberapa paket di kirimkan ke komputer target untuk melakukan sampling terhadap angka sequence. Dulu komputer secara otomatis
akan membentuk angka yang berurutan. Dan dengan hanya melakukan sampling pada beberapa paket data kita dapat memperkirakan formula yang di gunakan untuk membentuk angka sequence dan acknowledgement.

Contoh proses perkiraan sequence number :

14:18:26.507560 apollo.999 > osiris.514: S 1382726991:1382726991(0)
14:18:26.694691 osiris.514 > apollo.999: S 2021952000:2021952000(0) ack
1382726992
14:18:26.775037 apollo.999 > osiris.514: R 1382726992:1382726992(0)
14:18:27.014050 apollo.998 > osiris.514: S 1382726992:1382726992(0)
14:18:27.174846 osiris.514 > apollo.998: S 2022080000:2022080000(0) ack
1382726993
14:18:27.251840 apollo.998 > osiris.514: R 1382726993:1382726993(0)
14:18:27.544069 apollo.997 > osiris.514: S 1382726993:1382726993(0)
14:18:27.714932 osiris.514 > apollo.997: S 2022208000:2022208000(0) ack
1382726994
14:18:27.794456 apollo.997 > osiris.514: R 1382726994:1382726994(0)
14:18:28.054114 apollo.996 > osiris.514: S 1382726994:1382726994(0)
14:18:28.224935 osiris.514 > apollo.996: S 2022336000:2022336000(0) ack
1382726995
14:18:28.305578 apollo.996 > osiris.514: R 1382726995:1382726995(0)
...
14:18:35.735077 apollo.981 > osiris.514: S 1382727009:1382727009(0)
14:18:35.905684 osiris.514 > apollo.981: S 2024256000:2024256000(0) ack
1382727010
14:18:35.983078 apollo.981 > osiris.514: R 1382727010:1382727010(0)
Dari sequence number di atas dapat di tebak pola dari sequence number nya
ISNi+1 = ISNi + 128000

Man In the Middle Attack
Pada tipe serangan ini sebuah komputer memotong jalur komunikasi dari dua komputer yang terhubung, kemudian mengontrol alur komunikasi dan dapat menghapus dabn membuat informasi yang di kirim dari salah satu komputer yang terhubung tadi tanpa diketahui oleh keduanya. Denga cara ini, kita dapat mengelabuhi target dengan mengirim inforamasi yang seolah olah datangnya
dari komputer yang “dipercaya” oleh target.

Denial of Service Attack
Ip spoofing sering kali di gunakan untuk melakukan denial of service, atau DoS. Dalam hal ini kita hanya ingin menghabiskan bandwidth dan resource, tidak memikirkan tentang penyelesaian handshakes dan transaksi yang di lakukan. Tujuannya untuk membanjiri korban dengan paket sebanyak banyak nya dalam waktu yang singkat.

Konsep Dasar IP Spoofing

Pengertian IP Spoofing
Ip Spoofing adalah sebuah teknik untuk membuat untrusted host terlihat seperti trusted host dalam sebuah jaringan. Hal ini terjadi karena crackers merubah IP address host tersebut sehingga menyerupai trusted host. Dengan kata lain penyusup menipu host dalam jaringan sehingga penyusup tersebut tidak perlu melakukan autentikasi untuk dapat terhubung dengan jaringan lokal.

Sejarah IP Spoofing
Konsep dari IP spoofing sendiri sudah mengemuka di kalangan akademik sejak tahun 1980 an. Pada awalnya hanya merupakan sebuah teori sampai akhirnya Robert Morris menemukan celah keamanan pada protokol TCP yang di kenal dengan “sequence prediction”. Stephen Bellovin juga mengemukakan permasalahan ini lebih mendalam pada sebuah paper yang berjudul “Security
Problems in the TCP/Ip Protocol Suite”. Serangan “Cristmas Day” yang di lakukan di lakukan oleh Kevin Mitnick ke komputer Tsutomu Shimomura juga menggunakan IP Spoofing dan TCP sequence prediction. Teknik spoofing masih merupakan pilihan utama untuk melakukan exploitasi jaringan dan harus benar benar di perhatikan oleh seorang administrator jaringan.

Konsep dan Teknik IP Spoofing
Protokol yang di gunakan pada pengiriman data di internet dan banyak jaringan komputer adalah Internet Protocol(“IP”). Header dari masing masing paket IP terdiri dari datanumerik dan alamat tujuan dari paket yang akan di kirimkan. Alamat sumber di gunakan untuk memberi tahu dari mana sebuah paket itu di kirimkan. Dengan mengubah header IP di bagian “source addres” nya seorang
cracker dapat menipu seakan akan sebuah paket di kirim dari komputer yang lain. Dan komputer tujuan (“destiation addres”) yang menerima paket yang telah di modifikasi tadi akan mengirimkan respon balik ke “source addres” palsu yang telah di modifikasi oleh cracker, dengan demikian konsekuensinya teknik ini digunakan jika cracker tersebut tidak menghiraukan respon dari komputer tujuan, atau sudah mempunyai sebuah metode untuk menebak respon apa yang
akan terjadi.
Pada beberapa kasus, cracker dapat melihat atau me redirect respon dari komputer tujuan ke komputernya sendiri. Kebanyakan kasus IP spoofing terjadi pada jaringan yang sama baik LAN atau WAN.

Teknik Pelaksanaan IP spoofing
Untuk memahami secara lengkap bagaimana serangan IP spoofing di laksanakan, kita harus memahami struktur dari protokol TCP/IP. Pemahaman yang baik mengenai heder dan pertukaran jaringan menjadi bagian penting dalam pelaksanaan IP spoofing.

Internet Protocol – IP
Internet Protocol (IP) adalah protokol jaringan yang bekerja di layer ke tiga(network) dari model OSI. Menggunakan “connectionless model” artinya tidak ada informasi mengenai state transaksi, yang digunakan untuk mengantarkan paket dalam sebuah jaringan. Juga tidak ada metode yang dapat memastikan bahwa paket yang di kirimkan sampai ke tujuan dengan sempurna.

Transmission Control Protocol – TCP
Tidak seperti IP, TCP menggunakan connection-oriented design. Artinya dua komputer yang ingin terhubung dengan TCP harus membuat koneksi terlebih dahulu melalui tiga cara handshake (SYN-SYN/ACK-ACK) – lalu mengupdate progress masing masing melalui sederetan acknowledgements. Dengan komunikasi yang seperti ini dapat memastikan reliability data, karena pengirim menerima sinyal OK dari penerima untuk setiap paket yang di terima.



Sama seperti datagram IP, paket TCP juga dapat di manipulasi dengan menggunakan software. Sumber dan port tujuan biasanya tergantung pada aplikasi network yang di gunakan misalnya HTTP menggunakan port 80. bagian yang paling pentung untuk memahami spoofing adalah sequence
dan acknlowledgement number. Data yang ada di filed ini memastikan paket di sampaikan ke tujuan dan dapat menentukan apakah paket harus di kirim ulang atau tidak. Sequence number adalah angka yang terdapat pada byte pertama pada sebuah paket yang berhubungan dengan stream data. Acknowledgement number adalah angka selanjutnya dari sequence number. Dengan adanya
sequence number dan acknowledgement number ini dapat di pastikan paket yang diterima adalah paket yang benar dan berurutan.

Konsekuensi dari desain TCP/IP
Setelah kita memahami konsep dari TCP/IP sekarang kita dapat memeriksa kelemahan dari desain ini. Seperti yang kit ketahui untuk mengganti source address dengan memanipulasi header IP. Teknik ini digunakan untuk memanipulasi alamat pengirim yang merupakan bagian terpenting dari IP spoofing. Sementara pada TCP kita dapat memprediksikan sequence number yang dapat di gunakan untuk melakukan session hijacking atau mengexploitasi host.

Mencegah NetCut

Koneksi anda putus secara tiba-tiba dan tidak anda saja yang mengalami seperti itu tetapi koneksi teman anda juga mengalami connection lost mungkin itu bisa jadi serangan dari netcut!!,, Secara umum netcut adalah tools yang digunakan untuk memanage bandwith di dalam sebuah jaringan, bisa dibilang untuk mengamankan jaringan. namun akan berbeda jika netcut digunakan oleh orang-orang jail dan serakah yang ingin mendapatkan koneksi luar biasa dengan cara memutuskan koneksi user lain. cara kerja dari program netcut ini adalah melisting jaringan anda dimana akan tampil ip addres, Hostname, dan mac addres user yang sedang online. disinilah para attacker dengan sangat mudah mengattack anda di dalam jaringan. untuk mencegah atau menghindari serangan yang dilancarkan oleh pengguna netcut baik dalam jaringan warnet maupun hotspot caranya adalah sebagai berikut :

1. Check apakah terdapat ARP (Address Resolution Protocol)

- buka cmd (command prompt) pada run
- ketik arp -a, tujuanya adalah untuk meilhat ip router. seharusnya akan tampil 1 ip router, jika terlihat lebih dari satu maka ubah niat anda untuk membuka web-web penting dan protokol yang tidak encrypt seperti FTP dan HTTP login untuk menghindari MITM / Man In The Middle Attack.
- untuk mengidentifikasi arp ip yang muncul ketikan perintah, tracert domain.com

2. Ubah alamat ip Addres

karena netcut melisting ip addres di dalam jaringan, maka kamu harus mengganti alamat ip. saran saya ubah kedekat dengan ip server atau gateway untuk mengelabui si attacker netcut.

3. Matikan layanan workstation.

- Run, kemudian ketik services.msc
- cari layanan workstation
- jika sudah ketemu, klik kanan, properties, klik tombol stop

4. Ganti hostname atau nama komputer anda.

hostname yang tervisible sangat rentan sekali untuk diserang, oleh karena itu disarankan untuk mengganti dengan hostname yang dekat dengan kepentingan jaringan.

5. bisa menggunakan software bantu/Penangkal.

cari software anti NetCut atau Anti Arp, sebelum berselancar untuk pertama kali menghidupkan wifi anda pastikan Anti NetCut atau AntiARP anda telah aktif.

6. serang balik si attacker.

karena si pengguna netcut ini sebagai gateway, banjiri komputer dia dengan ping secara terus menerus dengan mengetikan "ping google.com -t" pada cmd (command prompt) run. cara ini akan membuat komputer pengguna netcut hang.

7. Gerak-gerik pengguna NetCut

Kalau tiba2 koneksi putus secara aneh atau serentak seluruh user tanpa ada warning dari pihak Admin CAFENET coba kamu perhatikan salah satu user yg terlihat santai dan masih tetap online dengan lancar, kemungkinan itu pengguna netcut (diharapkan untuk saling mengingatkan untuk tidak saling merugikan sesama users).


cara diatas merupakan cara yang sederhana untuk menghindari serangan pengguna netcut.

Apa Itu IP Spoofing?

IP Spoofing juga dikenal sebagai Source Address Spoofing, yaitu pemalsuan alamat IP attacker sehingga
sasaran menganggap alamat IP attacker adalah alamat IP dari host di dalam network bukan dari luar
network.

Solusi untuk mencegah IP spoofing adalah
1. Mengamankan packet-packet yang ditransmisikan
dan memasang screening policies.
2. Enkripsi Point-to-point juga dapat mencegah user yang tidak mempunyai hak untuk membaca data/packet.
3. Autentikasi dapat juga digunakan untuk menyaring source yang legal dan bukan source yang sudah di spoof oleh attacker.
4. Dalam pencegahan yang lain,
Admininistrator dapat menggunakan signature untuk paket-paket yang berkomunikasi dalam networknya
sehingga meyakinkan bahwa paket tersebut tidak diubah dalam perjalanan.

DDoS (Distributed Denial of Service) Patterns

DNS aplification attack is one of known DDoS (Distributed Denial of Service) patterns. This attack targets a DNS server which is one of the biggest internet core insfratructure. This attack exploits fact that DNS using UDP as its transport protocol. UDP simplicity allows packet to be so small, thus can be transferred in very short time. However, in turn, security become one of its weak aspect. Having no such authentication procedure as three-way handshake, known in TCP, causes the UDP can not assure the actual host that really send the packet, thus make it vulnerable to such attack. Basically, there are two attacking strategies. The first is to send a massive request simultaneously towards DNS servers. This strategy will overload the server and its network traffic. The second strategy is to exploit DNS server as a bouncer. The attacker will keep sending massive request, however, along with spoofed source IP address. This strategy prevents responses to be sent back to the attacker, however to another host which will be the next victim. The effect will be amplified since the response is much larger than the initial request. In this kind of attack, both the server and the victim, and its network traffic would be down and overloaded. This final project implements a software which detects IP spoofing and prevents any efforts in amplifying the attacking effect. The software will be installed in network gateway acting as a thin layer between clients and the server. The software applies two basic schemes to protect the server from the attack. These schemes are UDP-based, which runs on ordinary DNS protocol, and cookie exchange procedure that introduce an extension in DNS protocol.

Mencegah Netcut

NetCut apa sih? NetCut adalah sebuah program yang dapat memblokir akses internet dari suatu LAN atau wifi. Nampaknya cara kerjanya adalah seperti berikut. NetCut dipasang di komputer Anda sebagai salah satu client di jaringan. Kemudian program tersebut mengescan semua IP(atau Mac Address?) yang terhubung ke jaringan tersebut(entah itu LAN atau WIFI). Kemudian, semua IP/Mac Address lain yang terhubung dengan jaringan tersebut diblok pengiriman paketnya, sehingga hanya komputer client yang dipasangi netcut lah yang mampu receive dan send request paket(baca: pakai internet).

Kalau anda lagi hotspotan di warung makan atau di jaringan wifi tertentu atau lagi di kosan sendiri, trus Anda merasa koneksi lemot? Jangan langsung menyalahkan ISP nya. Sapa tahu kalian kena kutukan netcut gandring. Mungkin ada client dari hotspot tersebut yang iseng dengan menggunakan netcut.

Udah lah gak usah macem-macem pake netcut, udah banyak orang yang mengutuk-ngutuk keris empu gandring ini. Ada yang mau berantem lah, ada yang mau marah-marah lah, ato ada yang esmosi sendiri, seperti saya ini.

Netcut empu gandring ini emang udah di guna-guna sama empunya buat bisa menjahili orang. Tapi buat apa? kita hidup bersosialisasi toh? Apalagi kalau kalian ada di lingkungan kos-kosan(kebanyakan orang yang masuk dalam kehidupan netcut anak kosan, biar bandwith nya lebar). Kalau kalian udah dicap orang yang pakai netcut, siap-siap aja Kalian akan jadi kambing hitam setiap kali ada koneksi putus atau lambat!! Berikut beberapa tips buat mencegah netcut:

• Ganti IP address Anda ketika merasa dijahili(temporary sih :p). Dulu pake IP dinamik, pantes gak dapet-dapet, trus pake statik sempet konek, eh berikut-berikutnya kena juga. netcut deemn!!
• Ganti Mac Address
• Pake Anti NetCut
• Jangan mulai-mulai balas dendam atau kepincut ama netcut, “jangan dekati barang haram pemicu esmosi” .
• Gunakan pendekatan kekeluargaan, apalagi kita anak kos, mari kita adakan musyawarah besar bersama teman-teman kita dengan tajuk: “hentikan penggunaan netcut, hidup damai bersama” cih.. anak-anak yang gak tau diri
• Jika router jaringan LAN disimpan di kamar Anda, Gunakan pendekatan kejam, cabut kabel LAN yang terhubung dengan komputer client yang dicurigai menjadi biang kerok netcut

What Is The Ettercap ?

1. Introduction

Apakah DOS attack sudah mati? SYN Flood mungkin sudah, Ping of Death mungkin sudah. Tapi yang satu ini masih belum. Ya, ettercap DOS attack.

Ettercap adalah sebuah program yang ditujukan sebagai sebuah sniffer, tetapi dalam perkembangannya justru mendapatkan tambahan fitur-fitur ke arah “man in the middle attack”. Paling tidak itulah yang dikatakan oleh man page.

Ettercap juga bisa digunakan untuk melakukan serangan “Denial of Service” terhadap server yang tidak dikonfigurasi dengan benar. Dalam tulisan ini akan dibahas tentang sedikit analisa yang sudah saya lakukan terhadap serang DOS ettercap, dan sedikit solusi untuk menanggulanginya. Sedikit? ya betul. Karena saya sangat menyadari analisa ini masih jauh dibawah standar. Jadi silakan kirim kritik, saran, caci-maki, ke nuragus[dot]linux[at]gmail[dot]com.


2. Memasang ettercap

Untuk Linux distro Debian Etch, memasang ettercap sangat mudah. cukup “apt-get install ettercap” atau gunakan synaptics. Saya lebih suka synaptics. Hehehe…
Atau apabila tidak menggunakan Debian, atau tidak punya repo, ettercap dapat di download di:

http://ettercap.sourceforge.net/download.php
source-code nya juga ada.

3. Penggunaan ettercap

Untuk menyerang dengan DOS attack, kita harus menggunakan plug-in ettercap. Baik compile sendiri ataupun ambil dari repo, plug-in dos-attack sudah tersedia.

4. Menyerang

Untuk melakukan penyerangan, gunakan perintah:

#ettercap -i eth0 -T -M arp // //

Dengan perintah diatas, ettercap akan melakukan “unified sniffing” terhadap semua alamat jaringan lokal. Tergantung netmask kita, ettercap akan me-scan 255 sampai 255^255 komputer.
Kemudian tekan “p” untuk me-load plug-in, dan ketikan dos_attack.
Kemudian masukkan ip-address server target, dan ip address yang tidak terpakai (kita sebut sebagai “fake-ip”).

Cukup segini saja, Bila server tidak memiliki pembatasan apapun, server akan “teler”.

Catatan:
serangan ettercap ini secara default hanya bisa dilakukan di jaringan lokal, alias jaringan dengan satu subnet. Kemungkinan besar ada cara untuk menforward paket-paket serangan keluar, tapi belum dicari dan dicoba ;)

5. Analisa

Begitu dos-attack dimulai, ettercap akan mem-broadcast pesan untuk mengecek apakah “fake-ip” sudah digunakan atau belum. Jika “fake-address belum ada yang memakai, maka ettercap akan men-spoof komputer server dengan mengirimkan sebuah paket yang menyatakan bahwa ip-address “fake-ip” ada di MAC address sekian. Dimana MAC address nya adalah MAC address komputer penyerang.Namun, apabila “fake-address” sudah terpakai, maka ettercap akan menipu server target dengan mengatakan bahwa “fake-ip” ada di MAC address komputer penyerang.

Setelah server target tertipu ARP dan MAC addressnya, langkah selanjutnya oleh ettercap adalah men-scan port TCP yang terbuka pada server target.

Setelah ini baru kemudian ettercap men-flood port pada server target dengan packet SYN. paket dimodifikasi sehingga memiliki IP-Address asal “fake-ip” Jika server target berupaya untuk me-reply packet SYN tersebut, ettercap sudah menyiapkan ARP-reply palsu untuk mencegat balasan dari server target sehingga tidak sampai ke host dengan alamat “fake-ip”

6. Hasil yang diakibatkan

Ada bermacam-macam efek tergantung pada konfigurasi server target dan kondisi service-service yang aktif. Pada server tanpa firewall dengan service apache2, mysql, ssh, samba, X, maka akan hang total. Mouse macet-macet sehingga tidak bisa digunakan. Yodi menyebut kondisi ini dengan istilah “teler”. Minimal, service yang disediakan oleh server akan melambat. Windows XP SP2 dengan apache, mysql, dan php tidak hang tetapi service http mati total.

Catalina(Tomcat) nampaknya memiliki konfigurasi default yang bagus sedemikian hingga ettercap tidak begitu berpengaruh pada layanan.

SUN Java System Application Server, JBOSS, belum dicoba.

7. Cara penanggulangan.

7.1 Dengan mengaktifkan rp_filter pada kernel. Caranya sederhana:


#cat 1 > /proc/sys/net/ipv4/conf/all/rp_filter

atau gunakan script berikut:


for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo 1 > $f
done

untuk memastikan rp_filter aktif pada semua device.

Apa itu rp_filter?
rp_filter adalah sebuah flag(penanda) pada kernel yang bertipe boolean (0 berarti FALSE, 1 berarti TRUE). Ketika rp_filter flah bernilai 1(TRUE), maka setiap paket ARP yang datang ke komputer akan dicek asal-muasal kedatangannya, sebelum paket tersebut diproses lebih lanjut.

7.2 Mengaktifkan firewall dengan iptables.

Buat default policy adalah REJECT dengan command berikut:

#iptables --policy INPUT DROP
#iptables --policy OUTPUT DROP
#iptables --policy FORWARD DROP

Kemudian perbolehkan host lain mengakses service pada port yang diperbolehkan, misalnya port 80:


#iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Kedua cara diatas untuk sementara ini sudah berhasil mengatasi serangan ettercap dos_attack. Namun, mungkin kedepannya harus terus dikembangkan proteksi-proteksi yang lebih njlimet tapi fleksibel demi mencapai keamanan server dan kenyamanan pengakses sah server.

8. Kesimpulan
Ettercap adalah sebuah tools yang sangat handal. Yang dibahas pada artikel ini bahkan hanyalah satu plug-in saja dari ettercap. Dengan konfigurasi yang tepat, maka server dapat diamankan dari serangan dos_attack ettercap.